Terms of Service

Last updated: March 4, 2026

1. Acceptance of Terms

By accessing or using Maced (“the Platform,” “we,” “us,” or “our”), you agree to be bound by these Terms of Service (“Terms”). If you do not agree to these Terms, you may not use our services. These Terms constitute a legally binding agreement between you (or the organization you represent) and Maced.

2. Service Description

Maced is an autonomous AI penetration testing platform. Unlike traditional scanners, Maced deploys autonomous AI agents that execute real commands, send real network requests, and actively interact with your target systems to identify security vulnerabilities. These agents operate with a high degree of autonomy and may probe your applications, APIs, infrastructure, and source code in ways that closely resemble real-world attacks.

Results are provided for informational purposes and should be validated by qualified security professionals. Maced does not guarantee that all vulnerabilities will be found, nor that all reported findings are exploitable in every context.

3. Authorization and Domain Verification

You may only test domains, applications, and repositories that you own or for which you have explicit, documented authorization to conduct penetration testing. You represent and warrant that you have obtained all necessary permissions, including written authorization from any relevant system owners, hosting providers, or third parties, before initiating any pentest through Maced.

Maced requires domain verification before testing can begin. However, domain verification only confirms DNS control — it does not constitute legal authorization to perform penetration testing. You are solely responsible for ensuring you have the legal right to test any target you configure.

4. Environment Risks

You acknowledge and accept that Maced's autonomous AI agents interact directly with your target systems and may cause unintended side effects, including but not limited to:

  • Modification, corruption, or deletion of data
  • Service degradation or downtime
  • Triggering of security alerts, rate limits, or IP blocks
  • Changes to application or system state
  • Creation of accounts, records, or other artifacts
  • Unexpected resource consumption

We strongly recommend that you only run pentests against staging, development, or non-production environments. If you choose to test production systems, you do so entirely at your own risk. Maced is not responsible for any damage, data loss, downtime, or disruption to production or any other environment resulting from pentest activity.

Before initiating any pentest, you should ensure that current backups of all target systems and data exist, and that you have a recovery plan in place.

5. AI Agent Behavior

Maced's AI agents operate autonomously and may take actions that are unpredictable or beyond what you specifically anticipated. While agents are designed to operate within the scope of standard penetration testing techniques, we cannot guarantee that an agent will not take unexpected actions against your target systems.

AI-generated findings may include false positives (reporting vulnerabilities that do not exist) or false negatives (failing to detect real vulnerabilities). Pentest reports are generated by AI and should not be treated as a comprehensive or definitive security assessment. You should independently validate all findings.

6. User Responsibilities

By using Maced, you agree to:

  • Only test systems you own or have explicit written authorization to test
  • Use staging or non-production environments whenever possible
  • Maintain current backups of all target systems and data before running tests
  • Notify relevant stakeholders (infrastructure teams, hosting providers, cloud vendors) before initiating penetration tests
  • Comply with all applicable laws and regulations, including but not limited to the Computer Fraud and Abuse Act (CFAA), the UK Computer Misuse Act, and equivalent legislation in your jurisdiction
  • Not use Maced to test any system for which you lack proper authorization, regardless of whether domain verification succeeds
  • Review and validate AI-generated findings before acting on them
  • Not attempt to circumvent platform security controls, rate limits, or usage restrictions

7. Acceptable Use

You agree not to use Maced to:

  • Conduct unauthorized testing of systems you do not own or have permission to test
  • Violate any applicable laws or regulations
  • Engage in any activity that could be considered malicious hacking, data theft, or unauthorized access
  • Resell, sublicense, or provide Maced as a service to third parties without our written consent
  • Deliberately attempt to cause the AI agents to act outside the scope of penetration testing

8. Intellectual Property

You retain ownership of your pentest reports, findings, and any data you provide to the Platform. Maced retains all rights to the Platform, its AI models, testing methodologies, and underlying technology.

You grant Maced a limited, non-exclusive license to use anonymized and aggregated data derived from your use of the Platform to improve our services, train our models, and enhance our testing methodologies. This data will not include personally identifiable information or data that could be used to identify your specific systems or vulnerabilities.

9. Indemnification

You agree to indemnify, defend, and hold harmless Maced and its officers, directors, employees, and agents from and against any claims, liabilities, damages, losses, and expenses (including reasonable legal fees) arising from or related to: (a) your use of the Platform; (b) your violation of these Terms; (c) unauthorized testing of systems you do not have permission to test; (d) any damage caused to systems or environments you directed tests against; or (e) your violation of any applicable laws or regulations.

10. Limitation of Liability

To the maximum extent permitted by applicable law, Maced is provided on an “as is” and “as available” basis without warranties of any kind, whether express, implied, or statutory. We expressly disclaim all warranties including, without limitation, warranties of merchantability, fitness for a particular purpose, and non-infringement.

In no event shall Maced be liable for any indirect, incidental, special, consequential, or punitive damages, including without limitation: loss of profits, data, business opportunities, or goodwill; service interruption; system or environment damage; data corruption or loss; cost of procurement of substitute services; or any damages arising from the actions of autonomous AI agents on your target systems — regardless of the theory of liability and even if Maced has been advised of the possibility of such damages.

Our total aggregate liability for all claims arising out of or relating to these Terms or your use of the Platform shall not exceed the amount you paid to Maced in the twelve (12) months preceding the claim.

11. Termination

Maced may suspend or terminate your access to the Platform at any time, with or without notice, if we reasonably believe you have violated these Terms, tested systems without authorization, or otherwise abused the Platform. Upon termination, your right to use the Platform ceases immediately. Sections 9, 10, and 12 survive termination.

12. Governing Law

These Terms shall be governed by and construed in accordance with the laws of the State of Delaware, United States, without regard to conflict of law principles. Any disputes arising under these Terms shall be subject to the exclusive jurisdiction of the courts located in Delaware.

13. Changes to Terms

We may update these Terms from time to time. If we make material changes, we will notify you via email or through a notice on the Platform. Your continued use of the Platform after such changes constitutes acceptance of the updated Terms.

14. Contact

If you have questions about these Terms, please contact us at legal@maced.ai.