1. Prohibited Uses
You may not use NOWL to:
- Scan or fix code you do not have authorization to access
- Generate malware, exploits, ransomware, or weaponized payloads
- Attempt to bypass NOWL's security controls (sandbox escape, rate limit, plan gating)
- Reverse-engineer NOWL services beyond fair use
- Distribute, host, or serve illegal content via NOWL deployments
- Spam, phish, harass, or commit fraud using NOWL-hosted services
- Mine cryptocurrency or run sustained compute beyond plan limits
- Train competing AI models on NOWL outputs
- Violate third-party intellectual property rights
2. Code Scanning Boundaries
When you submit a GitHub repository URL, you affirm that you have authority (owner, admin, or explicit written permission) to scan that repository. NOWL enforces SSRF protection + hostname allowlist; do not attempt to scan internal / private network resources you do not control.
3. AI Output Use
AI-generated fixes are provided "as-is". You are responsible for reviewing, testing, and approving all changes before deployment to production environments. NOWL is not liable for vulnerabilities introduced by AI suggestions you accept without review.
4. Public Findings DB
NOWL maintains a Public Findings DB (security.nowl.build) of anonymized vulnerability patterns. Repo URLs, owner names, and source secrets are stripped before public listing. Customer opt-out is available via Settings.
5. Reporting Abuse
Suspected violations → abuse@nowl.build. NOWL investigates within 5 business days and may suspend offending accounts immediately upon evidence of violation.
6. Enforcement
NOWL reserves the right to suspend or terminate accounts that violate this AUP, with or without notice depending on severity. Repeated minor violations may escalate to permanent ban.
7. Reservation of Rights
NOWL may update this AUP with 30 days' notice for material changes. Continued use after the effective date constitutes acceptance.