Acceptable Use Policy

1. Purpose

This Acceptable Use Policy (“AUP”) defines what you may and may not do on the ShackleAI platform. It applies to all users, agents, and automated systems accessing the Platform.

ShackleAI enables AI agents to access real-world tools. With that power comes responsibility. This policy exists to protect our users, our infrastructure, and the broader ecosystem.

2. Permitted Use

You may use the Platform to:

Connect AI agents to tools via the Gateway and ToolCloud
Store and manage OAuth credentials in the Vault
Define governance policies controlling agent access
Use the LLM Gateway for proxied language model access
Build and deploy MCP-compatible tool servers
Integrate ShackleAI services via our APIs and SDKs

3. Prohibited Use

You must not use the Platform to:

3.1 Harmful Agent Behavior

Deploy agents that perform unauthorized actions on third-party services
Use agents to spam, phish, or conduct social engineering attacks
Create agents that generate or distribute malware
Use agents to scrape data in violation of terms of service of other platforms
Deploy agents that impersonate humans or other agents

3.2 Security Violations

Attempt to bypass authentication, rate limits, or governance policies
Probe, scan, or test vulnerabilities without written authorization
Share, leak, or publicly expose API keys or Vault credentials
Attempt to access other users’ data, agents, or credentials
Use prompt injection to circumvent Platform safety controls

3.3 Resource Abuse

Use the Platform for cryptocurrency mining
Deliberately overload APIs to degrade service for others
Create excessive agents or connections to circumvent tier limits
Use the LLM Gateway to re-sell proxied model access

3.4 Illegal Activity

Use the Platform to violate any applicable laws or regulations
Process, store, or transmit illegal content
Facilitate fraud, money laundering, or sanctions evasion

4. Agent-Specific Rules

Because agents operate autonomously, additional rules apply:

Governance first — all agents must operate under a governance policy. New agents default to zero permissions (deny-all).
Audit trail — all agent actions are logged in the Observatory. Disabling or tampering with audit logs is prohibited.
Credential isolation — agents must only access credentials explicitly granted to them via the Vault.
Budget limits — agents using the LLM Gateway must respect configured budget limits. Attempts to bypass budget enforcement are prohibited.

5. Enforcement

Violations of this AUP may result in:

Warning and request to remediate
Temporary suspension of your account or specific agents
Permanent termination of your account
Reporting to law enforcement if required

We review violations on a case-by-case basis. The severity of the response depends on the nature and impact of the violation.

6. Reporting Violations

If you discover a violation of this AUP or a security vulnerability, please report it to useshackleai@gmail.com. We take reports seriously and investigate promptly.

7. Changes

We may update this AUP as the Platform evolves. Changes will be posted here with an updated effective date. Continued use of the Platform after changes constitutes acceptance.