Effective 2026-05-16

Acceptable Use Policy

This policy governs the use of MCPSafe's user-initiated dynamic scan feature, in which a signed-in user asks MCPSafe to actively connect to a running MCP server and probe it with security checks. It applies in addition to our Terms of Service and Privacy Policy.

1. The attestation

Before each dynamic scan, you confirm:

I own this server or am authorized to perform security testing on it. I have read the MCPSafe Acceptable Use Policy.

We log this attestation immutably with the user, target, timestamp, and a hashed IP and user agent. The record is retained as a legal artifact regardless of whether the scan itself is later deleted.

2. Permitted use

• Scanning MCP servers you operate or develop.
• Scanning a server when you have explicit written authorization from the operator (an internal pentest, an agreed bug-bounty scope, a customer engagement, etc.).
• Educational scans against intentionally vulnerable sandboxes you control.

3. Prohibited use

• Scanning systems you do not own or have not been authorized to test.
• Using MCPSafe to amplify a denial-of-service attack against any target. We rate-limit per-endpoint to make this difficult, but the policy commitment is yours.
• Submitting credentials that belong to a system you don't control (stolen tokens, leaked OAuth access tokens, etc.).
• Targeting internal infrastructure (private IPs, cloud metadata endpoints, mcpsafe.io itself). These are blocked at the network layer; bypass attempts are a policy violation.
• Scanning a server in violation of its provider's terms of service or any applicable law.

4. Credentials we handle

When you choose a non-anonymous authentication method, you may supply a bearer token, an OAuth access token, or a custom HTTP header value. We:

• encrypt the credential with a per-scan KMS data key,
• store it for at most 15 minutes (DynamoDB TTL) — usually less than 5 seconds in practice,
• delete the stored row before the scanner connects to your server,
• never log the credential, never return it in any response, and never expose it to other users.

We do not accept OAuth client secrets, refresh tokens, SSH keys, or cloud-provider credentials. If your MCP server requires Basic Auth, build the Authorization: Basic … header yourself and supply it as a custom header.

5. Rate limits

Each dynamic scan costs 1 credit. Credits are the primary throttle — every signed-in user gets 2 free starter credits, and additional credits are sold in 10/50/200-credit packs on the pricing page. If your balance hits zero, the next scan returns 402 INSUFFICIENT_CREDITS until you top up.

On top of credits, the following abuse guards apply and return 429 when hit:

• Per user, burst cap: 20 dynamic scans per day, 3 concurrent. Designed to catch runaway scripts and stolen-credential patterns, not to throttle normal use. Larger packs (50, 200) are spread across multiple days at this cap — a 200-credit pack lasts ~10 days at the maximum daily rate.
• Per endpoint, hourly cap: 5 scans per hour against the same server endpoint, summed across all MCPSafe users. This is the DoS-amplifier guard — it protects the server you point at, including from accidental retry loops on your own CI.

If you have a legitimate use case that needs higher limits (load testing your own infrastructure, batched CI runs), contact us before you hit the cap — we’d rather raise your ceiling than throttle a real customer.

6. Enforcement

Violations of this policy may result in suspension of the account, revocation of issued credits, and — for clear misuse — referral to law enforcement together with the attestation log.

7. Contact

Questions, scope disputes, or incident reports: security@mcpsafe.io.