Terms of Service

Last updated: February 19, 2026

1. Acceptance of Terms

By accessing or using ShipGrade ("the Service"), you agree to be bound by these Terms of Service. If you do not agree to these terms, do not use the Service. We may update these terms at any time; continued use after changes constitutes acceptance.

2. Description of Service

ShipGrade is a trust profile platform for software products. The Service provides automated security, privacy, performance, and reliability assessments for websites and MCP servers. Builders register products, automated scanners generate trust scores, and public profile pages allow buyers to evaluate products.

3. Service Availability

ShipGrade is an independently operated platform. By using the Service, you acknowledge and agree that:

  • The Service is provided on an "as available" basis. We do not guarantee uninterrupted access, uptime, or continued operation of the platform.
  • We may modify, suspend, or discontinue any part of the Service at any time, with or without notice.
  • We are not obligated to maintain, support, or update the Service for any specific duration.
  • You should not rely on the continued availability of ShipGrade or any specific feature for business-critical decisions.

4. User Accounts

  • You must provide accurate information when creating an account.
  • You are responsible for maintaining the security of your account credentials.
  • You must notify us immediately of any unauthorized access to your account.
  • One person or entity may not maintain more than one account.

5. Product Registration and Scanning

By submitting a product URL for scanning, you represent that:

  • You own or have authorization to submit the product for assessment.
  • You consent to ShipGrade making HTTP requests to the submitted URL for the purpose of security and trust assessment.
  • For MCP server products, you consent to ShipGrade downloading and analyzing publicly available source code from the repository URL you provide.
  • You understand that scan results for published products will be displayed on a public profile page.

6. Public Profiles and Data Display

When you publish a product, its trust score, grade, and pass/fail status for each scan check become publicly visible. This includes display in the ShipGrade directory, on your product's public profile page, and through embeddable badges. By publishing, you grant ShipGrade permission to:

  • Display your product name, trust score, grade, scan results summary, and any profile information you provide (tagline, description, builder name) on publicly accessible pages.
  • Include your product in the ShipGrade directory, search results, JSON feeds, and API responses.
  • Use your product's public trust data in aggregate statistics, benchmarks, or promotional materials for the platform.

Detailed scan findings (vulnerability specifics, header values, source code analysis) are never shown publicly and remain private to your dashboard. You may unpublish a product at any time to remove it from public view.

7. Source Code Uploads

For MCP server products, you may upload source code archives for analysis. When you upload source code:

  • No source code is stored. Uploaded files are processed entirely in memory during the scan and discarded immediately upon completion. No source code is written to disk, saved to any database, or retained in any form.
  • No source code is transmitted to third parties. Analysis is performed by ShipGrade's own scanning engine. Your code is not sent to external services, AI models, or other third parties.
  • Only scan results are retained. After analysis, we store the resulting pass/fail assessments, scores, and remediation suggestions — not the underlying source code.
  • You are responsible for ensuring that uploaded archives do not contain secrets, credentials, or other sensitive data. While our scanners detect and flag potential secrets, we recommend stripping sensitive files before upload.
  • By uploading, you confirm you are authorized to submit the code for analysis and that the upload does not violate any third-party intellectual property rights.

8. Acceptable Use

You agree not to:

  • Submit URLs you do not own or have authorization to scan.
  • Attempt to manipulate scan results or trust scores.
  • Use the Service to conduct unauthorized security testing of third-party systems.
  • Reverse-engineer the scanning algorithms to circumvent legitimate security checks.
  • Use automated tools to create accounts, submit products, or scrape data at scale.

9. Intellectual Property

The ShipGrade platform, including its scanning algorithms, scoring methodology, remediation content, and user interface, is protected by copyright and other intellectual property laws. You retain full ownership of any data and source code you submit. By using the Service, you grant ShipGrade a limited license to process your submitted URLs and uploaded code for the sole purpose of generating scan results, and to display those results as described in these terms.

10. Disclaimers

  • Trust scores and scan results are automated assessments, not guarantees of security or reliability.
  • ShipGrade does not warrant that scan results are complete or free from false positives/negatives.
  • A high trust score does not constitute a certification, endorsement, or warranty of the scanned product.
  • Remediation suggestions are provided as guidance and should be tested in a staging environment before production deployment.
  • The Service is provided "as is" and "as available" without warranties of any kind, express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, or non-infringement.

11. Limitation of Liability

To the maximum extent permitted by law, ShipGrade and its operators shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including loss of profits, data, or business opportunities, arising from your use of or inability to use the Service, or from any interruption, suspension, or termination of the Service. Our total liability for any claim shall not exceed the amount you paid for the Service in the 12 months preceding the claim.

12. Termination

We may suspend or terminate your account if you violate these terms or engage in activity that is harmful to the Service or other users. You may delete your account at any time through your dashboard settings. Upon termination, your data will be handled in accordance with our Privacy Policy.

13. Changes to Terms

We reserve the right to modify these terms at any time. Material changes will be communicated via email to registered users at least 14 days before they take effect. Your continued use of the Service after changes take effect constitutes acceptance of the modified terms.

14. Governing Law

These terms shall be governed by and construed in accordance with the laws of the United States. Any disputes arising from these terms or the Service shall be resolved through binding arbitration, except where prohibited by law.

15. Contact

Questions about these terms? Contact us at hello@shipgrade.dev.