# Acceptable Use Policy This Acceptable Use Policy ("**AUP**") forms part of the licence terms under which the LEGX toolkit (including the Document Integrity Verifier) is made available. It is incorporated by reference into the [LICENSE](LICENSE) file. Where the LICENSE permits a use, this AUP narrows that permission. Violating this AUP terminates your licence under the terms in the LICENSE' **Violations** section. The terms "**Software**", "**licensor**", "**you**", and "**your company**" have the meanings given to them in the LICENSE. The Software is a **defensive tool**. It exists so that humans and automated workflows can decide whether a document is being truthful about itself before it reaches an AI ingestion pipeline. The Software was not built to attack systems, generate adversarial content, or train models to evade detection — and you may not use it to do those things. --- ## 1. Prohibited uses You may not use the Software, or any part of it, to: 1. **Develop, train, fine-tune, evaluate, distribute, or operate offensive AI capabilities** — including but not limited to prompt injection tools, jailbreak generators, document-borne attack templates, watermark removers, hidden-payload writers, OCR-evasion models, or any other system whose primary purpose is to attack, bypass, or weaken safety mechanisms of an AI system, a human reader, or an organisation. 2. **Test attacks against any system you are not authorised to test.** You are responsible for ensuring you have explicit, written, scope- bounded authorisation before pointing the Software, its outputs, or any derived artifact at production or third-party systems. 3. **Use detected patterns, regexes, or model outputs as training data, reinforcement signal, or evaluation targets** for any system whose purpose is to evade detection by this Software, by any other defensive scanner, or by any AI safety mechanism. The lexicon and the model verdicts are defensive signals; teaching attackers to route around them defeats the entire point of the Software. 4. **Misrepresent Software output** — verdicts, detector matrices, OCR diffs, or the written assessment — as compliance certification, as a security audit by the licensor, or as a guarantee of safety. The output is advisory; representing it otherwise is a deceptive practice and a violation of this AUP. 5. **Strip, modify, hide, or work around the LICENSE, this AUP, the `DISCLAIMER.md`, the `Required Notice` lines, or the in-app warnings** in any distribution, fork, deployment, or derived work. 6. **Re-enable the authoring side of the LEGX toolkit (challenge generation, transform catalogs, fixtures, blind-package tooling) in a distribution presented as a "detector" or "scanner" to end users without making the re-enabled authoring capability and its risks unambiguously visible.** The detector-only export script (`scripts/export_zerogpu_space.ps1`) is the canonical detector distribution; forks that quietly re-enable authoring are out of scope of any licence granted to you. 7. **Process documents containing personal data, privileged communications, or regulated information** with a **public** instance of the Software (e.g. a public Hugging Face Space). Private, self-hosted deployments are the appropriate channel for any non-public material. 8. **Use the Software to generate, automate, or accelerate harassment, discrimination, surveillance against political dissidents, journalists or human-rights defenders, or any activity prohibited by applicable law.** ## 2. Required disclosures for forks and derived works If you distribute a fork or derived work: 1. Include this `ACCEPTABLE_USE.md` and the `DISCLAIMER.md` unmodified. 2. Preserve every `Required Notice:` line from the LICENSE. 3. State plainly that your fork is **not endorsed by, audited by, or maintained by the licensor**. 4. If your fork modifies any detector, the lexicon, the reasoning prompt, or the LLM verdict path, **document those modifications in a `CHANGES.md`** so downstream users can decide whether they trust the modified detection layer. 5. If your fork removes or weakens any safety check (size cap, GPU timeout, work-dir cleanup, etc.), this is a material change and must be flagged in `CHANGES.md` with the rationale. ## 3. Reporting abuse If you become aware of a deployment that violates this AUP, please contact the licensor (see [`COMMERCIAL.md`](COMMERCIAL.md)). Reports made in good faith will be treated confidentially where the law allows. ## 4. Effect of violation Per the LICENSE, the first time you are notified in writing of a violation, you have 32 days to come into compliance. If you do not, **all your licences end immediately**. Continued use after termination is copyright infringement. The licensor reserves the right to publicly identify deployments that materially violate this AUP, especially where doing so protects users from being misled about the safety guarantees of a defensive tool. ## 5. No defensive exception for offence The fact that the Software detects an attack class does **not** grant you permission to *create* that attack class, even for "research" or "red-team" purposes, unless you are operating under (a) an explicit authorisation from the target system's owner, (b) a published responsible-disclosure policy, and (c) a written commitment not to release weaponisable artifacts. This AUP narrows what counts as "permitted purpose" under the LICENSE — defensive purpose is permitted; offensive purpose is not.