Firmis Labs

Terms of Service

Effective date: April 1, 2026

These Terms of Service ("Terms") govern your use of the Firmis Labs platform, including the CLI scanner, cloud workspace, and all associated services operated by Firmis Labs ("Firmis", "we", "us"). By using our services, you agree to these Terms.

1. Service description

Firmis Labs provides AI agent security scanning, remediation guidance, and runtime monitoring for AI agent configurations. The service includes:

  • firmis-cli: a local CLI scanner that analyzes agent configurations on your machine
  • Deep scan: server-side AI analysis of component metadata for deeper threat verification
  • Monitor: runtime tool call oversight that captures metadata and enforces policies
  • Workspace: a cloud dashboard at workspace.firmislabs.com for managing scan history, teams, and results

2. Account terms

  • Accounts are created via GitHub OAuth. You are responsible for maintaining the security of your GitHub credentials.
  • One account per person. Shared accounts are not permitted.
  • You must provide accurate information when creating an account.
  • You are responsible for all activity that occurs under your account.
  • Notify us immediately at legal@firmislabs.com if you suspect unauthorized access.

3. Acceptable use

You may use Firmis Labs only for lawful purposes. Specifically:

  • You may only scan systems you own or have explicit written permission to test.
  • You may not use the service to scan third-party systems without authorization.
  • You may not attempt to reverse engineer, decompile, or extract our AI models or detection rules.
  • You may not use automated tooling to mass-scan third-party agent registries or repositories.
  • You may not resell or sublicense access to the service without written consent.
  • You may not use the service to facilitate attacks, generate malware, or evade security controls.

Violation of acceptable use terms may result in immediate account suspension without refund.

4. Intellectual property

Firmis Labs owns all rights to the service, including the platform, AI models, detection rules, and documentation. Nothing in these Terms transfers ownership of our intellectual property to you.

You own your scan data. Scan results, findings, and reports generated by the service from your agent configurations belong to you. We do not claim ownership of your data.

The open-source scanner (firmislabs/firmis-scanner) is licensed separately under Apache-2.0.

5. Billing and subscriptions

Subscriptions and credit packs are processed by LemonSqueezy, our payment processor. By purchasing a subscription or credit pack, you agree to LemonSqueezy's terms in addition to these.

  • Subscriptions renew automatically at the end of each billing period.
  • You can cancel at any time. Cancellation stops the next renewal but does not provide a prorated refund for the current period.
  • AI credit packs are non-refundable once credits have been consumed.
  • Unused monthly subscription credits expire at the end of each billing period and do not roll over.
  • Credit pack credits expire 12 months after purchase.
  • Monthly subscription credits are consumed before credit pack credits.

If you believe there is a billing error, contact us within 30 days at legal@firmislabs.com and we will investigate.

6. Service availability

We work hard to keep Firmis Labs available and reliable, but we do not guarantee uptime for Free or Pro plans. Service level agreements are available for Business and Custom customers by negotiation.

Planned maintenance will be communicated in advance when possible. We are not liable for losses resulting from downtime or service interruptions.

7. Limitation of liability

Firmis Labs provides security findings as guidance, not guarantees. The service may not detect every vulnerability in your agent configurations. You are responsible for making security decisions based on the findings we provide.

To the maximum extent permitted by applicable law, Firmis Labs and its affiliates are not liable for any indirect, incidental, special, consequential, or punitive damages, including loss of profits or data, arising from your use of or inability to use the service, even if we have been advised of the possibility of such damages.

Our total liability to you for any claim arising out of these Terms or your use of the service is limited to the amount you paid us in the 12 months preceding the claim.

8. Data handling

Our collection and use of your data is described in the Privacy Policy, which is incorporated into these Terms by reference.

9. Termination

You may terminate your account at any time by contacting legal@firmislabs.com. We may suspend or terminate your account for violation of these Terms, non-payment, or other reasons with reasonable notice where possible.

Upon termination, your access to the workspace will be disabled. You may request an export of your scan data within 30 days of termination. After that period, data may be deleted per our retention policy.

10. Changes to these terms

We will notify you by email at least 30 days before making material changes to these Terms. Continued use of the service after the effective date constitutes acceptance of the updated Terms.

For minor changes (such as clarifications or typo corrections), we may update the Terms without advance notice.

11. Governing law

These Terms are governed by the laws of the State of Delaware, USA, without regard to conflict of law principles. Any disputes arising under these Terms will be resolved in the courts of Delaware, and you consent to personal jurisdiction in those courts.

12. Contact

Legal notices and questions about these Terms should be sent to legal@firmislabs.com.

Firmis Labs
firmislabs.com