Brewale — Acceptable Use Policy

Last updated: June 18, 2026 Effective date: June 18, 2026

This Acceptable Use Policy ("AUP") sets out how you may and may not use the Brewale Service. It forms part of the Terms of Service and applies to all Customers, their users, and anyone accessing the Service through them.

You are responsible for the activity of your users under your account.

1. Prohibited content and activity

You must not use the Service to:

  • engage in or facilitate any illegal activity, or to produce, store, or distribute illegal content;
  • store, transmit, or distribute malware, exploits, phishing kits, or other malicious code (including as the content of a skill or convention);
  • attack, probe, or otherwise interfere with the Service or Brewale's infrastructure, including denial-of-service attacks, port scanning, reverse engineering, rate-limit evasion, or unauthorized scraping;
  • impersonate any person or entity, or misrepresent your affiliation;
  • defraud, harass, threaten, or harm any person;
  • circumvent or attempt to circumvent access controls, organization boundaries, per-user ACLs, billing, trial, or rate-limiting mechanisms;
  • send unsolicited bulk or commercial messages, or use Integrations to do so;
  • train, fine-tune, or evaluate a competing MCP or skills/conventions hosting service using data obtained from the Service;
  • engage in any activity involving the sexual exploitation of minors; child sexual abuse material is a hard ban, will be reported to authorities where required, and triggers immediate termination;
  • infringe the intellectual-property, privacy, or other rights of any third party;
  • upload special-category personal data under GDPR Art. 9 (e.g. health, biometric, criminal records) into Customer Content unless you have implemented appropriate safeguards; the Service is not designed for this use.

2. AI-specific restrictions

You must not author, upload, distribute, or use skills, conventions, or Integration configurations that are designed to instruct an AI Agent to:

  • produce malware, exploits, or attack tooling;
  • generate child sexual abuse material or other content sexually exploiting minors;
  • impersonate real people in a manner intended to deceive;
  • commit fraud, including financial, identity, or academic fraud;
  • evade safety filters or content policies of the underlying AI provider;
  • take destructive actions in third-party systems without explicit, per-call human approval.

You must not rely on the Service for safety-critical, life-critical, legal, medical, or financial decisions without independent qualified human review.

3. Integrations and tool calls

When you connect an Integration to the Service:

  • accurately classify each tool as read, write, or delete; misclassification is your risk;
  • review every tool call proposed by an AI Agent (name and inputs) before approving — particularly write and delete calls;
  • maintain least-privilege per-user access controls and revoke promptly when no longer needed;
  • safeguard credentials and tokens used to connect Integrations, and rotate on suspected compromise;
  • comply with the third-party service's own terms.

You acknowledge that AI Agents may call write or delete tools and that such calls can cause irreversible changes in third-party systems. You are solely responsible for reviewing and authorizing every such call.

4. Fair use

You will use the Service in a reasonable manner consistent with its purpose. Brewale may impose technical limits and may require plan upgrades or reduce usage for accounts whose use materially exceeds typical patterns or impacts other Customers' experience.

5. Security obligations

You must:

  • keep credentials and API tokens confidential, and not share accounts;
  • use strong passwords and enable multi-factor authentication where offered;
  • promptly revoke access for departed team members;
  • rotate API tokens or Integration credentials on suspected compromise;
  • notify Brewale immediately of suspected unauthorized access via security@brewale.dev.

You are responsible for all activity under your account and tokens.

6. Reporting

If you become aware of a breach of this AUP, abusive content, or a security vulnerability in the Service, please report it:

  • abuse and AUP violations: abuse@brewale.dev
  • security vulnerabilities: security@brewale.dev

Brewale appreciates responsible disclosure of security issues; please give us reasonable time to investigate and remediate before public disclosure.

7. Enforcement

Brewale may, at its discretion and where reasonable with prior notice:

  • request that you cure a violation within a stated period;
  • remove offending content from the Service;
  • suspend Service access pending investigation;
  • terminate the account for cause under the Terms of Service;
  • cooperate with law-enforcement requests as required by law.

In emergencies — including illegal content, active attack on the Service, or a credible security or safety threat — Brewale may take any of the above actions without prior notice.

Brewale will inform Customer of significant enforcement actions where lawful and reasonable to do so.

8. Changes

Brewale may update this AUP from time to time. Material changes will be communicated by email and in-app banner at least 30 days before they take effect, in line with the Terms of Service.

9. Contact

  • Abuse: abuse@brewale.dev
  • Security: security@brewale.dev
  • General: support@brewale.dev