Verdicter
Verdicter

Terms of Service

Effective date: June 1, 2026

1. Agreement

By creating an account or using any part of the Verdicter platform (“Service”), you agree to these Terms. If you are using Verdicter on behalf of an organization, you represent that you have authority to bind that organization. “Verdicter”, “we”, “us”, and “our” refer to Verdicter, Inc.

2. Description of the Service

Verdicter is a security platform for AI agents. The Service includes the following capabilities, all operated as a single platform:

  • Enforce: Runtime policy evaluation. Agent actions are assessed against your configured policies and returned a decision (allow, deny, modify, or escalate) before execution.
  • Observe: Session-level tracing. Agent tool calls are grouped into sessions so you can reconstruct agent behavior over time.
  • Shield: Prompt injection and jailbreak detection. Inputs are scanned against built-in and custom regex patterns before reaching your model.
  • Comply: Compliance report generation. Verdicter compiles evidence from your runtime audit data against recognized frameworks (SOC 2, GDPR, HIPAA, EU AI Act).
  • Sandbox: Policy testing environment. You can define multi-step scenarios and run them through the policy engine without affecting production data.
  • Identity: Agent credential management. Secrets are stored only as masked hints. The original value is never retrievable through Verdicter after creation.

3. Account Registration

You must provide accurate information when creating an account. You are responsible for maintaining the confidentiality of your credentials and for all activity under your account. Verdicter API keys are shown in full exactly once at creation; the plaintext is not stored. You must notify us immediately at security@verdicter.dev of any unauthorized access.

4. Acceptable Use

You agree not to:

  • Use the Service to circumvent, disable, or undermine AI security controls.
  • Attempt to reverse-engineer the policy engine, Shield detection patterns, or any proprietary algorithms.
  • Introduce malicious payloads, injection attacks, or data intended to corrupt audit logs.
  • Resell or sublicense access to the Service without written permission.
  • Use the Service in applications that make fully automated, unreviewed decisions in high-stakes domains (medical, legal, financial) without appropriate human oversight.

5. Data Ownership

You retain ownership of all data you submit to the Service, including agent configurations, policies, payload data, Shield scan inputs, compliance report inputs, sandbox scenarios, and credential hints. You grant Verdicter a limited license to process this data solely to provide and improve the Service. We do not use your payload or scan data to train AI models.

6. Credential Handling

When you store credentials through the Identity feature, Verdicter records only a masked hint (the final four characters of the value). The original value is processed transiently during the request and is not persisted in any Verdicter-controlled storage. You are solely responsible for the secure management and rotation of your agents' actual secrets.

7. Shield Scan Data

Shield scans process user-supplied or agent-supplied input and store an input preview - a truncated excerpt - alongside the scan result. This preview may contain fragments of the original prompt. You are responsible for ensuring that any data submitted for Shield scanning complies with applicable data protection regulations. You may configure retention periods on Pro and Enterprise plans.

8. Compliance Reports

Comply-generated reports are derived from your own runtime audit data and are provided as informational outputs only. They do not constitute legal, regulatory, or professional compliance certifications. Verdicter makes no warranty that any report satisfies the requirements of any regulatory body or auditor. You should engage qualified professionals for formal audits.

9. Service Availability and Limits

Verdicter targets high availability but does not guarantee uninterrupted access. Evaluation quotas apply per plan (see Pricing). Exceeding your quota results in evaluations being blocked until your quota resets. Verdicter is not liable for losses resulting from quota exhaustion or service interruptions.

10. Intellectual Property

The Verdicter platform, including its policy engine, Shield detection system, and all associated software, is the intellectual property of Verdicter, Inc. Nothing in these Terms grants you any ownership rights in the platform.

11. Termination

You may cancel your account at any time. We may suspend or terminate your account for material violation of these Terms. Upon termination, your data will be deleted in accordance with our retention policy (see Privacy Policy).

12. Limitation of Liability

To the maximum extent permitted by law, Verdicter shall not be liable for any indirect, incidental, special, or consequential damages arising from your use of the Service, including but not limited to losses resulting from policy decisions made by the Verdicter engine, undetected prompt injections, or compliance gaps. Our aggregate liability shall not exceed the fees paid by you in the twelve months preceding the claim.

13. Changes to These Terms

We may update these Terms from time to time. We will notify registered users of material changes by email and by posting a notice in the dashboard. Continued use of the Service after the effective date of changes constitutes acceptance.

14. Contact

Questions about these Terms? Contact us at legal@verdicter.dev.