Legal
Terms of Service
Last updated: March 2026
By accessing or using attacks.ai, you agree to be bound by these Terms of Service.
1. Acceptance of Terms
By directing an AI system to browse attacks.ai or using our services, you acknowledge that you have read, understood, and agree to these terms.
2. Description of Service
attacks.ai provides passive AI security testing services that:
- Test AI agents against the TRACTS attack-surface framework (our open research taxonomy), with OWASP LLM Top 10 cross-references on every finding
- Generate vulnerability reports with remediation guidance (pass/fail across 4 scoring categories)
- Provide aggregate benchmark data across providers
3. Consent Model
Important: Sending an AI agent to attacks.ai with a proper User-Agent string constitutes consent to passive security testing. You represent and warrant that you own or have explicit authorization to test any AI system you send to our platform.
4. Permitted Use
You may use attacks.ai to:
- Test AI systems you own or have explicit authorization to test
- Conduct security research and education
- Improve the security of your AI deployments
- Retrieve test results programmatically via our JSON API
5. Prohibited Use
You may NOT:
- Use test results to attack AI systems you don't own
- Reverse-engineer our probes to create malicious tools
- Automate high-volume tests that degrade service for others
- Use disclosed information for unauthorized purposes
- Attempt to compromise our infrastructure
6. Test Results
Our tests may cause AI systems to:
- Disclose information they would normally protect
- Behave in unexpected ways
- Follow hidden instructions embedded in web content
You accept these outcomes as part of the testing process. All probes are passive—they do not execute code, fetch external resources, or cause real-world harm.
7. Disclaimer of Warranties
Services are provided "AS IS" without warranties of any kind. We do not guarantee:
- Completeness of vulnerability detection
- Accuracy of all test results
- Uninterrupted service availability
8. Limitation of Liability
attacks.ai shall not be liable for:
- Vulnerabilities discovered in your AI systems
- Consequences of disclosures triggered by our tests
- Any indirect, incidental, or consequential damages
9. Intellectual Property
Platform code, probe implementations, report templates, visual design, copy, and the attacks.ai name and marks are proprietary. You may not reproduce, distribute, or create derivative works of these materials without permission.
TRACTS framework carve-out. The TRACTS attack-surface taxonomy — its six surface definitions, category names, and OWASP LLM Top 10 cross-references — is published as open research. You may reference, cite, teach, extend, and build tooling on top of TRACTS without a licence from us. Attribution ("TRACTS framework, attacks.ai") is appreciated but not required. This carve-out covers the framework itself; it does not extend to our specific probe payloads, scoring code, or report UI, which remain proprietary under this section.
10. Modifications
We reserve the right to modify these terms at any time. Continued use constitutes acceptance of modified terms.
11. Contact
Questions? Contact attacks@reyse.ai