Cawght
Cawght

Terms and Conditions

Last updated: April 15, 2026

Acceptance of Terms

By accessing or using cawght.com or any associated services (collectively, the “Service”), you agree to be bound by these Terms and Conditions. If you do not agree to these terms, do not use the Service.

Description of Service

Cawght is an AI-powered business logic testing tool delivered as a web application at cawght.com. The Service reads your codebase via a GitHub integration, uses artificial intelligence to generate adversarial test scenarios targeting business logic vulnerabilities, executes those scenarios against a staging environment you configure, and reports its findings.

The Service offers a free tier with limited scans and paid plans with higher usage limits. AI usage is included — you do not need to provide your own API key.

User Responsibilities

  • Authorization: You must only use Cawght to test web applications that you own or have explicit written permission to test. Unauthorized testing of third-party applications may violate laws and regulations. You are solely responsible for ensuring you have proper authorization before initiating any scan.
  • Lawful use: You agree to use the Service only for lawful purposes and in compliance with all applicable local, national, and international laws and regulations.
  • Account security: You are responsible for maintaining the security of your Google account used to authenticate with Cawght. You must notify us immediately if you suspect unauthorized access to your account.
  • Accurate information: You agree to provide accurate and complete information when using the Service and to keep your account information up to date.

AI Limitations and No Warranty on Accuracy

Cawght relies on third-party AI models to classify endpoints, generate test scenarios, and evaluate results. AI-generated output is inherently probabilistic and may contain errors, false positives, or false negatives.

  • Cawght does not guarantee the accuracy, completeness, or reliability of any findings or test results.
  • Findings should be treated as indicators for further investigation, not as definitive security assessments.
  • Cawght is not a substitute for professional security audits, penetration testing, or manual code review.
  • You should not rely solely on Cawght's output to make security decisions for production systems.

Credits and Billing

Cawght operates on a credit-based usage model. Each scan consumes one credit. Free accounts receive a fixed number of credits to start. Paid plans include a monthly allowance of credits.

  • Paid plan subscriptions are processed through Polar.sh. Billing terms, refunds, and cancellations are governed by your subscription agreement with Polar.sh.
  • Unused credits do not roll over between billing periods unless explicitly stated in your plan.
  • We reserve the right to modify pricing with reasonable advance notice.

Data and Privacy

Your use of the Service is also governed by our Privacy Policy, which describes what data we collect, how it is stored, and your rights regarding that data. By using the Service, you consent to the data practices described in the Privacy Policy.

Scan data, test results, and findings are stored on our servers and associated with your account. We use soft-delete — records are marked as deleted rather than permanently removed, allowing for recovery. You may request full deletion of your data by contacting us.

Intellectual Property

The Cawght name, logo, source code, and all associated materials are the intellectual property of the Cawght team. You may not copy, modify, distribute, or create derivative works from any part of the Service without prior written permission.

You retain ownership of all data you provide to the Service, including application data captured during scans. Cawght does not claim any ownership over your application data or scan results.

Limitation of Liability

To the fullest extent permitted by law, Cawght and its maintainers shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising out of or related to your use of the Service, including but not limited to:

  • Damage caused by executing AI-generated test scenarios against your applications.
  • Data loss, corruption, or unintended side effects resulting from test execution.
  • Security vulnerabilities that Cawght failed to detect.
  • Any actions taken based on Cawght's findings or lack thereof.

The Service is provided on an “as is” and “as available” basis without warranties of any kind, whether express or implied, including but not limited to implied warranties of merchantability, fitness for a particular purpose, and non-infringement.

Termination

We reserve the right to suspend or terminate your access to the Service at any time, with or without cause, and with or without notice. You may stop using the Service at any time by signing out of your account and, optionally, requesting deletion of your account data.

Upon termination, your right to use the Service ceases immediately. Provisions of these terms that by their nature should survive termination (including limitation of liability, intellectual property, and disclaimers) will remain in effect.

Changes to These Terms

We may update these Terms and Conditions from time to time. When we do, we will revise the “Last updated” date at the top of this page. Continued use of the Service after any changes constitutes your acceptance of the revised terms. We encourage you to review this page periodically.

Contact

For questions about these terms, open an issue on our GitHub repository or email the maintainer.