Terms of Service

Last updated: March 21, 2026

1. Agreement to terms

These Terms of Service ("Terms") are a legal agreement between you ("Customer", "you") and Gourmand Labs LLC, a Delaware limited liability company operating as CitrusGlaze ("CitrusGlaze", "we", "us"). By using CitrusGlaze software, services, or the citrusglaze.dev website, you agree to these Terms. If you are accepting on behalf of an organization, you represent that you have authority to bind that organization.

2. Products and licensing

2.1 CitrusGlaze Scanner

The CitrusGlaze Scanner (citrusglaze-scan) is open-source software distributed under the MIT License. You may use, modify, and distribute the scanner in accordance with the MIT License. The scanner source code is available on GitHub.

2.2 CitrusGlaze Proxy and Platform

The CitrusGlaze proxy, MCP Gateway, desktop application, and associated platform features are proprietary software owned by Gourmand Labs LLC. These are licensed, not sold. Your use is governed by the End User License Agreement (Section 3) and the subscription tier you select.

2.3 Website

citrusglaze.dev provides product information, documentation, downloadable reports, and comparison pages. Content is provided for informational purposes.

3. End User License Agreement (EULA)

3.1 License grant

Subject to these Terms and payment of applicable fees, CitrusGlaze grants you a non-exclusive, non-transferable, non-sublicensable license to install and use the CitrusGlaze software for your internal business purposes during the subscription term.

3.2 How the software works

CitrusGlaze operates as a local MITM (man-in-the-middle) proxy and prompt firewall. This means:

• It generates a local root CA certificate on your machine
• You must trust this certificate in your system keychain
• The proxy intercepts and inspects HTTPS traffic between your AI tools and AI providers
• The MCP Gateway intercepts and evaluates MCP tool calls against security policies
• All interception and inspection happens locally on your machine — no data is sent to CitrusGlaze servers, except as described in our Privacy Policy (error reporting, license validation, optional cloud sync features)

By installing and using the software, you acknowledge that you understand how MITM proxies work and consent to local traffic interception. You are responsible for ensuring you have authorization to inspect traffic on devices where you install the software.

3.3 Restrictions

You agree not to:

• Use CitrusGlaze to intercept traffic on devices you do not own or control without proper authorization
• Reverse engineer, decompile, or disassemble the proprietary components of the software
• Redistribute, sublicense, or resell the proprietary software
• Use the software to violate any applicable laws or regulations
• Remove or modify any proprietary notices or labels
• Use our trademarks (name, logo, "Prompt Firewall", "AI Traffic Control") in a way that implies endorsement without written permission

3.4 Data ownership

You retain all rights to your data. CitrusGlaze does not access, collect, store, or process your AI traffic, prompts, responses, secrets, or any data inspected by the software. All data remains on your local machine in a SQLite database under your control. We have no access to your data.

3.5 Your responsibilities

You are responsible for:

• Ensuring authorized deployment on devices you own or manage
• Compliance with your organization's policies regarding traffic inspection and employee monitoring
• Maintaining the security of your local database and CA certificate
• Informing your users/employees that AI traffic is being inspected, where required by law
• Backing up your local data — CitrusGlaze is not responsible for data loss

4. Subscription plans and payment

4.1 Plans

Plan	Price	Billing
Free	$0	No payment required
Pro	$10/user/month	Monthly
Team	$20/user/month	Monthly
Enterprise	Custom	As agreed

4.2 Free tier

The Free tier includes the scanner and basic proxy features. It is free with no time limit — it is not a trial. No signup, no credit card, no account required.

4.3 Paid subscriptions

Paid subscriptions (Pro, Team) are billed monthly via Stripe. Payment is due at the start of each billing cycle. All fees are in US dollars and are non-refundable except as required by applicable law.

4.4 Usage counting

Subscriptions are priced per user. A "user" is an individual who has the CitrusGlaze software installed and active on their machine during the billing period.

4.5 Cancellation

You may cancel your subscription at any time. Upon cancellation:

• Your access to paid features continues until the end of your current billing period
• Your account automatically reverts to the Free tier
• Your local data remains on your machine — we cannot and do not delete it
• No partial refunds are provided for unused time in the current billing period

4.6 Price changes

We may change pricing with 30 days' notice. Price changes take effect at the start of your next billing cycle after the notice period. If you disagree with a price change, you may cancel before it takes effect.

4.7 Enterprise terms

Enterprise subscriptions are governed by a separate agreement. Contact [email protected] for enterprise terms.

5. Service availability

CitrusGlaze runs locally on your machine. We do not host a cloud service, so there is no "uptime" to guarantee. However:

• We aim to provide timely software updates and security patches
• We do not guarantee uninterrupted or error-free operation
• We do not provide a formal Service Level Agreement (SLA) at this time
• Support is provided via email on a best-effort basis (engineering-direct for Enterprise customers)

6. Disclaimer of warranties

THE SOFTWARE IS PROVIDED "AS IS" AND "AS AVAILABLE", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT.

Specifically, CitrusGlaze does not warrant that:

• The secret detection will find all secrets (false negatives are possible)
• Every detection is a genuine secret (false positives are possible)
• The software will be compatible with all AI tools or configurations
• The prompt firewall will block all dangerous operations

CitrusGlaze is one layer in a defense-in-depth strategy. You should not rely solely on CitrusGlaze for security.

7. Limitation of liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, GOURMAND LABS LLC'S TOTAL LIABILITY UNDER THESE TERMS SHALL NOT EXCEED THE GREATER OF (A) THE TOTAL FEES PAID BY YOU IN THE 12 MONTHS PRECEDING THE CLAIM, OR (B) ONE HUNDRED US DOLLARS ($100).

IN NO EVENT SHALL GOURMAND LABS LLC BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO:

• Secrets or sensitive data that the software fails to detect
• Business losses resulting from software failures or downtime
• Data breaches that occur despite use of the software
• Compatibility issues with specific AI tools or configurations
• Loss of data resulting from proxy operation
• Costs of procurement of substitute services

8. Indemnification

8.1 Your indemnification

You agree to indemnify, defend, and hold harmless Gourmand Labs LLC from any claims, damages, or expenses (including reasonable attorneys' fees) arising from: (a) your use of the software in violation of these Terms; (b) your deployment of the software on devices without proper authorization; or (c) your violation of applicable laws.

8.2 Our indemnification

Gourmand Labs LLC will indemnify you against third-party claims that the software infringes a valid patent or copyright, provided you notify us promptly and give us control of the defense. This obligation does not apply to modified versions of the software or use in combination with non-CitrusGlaze products.

9. Intellectual property

The CitrusGlaze name, logo, and brand identity are trademarks of Gourmand Labs LLC. "Prompt Firewall", "AI Traffic Control", "Shadow Agent Traffic", and "Prompt-Level DLP" are trademarks of Gourmand Labs LLC. The scanner source code is licensed under MIT. The proxy, MCP Gateway, and platform source code are proprietary. Website content (blog posts, reports, comparison pages) is copyrighted and may not be reproduced without permission, except for fair use purposes.

10. Email communications

If you provide your email address to download a report, you consent to receiving up to 3 emails related to that report. You can unsubscribe at any time. We will not send marketing emails beyond the stated drip sequence without your explicit consent.

11. Termination

Either party may terminate these Terms at any time. We may terminate or suspend your access immediately if you violate these Terms. Upon termination:

• Your license to use the proprietary software ends
• Your local data remains yours — we cannot access or delete it
• Your right to use the open-source scanner under MIT continues unaffected
• Sections 6, 7, 8, and 9 survive termination

12. Governing law and disputes

These Terms are governed by the laws of the State of Delaware, United States, without regard to conflict of law provisions. Any dispute arising from these Terms shall be resolved in the state or federal courts located in Delaware. You agree to personal jurisdiction in these courts.

13. Changes to these terms

We may update these Terms with 30 days' notice for material changes. Notice will be provided via email (to subscribers) or by posting on this page. Continued use after the notice period constitutes acceptance. If you disagree with changes, you may cancel your subscription before they take effect.

14. Severability

If any provision of these Terms is found unenforceable, the remaining provisions continue in full effect.

15. Entire agreement

These Terms, together with the Privacy Policy and any Enterprise agreement, constitute the entire agreement between you and Gourmand Labs LLC regarding CitrusGlaze.

16. Contact

Questions about these terms? Email [email protected].