Terms of Service

Effective Date: April 1, 2026

1. Acceptance of Terms

By installing, accessing, or using the SquireX GitHub App or any SquireX services (collectively, the "Service"), you agree to be bound by these Terms of Service ("Terms"). If you are using the Service on behalf of an organization, you represent that you have authority to bind that organization to these Terms.

2. Description of Service

SquireX provides a static analysis security scanner for Salesforce Agentforce metadata. The Service:

Scans repository pull requests for security vulnerabilities in Agentforce agent configurations
Reports findings as GitHub PR comments, Check Runs, and SARIF uploads
Processes code ephemerally — no persistent storage of customer source code

3. Accounts and Access

The Service is accessed through a GitHub App installation. By installing SquireX, you grant the application read access to repository contents and write access to pull requests, checks, and code scanning alerts, as specified during installation.

You are responsible for maintaining the security of your GitHub account and for all activity under your installation.

4. Plans and Pricing

Community (Free): Full 26-rule scan on all repositories. No limitations on scan frequency.
Enterprise: Private repository scanning, custom rules, priority support. Pricing is per-repository as listed on the GitHub Marketplace or at squirex.dev/pricing.

SquireX reserves the right to modify pricing with 30 days' notice to active subscribers.

5. Data Handling

SquireX processes your code only during active scans. Specifically:

Repository contents are cloned to a temporary directory for the duration of the scan
All cloned data is deleted immediately after the scan completes
No source code is persisted, logged, or transmitted to third parties
Scan results (SARIF reports) are posted back to your GitHub repository via the GitHub API

Metadata stored by SquireX is limited to: installation ID, organization name, repository name (for routing), and scan timestamps.

6. Acceptable Use

You agree not to:

Reverse-engineer, decompile, or tamper with the SquireX scanning engine
Use the Service to scan repositories you do not own or have authorization to scan
Attempt to circumvent billing, rate limits, or access controls
Submit webhook requests that impersonate the GitHub platform

7. Intellectual Property

SquireX retains all rights to the scanning engine, security rules, and associated tooling. Your code remains yours — SquireX claims no ownership of scanned content or scan results.

8. Limitation of Liability

The Service is provided "as is" without warranties of any kind. SquireX shall not be liable for:

Security vulnerabilities not detected by the scanner
False positives that delay your deployment process
Service downtime or interruptions
Any indirect, incidental, or consequential damages

In no event shall SquireX's total liability exceed the amount paid by you for the Service in the 12 months preceding the claim.

9. Termination

You may terminate your use of the Service at any time by uninstalling the GitHub App. SquireX may suspend or terminate access for violations of these Terms or for non-payment of Enterprise fees.

10. Changes to Terms

SquireX may update these Terms at any time. Material changes will be communicated via email to the organization billing contact or through the GitHub App interface. Continued use after changes constitutes acceptance.

11. Contact

For questions about these Terms, contact us at hello@squirex.dev.