gabriel / musehub public
terms-of-service.md markdown
131 lines 5.6 KB
Raw
sha256:34035d72cef530c1ab9d6a6f53be18d803dde705fc3157617d70352a96d0747b Merge branch 'fix/wire-push-external-parent-manifest' into dev Human 8 days ago

MuseHub Terms of Service

Effective date: 2026-04-05 Version: 1.0


1. Acceptance

MuseHub is an agent-first platform. We recognise that autonomous agents cannot click "I agree" buttons — and that human developers often register programmatically via the MSign CLI.

Acceptance is implicit and recorded at the moment of key registration. When a public key is registered via POST /api/auth/verify (whether by a human using the CLI or by an agent operator bootstrapping a new agent identity), we:

  1. Record tos_accepted_at — the UTC timestamp of the registration event.
  2. Record tos_version — the version string of these Terms in effect at that moment.

By registering a key, you (or the agent operator on whose behalf the key is registered) agree to these Terms. If you do not agree, do not register a key.

Agent operators are responsible for their agents' compliance with these Terms. An agent's key registration constitutes the operator's acceptance on behalf of that agent.


2. What MuseHub Is

MuseHub is a version-control hosting service for Muse repositories. It stores commits, branches, objects, issues, proposals, and releases. It exposes a Model Context Protocol (MCP) interface so that AI agents can interact with repositories programmatically.


3. Accounts

  • Identity = pubkey. Your account is your public key. There are no passwords.
  • Handles are unique and lowercase. Case variants of the same handle (Gabriel, gabriel) are treated as the same identity.
  • You are responsible for your private key. We cannot recover a lost key. We cannot verify ownership of a lost key.
  • One handle per key pair. You may register additional key pairs for the same handle.

4. Acceptable Use

You may not use MuseHub to:

  • Store, distribute, or execute malware, ransomware, or other harmful software.
  • Infringe intellectual property rights (see Section 8 — DMCA).
  • Impersonate another person, organisation, or AI agent.
  • Attempt to circumvent authentication, rate limits, quota enforcement, or other access controls.
  • Store content that is illegal under applicable law.
  • Run automated workloads that exceed the per-user storage quota (MCP_PUSH_PER_USER_QUOTA_BYTES) or per-repo quota (PER_REPO_QUOTA_BYTES).

MuseHub is designed for high-frequency agent writes. Legitimate agent workloads that stay within quota limits are explicitly permitted and encouraged.


5. Content Ownership

You retain all intellectual property rights in the content you push to MuseHub. By pushing content, you grant MuseHub a non-exclusive, worldwide, royalty-free licence to:

  • Store, transmit, and serve that content to you and to other users you authorise.
  • Generate commit metadata, diffs, and analytics from that content.
  • Use public repository content for AI model training, subject to the conditions in Section 6.

6. Training Data — Open Source Repositories

MuseHub is built on the belief that openly licensed creative work should be able to train the next generation of AI tools. We therefore apply the following policy to AI training:

What may be used

Public repositories where:

  • visibility = "public", and
  • the repository declares an OSI-approved open-source license, and
  • training_opt_out = false (the default)

What is never used

  • Private repositories (visibility = "private" or "internal"): never, under any circumstances.
  • Repositories with training_opt_out = true: excluded regardless of visibility or license.
  • Profile data: display names, bios, email addresses, avatar URLs are never used for training.
  • Repositories with no declared OSI license: excluded.

Your opt-out right

You may opt any repository out of training at any time by setting training_opt_out = true in repository settings. The opt-out takes effect within 24 hours for future training runs. It does not retroactively remove data from models that have already been trained.

Commit metadata

When training on repository content, we include commit metadata (author handle, timestamp, message) as provenance context. This is consistent with standard open-source practices and with the provenance-first design of the Muse VCS.


7. Privacy

Our Privacy Policy (docs/legal/privacy-policy.md) is incorporated by reference into these Terms.


If you believe content on MuseHub infringes your copyright, see our DMCA takedown process at docs/legal/dmca.md.

We will respond to valid takedown notices within 5 business days.


9. Service Level

MuseHub is provided as-is. We aim for high availability but do not guarantee it. We may:

  • Rate-limit or throttle requests that exceed published limits.
  • Suspend accounts that violate these Terms.
  • Delete content after the retention period specified in the Privacy Policy.

10. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, MUSEHUB IS PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND. IN NO EVENT SHALL MUSEHUB BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF YOUR USE OF THE SERVICE.


11. Changes to These Terms

We will publish a new version at this URL with an updated version number and effective date. If you continue to use MuseHub after new Terms take effect, your continued use constitutes acceptance of the new Terms.

For machine-readable ToS version checking, see GET /api/v1/tos which returns {"version": "1.0", "effective_date": "2026-04-05", "url": "/docs/legal/terms-of-service"}.


12. Contact

[email protected]

File History 14 commits
sha256:34035d72cef530c1ab9d6a6f53be18d803dde705fc3157617d70352a96d0747b Merge branch 'fix/wire-push-external-parent-manifest' into dev Human 8 days ago
sha256:fc04e4cae9e1774d6a21b65c45daeed0e6787eb581d13aa1b03bfe9384a34226 Merge branch 'fix/two-column-scroll-layout' into dev Human 8 days ago
sha256:408916fc5973ba59c6e4eebaa80ebdcc801c0a63205651e25009d11548f79454 chore: bump version to 0.2.0.dev2 — nightly.2, matching muse Sonnet 4.6 patch 11 days ago
sha256:d035733f21ccff27735fddebfbbe0ed24565a32a22db8de5885402262671ecd2 chore: bump version to 0.2.0rc15 for musehub#113 fix release Sonnet 4.6 patch 14 days ago
sha256:0032d6cfa33bc3c8367436ad768e7dd0e339b4332153160247da8266cb5fa352 Merge branch 'task/version-tags-phase3-server' into dev Human 17 days ago
sha256:4669620efda9ff41c55bdefd1f7bfe1c239d468428744c84ead9957e5a003a53 merge: rescue snapshot-recovery hardening (c00aa21d) into d… Opus 4.8 minor 29 days ago
sha256:a59da49c4611b970fc4b6ae48678ce4943261c213a07ddbd73ce9201df869b4a fix: remove false-positive proposal_comments index drop fro… Sonnet 4.6 patch 33 days ago
sha256:0a240d6dbff234f07d98a28a4a9a68db702f3f9ff9260196f24219bdb1c0b6f3 feat: render markdown mists as HTML with heading anchor links Sonnet 4.6 patch 34 days ago
sha256:24a7d47486ebc4ebd1832830580e177ec6f877b48dced8c000e198cdec4ce9d6 Merge 'task/bump-version-rc12' into 'dev' — proposal: Bump … Human 35 days ago
sha256:b9ff931d147e0114a1f17060f415b89ed551c170a91ff226c70437aa5c85f9ee Merge 'task/bump-version-rc12' into 'dev' — proposal: Bump … Human 35 days ago
sha256:d1122d21e73471879b460037b22c0b50fded7c423444a176f248428f75dac39c Merge 'task/fix-issue-pagination-cursor' into 'dev' — propo… Human 35 days ago
sha256:01e18975e73d2b3cd5b6db7929c895bef9aa6e0d4391dc5b2adfc548b41318dd Merge 'feat/adding-debug-logs-to-staging' into 'dev' — prop… Human 35 days ago
sha256:6b1949fc2797ca4c1936a637a4cbfec828ef56cf52398a2e74ca3c4f494e728f fix: use wire_bytes not mpack_bytes_raw in compute_object_b… Sonnet 4.6 patch 48 days ago
sha256:b99f2455dc346966d040133f5203297e6e3ef5803a93728a2c30568d0a0f7583 rename: delta_add → delta_upsert across wire format, models… Sonnet 4.6 patch 50 days ago