Terms of Service

By accessing or using the Guardian Posse AI Platform (“Platform”), including any of our domains (guardianposse.com, cpwe.ai, ai-comic-studio.com), associated APIs, mobile applications, or any services provided thereunder, you agree to be bound by these Terms of Service (“Terms”). If you disagree with any part of these Terms, you may not access the Platform.

If you are accepting these Terms on behalf of an organization, government entity, or other legal entity, you represent and warrant that you have the authority to bind that entity to these Terms.

4.1 Account Requirements

• A valid Replit account is required for Platform access
• You must provide accurate and complete registration information
• You are responsible for maintaining the security of your account credentials
• One account per individual user
• You must be at least 13 years of age to create an account

4.2 OAuth Permissions

By authenticating via Replit OAuth, you grant the Guardian Posse AI Platform access to:

• Basic profile information (name, email, profile image)
• Persistent login sessions
• User identification for platform personalization and feature access

4.3 Account Responsibility

You are solely responsible for all activity that occurs under your account. You must immediately notify CPWE AI at james@cpwe.biz if you suspect unauthorized access to or use of your account.

6b.1 Relay Agent Purpose & Scope

• Relay agents are software components deployed on authorized client infrastructure
• They perform security monitoring, static analysis, network forensics, and compliance scanning
• Relay agents communicate with the Guardian Posse platform via authenticated JWT tokens
• The platform deploys a fleet of 12 specialized AI agents: SecuritySentinel, DocuGenius, AiOracle, DataWizard, UXWhisperer, PerformancePro, CloudCaptain, CodeGuardian, NetSentinel, ComplianceChief, ThreatHunter, and IncidentCommander

6b.2 Client Infrastructure Authorization

6b.3 Enhanced Installer v3.0 — Getting Started

The Enhanced Relay Installer provides fully automated setup scripts for Windows, Linux, and macOS. Here is what you need to know before running the installer:

6b.4 What the Enhanced Installer Does

The installer runs a 10-phase automated pipeline:

1. Pre-flight checks — verifies your system meets requirements
2. Environment variables — securely stores your relay credentials
3. Python setup — ensures Python and required packages are installed
4. Relay client — installs the Guardian Posse relay software
5. 12-agent fleet — deploys all 12 specialized security agents
6. SSL/CertBot — sets up HTTPS certificates for secure connections (optional)
7. Security hardening — configures firewall rules and security settings
8. Auto-service — registers the relay to start automatically when your computer boots
9. Health check — runs an 8-point test to confirm everything is working
10. Uninstaller — creates a removal script you can run anytime to cleanly remove everything

6b.5 Data Collection by Relay Agents

• System inventory data (hardware, OS, installed software)
• Configuration drift detection and baseline comparisons
• Security scan results and vulnerability findings
• Network traffic metadata and anomaly detection
• Health metrics and heartbeat data
• All data transmitted via encrypted channels (TLS 1.2+)

6b.6 Credential Security

6b.7 Relay Agent Deactivation

• Users can deactivate or remove relay agents at any time using the uninstaller script created during installation
• Upon deactivation, relay data is retained for 90 days then purged
• JWT tokens are immediately revoked upon relay deregistration
• The uninstaller removes the relay client, agent fleet, service registrations, and environment variables from your system

6e.1 Extension Purpose & Scope

• The Guardian Relay Browser Extension is a Chrome/Chromium Manifest V3 extension that provides browser-based monitoring and control of relay agents
• The extension communicates exclusively with the user’s configured Guardian Posse platform instance
• Core capabilities include: relay status monitoring, security alert notifications, command dispatch, and quick-access platform navigation

6e.2 Data Handling

• All extension data (platform URL, preferences) is stored locally in chrome.storage.sync within the user’s browser profile
• The extension does not collect, transmit, or share any data with CPWE AI or third-party services
• No content scripts are injected into web pages — the extension operates solely through its popup interface and background service worker
• API authentication uses the same session-based authentication as the main platform dashboard

6e.3 Permissions & Access

6e.4 Installation & Removal

• The extension is distributed as a downloadable ZIP file from the Guardian Posse platform for side-loading via Chrome Developer Mode
• Users can remove the extension at any time through their browser’s extension management page
• Upon removal, all locally stored extension data (preferences, cached relay status) is automatically deleted by the browser
• Removing the extension does not affect relay agents, platform data, or account status

6e.5 Disclaimer

• The extension is provided as a convenience tool and does not replace the full platform dashboard
• CPWE AI is not responsible for browser compatibility issues, extension conflicts, or data loss resulting from browser updates
• The extension requires an active, authenticated session on the Guardian Posse platform to function

6h.1 Scope of Security Arsenal

• The Security Arsenal provides tool registry, configuration, and orchestration for 42 integrated security tools
• Tools are categorized by function: OSINT & Reconnaissance (SpiderFoot, Recon-ng, theHarvester, Shodan, Sherlock, Maltego), Red Team (Nmap, Nuclei, Metasploit, SQLMap, Gobuster, Sliver C2, Empire, Impacket), Blue Team (Suricata, Zeek, YARA, Sigma, Velociraptor, osquery), Web Application (OWASP ZAP, Nikto, Wapiti, Burp Suite), SIEM (Wazuh, Graylog, ELK Stack), Purple Team (MITRE Caldera, Atomic Red Team, ATT&CK Navigator), Network (Wireshark, tcpdump, Netcat), Credential (Hashcat, John the Ripper, Hydra), Wireless (Aircrack-ng), AI Red Team (PyRIT, Garak), Forensics (Volatility, Autopsy), API Overwatch (API Monitoring, API Fuzzer), and Compliance (Compliance Scanner Pro)
• Each tool includes MITRE ATT&CK technique mappings and NIST 800-53 control mappings for compliance tracking

6h.2 Authorization & Legal Use

• All offensive security tools (Red Team, Purple Team, Credential) must only be used against systems, networks, and infrastructure for which the user has explicit written authorization
• OSINT tools must be used in compliance with applicable privacy laws including GDPR, CCPA, and local regulations
• Users are solely responsible for ensuring their use of Security Arsenal tools complies with all applicable laws and organizational policies
• CPWE AI does not endorse or encourage unauthorized security testing, hacking, or intrusion

6h.3 Open-Source SIEM Integration

• The platform provides API connectors for Wazuh, Graylog, and ELK Stack alongside the existing Splunk integration
• Users are responsible for deploying, configuring, licensing, and maintaining their own SIEM infrastructure
• CPWE AI provides connector configuration only and does not manage third-party SIEM deployments
• Wazuh, Graylog, Elasticsearch, Logstash, and Kibana are trademarks of their respective owners

6h.4 Third-Party Tool Trademarks

All tool names, logos, and trademarks referenced in the Security Arsenal belong to their respective owners. Guardian Posse provides integration and orchestration capabilities and is not affiliated with, endorsed by, or sponsored by any third-party tool vendor unless explicitly stated.

6h.5 Security Operations Process

The 10-phase Security Operations Process (Reconnaissance → Scanning → Exploitation → Credential Assessment → Detection → SIEM Correlation → Purple Team Validation → API & Network Overwatch → Forensics → AI Security & Compliance) is provided as a framework and best-practice guide. Users should adapt the process to their organization's specific risk profile, compliance requirements, and operational needs.

6h.6 MCP Tools & Offensive Security Intelligence

The platform provides 59 Model Context Protocol (MCP) tools across 13 categories, accessible via the MCP Connections Hub (admin-only execution). The following terms apply:

• HexStrike Offensive Security Tools (pentest target profiling, attack chain building, vulnerability scanning, credential auditing, report generation, CTF solving) function as an intelligence and planning layer. They analyze user-provided data and generate recommendations but do not execute actual exploits, network attacks, or unauthorized access attempts
• OpenClaw Agent Fleet MCP exposes the 12-agent fleet as MCP-compliant tools for external AI clients. Agent invocations are subject to the same authorization and acceptable use policies as direct platform usage
• Workflow Automation Playbooks provide 20 cybersecurity automation templates (Red Team, Blue Team, AppSec/DevSecOps, Platform Security). Automated macro execution may trigger external notifications (Slack, email) and security actions. Users are responsible for reviewing and authorizing automation workflows before enabling them
• Web Reconnaissance Tools (security headers, DNS, SSL, WHOIS, tech detection) include SSRF protection that blocks scanning of private, loopback, link-local, and multicast IP ranges. Users must only scan domains they own or have written authorization to test
• All MCP tool executions are logged with tool name, parameters, timestamp, results, and executing admin identity for audit purposes
• Misuse of MCP tools for unauthorized scanning, reconnaissance, or attack planning against systems without explicit written authorization constitutes a violation of these Terms and may result in immediate account termination

6i.1 API Monitoring Scope

• API Overwatch provides real-time monitoring of platform API transactions including method, endpoint, status code, response time, and anomaly detection
• Transaction logs are stored in-memory for operational monitoring and are not persisted to permanent storage
• Anomaly detection identifies patterns such as slow responses, rate limiting, server errors, authentication brute-force attempts, and mutating requests

6i.2 Data Retention

• API transaction logs are retained in-memory with automatic rotation (most recent 10,000 transactions)
• Anomaly alerts are retained in-memory with automatic rotation (most recent 1,000 anomalies)
• Scan history is retained in-memory with automatic rotation (most recent 500 scans)

6i.3 API Fuzzer Disclaimer

The API Fuzzer tool is intended for testing your own applications and authorized targets only. Unauthorized fuzzing of third-party APIs, services, or endpoints is prohibited and may violate applicable laws.

Your privacy is critically important to us. Our collection, use, and protection of personal information is governed by our comprehensive Privacy Policy, which is incorporated into these Terms by reference.

15.1 Termination by You

You may stop using the Platform at any time. To request deletion of your account and associated data, contact us at james@cpwe.biz. Data deletion requests will be processed in accordance with our Privacy Policy.

15.2 Termination by CPWE AI

We may suspend or terminate your access to the Platform immediately, without prior notice or liability, if you:

• Violate these Terms of Service
• Engage in prohibited activities as outlined in Section 8
• Compromise or attempt to compromise Platform security
• Enter classified or controlled information into the Platform
• Misuse cybersecurity tools against unauthorized targets
• Fail to comply with applicable laws or regulations

15.3 Effect of Termination

Upon termination, your right to use the Platform ceases immediately. Sections relating to Intellectual Property, Limitation of Liability, Indemnification, Governing Law, and Dispute Resolution shall survive termination.

19.1 Good Faith Negotiation

Before initiating any formal dispute resolution proceeding, the parties agree to first attempt to resolve any dispute, claim, or controversy arising out of or relating to these Terms through good faith negotiation for a period of at least thirty (30) days after written notice of the dispute is provided to the other party.

19.2 Binding Arbitration

If a dispute cannot be resolved through good faith negotiation, the parties agree that any dispute, claim, or controversy arising out of or relating to these Terms shall be resolved by binding arbitration administered in accordance with the rules of the American Arbitration Association (AAA). The arbitration shall take place in the State of Arkansas, and the arbitrator’s decision shall be final and binding.

19.3 Class Action Waiver

19.4 Exceptions

Notwithstanding the above, either party may seek injunctive or other equitable relief in any court of competent jurisdiction to prevent the actual or threatened infringement, misappropriation, or violation of intellectual property rights.

For questions, concerns, or requests regarding these Terms of Service, please contact us: