Mandatory Acceptance Notice

By downloading, purchasing, installing, activating, or otherwise using the ClawMagic Agency Edition software, you expressly acknowledge, accept, and assume all risks described in this document. You agree that you do not and will not hold ClawMagic, its founders, officers, directors, employees, agents, affiliates, or licensors liable for any damages, data loss, system damage, financial loss, business interruption, client liability, or any other harm arising from your use of the Software or distribution of Plugins through the Private Marketplace.

This is a legally binding agreement. If you do not agree to these terms and do not accept these risks, do not download, install, or use the Software. Your continued use constitutes ongoing acceptance.

As an Agency, you are taking on responsibility not only for your own systems but also for the Plugins you distribute and the client installations you manage. This is not a hypothetical warning.

Agency Risk Agreement

Agency Edition — Risk Disclosure & Assumption of Risk

Version 1.0 — Effective February 27, 2026

This Risk Agreement supplements the Agency Commercial License Agreement and sets forth the specific risks associated with operating ClawMagic Agency Edition, including Private Marketplace operations and client-facing Plugin distribution.

1. What ClawMagic Is — And What That Means for You

ClawMagic is an Agentic Localhost platform. AI agents operate directly on your local machine — they are not sandboxed in a remote cloud environment. Agents can read, write, modify, move, and delete files; execute system commands and scripts; access network resources and make API calls; interact with installed applications; and modify system configurations. Agents operate with the same permissions as the system user account under which the Software runs.

Unlike traditional software, AI agents are powered by probabilistic language models. The same instruction given twice may produce different actions. Agents may misinterpret instructions, hallucinate confident but incorrect actions, and behave differently when the underlying model is updated by the AI provider. There is no guaranteed way to perfectly constrain AI agent behavior in all scenarios.

The Company assesses overall risk at medium to medium-low under normal conditions. However, this does NOT mean "safe" or "harmless." Unintended agent actions will occur from time to time. Data loss, file corruption, or configuration damage can and does happen.

2. Do Not Install on a Personal Computer

You agree that you will NOT install or run the Software on a personal computer that contains personal files, documents, photos, financial records, medical records, tax returns, or other sensitive personal data. You will NOT install it on a primary workstation used for general-purpose computing, web browsing, email, or banking.

AI agents can reach any file accessible to the user account under which they run. Installing on a personal computer puts all data at risk. This applies equally to your agency machines and to any machines you manage for clients.

3. Dedicated Machine Requirement

The Software should be installed on a Dedicated Machine — a physical or virtual computer allocated specifically for running ClawMagic. Recommended environments include: Apple Mac Mini or similar compact computer, small form-factor PC, Virtual Private Server (VPS), Virtual Machine isolated from your primary OS, or a container environment with appropriate limits.

If you install the Software on a personal computer contrary to this guidance, you do so entirely at your own risk. The Company is not liable for any damage. This guidance extends to client installations — ensure clients also deploy on dedicated machines.

4. Treat ClawMagic as a Separate User — Not You

Treat ClawMagic and its AI agents exactly as you would treat a new employee or contractor. Do not give it your personal login credentials. Create separate accounts — dedicated email, API keys, cloud accounts, database credentials. Grant only the minimum necessary permissions. Monitor agent activity logs regularly. Be prepared to revoke access at any time.

As an Agency, you should apply this same principle when setting up client installations. Each client should have their own dedicated accounts and credentials, separate from your Agency accounts and from their personal accounts.

5. Agency-Specific Risks — Private Marketplace and Client Installations

As an Agency Licensee operating a Private Marketplace and managing client installations, you take on additional responsibilities and risks beyond individual use:

Plugin Quality and Safety: Plugins you develop and distribute through your Private Marketplace are your responsibility. You are liable for any damage, data loss, or security issues caused by your Plugins on client machines. The Company does not review, audit, or certify Private Marketplace Plugins.

Client Installation Management: When you install the Software or your Plugins on client machines, you are responsible for ensuring proper security configuration, backup procedures, and access controls. You should communicate these risks to your clients.

Multi-Party Risk: Operating across multiple client environments increases your aggregate risk. A vulnerability in a Plugin you distribute could affect all clients simultaneously. Maintain rigorous testing and version control for all distributed Plugins.

6. What Can Go Wrong — Data Loss and Destruction

AI agents can and may: delete files, directories, databases, or entire project structures; overwrite important files with incorrect data; corrupt configuration files and environment variables; execute destructive commands unintentionally; modify version-controlled repositories in unexpected ways; and deplete storage with excessive output.

7. What Can Go Wrong — Security Risks

AI agents can and may: expose sensitive data in logs or console output; install packages containing vulnerabilities; open network ports or modify firewall rules; interact with external services in ways that violate terms of use; download or execute unverified code; and create security vulnerabilities in generated code.

8. Third-Party AI Provider Risks (BYOK)

The Company has zero control over third-party AI model behavior. Models may produce harmful, unexpected, or adversarial outputs. Model updates can change behavior without notice. Compromised API keys could allow attackers to run malicious commands.

You are solely responsible for evaluating and accepting the risk of any AI provider you connect — both on your own systems and on client installations you manage.

9. Financial and Compliance Risks

Use may result in unexpected AI provider charges, infrastructure costs, data recovery costs, and business interruption. As an Agency, you bear additional financial risk from client-facing operations — including potential liability to your clients for issues arising from your Plugins or installations.

AI agent actions may inadvertently violate data protection regulations (GDPR, CCPA, HIPAA), raise intellectual property concerns, or violate third-party platform terms of service. Ensure your client agreements account for these risks.

10. Backup Requirements — Non-Negotiable

Maintaining regular backups is critical and non-negotiable — for your Agency systems AND for every client installation you manage.

Recommended: Hourly automated backups. Minimum acceptable: Daily automated backups. Absolute minimum: Weekly full-system backups. No backups: Unacceptable — do not operate without backups.

Back up all project files, configurations, plugins, databases, agent states, credentials (encrypted), and system configs. Store backups on a separate device. Use the 3-2-1 rule. Encrypt backups. Test restores regularly. Automate everything.

The Company has no liability for data loss when backups have not been maintained — on your systems or on client systems you manage.

11. Security — Your Responsibility

The Company secures the ClawMagic Node.js server application. Everything else — host machines, OS, network, services, accounts, AI providers — is your responsibility. This extends to client installations you provision and manage.

Built-in security tools are guidance only. They do not replace professional security audits. As an Agency managing multiple deployments, consider engaging professional security services.

12. Threat Scenarios

Prompt injection, compromised BYOK keys, malicious plugins, supply chain attacks, insider threats, and model poisoning are all relevant threat vectors. As an Agency distributing Plugins to clients, you should also consider the risk that a vulnerability in your Plugin could cascade across all client installations.

The Company cannot prevent attacks from third-party AI providers, exploitation of host OS vulnerabilities, social engineering, physical access attacks, zero-day vulnerabilities, or malicious actions by authorized users.

Assumption of Risk — Comprehensive Waiver

By using the Software and operating an Agency Private Marketplace, you expressly assume all risk of:

Data loss or destruction — including permanent, irrecoverable loss of files, projects, databases, and configurations
System damage — including corruption of the operating system, system files, or installed applications
Security breaches — including unauthorized access, data exfiltration, or credential exposure
Financial loss — including unexpected API charges, infrastructure costs, business interruption, and client liability
Third-party AI agent behavior — including any action taken by a BYOK-connected model
Plugin-related issues — including vulnerabilities, incompatibilities, or harmful behavior from Plugins you develop and distribute
Client installation issues — including problems on client machines resulting from your Agency's installations or Plugins
Modification-related issues — including problems arising from Licensee's modifications to the Software
Compliance violations — including regulatory consequences arising from AI agent actions

To the maximum extent permitted by law, you waive, release, and forever discharge ClawMagic from any and all claims arising from the above. This waiver does not cover gross negligence, willful misconduct, or fraud.

What You Confirm by Using the Software

By downloading, installing, or using ClawMagic Agency Edition, you confirm each of the following:

✓I understand that ClawMagic is an Agentic Localhost platform that gives AI agents direct access to a computer.
✓I understand that AI agents may take unexpected, unintended, or harmful actions, and that the risk is real.
✓I agree not to install the Software on a personal computer with sensitive data — and will advise clients likewise.
✓I agree to use dedicated machines for all deployments.
✓I agree to treat ClawMagic as a separate user with its own accounts and credentials.
✓I agree to implement regular backups on all Agency and client installations.
✓I understand the Company secures the server but is NOT responsible for host machines, networks, or accounts.
✓I understand BYOK AI models are entirely my responsibility.
✓I accept responsibility for the quality, security, and impact of Plugins I distribute through my Private Marketplace.
✓I understand that if I modify the Software, porting to future updates is my responsibility.
✓I accept all risks described in this document and do not hold ClawMagic liable for any damages.

Final Acceptance

By downloading, purchasing, installing, or using ClawMagic Agency Edition, you acknowledge that you have read this Risk Disclosure & Assumption of Risk Agreement in its entirety, that you fully understand the risks — including those specific to Agency operations and Plugin distribution — and that you voluntarily accept and assume all such risks. You also agree to the Agency Commercial License Agreement.

Agency License →← Agency Overview