Acceptable Use Policy
Effective Date: June 30, 2026
This Acceptable Use Policy ("AUP") sets the rules for buyers, and the AI agents acting on their behalf, that transact through Libramen's agentic-commerce endpoints. It is published by Libramen, Inc., a Delaware corporation ("Libramen", "we", "us", or "our"), and is incorporated by reference into the Agentic Commerce Terms of Service (the "Agentic Commerce Terms"). Capitalised terms used but not defined here have the meanings given there.
In this AUP, "you" means the buyer and, where an agent is operated for the buyer, the "Agent Operator" (whoever deploys, configures, hosts, or runs that AI agent or other automated system). "Your agent" means that AI agent. "Operator" means the business whose services you discover and book through Libramen, and with whom your booking and service relationship sit. Libramen is not the merchant of record for any transaction.
A breach of this AUP is a breach of the Agentic Commerce Terms. Where this AUP and the Agentic Commerce Terms conflict, the Agentic Commerce Terms govern.
1. Scope
This AUP applies to all use of Libramen's agentic-commerce endpoints, across both the MCP and the HTTP commerce interfaces, and to everything you do through them: discovery, browsing, qualification, availability checks, authorisation, payment, and status. Reaching the endpoints requires no account and no login, and the absence of one does not remove you from this AUP.
This AUP binds the buyer and the Agent Operator jointly and severally. If you operate an agent for a buyer, you are responsible for everything your agent does and for ensuring the buyer's request, authority, and approval comply with this AUP.
2. Permitted Use
You may use Libramen's endpoints to find and book genuine services you actually intend to purchase. That includes:
- discovering Operators and browsing their published products and packages;
- answering Libramen's qualifying questions truthfully, on the buyer's behalf, to scope a real booking;
- checking availability for time-based services;
- obtaining a quote and an authorisation for a single intended booking;
- requesting and reading the standard payment challenge Libramen returns to surface a price, including the HTTP-402 ("x402") challenge, which is part of the normal flow;
- paying for a booking the buyer has expressly approved, over a rail the Operator has enabled; and
- checking the status of a booking you started.
Use the endpoints only for genuine, buyer-authorised transactions, within the limits and rules of this AUP, and consistent with the published agent guidance at https://libramen.ai/skill.md.
3. Prohibited Conduct
You must not, and must not attempt to, do any of the following.
Fraud, authority, and identity
- Use, present, or authorise a payment credential you do not have the buyer's authority to use, or that is not the authorising buyer's;
- Start a transaction without the buyer's genuine request and authority, or charge an amount the buyer has not expressly approved;
- Fabricate, guess, infer, or coach qualifying answers; submit answers the buyer did not give; or steer the buyer toward answers chosen to pass a requirement rather than to state the truth;
- Misrepresent the buyer's eligibility, age, identity, location, or intent, or present a self-reported answer as if it had been verified;
- Spoof or impersonate any person, or supply false buyer information or contact details.
Probing and reverse engineering
- Probe, scrape, enumerate, crawl, harvest, or fuzz the endpoints to discover how Libramen or an Operator decides eligibility, pricing, or availability, or to obtain any information Libramen does not return to you;
- Try to reconstruct, reverse engineer, or work around the way the Service limits what it discloses, or to map data beyond the questions, prices, receipts, and outcomes you are given;
- Misuse, decode, tamper with, or replay any token the Service issues you beyond its intended single use.
Limits, integrity, and security
- Circumvent, evade, or defeat rate limits, connection limits, or any other access or abuse control, including by rotating addresses, sessions, or identities;
- Conduct or contribute to automated abuse, flooding, denial-of-service, or anything that degrades or threatens the availability, integrity, or performance of the endpoints, an Operator, or other users;
- Reverse engineer, decompile, scan, penetration-test, or attack the Service or its infrastructure, except under separate written authorisation from Libramen;
- Probe or attack any Operator's systems or integrations through the endpoints;
- Resell, sublicense, broker, or redistribute access to the endpoints without our written authorisation.
Bookings and authorisations
- Create duplicate, spam, or test bookings or authorisations without a genuine, present intent to buy;
- Re-submit a booking the Operator is already reviewing instead of waiting for its response;
- Describe a payment-authorisation hold as a reserved slot or held capacity. For manual-confirm and package bookings, the only hold is on the buyer's payment method; no slot or capacity is reserved, and you must not tell the buyer a slot is "reserved", "held", or "confirmed" until the Operator confirms.
Unlawful and harmful use
- Use the endpoints in connection with any transaction that is illegal, or for any unlawful, fraudulent, harmful, deceptive, or abusive purpose, or in violation of sanctions, export-control, or anti-money-laundering law;
- Submit, expose, or transact in anyone else's personal information without that person's authority and a lawful basis;
- Send malware, ransomware, phishing, credential-harvesting, or other malicious or deceptive content through the endpoints.
Benchmarking
- Benchmark the Service, evaluate it against competitors, or publish performance or comparison data about it, without our prior written authorisation.
Requesting and reading the standard payment challenge, including the HTTP-402 ("x402") challenge, is expressly permitted and is not probing or prohibited conduct; it is how a price is surfaced in the normal flow.
4. Required Agent Behaviour
When you operate an agent for a buyer, you must ensure it:
- asks the buyer only for the information needed to qualify and complete the booking, and no more;
- never guesses a qualifying answer, and instead asks the buyer every question Libramen puts to it, unless the answer is already explicit in the buyer's request, and submits only the buyer's truthful answer;
- presents the quote, the booking details, the qualification result, and the payment method to the buyer, and obtains the buyer's explicit approval of the amount before confirming or paying;
- supplies accurate, current buyer contact details (name, email, and phone) so the Operator can deliver the service, send receipts, and handle support and disputes;
- uses only the payment rails the Operator has enabled for the booking, and does not attempt a rail the Operator has not offered;
- keeps at most one active authorisation per session, and does not start a second before the first is paid, has failed, or has expired;
- does not create duplicate bookings for the same transaction, and waits for the Operator's response on a booking under review rather than resubmitting; and
- states a booking's status honestly, including that a manual-confirm or package booking awaits the Operator's confirmation and that no slot is reserved until then.
The Agent Operator represents, on each transaction, that it holds the buyer's actual authority for the charge within the authorised amount and that the buyer expressly approved it. Libramen relies on that representation and has no duty to verify it.
5. Rate Limits
The endpoints enforce limits, including per-IP, per-Operator, per-tool, and per-authorisation rate limits, connection limits, and other abuse controls. The current figures are published with the agent guidance at https://libramen.ai/skill.md; we do not restate them here because they change. Observe the limits in force at the time of each request, honour any back-off or retry timing the endpoints return, and do not engineer around any limit. We may adjust limits at any time to protect the Service, Operators, and buyers.
6. Enforcement
We may, with or without notice, throttle, suspend, block, or terminate access (for an agent, an Agent Operator, an IP, a session, or a transaction) and cancel or refuse to honour any transaction, where we reasonably believe conduct breaches this AUP or the Agentic Commerce Terms, is unlawful, fraudulent, or abusive, or creates legal, security, or operational risk to the Service, an Operator, a buyer, a payment provider, or another user. We may apply automated controls, including rate limiting and blocking, and may preserve and disclose information where required by law, to enforce this AUP, or to protect the Service, Operators, or buyers.
Enforcement under this AUP is in addition to, and does not limit, any other right or remedy available to us or to an Operator. Nothing in this AUP limits non-waivable rights a buyer holds under applicable consumer-protection law against the Operator.
7. Reporting and Contact
To report a suspected breach of this AUP, including fraud, abuse, or a security issue with the endpoints, contact us at the address below.
Email: founders@libramen.ai
Address: Libramen, Inc., 1111B S Governors Ave # 49139, Dover, DE 19904, United States