Terms of Service
1. Acceptance of Terms
By downloading, installing, or using Dryx ("the App"), you agree to be bound by these Terms of Service ("Terms"). If you do not agree to these Terms, do not use the App.
These Terms constitute a legally binding agreement between you and Matt Jackson, operating as Dryx ("we," "us," or "our"). Dryx is an independently operated product; no separate legal entity (LLC, corporation, etc.) currently exists for this project.
We may update these Terms from time to time. Continued use of the App after any changes constitutes acceptance of the revised Terms. We will notify users of material changes through the App or via our website.
2. Description of Service
Dryx is a macOS desktop application that scans AI agent configurations on your local machine and maps their security exposure. The App detects installed AI agents (such as Claude Code, Cursor, Cline, Windsurf, OpenClaw, Codex CLI, Gemini, and others), analyzes their configuration files, and produces an informational report about secrets, permissions, supply chain dependencies, external service connections, and behavioral patterns.
Dryx's flagship capability is the AI Security Triad — a patent-pending architecture in which three independent parties (the user, the deterministic security tool, and the user's AI agent itself) reach consensus before agent actions with security impact occur on the workspace.
Key characteristics of the service:
- Local and offline-first. Scanning and analysis run locally on your Mac. Dryx does not transmit your scan data, secrets metadata, or behavioral telemetry to any Dryx-controlled server. A small set of explicitly-disclosed network requests exist (Apple StoreKit, optional MCP Registry verification, user-initiated Skill Shield package fetches, user-configured webhook output, license verification for direct downloads). See the Privacy Policy for the complete list.
- Deterministic analysis. Dryx uses rule-based static analysis, not AI or machine learning. Results are reproducible given the same inputs. There is no LLM in the security-analysis path.
- Informational only. Scan results are informational reports, not professional security audits, certifications, or guarantees. See Section 7 for full warranty disclaimers.
- No user accounts. The App does not require account creation. Licensing is handled via Apple StoreKit (App Store purchases) or license keys (direct download purchases).
- Optional features that write to your files. Some advanced features — Context Shield, Quick Fix actions, Ghost Agent cleanup — require user opt-in and write to files on your machine. These features are off by default and reversible. See the Privacy Policy, Section 5.
- Patent-pending mechanisms. Dryx's core security mechanisms are patent-pending across seven United States provisional filings (April 16, 2026 priority date).
3. Subscriptions & Pricing
3.1 App Store Purchases (Apple-required disclosures)
Subscriptions purchased through the Mac App Store are governed by Apple's standard terms for auto-renewable subscriptions. Apple handles all billing, payment processing, and subscription management for App Store purchases.
- Title and length of subscription. Pro Monthly: one month. Pro Annual: one year. Team: one month per seat (billed monthly per seat). Prices in Section 3.3.
- Auto-renewal. Subscriptions automatically renew at the same price and period unless auto-renewal is turned off at least 24 hours before the end of the current period.
- Payment. Your Apple ID account is charged for renewal within 24 hours prior to the end of the current period.
- Managing or canceling. Subscriptions can be managed and auto-renewal can be turned off in your Apple ID Account Settings on your device after purchase.
- Free trial behavior, if offered. Any unused portion of a free trial period is forfeited when the user purchases a subscription.
- Refunds. Refunds for App Store purchases are handled by Apple under their refund policies. Contact Apple Support to request a refund.
Apple's terms for your purchase: Apple Media Services Terms and Conditions. Apple's privacy practices: Apple Privacy Policy.
3.2 Direct Download Purchases (dryx.ai)
Purchases made through dryx.ai are processed by a third-party payment processor. For direct download purchases:
- You receive a license key that activates the App on your machine.
- Subscription billing is managed by the payment processor. You can cancel at any time through your customer portal link or by emailing [email protected].
- Refund requests for direct purchases should be sent to [email protected] within 14 days of purchase. We offer full refunds within this period, no questions asked.
3.3 Pricing
Current pricing (subject to change with notice):
| Plan | Price | Availability |
|---|---|---|
| Free | $0 | App Store & direct download |
| Pro (monthly) | $19/month | App Store & direct download |
| Pro (annual) | $149/year | App Store & direct download |
| Team | $39/seat/month | App Store & direct download |
| Lifetime | $199 (one-time) | Direct download only |
Prices are in US dollars. Tax may apply depending on your jurisdiction. We reserve the right to change pricing with 30 days' notice. Price changes do not affect existing subscriptions until the next renewal period.
4. Free Tier vs Pro vs Team
4.1 Free Tier
The Free tier provides:
- Secrets exposure layer (visual graph)
- Posture score with A–F grade
- Findings summaries (without step-by-step remediation)
- Skill Shield pre-install analysis (limited to 3 analyses per month)
- Integrations tab
The Free tier is available indefinitely and is not a trial. We may adjust Free tier features over time but will provide notice before removing functionality.
4.2 Pro
Pro unlocks the full feature set for individual users:
- All 7 risk graph layers (Secrets, Permissions, Supply Chain, Egress, Schedule, Prompt Injection, Cross-Agent) plus the composite overlay
- Step-by-step remediation guidance on every finding
- Workspace Drift detection and continuous Monitoring with source attribution
- Context Shield (agent security awareness via instruction-file directives)
- Authority Anchor MCP (local API your AI agents can query for live posture)
- Installation Guard (pre-execution risk gating)
- Behavioral baselining with anomaly detection
- Compliance exports (PDF, Markdown, JSON, CSV, CycloneDX AI BoM, Graph PNG)
- Webhook output to your SIEM/SOAR
- Unlimited Skill Shield analyses
4.3 Team
Team includes everything in Pro, plus:
- Fleet metadata fields (org_id, team_id, asset_criticality, environment) on findings and webhook payloads
- Team posture dashboard
- Shared compliance reports
- Priority support
- Feature tuning requests
Team pricing is per seat. Each seat represents one individual user on one machine.
5. Lifetime Deal
The Lifetime Deal is a one-time purchase of $199 that grants perpetual access to all Pro features. It is available exclusively via direct download from dryx.ai (not through the App Store).
Terms specific to the Lifetime Deal:
- Limited availability. The Lifetime Deal is limited to the first 300 purchasers. Once all 300 licenses are sold, the offer is permanently closed.
- Non-transferable. Lifetime licenses are tied to the purchasing individual and may not be resold, gifted, or transferred to another person or entity.
- Perpetual Pro access. Lifetime license holders receive all current and future Pro-tier features for as long as Dryx is actively maintained.
- Single user. Each Lifetime license covers one individual user. It does not include Team-tier features.
- No refund after 14 days. Lifetime Deal purchases are eligible for the same 14-day refund policy as other direct purchases. After 14 days, purchases are final.
- End of life. If Dryx is discontinued, lifetime license holders will receive the final version of the App with no further obligation.
6. Intellectual Property
Dryx — including its source code, user interface designs, graph visualizations, rule definitions, scoring algorithms, behavioral baselining methods, instruction-layer directive injection mechanisms, AI Security Triad consensus architecture, documentation, and branding — is the intellectual property of Matthew Jackson, doing business as Dryx AI Security. All rights are reserved.
Core Dryx mechanisms are patent-pending across seven United States provisional filings (priority date April 16, 2026) covering: multi-party consensus, dynamic policy directive injection, adversarial request resistance, per-instance behavioral baseline, orphaned configuration detection, pre-deployment blast radius, and multi-layer enforcement.
Your purchase or download grants you a limited, non-exclusive, non-transferable, revocable license to use the App on macOS devices you own or control, subject to these Terms.
You may not:
- Reverse-engineer, decompile, or disassemble the App, except to the extent permitted by applicable law.
- Redistribute, sublicense, rent, lease, or lend the App or your license key.
- Remove or alter any copyright notices, branding, or proprietary labels in the App.
- Use the Dryx name, logo, AI Security Triad term, or branding in a way that implies endorsement without prior written consent.
- Attempt to recreate or implement the patent-pending mechanisms described above without a separate written license.
Your data is yours. Dryx does not claim any ownership of your configuration files, scan results, behavioral baselines, exported reports, or any data on your machine. Scan results and exported reports are your property.
7. Disclaimer of Warranties
Dryx is provided "as is" and "as available" without warranties of any kind, whether express, implied, or statutory.
Specifically:
- Not a security guarantee. Dryx is an informational tool that highlights potential security exposures in AI agent configurations. It does not guarantee that your system is secure, nor does it guarantee detection of all security issues.
- Not a professional audit. Scan results do not constitute a professional security audit, penetration test, or compliance certification. They should not be treated as such.
- No guarantee of accuracy. While we strive for accuracy, Dryx may produce false positives (flagging items that are not actual risks) or false negatives (missing items that are actual risks). Rule-based analysis has inherent limitations.
- Not legal or compliance advice. Nothing in the App constitutes legal advice. Consult qualified professionals for compliance and legal matters.
- No uptime guarantee. As a locally installed application, Dryx does not depend on cloud services for core functionality. However, we do not guarantee uninterrupted or error-free operation.
We disclaim all implied warranties, including but not limited to implied warranties of merchantability, fitness for a particular purpose, and non-infringement, to the fullest extent permitted by applicable law.
8. Limitation of Liability
To the maximum extent permitted by applicable law:
- Dryx AI, Inc. shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising from your use of or inability to use the App.
- This includes, without limitation, damages for loss of data, loss of profits, business interruption, security breaches, or any failure of the App to detect a security exposure.
- Our total aggregate liability to you for any claims arising from these Terms or your use of the App shall not exceed the amount you paid for the App in the twelve (12) months preceding the claim.
- If you are using the Free tier, our total aggregate liability shall not exceed fifty US dollars ($50).
You acknowledge that Dryx is a tool to assist your decision-making, and you are solely responsible for the security decisions you make based on its output.
9. User Responsibilities
By using Dryx, you agree to:
- Use the App lawfully. You will not use Dryx for any unlawful purpose or to scan systems you do not own or have authorization to inspect.
- Make your own security decisions. You understand that scan results are informational and that you are responsible for evaluating and acting on findings.
- Keep your license key secure. If you have a direct-download license key, you are responsible for keeping it confidential. We are not liable for unauthorized use of your license key.
- Respect system permissions. Dryx requests file access through macOS permission dialogs. You are responsible for understanding which folders you grant access to and for what purposes.
- Understand opt-in features that write to your files. If you enable Context Shield, Quick Fix actions, or Ghost Agent cleanup, Dryx will write to or modify files on your machine to deliver those features. You are responsible for understanding these actions before you opt in. Each action is reversible (Context Shield writes are bounded by markers and removable; Quick Fix and Ghost Agent actions surface their effects before you confirm).
- Operate the webhook responsibly. If you configure a webhook to a SIEM or SOAR endpoint, the endpoint is yours and any data sent to it is governed by your organization's policies, not Dryx's. You are responsible for ensuring the endpoint and the data flow comply with applicable laws (GDPR, HIPAA, internal data-handling policies, etc.).
- Use Skill Shield and Authority Anchor MCP responsibly. Skill Shield fetches packages from URLs you supply; you are responsible for the URLs you analyze. Authority Anchor MCP exposes a local API to AI agents on your machine; you are responsible for which agents you allow to query it.
- Not circumvent licensing. You will not attempt to bypass, disable, or circumvent the App's licensing mechanisms, feature gating, or usage limits.
10. Modifications to Terms
We reserve the right to modify these Terms at any time. When we make changes:
- We will update the "Last updated" date at the top of this page.
- For material changes (changes to pricing, liability, or your rights), we will provide at least 30 days' notice via the App or through our website.
- Continued use of the App after the effective date of changes constitutes your acceptance of the revised Terms.
- If you do not agree to the revised Terms, your remedy is to stop using the App and, if applicable, cancel your subscription.
11. Termination
11.1 By You
You may stop using Dryx at any time. To terminate a paid subscription:
- App Store: Cancel through your Apple ID account settings.
- Direct download: Cancel through your Stripe customer portal or email [email protected].
Cancellation takes effect at the end of the current billing period. You retain access to paid features until that date.
11.2 By Us
We may suspend or terminate your access to the App if you:
- Violate these Terms.
- Attempt to circumvent licensing or feature gating.
- Engage in abusive behavior toward Dryx or its creator.
In the event of termination by us for reasons other than a Terms violation, we will provide a pro-rated refund for any unused portion of a prepaid subscription.
11.3 Effect of Termination
Upon termination, your license to use paid features ends. The Free tier remains available. Your locally stored scan data is unaffected by license termination -- it remains on your machine under your control.
12. Governing Law
These Terms are governed by and construed in accordance with the laws of the United States. Any disputes arising from these Terms or your use of the App shall be resolved through good-faith negotiation first. If negotiation fails, disputes shall be subject to binding arbitration under commercially reasonable arbitration rules, conducted in the English language.
You agree that any claim or dispute must be brought in your individual capacity, and not as a plaintiff or class member in any purported class or representative proceeding.
13. Contact Information
If you have questions about these Terms, need support, or want to request a refund:
Matt Jackson
Operating as Dryx
Email: [email protected]
Website: dryx.ai
We aim to respond to all inquiries within 2 business days.