# CapitalGuard Partner Claim Rules

These rules protect buyers, partners, and CapitalGuard.

## Allowed Claims

- CapitalGuard helps detect AI-agent exposure risks in authorized repositories.
- CapitalGuard reports dangerous files, secret-risk patterns, unsafe permissions, prompt-injection paths, and policy gaps.
- CapitalGuard provides a local guardrail installer, policy starter, safe-use guide, delivery vault, and report workflow.
- Starter, Growth, and Pro are one-time licenses with fixed scan allowances.
- Monitoring is optional and reviewed after scope is understood.

## Required Disclosures

- Use only approved referral links or campaign codes.
- Disclose affiliate relationships when posting or emailing.
- Explain that commission is paid only on approved net new-customer sales.
- Tell buyers that repository scans require ownership or written authorization.

## Prohibited Claims

- Do not promise breach prevention.
- Do not claim full compliance certification.
- Do not say every vulnerability or secret will be found.
- Do not tell buyers to scan repositories they do not own or control.
- Do not create fake urgency, fake reviews, fake customer counts, or fake security credentials.
- Do not imply that CapitalGuard repairs every issue automatically.

## Commission Rules

- Commission applies only to approved net sales from new customers.
- Refunds, chargebacks, fraud, self-referrals, and duplicate-account abuse pay no commission.
- Payouts run monthly after the payout threshold and review window are satisfied.
- Performance rates require qualified volume and low refund risk.

## Approved Framing

"CapitalGuard helps founders detect AI-agent exposure and take the right precautions before giving coding agents broader repository access."
