DVRAG Terms of Service

Last updated: 2026-05-10. By using this site (https://dvrag.com) you agree to these terms.

1. The Service

DVRAG ("the Service") is a deliberately vulnerable RAG (Retrieval-Augmented Generation) server provided by CyberSecAI Ltd ("we", "us") for educational and security-research purposes. The Service exposes a hosted instance at https://dvrag.com and a Docker image distributed by approval only.

2. Licence

DVRAG is licensed under the Business Source License 1.1 (BSL 1.1). You may use it for non-commercial purposes only without a separate commercial licence from CyberSecAI Ltd.

3. Prohibited Use

You may NOT use the Service, the hosted instance, or the Docker image:

Commercial use of DVRAG requires a separate commercial license from CyberSecAI Ltd. Contact: raza@cybersecai.co.uk.

4. No Warranty

DVRAG is a deliberately vulnerable application. It is provided "as is" without warranty of any kind. CyberSecAI Ltd accepts no liability for any damage, loss, or legal consequences arising from the use or misuse of this software. You accept full responsibility for your actions.

5. Acceptable Use

You may use the hosted Service only against the hosted instance itself. Do not use DVRAG as a vector to attack any third-party system. Rate limits are enforced; circumvention is prohibited.

6. Disclaimer

DVRAG is a deliberately vulnerable application designed for security testing and educational purposes only. Do not deploy on a network-accessible interface in production or a shared environment.

7. Updates

CyberSecAI Ltd may update these Terms at any time. Continued use of the Service constitutes acceptance of the updated Terms.

8. Contact

CyberSecAI Ltd
cybersecai.co.uk
raza@cybersecai.co.uk

← Back to DVRAG