Loading
Oort routes your requests using your own keys. You remain the direct customer of each provider — and their rules apply.
When you add an API key to Oort, you authorize us to make outbound requests against your account at that provider. You are the sole commercial customer. Oort is a routing layer — we don't resell access, we don't pool keys, we don't run any of your traffic through our own accounts.
This means your provider's terms apply to every request Oort sends on your behalf. If their ToS forbids something, it's forbidden when running on Oort.
You're responsible for making sure every prompt you run (and every prompt others run that you authored) complies with the policies of the provider you routed to. Specifically:
Anthropic's Usage Policies prohibit generating malicious code, CSAM, content designed to deceive or manipulate, and applications that undermine human autonomy. Full policy at anthropic.com/legal/aup.
Of particular note for Oort creators: if you author a prompt that others run against their own Anthropic keys, that's fine — each user is responsible for their own usage. But publishing a prompt whose explicit purpose is to generate prohibited content will be removed from the marketplace.
OpenAI's Usage Policies cover illegal activity, child safety, privacy violations, regulated industries (finance, medical, legal advice) where human oversight is required, and a long list of high-risk applications. Full policy at openai.com/policies/usage-policies.
OpenAI also prohibits sharing your API key and building services that let third parties invoke your key. Running your own prompts through Oort is fine — you are the service owner. Publishing a prompt for others to run with their own keys is also fine. Pooling keys or redistributing access is not.
Google AI's Generative AI Prohibited Use Policy prohibits illegal activity, child safety violations, facilitating violence, sexually explicit content, promoting self-harm, and generating malware. Full policy at policies.google.com/terms/generative-ai/use-policy.
Google's terms also require attribution when generated content is published externally: "Generated by Gemini" or similar. Oort surfaces this reminder on outputs from Gemini models.
xAI's acceptable use policy is published at x.ai/legal/acceptable-use-policy. Grok's real-time web context feature has additional restrictions on scraping, PII extraction, and commercial monitoring applications. Read carefully before building on Grok's real-time capabilities.
DeepSeek's terms are published at platform.deepseek.com. DeepSeek has specific data residency requirements — by default, requests are processed on servers located in China. Be aware of this if your organization has data residency constraints.
If we receive a takedown request from a provider regarding content you authored, we'll notify you, pause the prompt's public visibility, and give you 72 hours to respond or modify. Disputed cases escalate to formal review.
Repeated violations may result in account suspension. We don't pass through provider enforcement automatically — we review each case.
If a provider bans your API key or disputes a charge on your account, that's between you and the provider. Oort can provide logs of requests we routed on your behalf to help with your dispute — email support@oort.dev to request them.