Acceptable Use Policy
What you may not do with HookWatch. Practical, not exhaustive — the goal is to keep the service safe for everyone.
Last updated: 6 July 2026
Purpose
HookWatch is a tool for capturing, debugging, replaying, and monitoring your own webhooks. This policy sets out uses that are not allowed. It applies alongside our Terms of Service.
Prohibited uses
You must not use HookWatch to:
- send, store, or forward illegal content, or content you have no right to process
- harvest credentials, secrets, or other people's personal data without authorisation
- distribute malware or malicious payloads
- attack, overload, or interfere with any target system, including your own destinations
- send spam or unsolicited traffic
- attempt to bypass rate limits, quotas, or other service controls
- probe, scan, or access other users' workspaces, endpoints, or deliveries
- reverse-engineer or disrupt the service or its infrastructure
Security abuse
Do not use HookWatch to test or attack systems you are not authorised to test, to relay attacks through the service, or to circumvent authentication or workspace isolation.
Spam and unsolicited traffic
Do not use HookWatch to generate or amplify unsolicited messages, or to forward traffic to recipients who have not agreed to receive it.
Illegal or harmful content
Do not use HookWatch in connection with content that is illegal, infringing, or that facilitates harm to others.
Excessive load / service disruption
Do not deliberately generate excessive load, and do not use the service in a way that degrades it for others. We may apply limits to protect the service.
Attempted unauthorised access
Do not attempt to gain access to accounts, workspaces, data, or systems you are not entitled to, whether by exploiting a vulnerability or otherwise. If you find a vulnerability, report it (see below) rather than exploiting it.
Webhook payload responsibility
You are responsible for the payloads you route through HookWatch. Do not upload payloads you have no right to process, and avoid sending unnecessary sensitive data. See the Privacy Policy for how payloads are handled.
Enforcement
We may investigate suspected violations and may suspend or terminate access, remove content, or take other action we consider appropriate to protect the service and its users.
Reporting abuse
Report abuse or a suspected security issue to abuse@hookwatch.dev (abuse) or security@hookwatch.dev (security). See Legal Contact for all channels.