Terms

Last reviewed May 2026.

As-is

TrueLLMs is provided as-is, without warranty of any kind. The audit results are heuristic. They can produce false positives (flagging a legitimate proxy) and false negatives (missing a real substitution). You are responsible for how you interpret and act on the output.

Not a fraud accusation

The labels likely-substituted and confirmed-substituted describe statistical patterns in the audit output. They do not constitute, and must not be reported as, an accusation of fraud against any provider. There are many legitimate reasons a provider's output may diverge from a reference distribution (quantization, fine-tuning, system prompts, regional routing, A/B tests, cost optimisation). Treat the audit as a signal to investigate, not a verdict.

No authorised audits

You may only run TrueLLMs against APIs for which you hold a valid key and an account in good standing. Do not use TrueLLMs to probe endpoints you do not have permission to access.

Rate limits

TrueLLMs runs as a static site with a same-origin Proxy route. We do not currently rate-limit usage. Please be a good citizen — preset Deep makes ~20 calls per audit; back off if your upstream provider asks you to.

No data exfiltration

By using the /api/proxy endpoint you agree that the destination baseUrl must be a public, DNS-resolvable hostname over HTTPS in production. The proxy refuses to forward to private, loopback, or cloud-metadata addresses and does not follow upstream redirects, by design.

Changes

We will update these terms when the surface changes (for example: when we add baseline recording for MMD, or when ITT exits preview). Material changes are mentioned in the blog / CHANGELOG.

Contact

For questions, please open an issue on the project repository.