Content Policy
What content is prohibited on MyClaude, how violations are enforced, and how creators can appeal enforcement decisions.
Every product on MyClaude must pass automated content scanning and comply with this policy before listing.
This policy applies to all content submitted to MyClaude: product files, SKILL.md content, vault.yaml descriptions, screenshots, and profile information.
Prohibited Content
Absolute prohibitions
These categories are prohibited without exception. Violations result in immediate account termination and, where applicable, law enforcement notification.
| Category | Definition |
|---|---|
| Child sexual abuse material (CSAM) | Any content that sexually exploits minors, in any form |
| Malicious code | Code designed to damage, disable, or gain unauthorized access to systems — malware, ransomware, rootkits, keyloggers |
| Credential harvesting | Products that capture, log, or transmit user credentials, API keys, or authentication tokens without explicit user consent and disclosure |
| Data exfiltration | Products that send user data, files, or environment variables to external destinations without explicit disclosure in the product description |
| Terrorism facilitation | Content that facilitates, promotes, or instructs in acts of terrorism or mass violence |
Prohibited with notice
These categories result in product removal and a warning. Repeated violations result in account suspension.
| Category | Definition |
|---|---|
| Deceptive products | Products that misrepresent their function, capability, category, or origin |
| Plagiarism | Products that reproduce another creator's work without a valid license or attribution |
| Spyware / surveillance tools | Products designed to monitor users without their knowledge and consent |
| Spam generation | Products designed to generate unsolicited bulk messages |
| IP infringement | Products that reproduce copyrighted material without license |
| Illegal content | Content that violates applicable law in the jurisdiction where MyClaude operates |
Disclosure requirements
The following are permitted only if explicitly disclosed in the product description:
| Feature | Required disclosure |
|---|---|
| Network requests | All external endpoints the product contacts |
| Data collection | Any user data the product reads, stores, or transmits |
| System access | File system paths, environment variables, or shell commands the product accesses |
| Third-party dependencies | Any external APIs, services, or data sources required |
Products that require sensitive access without disclosing it in their description are treated as deceptive products.
What Is Permitted
MyClaude is built for the Claude Code ecosystem. The following categories are explicitly permitted:
- Security research tools that disclose their purpose and are designed for authorized use
- Penetration testing skills with appropriate scope warnings
- Automation that accesses file systems, shells, or environment variables — with disclosure
- Products that interface with third-party APIs — with disclosure
- Adult-themed content in appropriate categories — subject to review
When in doubt about whether your product is permitted, email support@myclaude.sh before publishing.
Automated Scanning
Every product submitted via myclaude publish is scanned automatically by the CONDUIT pipeline before listing. The scanner checks for:
- Pattern-matched secrets (API keys, tokens, private keys)
- Known malicious code signatures
- Entropy-based credential detection
- Content policy keyword violations
Scan failures return a specific error code and description. Products that fail scanning are not listed until the creator resolves the issue and resubmits.
Passing the automated scan does not guarantee a product complies fully with this policy. Human review may occur at any time.
Enforcement
| Violation severity | Action | Timeline |
|---|---|---|
| Minor / first offense | Warning email + 7-day remediation window | Product remains listed |
| Moderate | Product unpublished pending creator fix | Relisted after fix confirmed |
| Severe (malicious code, data exfiltration, CSAM) | Immediate account suspension + product removal | Permanent unless appeal succeeds |
| Repeat violations | Account suspension | Review required to reinstate |
Enforcement decisions are made by the MyClaude team. We aim to notify creators within 3 business days of identifying a violation.
Community Reports
Anyone can report a product that appears to violate this policy via the "Report" link on the product page. Reports are reviewed within 3 business days.
Submitting false or malicious reports against competing products is itself a policy violation and may result in your account being suspended.
Appeals
If you believe an enforcement action was made in error, you may appeal within 14 days of the action.
How to appeal:
- Email support@myclaude.sh with subject:
[APPEAL] Your product name - Include your account email, the affected product, and your explanation
- Attach any evidence that supports your case
| Appeal stage | Timeline |
|---|---|
| Acknowledgment | Within 48 hours |
| Decision | Within 7 business days |
| Final decision | Appeals are reviewed once; the outcome is final |
Appeals are reviewed by a team member not involved in the original enforcement decision.
Policy Updates
This policy may be updated as the marketplace evolves. We will notify creators of material changes by email at least 14 days before they take effect. Products that were compliant before a policy change will have 30 days to come into compliance after a material change.
Contact
Content policy questions: support@myclaude.sh Security-related violations: security@myclaude.sh
Related pages
- Trust & Safety — how content controls work technically
- Security Model — scanning architecture and pipeline
- Terms of Service — platform usage terms