Skip to main content
Version: v2 (current)

PanDev CLI Plugin (Windows) Terms of Service (ToS)

Version: 1.0
Effective Date: May 22, 2026
Rights Holder (Provider): PanDev Ltd

These terms govern only the use of PanDev command-line plugins for Windows and other compatible host environments as a channel for transferring data — including command invocations and Prompt Content — from the local machine to PanDev Services. Access to and rules for using the cloud services (SaaS) are defined in the Cloud Terms. The rules for server software deployed at the Customer (on-prem, self-managed) are set out in the Self-Managed EULA. Licensing of the CLI Plugins themselves is governed by the CLI Plugin EULA.

Definitions

"CLI Plugins" - PanDev command-line software installed in the Host Environment that executes commands, accepts Prompt Content from Users, and transmits Activity Data and Prompt Content to the Server.
"Host Environment" - a Windows operating system (and any other compatible operating system explicitly supported by the CLI Plugin), together with the shell, terminal, CI runner, build agent, or other process that invokes the CLI Plugin.
"Services (SaaS)" - PanDev cloud services delivered from PanDev cloud infrastructure.
"Software (on-prem, self-managed)" - PanDev server software deployed in the Customer's infrastructure under the Self-Managed EULA.
"Server" - a remote endpoint that receives data from the CLI Plugins. The Server may be the Platform (PanDev cloud) or the Customer's on-prem instance.
"Platform" - PanDev cloud infrastructure on which the SaaS operates.
"Cloud Terms" - separate PanDev terms that govern access to and use of the SaaS.
"Customer" - a legal entity that has entered into an agreement with PanDev.
"User" - a Customer employee or contractor authorized to invoke the CLI Plugin.
"Activity Data" - metadata about CLI Plugin invocations without Prompt Content. The categories are described in Appendix A.
"Prompt Content" - text and structured input deliberately supplied by the User to the CLI Plugin (command arguments where applicable, stdin payloads, prompt files, AI prompts) and any responses generated by the Server that the CLI Plugin returns to the User. Prompt Content is content, not metadata, and is transmitted to the Server by design.
"Diagnostic Telemetry" - anonymized technical information about the CLI Plugins themselves (status, versions, crashes, performance) that is different from Activity Data and Prompt Content.
"Cache" - a temporary local storage used by the CLI Plugins to accumulate Activity Data and Prompt Content when the Server is unavailable and to forward them once connectivity is restored.

1. Scope and Order of Precedence

1.1. SaaS. These terms do not govern access to PanDev cloud services or set any rules for their use. Access to the SaaS is regulated by the Cloud Terms. This document describes only the use of the CLI Plugins as a channel for transferring Activity Data and Prompt Content to the Services. Licensing of the CLI Plugins themselves is governed by the CLI Plugin EULA.

1.2. On-prem. Rights of use and limitations for software deployed by the Customer are defined in the Self-Managed EULA. These terms apply to on-prem only where they explicitly state "applies to on-prem," and when the on-prem instance uses PanDev cloud sub-services such as license updates, the plugin catalog, or telemetry when it is enabled.

1.3. Order of precedence. If documents conflict, the order of precedence is: first, the agreement with the Customer; second, the Self-Managed EULA for on-prem or the Cloud Terms for SaaS; third, this ToS; fourth, published PanDev policies that are expressly incorporated by reference; fifth, the CLI Plugin EULA.

2. Access and Accounts

2.1. Access to the SaaS is governed by the Cloud Terms. This ToS describes only the use of the CLI Plugins as a data transfer channel and does not set rules for cloud access.

2.2. In on-prem deployments the Customer administers accounts and access. When an on-prem instance uses PanDev cloud sub-services, those sub-services are subject to these terms.

2.3. Authentication tokens issued to a User are personal and must not be shared between Users or copied to other machines, except as explicitly permitted by the Customer's internal policy and the CLI Plugin's documented multi-device flow.

3. CLI Plugin Operation, Prompt Content, and Offline Cache

3.1. The CLI Plugins execute commands, accept Prompt Content from Users, and transmit Activity Data together with Prompt Content to the Server. The Server may be the cloud Platform or the Customer's on-prem instance.

3.2. Prompt Content is content, not metadata. Users understand that any text, file, or input they submit as Prompt Content (command arguments, stdin, prompt files, AI prompts) is transmitted to the Server in order for the CLI Plugin to deliver its intended functionality. The Customer is responsible for ensuring that Users do not include in Prompt Content any data that the Customer is not entitled to disclose to PanDev or to a PanDev-hosted Service.

3.3. If the Server is temporarily unavailable, the CLI Plugins store Activity Data and Prompt Content in a local cache and automatically transmit them once the connection is restored.

3.4. The CLI Plugins do not automatically read or transmit:

  • the contents of files in the working directory that the User has not explicitly referenced as input;
  • environment variables (other than those listed in the CLI Plugin documentation as required for operation);
  • OS secret stores beyond what is required to authenticate to the Server.

3.5. The CLI Plugins do not perform automatic redaction of secrets in command arguments, Prompt Content, or other input. Material that the User submits — including, by mistake, credentials or tokens — is transmitted to the Server as is. Preventing secrets from entering arguments or Prompt Content is the Customer's responsibility.

3.6. Some features require the CLI Plugins to be installed and functioning correctly. PanDev is not responsible for blocks or environment changes introduced by the Customer.

3.7. For on-prem, PanDev does not receive Activity Data or Prompt Content unless the parties agree on limited access for support purposes under a separate data access agreement.

4. Customer Obligations

4.1. Comply with applicable law, including labor, intellectual property, and personal data law, and inform employees and obtain consents where required.

4.2. Ensure the legality of all Customer Content, including Prompt Content submitted via the CLI Plugins, and refrain from submitting unlawful materials, materials infringing third-party rights, or materials covered by confidentiality obligations the Customer is not entitled to disclose to PanDev.

4.3. Comply with this ToS, the CLI Plugin EULA, the Self-Managed EULA for on-prem, agreements with third parties, and PanDev policies when expressly incorporated by reference.

4.4. Train Users not to embed secrets, credentials, regulated personal data, or other sensitive material in Prompt Content unless the Customer has a lawful basis to disclose such material to the Server.

5. Acceptable Use

Illegal activity, circumvention of technical restrictions, interference with the Platform, scanning and load testing without consent, distribution of malicious code, automated scraping of Server outputs outside documented APIs and rate limits, using the CLI Plugins or data transmitted through them (including Prompt Content and Server responses) to create or train competing solutions without PanDev's written consent, sharing credentials, violations of intellectual property rights, and breaches of export-control or sanctions regimes are prohibited. Using the CLI Plugins to submit Prompt Content the Customer has no right to disclose is likewise prohibited. PanDev may publish a detailed policy later, which will supplement this section without reducing the Customer's rights.

6. Data and Security

6.1. SaaS. Processing of personal data in the cloud is governed by the Cloud Terms and PanDev's Privacy Policy. Upon request the parties may enter into a separate data processing agreement (DPA). This ToS does not establish rules for processing within the SaaS and covers only the use of the CLI Plugins as a data transfer channel.

6.2. On-prem. Data is processed within the Customer's infrastructure. The Customer acts as controller and operator or processor. PanDev is not a processor and does not receive access to data unless otherwise agreed in writing.

6.3. On-prem support. At the Customer's request PanDev may receive limited remote access to the on-prem environment or to exported materials such as logs, command transcripts, and crash dumps strictly in the minimum volume necessary. Such access is governed by a separate data access agreement.

6.4. Local protection. The CLI Plugins store their local cache and authentication tokens within the User's profile directory under the access rights of the current operating-system user account. The CLI Plugins do not apply additional at-rest encryption beyond the access controls provided by the operating system's file system. Given that Prompt Content may contain sensitive business material, the Customer is responsible for compensating controls at the device level — full-disk encryption (for example BitLocker on Windows), screen lock, per-User operating-system accounts, timely sign-out on shared workstations, anti-malware/EDR, and any application allow-listing required by Customer policy.

6.5. Security incidents. For SaaS, PanDev notifies the Customer about confirmed incidents affecting its data and acts in accordance with internal procedures and applicable law. For on-prem, incidents in the Customer's environment are the Customer's responsibility.

7. Availability, Support, and Updates

7.1. SaaS. Availability metrics and support are governed by the Cloud Terms. This ToS does not set cloud availability metrics.

7.2. Integration via CLI Plugins. PanDev maintains integration sub-services such as authentication, prompt processing endpoints, and telemetry intake on a commercially reasonable basis and may update interfaces and client versions.

7.3. On-prem. Support and updates for server software are governed by support and maintenance terms, if purchased.

7.4. CLI Plugin updates. PanDev may release functional and security updates. Some updates require specific CLI Plugin versions. Critical security updates may be mandatory. Updates may change prompt-redaction patterns or telemetry composition.

7.5. Suspension of SaaS integration. PanDev may restrict cloud sub-services related to data transfer via the CLI Plugins if these terms are violated or if there is a threat to the Platform's security. Full cloud access terms are governed by the Cloud Terms.

7.6. Data export and deletion. These terms govern only data transferred via the CLI Plugins. Export and deletion within the SaaS are described in the Cloud Terms. For on-prem the Customer provides export and deletion.

8. Intellectual Property and Feedback

8.1. All rights to the Services, server software, and CLI Plugins belong to PanDev and its licensors.

8.2. Customer Content, including Prompt Content, remains the Customer's property. The Customer grants PanDev a limited license to use that content to the extent necessary to operate the cloud or cloud sub-services, including processing Prompt Content through PanDev or third-party model providers as documented for the relevant CLI Plugin command. PanDev does not use Prompt Content to train its own foundation models without the Customer's prior written consent.

8.3. PanDev may use feedback free of charge, for any duration, and without any obligation of attribution or compensation.

9. Warranties and Disclaimers

9.1. The CLI Plugins and related integration sub-services are provided "AS IS" and "AS AVAILABLE." PanDev does not guarantee the complete absence of errors or full alignment with expectations.

9.2. For on-prem, warranty provisions and limitations are specified in the Self-Managed EULA.

9.3. PanDev is not responsible for limitations caused by the Customer's security settings, environment, or third-party blocks, nor for the contents of Prompt Content submitted by Users.

10. Limitation of Liability

10.1. To the maximum extent permitted by law, PanDev is not liable for indirect, special, or punitive damages, lost profits, loss of data, or reputational harm, including harm arising from the contents of Prompt Content submitted by Users.

10.2. PanDev's aggregate liability under this document is limited to the greater of ten US dollars or the amount paid by the Customer for CLI Plugin licenses during the three calendar months preceding the event. Liability for providing the SaaS and for on-prem server software is defined in the Cloud Terms and the Self-Managed EULA.

10.3. Nothing limits liability for willful misconduct, harm to life or health, or other cases where limitation is prohibited by law.

11. Export Control and Sanctions

The parties comply with applicable sanctions regimes and export-control regulations. The Customer confirms it is not a sanctioned entity and undertakes not to use the Services and Software in violation of such restrictions.

12. Governing Law and Disputes

The law of the Republic of Kazakhstan applies. Disputes are resolved by the competent courts of Almaty. The parties may agree to mediation or arbitration. The United Nations Convention on Contracts for the International Sale of Goods (CISG) does not apply.

13. Term, Changes, and Termination

13.1. These terms apply from the effective date above until termination.

13.2. PanDev may update this document. Changes become effective after publication and notification via the Services or by email. Continued use constitutes acceptance of the new version.

13.3. Notices are sent to the contacts listed in the agreement or the account and are deemed received when sent.

13.4. Stopping use of the CLI Plugins. PanDev may restrict or terminate the use of the CLI Plugins if these terms, legal requirements, or security measures are violated. The Customer may stop using the CLI Plugins at any time by uninstalling them from the Host Environment. Stopping the use of the CLI Plugins does not affect the validity of SaaS or on-prem agreements and does not release the parties from obligations that survive termination, such as confidentiality and limitation of liability.

14. Miscellaneous

The invalidity of a provision does not invalidate the entire document. Failure to exercise a right does not constitute a waiver. The document is concluded electronically. The parties act as independent contractors.

Appendix A. Data Categories (for CLI Plugins)

Activity Data (metadata, no Prompt Content):

  • Timestamps of CLI Plugin invocations.
  • CLI Plugin command and subcommand names.
  • Argument shape: flag and subcommand names. Flag values may be recorded in Activity Data as the User typed them — the CLI Plugin does not automatically redact secret values, so the Customer must ensure secrets are never passed as flag values.
  • Exit codes and invocation durations.
  • CLI Plugin, shell, and operating-system versions; Windows build identifier.
  • Technical device and session identifiers; tenant identifier in PanDev.
  • Diagnostic telemetry about the CLI Plugins: versions, crashes (without Prompt Content), performance. In on-prem mode diagnostic telemetry is not used.

Prompt Content (content deliberately submitted by the User):

  • Command arguments where they form part of the User's intentional input.
  • Standard input (stdin) payloads piped or redirected into the CLI Plugin.
  • Prompt files explicitly passed as input.
  • AI prompts and User-supplied text.
  • Server responses returned to the User by the CLI Plugin.

Contacts

Rights Holder: PanDev Ltd
Office: 050057, Republic of Kazakhstan, Almaty, Gagarin Ave. 124
Support: support@pandev.io