Responsible use

Responsible-Use Policy

The pre-lab requirements, the mandatory lab warning, prohibited actions, and our safe-alternative principle.

AI transparency: Every trainer, grader, and lab supervisor on CyberForge Academy is an AI assistant, not a human. Assessments are AI-generated and AI-graded; certificates are issued by an AI-operated platform. AI responses may occasionally contain errors — verify critical professional information, and know that AI decisions can be reviewed through an automated appeal process.

The mandatory lab warning

This exact warning is shown before every lab session and on every page that exposes a lab terminal:

Use these skills only on systems you own or are explicitly authorized to test. Unauthorized access, scanning, exploitation, disruption, credential collection, or data acquisition may be illegal. CyberForge Academy practical exercises are restricted to controlled training environments.

Pre-lab requirements checklist
You must be able to affirm every item before starting any lab.
  • You have read and accepted the Terms of Service and Code of Ethics.
  • You understand that techniques may only be used on systems you own or are explicitly authorized to test.
  • You are working inside the provided isolated lab network — not against any external or production system.
  • You will not attempt to bypass lab isolation or reach systems outside the training environment.
  • You will pair every offensive technique with its detection and remediation.
  • You will stop and report any behavior that appears to reach a real-world target.
Prohibited actions
These are strictly forbidden and may be illegal. Violations lead to suspension.
  • Targeting systems you do not own or lack written authorization to test.
  • Scanning, exploiting, or disrupting production, public, or third-party infrastructure.
  • Attempting to escape the lab network or access the public internet from a lab.
  • Collecting real credentials or personal data belonging to actual people.
  • Sharing, selling, or automating the harvesting of flags, answers, or exploit payloads for real-world use.
  • Coercing, jailbreaking, or manipulating agents into providing unauthorized guidance.
  • Using the platform to develop, stage, or distribute malware aimed at live targets.
The safe-alternative principle

When you ask for something that would be unsafe or unauthorized in the real world, our AI does not simply refuse. The Safety Guardian redirects you to an equivalent, legal exercise inside a controlled lab that teaches the same skill.

For example, a request to scan a real public IP is blocked and replaced with the same scanning technique against a provisioned lab target — so you still learn the concept, always paired with how to detect and defend against it.

See also our Code of Ethics and Terms of Service.