Disclaimer & Limitations

FixWeb runs automated checks against URLs and hostnames you submit. The checks are heuristic: they look for patterns commonly associated with website-quality, crawlability, search presentation, accessibility, performance, form, media, and runtime issues. Pattern-matching is fundamentally lossy. We can — and sometimes do — produce false positives and false negatives.

FixWeb is not:

• a substitute for a human SEO, accessibility, performance, UX, legal, or security review;
• a guarantee that your website is complete, compliant, accessible, performant, or secure if no findings appear;
• a guarantee that any finding is material in your environment;
• professional or legal advice of any kind;
• a compliance-certification tool (FixWeb is not SOC 2, ISO 27001, PCI DSS, HIPAA, or any other framework's “official” auditor — check our acceptable-use policy for what we do and do not attest to).

False positives. A finding labeled “critical” does not always mean your application has a critical business issue. The check may have triggered on a pattern that, in your specific stack, is benign. We work hard to suppress false positives but cannot eliminate them.

False negatives. A clean scan does not prove your website is issue-free. Heuristic checks miss issues that require domain knowledge, business-context understanding, authenticated workflows, or test cases we have not implemented.

For systems where accessibility, SEO, performance, compliance, or security is critical to your business, you should layer FixWeb with specialist review and rigorous code review.

Some FixWeb findings include suggested remediations — written instructions, code snippets, or text intended to be passed to an AI coding assistant. These suggestions are generated automatically, in some cases by a large language model. They are intended as a starting point for your own investigation, not as drop-in code.

Before applying any suggested remediation, including any text we label as a “prompt” or “fix,” you must:

1. read it in full and confirm you understand what it changes;
2. confirm it is appropriate for your specific stack, framework version, and configuration;
3. test it in a staging environment that mirrors production;
4. review the diff with someone qualified before merging;
5. be prepared to roll back if the change causes unexpected behavior.

Pasting an AI-generated suggestion straight into production code without review is at your own risk. EGO HERO LLC accepts no liability for outages, data loss, security regressions, or other damages caused by applying a FixWeb-suggested fix without independent verification.

Active checks send crafted payloads to your application. While we rate-limit (sustained 10 req/sec per target), use a distinctive User-Agent (FixWebScanner/1.0), and avoid known destructive patterns, active probing can in rare cases:

• cause slowdowns or error spikes;
• create test rows in your database via injection probes;
• trigger your monitoring, paging, or WAF block lists;
• consume third-party API quotas (e.g., upstream search providers, SMS gateways) if your endpoints proxy to them.

We strongly recommend running active scans against staging environments. If you must scan production, do so during a maintenance window. By initiating an active scan, you acknowledge and accept these risks.

Our severity labels (critical, high, medium, low, info) are calibrated against typical web applications. They do not consider your specific threat model, user population, regulatory environment, or asset value. A “low” finding may be material risk for a fintech handling client funds; a “critical” finding may be irrelevant for a static blog. You are best positioned to translate a finding into a real-world risk.

You are solely responsible for confirming you have authority to test every URL or hostname you submit. Active scans, even though we require ownership verification, do not relieve you of this responsibility — verification proves you control the DNS or HTTP response of a target, not that you have legal or contractual authority to test it (for example, an SaaS app you operate on a subdomain of a domain you control might still be subject to its cloud provider's acceptable-use rules). See our Acceptable Use Policy for the full picture.

EGO HERO LLC's liability for any claim arising from your use of FixWeb is governed by Section 10 of the Terms of Service, including the cap on aggregate damages. By using FixWeb you acknowledge that you have read and understood that section.

support@fixweb.app.