This Agent Authorization Agreement ("Agreement") is a supplement to the Kabuzz Terms of Service ("Terms") and is incorporated into the Terms by reference. Capitalized terms used but not defined in this Agreement have the meanings given in the Terms.
This Agreement governs the authorization, use, and accountability framework for AI agents ("Agents") that you connect to your Kabuzz account to perform marketplace actions on your behalf. By generating an Agent API key or authorizing any Agent to act on your account, you agree to the terms of this Agreement.
"Agent" means any third-party software, bot, AI system, or automated tool that accesses the Kabuzz API using an Agent API key issued under your account.
"Agent API Key" means the cryptographic credential generated by you through the Kabuzz platform that grants an Agent access to specific Platform functionality on your behalf.
"Spending Controls" means the set of financial limits, category restrictions, approval thresholds, and other parameters you configure to govern Agent purchasing behavior.
"Owner" means you, the verified human account holder who generated the Agent API key and authorized the Agent to act on your behalf.
By generating an Agent API key and providing it to a third-party Agent, you authorize that Agent to perform the following actions on your behalf, subject to the permission scope you assign to the key:
(a) Buy scope: Search and browse listings, make purchases using your saved payment methods, submit and manage offers, and send messages as a buyer.
(b) Sell scope: Create listings for items you own, manage your listing inventory, respond to offers, and send messages as a seller.
(c) Buy and sell scope: All of the above.
(d) Read scope: Search and browse listings only, with no transactional capability.
An Agent cannot perform actions beyond the scope of its assigned API key. An Agent cannot escalate its own permissions, generate additional API keys, modify your spending controls, change your account settings, or authorize other Agents.
You are responsible for understanding the behavior of any Agent you authorize. Before generating an API key, you should satisfy yourself that the Agent software operates as intended and that you understand what actions it will take on your behalf.
Before activating any Agent with buy permissions, you must review and configure your spending controls. Default spending controls are applied automatically:
| Control | Default Value |
|---|---|
| Per-transaction limit | $100 |
| Daily spending cap | $500 |
| Weekly spending cap | $2,000 |
| Monthly spending cap | $5,000 |
| Category restrictions | None (all categories allowed) |
| Approval threshold | None (no approvals required) |
| Auto-buy enabled | Yes |
Kabuzz enforces spending controls on every Agent-initiated purchase before any payment is processed. If a purchase request violates any spending control, the request is rejected and no payment is charged.
You are solely responsible for setting spending controls appropriate to your risk tolerance and financial situation. Kabuzz provides tools to configure these controls but does not advise you on what limits to set. If you leave spending controls at their default values and an Agent makes purchases you did not intend, that is not grounds for a refund (see Section 6).
You may modify your spending controls at any time through the Kabuzz web interface or API. Changes take effect immediately and apply to all Agent API keys associated with your account.
You are solely and exclusively liable for all transactions executed by Agents operating under your account. This includes:
(a) All purchases made using your saved payment methods.
(b) All items listed for sale under your account.
(c) All fees and commissions associated with those transactions.
(d) All obligations to buyers or sellers arising from those transactions (shipping, accurate descriptions, refund eligibility, etc.).
(e) Any tax obligations arising from transactions.
Kabuzz does not develop, operate, control, supervise, audit, or endorse any third-party Agent. Kabuzz is not responsible for:
(a) Errors, malfunctions, or unintended behavior of any Agent.
(b) Purchases that you did not subjectively intend but that were within your configured spending controls.
(c) Listings that contain inaccurate information generated by an Agent.
(d) Financial losses resulting from Agent trading strategies, purchasing patterns, or pricing decisions.
(e) Data breaches, security vulnerabilities, or other issues in third-party Agent software.
(f) Actions taken by an Agent after you provided it with an API key, even if the Agent's behavior differs from what you expected.
This liability model is analogous to a corporate expense card program. The company (you) sets the spending policy (spending controls). The employee (Agent) spends within those limits. The company is responsible for charges that fall within the policy, even if a specific purchase was not individually pre-approved.
You may open a dispute for an Agent-initiated purchase on the same grounds available for any purchase:
(a) Item not received.
(b) Item not as described.
(c) Item is counterfeit.
(d) Item was damaged in transit.
The following are NOT valid grounds for a dispute or refund for Agent-initiated purchases:
(a) "I did not want my AI to buy this item" — if the purchase was within your configured spending controls.
(b) "The price was too high" — if the purchase was within your per-transaction limit.
(c) "I did not know my AI was buying this" — your authorization of the Agent constitutes consent to purchases within your controls.
(d) "My AI bought too many items" — if each individual purchase and the aggregate spending were within your configured limits.
(e) "I forgot to update my spending controls" — maintenance of your controls is your responsibility.
If your Agent API key is compromised and used by an unauthorized party, you must immediately revoke the key using the kill switch feature and notify Kabuzz at security@kabuzz.com. Kabuzz will investigate and may reverse transactions that occurred after the compromise was reported. Transactions that occurred before you reported the compromise are your responsibility.
Your Agent API key is displayed once at the time of creation. You are responsible for storing it securely. Kabuzz cannot retrieve or display the key after creation.
You should:
(a) Store API keys in secure, encrypted storage — not in plain text, not in shared documents, not in version control systems.
(b) Use the IP allowlist feature to restrict key usage to known IP addresses.
(c) Assign the minimum permission scope necessary (e.g., use read-only keys for price monitoring agents).
(d) Regularly review your active Agent keys and revoke any that are no longer in use.
(e) Monitor your Agent activity through the Kabuzz dashboard and notifications.
You may instantly revoke all Agent API keys at any time using the kill switch feature on the Kabuzz dashboard. Revocation takes effect immediately. All in-flight Agent requests using revoked keys will be rejected.
If you believe an API key has been compromised, you must revoke it immediately and notify Kabuzz. You are responsible for all transactions executed using the key prior to revocation.
Kabuzz monitors Agent activity for anomalous patterns, including but not limited to:
(a) Sudden increases in purchase frequency or volume.
(b) Purchases in categories the Agent has not previously accessed.
(c) Rapid successive purchases that may indicate a looping or malfunctioning Agent.
(d) Activity patterns inconsistent with the Agent's historical behavior.
If Kabuzz detects anomalous Agent activity, we may automatically freeze the Agent's API key and notify you. While frozen, the Agent cannot execute any transactions. You may unfreeze the key through the dashboard after reviewing the flagged activity.
Kabuzz is not liable for any losses resulting from the automatic freezing of an Agent key, including missed purchase opportunities or listing downtime. Anomaly detection is a safety feature provided for your protection.
Kabuzz maintains a complete audit trail of all Agent-initiated actions, including:
(a) The action requested by the Agent.
(b) The spending control evaluation (which rules were checked and their results).
(c) Whether the action was approved or rejected by the policy engine.
(d) The resulting transaction details (Stripe payment ID, amount, timestamp).
You may access your Agent's audit trail through the Kabuzz dashboard. These records may be used as evidence in dispute resolution proceedings.
Audit trail records are retained for the duration of your account plus 7 years after account closure, or as required by law, whichever is longer.
If you authorize an Agent with sell permissions, you are responsible for ensuring that all listings created by the Agent accurately describe items you actually own and intend to sell. You must:
(a) Provide accurate photos of the actual items.
(b) Review AI-generated descriptions for accuracy before or promptly after publication.
(c) Remove listings for items that are no longer available.
Your Agent must not list items that violate the Kabuzz Terms of Service Section 8 (Prohibited Items and Conduct). You are responsible for ensuring your Agent is configured to comply with these restrictions.
If an Agent lists counterfeit items or materially misrepresents item condition or authenticity, the Owner's account will be subject to the same enforcement actions as if the Owner had created the listing directly, including account suspension or termination.
Kabuzz reserves the right to modify this Agreement. We will notify you of material changes by email at least 30 days before changes take effect. Your continued use of Agent features after the effective date constitutes acceptance. If you do not agree to modified terms, you must revoke all Agent API keys and discontinue use of Agent features.
You may terminate Agent authorization at any time by revoking all Agent API keys. This does not affect transactions already completed.
Kabuzz may revoke Agent API keys or disable Agent features on your account at any time if we determine, in our sole discretion, that Agent activity poses a risk to the Platform, other users, or violates these Terms.
If your Kabuzz account is terminated for any reason, all Agent API keys are immediately and permanently revoked.
By generating an Agent API key, you acknowledge that you have read, understood, and agree to this Agent Authorization Agreement. You specifically acknowledge:
(a) You are solely responsible for all Agent-initiated transactions.
(b) Kabuzz is not liable for Agent conduct.
(c) Purchases within your configured spending controls are authorized and generally non-refundable on the basis that you did not intend the specific purchase.
(d) You have a duty to configure appropriate spending controls and to monitor Agent activity.
(e) Kabuzz may freeze Agent keys for safety without liability.
This Agent Authorization Agreement is effective as of March 11, 2026 and is subject to the Kabuzz Terms of Service.