XNova Docs

English

简体中文

English

简体中文

Appearance

Usage Policy

This document explains the rules for using XNova. It applies to the XNova website, API, API keys, and related access methods.

Overview

You may not use XNova for illegal activity, infringement, fraud, harassment, malicious attacks, restriction bypassing, or other abuse of platform resources.

Some models, routes, image generation features, or advanced capabilities may have additional limits. These limits may be described in product pages, documentation, or the console. Continuing to use those capabilities means you accept the additional rules.

Scope

This policy applies to:

  • Using the XNova website, console, or API.
  • Creating, storing, managing, configuring, or calling API keys.
  • Connecting to XNova through Claude Code, Codex, CC-Switch, OpenCode, Cherry Studio, RikkaHub, or other clients.
  • Integrating XNova into automation workflows, bots, internal tools, API services, or other business features.

Using compatible clients, your own programs, or other integrations is not prohibited by itself. However, you may not use those methods to bypass authentication, quotas, rate limits, safety protections, billing rules, or product instructions.

Prohibited Uses

Illegal or Infringing Activity

You may not use XNova to conduct, assist, package, or promote unlawful, non-compliant, or infringing activity, including:

  • Fraud, money laundering, gambling, illegal fundraising, or other illegal activity.
  • Infringement of intellectual property, trade secrets, likeness, reputation, privacy, or other lawful rights.
  • Distribution of content prohibited by law.

Fraud, Impersonation, and Misleading Content

You may not use XNova to generate, distribute, batch-process, or automate:

  • Content impersonating a person, organization, support agent, or official identity.
  • Content used for scams, social engineering, phishing, transfer inducement, or false promises.
  • Content known to be false but used to mislead others.
  • Bulk spam, spam marketing, or harassment messages.

Attacks, Bypass, and Resource Abuse

You may not use XNova to perform, assist, or optimize:

  • Intrusion, scanning, brute force, credential stuffing, phishing, privilege escalation, or other malicious probing.
  • Writing, spreading, or improving malware, trojans, ransomware, or other destructive programs.
  • DDoS, resource exhaustion attacks, or other destructive behavior against any system.
  • Bypassing XNova or related service authentication, quotas, rate limits, content safety, or billing rules.
  • Maliciously consuming platform resources through abnormal calls, empty requests, artificial traffic, or similar methods.

Account and Risk-Control Evasion

You may not:

  • Borrow, steal, impersonate, or misuse another account or payment method.
  • Evade platform limits or risk controls through bulk registration, false identity, or scripted behavior.
  • Transfer, sell, lend, or publicly disclose API keys to unauthorized third parties.

No Redistribution

Without explicit written authorization from XNova, you may not redistribute, resell, rent, share, provide managed access to, or repackage XNova services, API keys, call credits, model channels, or API capabilities in any form.

Prohibited redistribution includes:

  • Selling, renting, lending, or sharing XNova API keys, call credits, or model channels to third parties.
  • Building relay services, distribution panels, shared APIs, account pools, bot services, or other services callable by third parties.
  • Packaging XNova as backend capability for your own API, SaaS, plugin, client, or automation service offered to third parties.
  • Bypassing XNova account, billing, quota, or risk-control rules through group buying, assisted recharge, proxy sales, or private transfers.

If redistribution, suspected resale, abnormal sharing, or bulk abuse is found, XNova may immediately restrict the account, disable related API keys, terminate service, and refuse refunds or pursue further responsibility where appropriate.

Privacy and Data Rights Violations

You may not:

  • Illegally collect, sell, disclose, or misuse personal information.
  • Use leaked data, non-public information, or data without lawful source to identify, track, or harass others.
  • Generate or process content that infringes privacy, likeness, reputation, or identity rights.

Harmful Content

You may not use XNova to create, distribute, or assist in generating:

  • Content promoting self-harm, suicide, abuse, extreme violence, or terrorism.
  • Hate, discrimination, harassment, humiliation, or attacks against protected groups.
  • Sexual exploitation, inappropriate minor-related content, or other severe harmful content.

High-Risk Use Limits

You may not use XNova as the sole basis for decisions that significantly affect individual rights or interests, including medical, legal, financial, insurance, employment, education admission, housing eligibility, or law enforcement decisions.

If you use XNova in such scenarios, you must ensure human review, appropriate disclosure, and compliance with applicable laws.

API Key and Account Security

You should protect your account and API keys, and use them only in authorized team, server, or integration environments under the principle of least privilege.

Reasonable API key protection measures include:

  • Do not place API keys in public repositories, public clients, or any location directly accessible by third parties.
  • Separate keys by purpose and avoid long-term mixed use.
  • Rotate, disable, or delete keys promptly after suspected leakage.
  • Follow public documentation and product instructions when connecting and calling the service.

Documentation and Setup Boundaries

Documentation, examples, and setup instructions on this site are only intended to help users lawfully configure and use XNova services.

Documentation does not provide:

  • Additional authorization for any third-party product, model, or platform.
  • Permission to bypass limits, evade risk controls, abuse at scale, or attack systems.
  • A guarantee that a user's specific business scenario is lawful, compliant, or available.

You may not use this site's documentation, examples, or setup instructions to impersonate official certification, invent a partnership, or mislead others into believing that an access method has additional authorization.

Platform Enforcement

When there is reasonable basis to believe that a use may violate this policy, affect platform stability, or create safety risk, XNova may take actions including:

  • Requesting additional explanation of the use case.
  • Temporarily limiting call frequency, model scope, or account capabilities.
  • Disabling related API keys.
  • Suspending or terminating some functions or services.
  • Retaining necessary logs, records, and evidence for safety, audit, dispute handling, or compliance.

XNova will handle situations based on known facts, risk level, and platform stability needs.

Appeals and Contact

If you believe an account, API key, or request was restricted by mistake, contact XNova through the official support channel and provide as much of the following as possible:

  • Account identifier.
  • API key name or purpose.
  • Time range of the issue.
  • Use case description.
  • Relevant error message or request ID.

Updates

XNova may update this policy based on business, risk-control, legal, regulatory, or upstream policy changes. Updated versions will be posted on the site. If material changes are involved, the platform may provide reasonable notice. Continued use after the update takes effect means you accept the updated content.

Released under private documentation policy.

Copyright © 2026 XNova