Terms of Service

Effective: March 22, 2026

By using Yes! Did It ("the Service"), including the website, API, CLI tool, and MCP server, you agree to these terms. If you do not agree, do not use the Service.

1. The Service

Yes! Did It is a CLI-first to-do tracker. You can create, manage, and complete to-do items via the API, CLI, MCP server, or web dashboard. The web interface provides read and delete access; all other mutations happen through the API.

2. Accounts

You sign in via GitHub or Google OAuth. You are responsible for maintaining the security of your account credentials, API keys, and any devices where you are authenticated. You must notify us immediately of any unauthorized access.

3. Acceptable Use

You agree not to:

  • Use the Service for any unlawful purpose or in violation of any applicable laws.
  • Attempt to gain unauthorized access to the Service, other accounts, or related systems.
  • Abuse, harass, or exploit the Service in a way that degrades it for others.
  • Circumvent rate limits, security controls, or access restrictions.
  • Store illegal, malicious, or harmful content in your todos.
  • Use automated systems to create excessive load on the Service.
  • Infringe on the intellectual property rights of others through your use of the Service.
  • Reverse engineer or attempt to extract the source code of the Service (the source code is publicly available).

4. Account Suspension & Ban Policy

We reserve the right to suspend or permanently ban accounts that violate these terms. Our enforcement follows a graduated approach:

  • Warning — for minor or first-time violations, we may issue a warning via email or account notification.
  • Temporary suspension — repeated or moderate violations may result in temporary account suspension. During suspension, API access is revoked and you cannot sign in.
  • Permanent ban — severe violations, including but not limited to abuse of the Service, security attacks, or storing illegal content, will result in permanent account termination.

When an account is banned:

  • All API access (JWT and API key) is immediately revoked.
  • The account is flagged and cannot sign in.
  • A banned user will see a suspension notice when attempting to access the web dashboard.
  • Data associated with banned accounts may be retained for a reasonable period for legal and security purposes, then deleted.

If you believe your account was suspended or banned in error, you may appeal by opening an issue on our GitHub repository.

5. Your Data

You retain ownership of the content you create. We claim no intellectual property rights over your todos. See our Privacy Policy for details on data collection, usage, retention, and third-party data processing.

6. API Usage

Access to the API is subject to rate limits. We may adjust these limits at any time to ensure fair usage. API keys should be treated as secrets and never committed to version control or shared publicly.

7. MCP Server & AI Assistant Integration

The Yes! Did It MCP server allows AI assistants (such as Claude) to manage your todos on your behalf. By configuring the MCP server, you authorize it to read and write to-do data using your credentials. You are responsible for the actions taken through MCP integrations.

The MCP server operates within strict boundaries:

  • It only accesses your todo data (create, read, update, delete, complete tasks).
  • It does not access the AI assistant's memory, chat history, conversation summaries, or user-uploaded files.
  • It does not log conversations or collect any data beyond what is required to fulfill your todo management requests.
  • All MCP tools include accurate safety annotations (read-only vs. destructive hints) so the AI assistant can make informed decisions about tool usage.
  • Tool descriptions are narrow and unambiguous, precisely matching their actual functionality.

8. Security Vulnerability Reporting

We maintain a mechanism for receiving and investigating security vulnerability reports. If you discover a security vulnerability, please report it responsibly via a GitHub security advisory. We accept reports from individuals and organizations, will investigate with reasonable care, and will respond promptly.

9. Availability & Liability

The Service is provided "as is" without warranty of any kind. We do not guarantee uninterrupted or error-free operation. We are not liable for any damages arising from your use of the Service, including loss of data.

10. Termination

You may delete your account at any time, which permanently removes all your data. We may terminate or suspend access at our discretion for violations of these terms.

11. Third-Party Platform Compliance

The Service may be listed in third-party software directories (such as the Anthropic MCP Directory). When accessed through these platforms, use of the Service is also subject to the applicable platform's terms and policies. We maintain compliance with the requirements of any directory in which the Service is listed.

12. Changes to These Terms

We may update these terms from time to time. Changes will be posted on this page with an updated effective date. Continued use of the Service after changes constitutes acceptance.

13. Open Source

Yes! Did It is open source. The source code is available at github.com/jonsykes/yes-did-it. Contributions are welcome under the project's license.

14. Contact

Questions about these terms? Open an issue on our GitHub repository.