Evidence-based analysis of provider terms and enforcement patterns.


TL;DR

ProviderOpenClaw StatusRiskEvidenceDeep Dive
Anthropic Claude๐Ÿšซ DISALLOWED๐Ÿ”ด HIGHExplicit policy, technical enforcement/verify/openclaw-anthropic-policy/
Google (Consolidated)Split status๐Ÿ”ด/๐ŸŸกOAuth banned, API allowed/verify/openclaw-google-policy/
Google Gemini APIโœ… ALLOWED๐ŸŸข LOWNo restrictions foundโ€”
OpenAIโœ… ALLOWED๐ŸŸข LOWCodex CLI proves OAuth pattern/verify/openclaw-openai-policy/
Moonshot AI (Kimi)โœ… ALLOWED๐ŸŸข LOWOpen-source, no restrictionsโ€”
AWS Bedrockโœ… ALLOWED๐ŸŸข LOWEnterprise-friendly termsโ€”
Together AIโœ… ALLOWED๐ŸŸข LOWBYOK model, no tool restrictionsโ€”
Fireworks AIโœ… ALLOWED๐ŸŸข LOWBYOK model, no tool restrictionsโ€”
Self-Hostedโœ… ALLOWED๐ŸŸข NONEYou are the provider/tools/self-hosting/
Groqโœ… ALLOWED๐ŸŸก MEDIUM“Orchestration” clause; stay within rate limits/verify/openclaw-groq-policy/
Azure OpenAIโœ… ALLOWED๐ŸŸก MEDIUMEnterprise-dependent; governance required/verify/openclaw-azure-policy/
Cerebrasโœ… ALLOWED๐ŸŸข LOWInfrastructure provider; no restrictions/verify/openclaw-cerebras-policy/
Perplexityโœ… ALLOWED๐ŸŸก MEDIUMNo explicit ban; competitive use caveat/verify/openclaw-perplexity-policy/
Mistral AIโœ… ALLOWED๐ŸŸข LOWExplicit third-party support; MCP named/verify/openclaw-mistral-policy/

Methodology

This verification analyzes:

  1. Primary source terms โ€” Official ToS, acceptable use policies, legal pages
  2. Enforcement history โ€” Documented actions against users
  3. Product patterns โ€” What the provider builds reveals intent
  4. Community signals โ€” Forum reports, GitHub issues, social media

Evidence levels:

  • High: Official policy documents, direct quotes, dated
  • Medium: Help center guidance, standard terms analysis, product behavior
  • Low: Community reports, indirect signals

Risk Spectrum

BAN RISK SPECTRUM โ€” OpenClaw API Usage
โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”
๐Ÿ”ด BAN LIKELY              ๐ŸŸก MEDIUM RISK            ๐ŸŸข SAFE
โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”
Anthropic              Groq*                   Google/Kimi/Together/
(Explicit ban)         (Orchestration          Fireworks/OpenAI/Bedrock/
                        clause caveat)          Self-Hosted
Google OAuth           Azure OpenAI*
(OAuth blocked)        (Governance required)

* Medium risk = allowed but with specific caveats to follow

Key insight: Only Anthropic and Google OAuth have explicitly banned OpenClaw-like usage with documented enforcement. All others either allow it or haven’t addressed it. See the full migration guide if you’re using a banned provider.


Provider Analysis

Anthropic: Explicitly Disallowed ๐Ÿ”ด

Status: ๐Ÿšซ DISALLOWED โ€” High Ban Risk

The Policy (Primary Source):

“Using OAuth tokens obtained through Claude Free, Pro, or Max accounts in any other product, tool, or service โ€” including the Agent SDK โ€” is not permitted and constitutes a violation of the Consumer Terms of Service.” โ€” Anthropic Claude Code Legal and Compliance, February 2026

Enforcement History:

DateActionEvidence
2026-01-09OAuth harness block deployedGitHub issues, user reports
2026-01Account bans (some reversed)Acknowledged by Anthropic
2026-02Official policy publishedLegal page went live

Detection Methods:

  • Client fingerprinting via HTTP headers
  • Pattern analysis of request volume/timing
  • Binary signature detection

Evidence Level: HIGH (official policy + technical enforcement)

Deep Dive: /verify/openclaw-anthropic-policy/


Google: Split Status

Google OAuth (Antigravity): Disallowed ๐Ÿ”ด

Status: ๐Ÿšซ DISALLOWED โ€” High Ban Risk

The Policy:

“You must not abuse, harm, interfere with, or disrupt the Service. This includes, but is not limited to, using the Service in connection with products not provided by us.” โ€” Antigravity Additional Terms of Service, Section 6

Enforcement History:

DateActionEvidence
2026-02-09First suspensions detectedGitHub issue #14203
2026-02-20Mass ban waveGoogle AI Developer Forum
2026-02-22Official confirmationVarun Mohan X post

Scope: Only Antigravity access suspended (Gmail/Workspace unaffected per Google)

Recovery (March 2026): Recovery path confirmed for unaware first-time violators. Contact [email protected] โ€” 1-2 week response time reported.

Evidence Level: HIGH (official statements + mass enforcement + confirmed recoveries)

Deep Dive: /verify/openclaw-google-policy/

Google Gemini API: Allowed with Caution ๐ŸŸก

Status: โœ… ALLOWED โ€” Low-Medium Risk

Analysis:

  • โœ… No explicit ban on third-party agent tools in API terms
  • โœ… Google AI Studio / Vertex AI โ€” standard acceptable use policies
  • โš ๏ธ Google’s platform control philosophy โ€” OAuth banned, API allowed… for now
  • โš ๏ธ Monitor for policy changes โ€” Google has shown willingness to restrict

Evidence Level: MEDIUM (absence of prohibition, but provider pattern suggests caution)

Data Loss Risk:

  • API keys are commercial contracts (more stable than consumer OAuth)
  • But Google’s enforcement history shows sudden policy shifts
  • Recommendation: Maintain local backups, don’t rely solely on Gemini API

OpenAI: Explicitly Allowed ๐ŸŸข

Status: โœ… ALLOWED โ€” Low Risk

The Evidence:

OpenAI’s own Codex CLI explicitly allows signing in with ChatGPT Plus/Pro subscriptions via OAuth. This reveals architectural intent: subscription credits can flow to third-party CLI tools.

Why this matters:

  • Codex CLI is an official OpenAI product
  • It uses the exact pattern Anthropic banned (OAuth โ†’ CLI automation)
  • No enforcement against agent tools documented

The Only Caveat:

OpenAI’s terms reserve the right to suspend for “unusual activity patterns.” However:

  1. No agent tool bans reported
  2. Codex enables automation by design
  3. Usage matches their product design

Evidence Level: HIGH (product behavior proves policy intent)

Deep Dive: /verify/openclaw-openai-policy/


Moonshot AI (Kimi k2.5): Allowed ๐ŸŸข

Status: โœ… ALLOWED โ€” Low Risk

Why Kimi is low-risk:

  • โœ… Open-source weights โ€” Can self-host if API terms change
  • โœ… No restrictions โ€” Moonshot AI promotes agentic use cases
  • โœ… API terms standard โ€” No tool-specific prohibitions

Evidence Level: HIGH (open-source + explicit support for agents)


AWS Bedrock: Allowed ๐ŸŸข

Status: โœ… ALLOWED โ€” Low Risk

Analysis:

  • Standard AWS acceptable use policy
  • No tool-specific restrictions
  • Enterprise-focused, automation expected

Evidence Level: MEDIUM (standard AWS terms + enterprise orientation)


Together AI: Allowed ๐ŸŸข

Status: โœ… ALLOWED โ€” Low Risk

Analysis:

  • Inference provider for open-source models
  • BYOK (bring your own key) model
  • No restrictions on client tools found

Evidence Level: MEDIUM (inference provider model)


Fireworks AI: Allowed ๐ŸŸข

Status: โœ… ALLOWED โ€” Low Risk

Analysis:

  • Inference provider, similar to Together
  • Open-source model hosting
  • No tool restrictions in terms

Evidence Level: MEDIUM (inference provider model)


Groq: Allowed with Caveats ๐ŸŸก

Status: โœ… ALLOWED โ€” Medium Risk

Analysis:

  • โœ… No explicit ban on third-party agent tools
  • โš ๏ธ “Orchestration” clause prohibits coordinating usage across multiple organizations
  • โš ๏ธ High-speed inference can trigger “excessive load” concerns
  • Rate limits are actively enforced

Key Policy Quote:

“orchestrating usage between multiple organizations”

Evidence Level: MEDIUM (no ban + vague clause that could catch automation)

Safe Usage:

  • Use single API key per OpenClaw instance
  • Stay within published rate limits
  • Don’t coordinate across multiple Groq accounts

Deep Dive: /verify/openclaw-groq-policy/


Azure OpenAI: Allowed with Governance ๐ŸŸก

Status: โœ… ALLOWED โ€” Medium Risk (Governance-dependent)

Analysis:

  • โœ… No ban on autonomous applications โ€” Code of Conduct explicitly mentions them
  • โš ๏ธ Strict governance requirements โ€” Must implement “technical and operational measures”
  • โœ… Enterprise Agreement advantage โ€” Contract terms govern for EA customers
  • โœ… Limited Access service โ€” Most customers eligible for standard access

Key Policy Quote:

“applications that make decisions, or take actions, autonomously or with varying levels of human intervention”

Evidence Level: MEDIUM (explicit autonomous app language + strict compliance requirements)

Requirements:

  • Implement access controls (Azure Key Vault for API keys)
  • Enable audit logging (Azure Monitor)
  • Provide human oversight for consequential decisions
  • Maintain “strong technical controls”

Deep Dive: /verify/openclaw-azure-policy/


Cerebras: Allowed ๐ŸŸข

Status: โœ… ALLOWED โ€” Low Risk

Analysis:

  • โœ… Infrastructure provider model โ€” No client-side restrictions
  • โœ… No explicit ban on third-party agent tools
  • โœ… Focus on credential security, not usage patterns
  • Similar to Together AI and Fireworks AI

Evidence Level: MEDIUM (standard infrastructure terms)

Deep Dive: /verify/openclaw-cerebras-policy/


Perplexity: Allowed with Caveats ๐ŸŸก

Status: โœ… ALLOWED โ€” Low-Medium Risk

Analysis:

  • โœ… No explicit ban on third-party agent tools
  • โš ๏ธ Competitive use clause โ€” Don’t build search products
  • โš ๏ธ “Interfering with” clause โ€” Respect rate limits
  • Safe for coding workflows, risky for search aggregation

Evidence Level: MEDIUM (API terms + AUP compliance required)

Deep Dive: /verify/openclaw-perplexity-policy/


Mistral AI: Explicitly Supported ๐ŸŸข

Status: โœ… ALLOWED โ€” Low Risk

Analysis:

  • โœ… Explicit third-party support โ€” Terms permit Third-Party Services
  • โœ… MCP servers named โ€” Protocol OpenClaw uses is specifically allowed
  • โœ… Open-source models โ€” Can self-host if needed
  • European provider with interoperability-friendly stance

Evidence Level: HIGH (explicit permission + MCP naming)

Deep Dive: /verify/openclaw-mistral-policy/


Self-Hosted: Always Allowed ๐ŸŸข

Status: โœ… ALLOWED โ€” No Risk

The Ultimate Escape Hatch:

  • Run models locally via Ollama, llama.cpp, vLLM
  • No API provider = no terms to violate
  • You are the provider

Trade-offs:

AspectSelf-HostedAPI Provider
Hardware costUpfront GPU/RAMPay-as-you-go
CapabilitiesLimited to open modelsFrontier models
Terms riskZEROVaries
Setup complexityHigherLower

Evidence Level: N/A (no third-party terms)


Provider Philosophy Comparison

VendorPhilosophyEvidence
AnthropicWalled gardenExplicit ban, technical blocks, legal page
GooglePlatform controlOAuth blocked, API allowed, terms enforcement
OpenAIMarketplaceCodex CLI uses third-party OAuth pattern
KimiOpen sourceWeights available, promotes agentic use

The Lesson: Precedent is policy. Look at what vendors do, not just what they say.


What Would Change These Ratings

To upgrade a provider (safer):

  • Official statement authorizing third-party tool usage
  • Published policy explicitly allowing OpenClaw-like patterns
  • No enforcement actions for 12+ months

To downgrade a provider (riskier):

  • Policy update restricting third-party tools
  • Documented enforcement action
  • Technical blocks deployed

Review cadence: Monthly during policy volatility; quarterly otherwise.


FAQ: Can I Use OpenClaw With My Provider?

Quick Answers

ProviderCan I Use OpenClaw?Risk LevelAction Required
OpenAIโœ… YES โ€” Explicitly allowed๐ŸŸข LowNone. Rest easy.
Kimi (Moonshot)โœ… YES โ€” No restrictions๐ŸŸข LowNone. Rest easy.
Mistralโœ… YES โ€” Explicitly supported๐ŸŸข LowNone. Rest easy.
Google Gemini APIโœ… YES โ€” API keys allowed๐ŸŸก Low-MediumUse API keys, NOT Antigravity OAuth
Anthropic๐Ÿšซ NO โ€” Explicitly banned๐Ÿ”ด HighStop immediately. Migrate to OpenAI/Kimi.
Google Antigravity๐Ÿšซ NO โ€” OAuth banned๐Ÿ”ด HighStop immediately. Switch to API keys or migrate.

What Could I Lose If I Get Banned?

With Anthropic (Claude):

  • โŒ All conversation history โ€” Gone permanently, no export during suspension
  • โŒ Claude Memories โ€” Personalized context deleted
  • โŒ Projects/Artifacts โ€” Any unsaved work inaccessible
  • โŒ API access โ€” Keys revoked, commercial contracts voided
  • โš ๏ธ Account recovery โ€” Possible but timeline uncertain (1-2+ weeks)

With Google (Antigravity OAuth):

  • โŒ Antigravity IDE access โ€” Suspended immediately (403 ToS error)
  • โŒ Chat history โ€” Inaccessible during suspension, no self-service export
  • โœ… Gmail/Workspace โ€” Unaffected (Google confirms surgical targeting)
  • โš ๏ธ Billing โ€” May continue during suspension
  • โš ๏ธ Recovery path โ€” Exists for “unaware users” but timeline unknown

With OpenAI, Kimi, Mistral (Safe Providers):

  • โœ… Nothing โ€” These providers explicitly allow or don’t restrict third-party tools
  • โœ… No enforcement history โ€” Zero documented bans for agent tool usage
  • โœ… Rest easy โ€” Your setup is compliant

I’m Currently Using [Provider X]. What Should I Do?

If Using OpenAI

Status: โœ… You’re safe. Rest easy.

Recommended actions:

  1. No changes required
  2. Keep using ChatGPT OAuth via Codex CLI or API keys
  3. Monitor OpenAI policy updates monthly
  4. Maintain backup provider (Kimi/Google) for redundancy

If Using Kimi

Status: โœ… You’re safe. Rest easy.

Recommended actions:

  1. No changes required
  2. Enjoy 8x cheaper pricing than Anthropic
  3. Consider self-hosting option (weights are open-source)

If Using Google (Gemini API Keys)

Status: โœ… You’re safe, but monitor policy.

Recommended actions:

  1. Verify you’re using API keys (from Google AI Studio), NOT Antigravity OAuth
  2. Maintain local backups of critical conversations
  3. Keep alternative provider ready (OpenAI/Kimi)
  4. Set up billing alerts โ€” charges can accumulate quickly

If Using Google (Antigravity OAuth)

Status: ๐Ÿšซ STOP IMMEDIATELY โ€” You’re violating ToS.

Immediate actions:

  1. STOP using Antigravity OAuth with OpenClaw โ€” Every use increases ban risk
  2. Export your data โ€” While you still have access (Settings โ†’ Data Export)
  3. Switch to Gemini API keys โ€” Generate at Google AI Studio
  4. Revoke OAuth authorization โ€” Google Account โ†’ Security โ†’ Third-party apps
  5. Test new setup โ€” Verify OpenClaw works with API keys before relying on it

If Using Anthropic

Status: ๐Ÿšซ STOP IMMEDIATELY โ€” You’re violating ToS.

Immediate actions:

  1. STOP using Anthropic OAuth with OpenClaw โ€” Ban risk is HIGH
  2. Export your data NOW โ€” Claude.ai โ†’ Settings โ†’ Data Export (takes 24-48 hrs)
  3. Screenshot critical conversations โ€” No bulk export for individual chats
  4. Migrate to safe provider โ€” See migration paths below

Migration Paths (If You Need to Switch)

  • Why: Explicitly allows OAuth via Codex CLI, no enforcement history
  • Cost: ChatGPT Plus ($20/mo) or API pay-as-you-go
  • Migration time: 15 minutes
  • Guide: /verify/openclaw-openai-policy/
  • Why: 8x cheaper than Anthropic ($3 vs $25 per 1M output tokens), no restrictions
  • Cost: API or free tier via OpenCode Zen
  • Migration time: 10 minutes
  • Guide: /tools/opencode/

Budget Option: Self-Hosted

  • Why: Zero provider risk, you are the provider
  • Cost: Upfront hardware cost only
  • Migration time: 1-2 hours setup
  • Guide: /tools/self-hosting/

How Do I Know If I’m at Risk?

You’re at HIGH risk if:

  • You authenticated OpenClaw with “Sign in with Google” through Antigravity
  • You authenticated OpenClaw with Claude (Free/Pro/Max) OAuth
  • You see 403 errors or “Terms of Service” messages
  • You received a warning email from Anthropic or Google

You’re at LOW risk if:

  • You use OpenAI with ChatGPT OAuth or API keys
  • You use Kimi with API keys
  • You use Mistral with API keys
  • You use Google Gemini API keys (NOT Antigravity)

You’re at MEDIUM risk if:

  • You use Google Gemini API keys (provider has shown policy volatility)
  • You use Groq (orchestration clause caveat)
  • You use Azure OpenAI (governance requirements)

What’s the Safest Setup?

Maximum Safety (Zero Provider Risk):

Self-hosted models (Ollama/llama.cpp)
โ”œโ”€ No terms to violate
โ”œโ”€ No API provider to ban you
โ””โ”€ Trade-off: Setup complexity, limited to open models

High Safety (Explicitly Allowed):

OpenAI (ChatGPT OAuth or API keys)
โ”œโ”€ Codex CLI proves third-party OAuth is intended
โ”œโ”€ No enforcement history
โ””โ”€ Best frontier model access

High Safety (Cost-Effective):

Kimi k2.5 (API keys)
โ”œโ”€ Open-source weights (can self-host)
โ”œโ”€ 8x cheaper than Anthropic
โ””โ”€ No restrictions found

News & Context:

Risk Assessment:

Terms Verification:

Migration & Alternatives:


Sources

Primary Sources

Terms of Service


Last updated: 2026-02-25
Next review: 2026-03-24
Evidence level: High (primary sources + dated)

Policy pages change. Verify current terms at official sources before making architectural decisions.