Community Guidelines

Last updated: May 28, 2026

Shelf is a creative tool that runs HTML apps you describe in plain English or install from the Shelf Marketplace. These Community Guidelines define what's acceptable in any app that any Shelf user can see — including every bundle listed on the Marketplace and every public creator profile — and what happens when something crosses the line.

These guidelines apply alongside our Terms of Service and our Privacy Policy. The Creator Agreement, which every publisher accepts before their first publish, incorporates these guidelines by reference.

What is not allowed

Bundles that do any of the following will be rejected at review, or removed and the publisher banned if discovered after publish.

1. Illegal or dangerous content

• Content that is illegal where the publisher operates or where it is offered.
• Promotion of, or instructions for, violence, weapons production, hard drugs, or terrorism.
• Content that endangers a minor in any way.

2. Hate, harassment, or threats

• Content that promotes hatred, discrimination, or violence against people on the basis of race, ethnicity, religion, disability, age, nationality, veteran status, sexual orientation, gender identity, or any other characteristic associated with systemic discrimination or marginalisation.
• Content that targets a specific individual with harassment, threats, or doxxing.

3. Sexual or graphic content

• Sexual content of any kind. Shelf is a general-audience product; mature content is out of scope at v1.
• Excessive gore, gratuitous violence, or shock content.

4. Deception, impersonation, scams

• Bundles that imitate a well-known brand, product, person, or service (Google, Apple, banks, government services, popular apps, etc.) in a way a typical user could mistake.
• Bundles that misrepresent what they do, hide functionality, or use deceptive imagery in screenshots or icons.
• Pyramid schemes, "get rich quick" claims, or any other classic-scam pattern.

5. Malicious or abusive code

• Any attempt to exfiltrate user data to an external server. Our static scanner blocks the common forms (fetch to non-shelf hosts, navigator.sendBeacon, external WebSockets, external script tags). Additional novel attempts will be rejected on review and may result in immediate ban.
• Any attempt to execute or load code at runtime from outside the bundle (eval, new Function, setTimeout("string"), dynamic import(url) to remote URLs, service worker registration).
• Any attempt to read device storage, cookies, or browser fingerprint data.
• Any attempt to obfuscate the bundle's behaviour (large base64 blobs that decode to executable code, packed JS, etc.).

6. Privacy violations

• Collecting user data inside a bundle and transmitting it anywhere. The runtime sandbox prevents this by default; deliberately trying is grounds for ban.
• Asking the user for credentials to third-party services (passwords, API keys for other companies) under any pretext.

7. Intellectual property infringement

• Copyrighted material (text, images, code) you do not have the right to redistribute.
• Trademarks used in a way that implies endorsement by or affiliation with the trademark owner.

8. Spam and low-quality content

• Duplicate bundles (re-uploads of the same content under different slugs).
• Bundles whose primary purpose is to promote an external product, service, or website.
• Bundles that do not function or that have no recognisable purpose.

9. Public profile abuse

• Usernames, display names, bios, links, or avatars that violate any of the above.
• Usernames that impersonate a recognisable person, company, or Shelf staff.

How content is reviewed

Every bundle submitted to the Marketplace passes through a four-layer security and content review pipeline before becoming visible on the store:

1. Static scanner (instant). A regex-and-string scan rejects bundles that include forbidden technical patterns (external network calls, eval, etc.). Each rejection cites the exact rule.
2. AI safety review. Each app's HTML is reviewed by a language model with a safety prompt that classifies the bundle as clear, ambiguous, or reject.
3. Human review. All paid bundles, all first-time creators, and all ambiguous AI verdicts enter a human review queue staffed by Shelf.
4. Community flagging. Any user can report a live bundle. Three independent reports within 30 days automatically pull the bundle to re-review pending human decision.

A bundle that passes 1–3 goes live. A bundle that fails at any layer is rejected with a machine-readable reason returned to the publisher.

How to report a bundle

If you see a published bundle that violates these guidelines:

• In Shelf (desktop or mobile): open the bundle group's context menu in the sidebar and choose "Report bundle." Provide a short reason.
• On the web: open the bundle detail page at https://auth.shelf.app/marketplace/bundle/<slug> and click "Report bundle."
• By email: if neither route is available, email [email protected] with the bundle slug and a description.

Reports are tied to your Shelf account to discourage abuse. We do not share your identity with the reported publisher.

What happens after a report

• The bundle's report count is checked against the rolling 30-day threshold. Three unique reporters trigger an automatic transition to under_review, at which point the bundle is hidden from the Marketplace until a human reviews it.
• A human reviewer assesses the bundle against these guidelines. The decision is logged with the bundle's machine-readable status reason.
• If the violation is confirmed, the bundle is removed and the publisher is notified with the specific guideline violated. Repeated or severe violations lead to the publisher's account being banned, which unpublishes all their live bundles and blocks further submissions.
• Existing buyers of a removed paid bundle retain their copy on device but lose access to updates and re-installs.

Target response time on reports: 24 hours for the human review step, faster for content that is clearly illegal or harmful.

Appeals

If your bundle is rejected at any layer and you believe the decision is wrong, reply to the rejection email with:

• The bundle slug and version.
• The specific guideline you believe does not apply.
• Any context the reviewer might be missing.

Appeals are reviewed by a second human reviewer where possible. Decisions are final after the appeal review.

Changes to these guidelines

We may update these guidelines as the Marketplace grows and new categories of content (or abuse) appear. Material changes will be announced in advance to creators via email and noted at the top of this page with a refreshed date.

Contact

Questions about a specific bundle, a report you filed, or these guidelines: [email protected].