The agreement prohibits using GitHub's servers for cryptocurrency mining, excessive automated bulk activity, or any form of unsolicited advertising relay, characterizing these as placing undue burden on GitHub's infrastructure.
This analysis describes what GitHub's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision directly restricts the use of GitHub Actions and other compute resources for cryptomining or automated bulk operations, which is operationally significant for DevOps teams and organizations running automated pipelines that may inadvertently approach the boundary of this prohibition.
Interpretive note: The term 'excessive automated bulk activity' is not defined with a specific threshold, leaving the boundary between permissible automation and prohibited bulk activity subject to GitHub's discretionary interpretation.
Under this clause, any use of GitHub's server infrastructure for cryptocurrency mining or excessive automated bulk activity is prohibited and may result in content removal or account suspension. Organizations using GitHub Actions for compute-intensive workloads should evaluate their pipelines against this restriction.
How other platforms handle this
engage in any of the foregoing in connection with the use, creation, development, modification, prompting, fine-tuning, training, testing, benchmarking or validation of any machine learning tool, model, system, algorithm, product or other technology.
You agree not to post, upload, publish, submit or transmit any content that: (i) infringes, misappropriates or violates a third party's patent, copyright, trademark, trade secret, moral rights or other intellectual property rights, or rights of publicity or privacy; (ii) violates, or encourages any ...
You may not use our Services for any illegal purpose or in violation of any laws or regulations. You may not use the Services to send money to sanctioned countries or individuals on government watchlists. You may not use the Services for gambling, illegal drugs, weapons, or any other prohibited acti...
Monitoring
GitHub has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"You may not use our servers for any form of excessive automated bulk activity (including, for example, sending spam or cryptocurrency mining), to place undue burden on our servers through automated means, or to relay any form of unsolicited advertising or solicitation through our systems.— Excerpt from GitHub's GitHub Acceptable Use Policies
1) REGULATORY LANDSCAPE: This provision does not directly implicate a specific privacy or financial regulation, but unauthorized access to computer resources may engage the Computer Fraud and Abuse Act (CFAA) in US contexts. The FTC Act may be relevant where deceptive use of platform resources is involved. 2) GOVERNANCE EXPOSURE: Medium. The prohibition on cryptomining is explicit, but the phrase 'excessive automated bulk activity' is not precisely defined, creating interpretive uncertainty about the threshold at which automated CI/CD or testing pipelines could be considered a violation. This ambiguity may affect organizations with high-volume automation workflows. 3) JURISDICTION FLAGS: The prohibition applies globally to all GitHub users. There are no stated jurisdiction-specific carve-outs. Organizations operating in jurisdictions where certain automated activities are regulated (e.g., financial services automation) should assess whether their workflows could be characterized under this provision. 4) CONTRACT AND VENDOR IMPLICATIONS: Enterprise agreements with GitHub may provide clearer definitions of permissible compute use through GitHub Actions usage policies. Procurement teams should review GitHub Actions billing and usage terms alongside this prohibition to identify any conflict or clarification. 5) COMPLIANCE CONSIDERATIONS: DevOps and security teams should audit existing GitHub Actions workflows for any processes that involve resource-intensive automation, scheduled bulk operations, or third-party integrations that could constitute prohibited activity. Documentation of workflow purpose and resource consumption may support a defense against characterization as excessive use.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision directly restricts the use of GitHub Actions and other compute resources for cryptomining or automated bulk operations, which is operationally significant for DevOps teams and organizations running automated pipelines that may inadvertently approach the boundary of this prohibition.
Under this clause, any use of GitHub's server infrastructure for cryptocurrency mining or excessive automated bulk activity is prohibited and may result in content removal or account suspension. Organizations using GitHub Actions for compute-intensive workloads should evaluate their pipelines against this restriction.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by GitHub.