[Solved] Unauthorised Commercial Use and License Violation of AGPLv3 MCP Server

[rawveg]

You are currently offering unauthorised commercial access to my Hacker News MCP Server via your paywalled platform LobeHub, in direct contravention of the licensing terms under which the software is released.

The code in question is licensed under the GNU Affero General Public License v3.0 (AGPLv3). Under this license, anyone who uses, modifies, or distributes the software—whether standalone or over a network—is required to provide full access to the corresponding source code under the same licence, including to users who access the service remotely. Further, you are not permitted to use or integrate the software into a monetised service without explicit written permission and a commercial licence, which you have neither sought nor obtained.

Let me be extremely clear:

You are in violation of the AGPLv3 licence terms and of the additional Commercial Use clause explicitly outlined in the repository’s LICENSE notice and README.

As stated in the license notice:

“If you want to use or deploy this code in any form as part of a monetised service to others… you need to contact me for permission – which will only be granted following payment of the appropriate licensing fee.”

You have failed to do so. You are profiting off my labour, gating open-source software behind your paywall, and in doing so you are actively undermining the principles of open access and copyleft that the AGPLv3 exists to protect.

You are hereby formally instructed to:

1. Immediately remove the unauthorised listing of my MCP Server from your platform.
2. Cease and desist from any commercial use of my AGPLv3-licensed code without a commercial license.
3. Publicly acknowledge the removal and provide confirmation that no further unauthorised use will occur.
4. Alternatively, contact me to arrange appropriate licensing terms and payment should you wish to continue offering this tool via a commercial platform.

If these steps are not taken within 7 calendar days, I will pursue further action. This may include reporting to your platform hosts and GithHub for ToS violation, pursuing DMCA takedown notices, and publicly documenting the infringement.

You do not get to repackage my open-source work for profit without respecting its licence. Your platform’s business model does not exempt you from following the law.

[arvinxx]

Dear rawveg,

Thank you for bringing this matter to our attention. We take licensing compliance very seriously and appreciate you taking the time to clarify the situation regarding your Hacker News MCP Server.

I want to address your concerns directly:

1. Immediate Action Taken: We have already removed your MCP Server from our platform listing as requested. This action was completed promptly upon receiving your notice.

2. Clarification on Our Role: We want to clarify that we did not repackage or modify your software in any way. Our platform serves solely as a distribution channel to help developers like yourself share their MCP servers with the community at no cost. We act as a facilitator, not as a redistributor of modified code.

3. No Monetization of Your Work: Importantly, we have not charged any fees specifically for access to or use of your MCP Server. The tool was made available to users completely free of charge through our platform.

We understand and respect the importance of open-source licensing terms, particularly the AGPLv3 and your additional commercial use restrictions. It was never our intention to violate these terms or to profit from your work without proper authorization.

We sincerely apologize for any confusion or concern this situation may have caused. Your work and licensing preferences are important to us, and we are committed to ensuring full compliance with all licensing requirements.

If you have any further questions or would like to discuss potential collaboration under appropriate licensing terms in the future, please don't hesitate to reach out to us directly by email( hello@lobehub.com ) or discord (my account id is arvinxu ).

Thank you for your understanding, and we appreciate your contribution to the open-source community.

[rawveg]

Thank you for your prompt response and for removing the unauthorised listing — I appreciate the swift corrective action.

While I note your clarification that you did not modify or charge directly for my MCP server, I must respectfully point out that making it available through a gated, monetised platform constitutes a form of commercial deployment, regardless of whether the specific endpoint was paywalled. AGPLv3 — particularly when paired with an explicit commercial use restriction like mine — extends to network interactions facilitated through infrastructure that derives commercial value, and not just code distribution.

The intent behind this isn’t pedantry. It’s to protect creators from having their open work absorbed into systems that lock access behind payments — even if indirectly — while bypassing licensing obligations or consent.

That said, I appreciate your courteous tone and willingness to address the matter. I consider the issue resolved for now, and I hope this serves as a useful reminder to others hosting AGPLv3 networked software: facilitator or not, consent and licensing clarity matter.

Should you wish to explore appropriate licensing in future, I’m open to discussion — but only when initiated transparently, and with the intent to respect both the spirit and letter of open-source licensing.

Kind regards,
Tim Green (rawveg)

[arvinxx]

Hi Tim,

Thank you again for your thoughtful and constructive response — we truly appreciate your engagement and your commitment to upholding open-source licensing standards.

We wanted to respectfully offer a clarification regarding one key point you mentioned: that making your MCP Server available via a “gated, monetised platform” might constitute a form of commercial deployment.

We 100% understand and respect your concern. However, we’d like to clarify that our platform does not host, proxy, or run your MCP Server on our infrastructure in any way.

Instead:

• Users who discover your MCP Server via LobeHub Marketplace install and run it entirely on their own local machines — either via our desktop app, or self-hosted web interface.
• All communication with the MCP Server, including agent registration or message routing, is executed on the client side. We do not provide backend infrastructure to serve or relay interactions with your software.
• Therefore, LobeHub merely acts as a metadata registry — similar to npm or PyPI — helping users locate and deploy tools on their own, rather than constituting a hosted SaaS-style deployment from our servers.

We hope this helps demonstrate that our setup does not fall within the scope of “network software deployment” as regulated by AGPLv3, since no service is being operated or accessed through our servers — nor is any derived work being served remotely.

That said, we’re grateful for your feedback and take it as an opportunity to increase transparency and caution moving forward. We are also planning clearer license attribution and guidance across Marketplace listings to better reflect developers’ intentions and legal boundaries.

Again, we fully respect your licensing terms — both AGPLv3 and your additional commercial use condition — and we hope we can stay in positive contact to explore future opportunities that benefit both developers and the broader community.

Warm regards,
Arvin Xu

[rawveg]

Hi Arvin,

Thank you for your clarification — I appreciate the time you’ve taken to explain your platform’s architecture and your intentions.

However, I do need to reiterate that licensing isn’t just about hosting. My concern lies in the commercial use of my software as part of your platform’s offering, not where it technically runs.

LobeHub listed my MCP server under your brand, provided usage instructions, and presented it alongside other tools that contribute to the perceived value of your gated, monetised platform. That constitutes a derived commercial benefit — even if you didn’t charge directly for access to my specific tool.

This distinction matters. In the same way that companies using open-source components in distributed software are required to explicitly acknowledge and comply with each component’s licence, platforms like yours must recognise that discoverability and inclusion within a monetised ecosystem carry similar obligations — particularly when licensing terms extend beyond AGPLv3’s baseline.

I do appreciate your responsiveness in addressing the issue and your willingness to clarify your approach. I hope this exchange proves useful as you continue refining how third-party tools are represented on your platform, particularly in light of more restrictive licensing conditions — and of course, this wouldn’t be an issue had the project used a more permissive licence such as GPL or MIT. For me the important part is that I reported the issue and you took action, and I cannot fault you there. I wish you and LobeHub every success.

Best regards,

Tim Green