A decision of uploading a certain script..

[caftpx10]

I've developed a script on a different server which displays cookie information. This cookie information displayed can be grabbed from an other site by creating a link including document.cookie (XSS injection).
All my script does is display each cookie in a list by exploding, doing some maths and all of that fun stuff, displays if it is vulnerable or not and also has a page (when going directly to it) for how to test this along with some other things.
It doesn't log anything to the database nor file as that is a very bad thing to do and I don't want my script to do that (kind of defeats the purpose of it).
The disclaimer on the script states that the script should ONLY be used by web developers or security enthusiast's to test their scripts and patch it.

Just a recap:

• It does not log the cookie values or names
• The link visitor (dev) can see THEIR own cookies (if the vulnerability is successful on the origin site of course, else there would be a message saying that it may not be vulnerable)
• Useful tool for web developers

As I've got this fully working, I'm wanting to put it up on my site as a project but I'm concerned if it would violate the ToS in a way so I decided to post here about it to see what you guys think.
I know that you can't really trust anyone on the internet unless you know them in real life, but it's good to ask when it comes to this.
I'm more than happy to provide screenshots if required.

EDIT: By page (for the testing part), I mean that it is on the actual same script.

 

[caftpx10]

 

[Livewire]

As much as it's in a gray part of the ToS, I'd personally suggest not operating one like this, just to be safe. If it ends up being determined by senior staff/admins that it's against ToS, it'd be in line for immediate suspension, so this is definitely one of those "play it safe and don't" deals.

 

[caftpx10]

It is one of those things where it could or could not which was the reason I asked here.
Thanks for informing me that.