I would not have anticipated all of those and I appreciated the heads up. If you're offering an API to the public at large like this, yes, I would default towards assuming it was relatively open barring notice to the contrary. When you make it really easy to start sending requests and bury all the terms in conditions in fine print, that's something of an anti-pattern.
Especially when talking about the kind of API most likely to be used by clever teenagers on a fansite.
Especially when talking about the kind of API most likely to be used by clever teenagers on a fansite.