diff --git a/BlazorDiffusion.ServiceInterface/CreativeService.cs b/BlazorDiffusion.ServiceInterface/CreativeService.cs
index beb0b52..a72a2ba 100644
--- a/BlazorDiffusion.ServiceInterface/CreativeService.cs
+++ b/BlazorDiffusion.ServiceInterface/CreativeService.cs
@@ -10,7 +10,6 @@
 using Microsoft.AspNetCore.Mvc.RazorPages;
 using ServiceStack;
 using ServiceStack.Auth;
-using ServiceStack.Html;
 using ServiceStack.IO;
 using ServiceStack.Logging;
 using ServiceStack.OrmLite;
@@ -70,6 +69,26 @@ public async Task<object> Post(CreateCreative request)
     {
         var session = await SessionAsAsync<CustomUserSession>();
         var userId = session.GetUserId();
+        var userAuth = (AppUser)await AuthRepositoryAsync.GetUserAuthAsync(session.UserAuthId);
+
+        var requestLower = request.UserPrompt.ToLower();
+        foreach (var banWord in AppConfig.Instance.BanWords)
+        {
+            if (requestLower.Contains(banWord))
+            {
+                if (userAuth.LockedDate == null)
+                {
+                    userAuth.LockedDate = DateTime.UtcNow;
+                    await AuthRepositoryAsync.SaveUserAuthAsync(userAuth);
+                }
+                break;
+            }
+        }
+        if (userAuth.LockedDate != null)
+        {
+            throw HttpError.Forbidden("Account is locked");
+        }
+
         var userRoles = await session.GetRolesAsync(AuthRepositoryAsync);
 
         var modifiers = await Db.SelectAsync<Modifier>(x => Sql.In(x.Id, request.ModifierIds));
diff --git a/BlazorDiffusion.ServiceModel/AppConfig.cs b/BlazorDiffusion.ServiceModel/AppConfig.cs
index 53b1ad8..146de38 100644
--- a/BlazorDiffusion.ServiceModel/AppConfig.cs
+++ b/BlazorDiffusion.ServiceModel/AppConfig.cs
@@ -22,6 +22,13 @@ public class AppConfig
     public string R2Account { get; set; }
     public string AssetsBasePath { get; set; }
     public string FallbackAssetsBasePath { get; set; }
+    public HashSet<string> BanWords { get; set; } = new(StringComparer.OrdinalIgnoreCase)
+    {
+        "panties",
+        "breasts",
+        "hispanic",
+    };
+
     /// <summary>
     /// Ignore saving creatives + pre-rendering pages to avoid Hot Reload reloading page
     /// </summary>
diff --git a/BlazorDiffusion.ServiceModel/Creatives.cs b/BlazorDiffusion.ServiceModel/Creatives.cs
index 27b20e2..f0fbabf 100644
--- a/BlazorDiffusion.ServiceModel/Creatives.cs
+++ b/BlazorDiffusion.ServiceModel/Creatives.cs
@@ -1,6 +1,7 @@
 using System;
 using System.Collections.Generic;
 using System.IO;
+using System.Runtime.Serialization;
 using ServiceStack;
 using ServiceStack.DataAnnotations;
 
@@ -65,6 +66,14 @@ public class QueryCreatives : QueryDb<Creative>
     public int? OwnerId { get; set; }
 }
 
+[Route("/creatives")]
+[DataContract]
+public class Creatives : IReturn<Creatives>
+{
+    [DataMember]
+    public List<Creative> Items { get; set; }
+}
+
 [Tag(Tag.Creatives)]
 public class GetCreative : IGet, IReturn<GetCreativeResponse>
 {