# XIX. Safety Perimeter ### Part 19 — Safety Perimeter, Enforcement, Appeals, Amendments, and Mandatory Disclaimers #### 1. Safety Perimeter 1.1 **Purpose.** The Safety Perimeter is the Guild’s non-negotiable boundary system. It prevents: (i) operational execution, (ii) exploit enablement, (iii) coercive or rights-violating uses, (iv) anticompetitive conduct, and (v) misrepresentation of research artifacts as certifications, advice, or enforcement directives. 1.2 **Perimeter is a release gate.** No artifact, dataset, benchmark, report, or intelligence product may be published, distributed, or represented as a Guild output unless it passes the Perimeter checks in this Part and is recorded under the Records Discipline. 1.3 **Perimeter applies to everyone.** It binds: members, contributors, reviewers, maintainers, stewards, partners, and any party receiving Controlled or Restricted outputs under distribution logs. *** #### 2. Bright-Line Prohibitions 2.1 **Prohibited operational roles.** The Guild shall not:\ 2.1.1 operate a SOC/EOC/CSIRT, incident command, or emergency coordination function;\ 2.1.2 issue real-time operator instructions for active incidents;\ 2.1.3 perform takedown coordination, enforcement routing, or coercive moderation design;\ 2.1.4 provide “security services” in the sense of managed detection/response, penetration testing services, or operational remediation; or\ 2.1.5 accept delegated authority to act on behalf of regulators, platforms, registries, or operators. 2.2 **Prohibited regulated activity.** The Guild shall not:\ 2.2.1 provide legal, regulatory, investment, or procurement advice;\ 2.2.2 make compliance determinations;\ 2.2.3 certify products, providers, organizations, or jurisdictions;\ 2.2.4 publish “approved vendor/stack” lists; or\ 2.2.5 act as a standards authority (unless and only to the extent a separate and formal standards process is established outside the Guild and explicitly recorded). 2.3 **Prohibited exploit enablement and weaponization.** The Guild shall not publish:\ 2.3.1 step-by-step exploit chains;\ 2.3.2 payloads, weaponized PoCs, or instructions materially enabling compromise;\ 2.3.3 guidance intended to defeat authentication, detection, or enforcement controls; or\ 2.3.4 operational targeting or selection criteria for harm. 2.4 **Prohibited covert or intrusive collection.** The Guild shall not:\ 2.4.1 bypass authentication;\ 2.4.2 perform destructive testing;\ 2.4.3 run harmful load;\ 2.4.4 collect non-public data through deception; or\ 2.4.5 conduct collection that reasonably constitutes surveillance rather than observatory science. 2.5 **Prohibited anticompetitive conduct.** The Guild shall not:\ 2.5.1 coordinate pricing, market allocation, hiring restraint, or other restricted topics;\ 2.5.2 create de facto boycotts or exclusion lists; or\ 2.5.3 use Guild processes to disadvantage competitors or steer procurement. 2.6 **Prohibited misrepresentation.** No party may represent:\ 2.6.1 Guild outputs as certification, legal compliance, or regulator-approved determinations;\ 2.6.2 themselves as “licensed” or “authorized” by the Guild; or\ 2.6.3 a benchmark score as proof of safety beyond stated reliance bounds. *** #### 3. Handling Classes and Distribution Controls 3.1 **Handling classes.** Every artifact is labeled as one of:\ 3.1.1 **Public-safe** — suitable for general publication;\ 3.1.2 **Controlled** — limited distribution; non-public operational sensitivity; or\ 3.1.3 **Restricted** — high sensitivity; elevated dual-use, legal, or safety risk; minimal distribution. 3.2 **Default posture.** Public-safe is the default, but any of the following elevates handling:\ 3.2.1 active exploitation risk;\ 3.2.2 vulnerability or exploit adjacency;\ 3.2.3 sensitive infrastructure targeting risk;\ 3.2.4 privacy-sensitive inferences;\ 3.2.5 legal compulsion exposure; or\ 3.2.6 benchmark tampering/coercion indicators. 3.3 **Distribution logs (mandatory for Controlled/Restricted).** Distribution must record:\ 3.3.1 artifact ID/version;\ 3.3.2 recipient identity or role marker (as permitted);\ 3.3.3 purpose and reliance bounds;\ 3.3.4 expiry/recall conditions; and\ 3.3.5 acknowledgment of non-execution and no-endorsement boundaries. 3.4 **Expiry and recall.** Controlled/Restricted distributions must include:\ 3.4.1 a time-bound expiry;\ 3.4.2 a recall mechanism; and\ 3.4.3 update propagation rules upon correction or supersession. *** #### 4. Dual-Use Safety Controls 4.1 **Dual-use assessment (required).** Each release requires a recorded assessment of:\ 4.1.1 misuse pathways;\ 4.1.2 likely adversary benefit;\ 4.1.3 operationalization effort; and\ 4.1.4 mitigation through abstraction, delay, redaction, or coordinated disclosure. 4.2 **Safe-detail levels.** Publication must follow safe-detail constraints:\ 4.2.1 methods and findings may be shared;\ 4.2.2 enabling specifics are reduced to the minimum needed for scientific integrity;\ 4.2.3 where needed, detail moves to Controlled/Restricted with explicit purpose and expiry. 4.3 **“Do not publish / do not deploy if…” gates.** A release is blocked if:\ 4.3.1 it materially increases exploitability without offsetting safety;\ 4.3.2 it enables coercive or discriminatory outcomes;\ 4.3.3 it cannot be contested or corrected; or\ 4.3.4 integrity checks (anti-tamper, provenance, reproducibility minima) fail. 4.4 **Stop-the-line authority.** The Integrity Steward may impose an immediate temporary hold on any release or distribution if safety thresholds are exceeded. The hold must be recorded with reasons, scope, and review clock. *** #### 5. AI-Assisted Work Controls 5.1 **Disclosure.** AI assistance used in analysis, drafting, code generation, or summarization must be disclosed in the artifact metadata where material to reliance. 5.2 **Verification.** AI-assisted outputs must be independently verified to a standard appropriate to the artifact’s reliance bounds and handling class. 5.3 **Hallucination zero tolerance for claims.** Claims of fact, measurements, benchmarks, or standards alignment must be traceable to sources, test outputs, or reproducible steps. Unverifiable claims must be labeled as hypothesis or removed. 5.4 **No confidential paste rule.** Controlled/Restricted material shall not be pasted into external tools or systems lacking handling and logging controls. *** #### 6. Misrepresentation, Badge Misuse, and Takedown 6.1 **Permitted markings only.** Only Guild-authorized quality markings may be used, exactly as defined, and only for the specific artifact/version recorded. 6.2 **Misuse detection.** The Guild may monitor public representations for:\ 6.2.1 false “certified by” statements;\ 6.2.2 altered screenshots;\ 6.2.3 benchmark score inflation; and\ 6.2.4 implied endorsements. 6.3 **Takedown protocol.** Upon confirmed misuse, the Guild may:\ 6.3.1 issue a correction notice;\ 6.3.2 require removal or retraction;\ 6.3.3 revoke access and membership standing; and\ 6.3.4 publish a public-safe clarification where necessary to prevent harm. 6.4 **No retaliation.** Good-faith reporting of misrepresentation and safety issues is protected participation. *** #### 7. Enforcement Triggers and Ladder 7.1 **Enforcement triggers.** Enforcement may be initiated for:\ 7.1.1 handling breaches;\ 7.1.2 dual-use violations;\ 7.1.3 exploit enablement;\ 7.1.4 prohibited collection;\ 7.1.5 antitrust/competition breaches;\ 7.1.6 harassment or discrimination;\ 7.1.7 IP or licensing violations;\ 7.1.8 benchmark tampering; or\ 7.1.9 repeated quality gate failures with material risk. 7.2 **Enforcement ladder.** Actions may include:\ 7.2.1 warning with corrective requirements;\ 7.2.2 suspension from lanes (e.g., reviewer/maintainer);\ 7.2.3 removal from governance roles;\ 7.2.4 revocation of Controlled/Restricted access;\ 7.2.5 expulsion and platform ban; and\ 7.2.6 public clarification where required for safety. 7.3 **Recorded reasons.** All enforcement actions must be recorded with:\ 7.3.1 the trigger category;\ 7.3.2 evidence basis;\ 7.3.3 the action taken;\ 7.3.4 scope and duration; and\ 7.3.5 appeal route and deadline. *** #### 8. Appeals and Due Process 8.1 **Right to appeal.** Affected parties may appeal enforcement actions within the published appeal window. 8.2 **Appeals posture.** Appeals shall be:\ 8.2.1 timely;\ 8.2.2 evidence-based;\ 8.2.3 minimally disclosive (protecting identities where lawful); and\ 8.2.4 recorded with outcomes and reasoning. 8.3 **Interim safety controls.** During appeal, safety-critical restrictions (e.g., access removal) may remain in force if necessary to prevent harm. *** #### 9. Incident Registers and Public-Safe Transparency 9.1 **Incident registers.** The Guild maintains registers for:\ 9.1.1 integrity incidents;\ 9.1.2 disclosure incidents;\ 9.1.3 correction failures;\ 9.1.4 benchmark disputes; and\ 9.1.5 handling breaches. 9.2 **Transparency minima.** A public-safe summary may be published when necessary to:\ 9.2.1 prevent ongoing harm;\ 9.2.2 correct widespread misrepresentation; or\ 9.2.3 preserve trust in benchmarks and releases—while protecting sensitive details and identities. *** #### 10. Amendments, Change Control, and Supersession 10.1 **Amendment authority.** The Charter may be amended only through recorded change control satisfying:\ 10.1.1 documented rationale;\ 10.1.2 compatibility assessment;\ 10.1.3 safety and antitrust review; and\ 10.1.4 publication of a supersession notice. 10.2 **No silent edits.** Changes must:\ 10.2.1 preserve prior versions;\ 10.2.2 disclose what changed and why;\ 10.2.3 define transition logic; and\ 10.2.4 update references and distribution recall where applicable. 10.3 **Emergency amendments.** If an urgent safety issue is discovered, a temporary emergency amendment may be issued with:\ 10.3.1 narrow scope;\ 10.3.2 defined expiry; and\ 10.3.3 mandatory review into permanent form or withdrawal. *** #### 11. Mandatory Disclaimers and Reliance Controls 11.1 **Non-endorsement and non-certification.** Guild outputs are research-grade, correctionable artifacts. They do not constitute certification, approval, endorsement, or regulatory determination. 11.2 **No advice.** Nothing in Guild outputs constitutes legal, regulatory, procurement, investment, medical, or operational security advice. Users must obtain appropriate professional counsel and perform independent verification. 11.3 **As-is and correctionable.** Outputs are provided “as is,” with explicit versioning, limitations, uncertainty disclosure, and correction/supersession mechanisms. Users are responsible for tracking updates. 11.4 **Adoption responsibility.** Adopters are responsible for lawful basis, safety testing, local compliance, deployment controls, and outcomes under their authority. 11.5 **No implied agency.** Nothing creates agency between GCRI Canada and GCRI US, the Guild and any partner, or the Guild and any regulator/operator/standards body. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.therisk.global/organization/cooperation/nexus-guilds/future-of-web/xix.-safety-perimeter.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.