AIUC-1 Safety Controls
Enforce AIUC-1 Domain C requirements — prevent harmful, out-of-scope, and high-risk AI outputs. Includes output vulnerability prevention and risk monitoring.
About This Policy Template
Comprehensive AIUC-1 Domain C compliance pack covering controls C003–C008. Prevents harmful AI outputs including self-harm content, hostile responses, offensive or discriminatory language, deceptive content, and high-risk advice without disclaimers. Blocks out-of-scope outputs like political discussion and unauthorized domain advice. Detects output vulnerabilities including SQL injection, XSS, unsafe URLs, and command injection in AI-generated code. Flags high-risk recommendations for human review and monitors for anomalous output patterns. Essential for organizations deploying customer-facing or safety-critical AI systems.
Policy Rules(14)
Critical Severity
(5)Command Injection in AI Output
Detect command injection patterns in AI-generated content (AIUC-1 C006)
Distressed or Self-Harm Content
Detect AI output that could encourage self-harm or cause distress (AIUC-1 C003)
Offensive or Discriminatory Content
Detect offensive, discriminatory, or biased content in AI output (AIUC-1 C003)
SQL Injection in AI Output
Detect SQL injection vulnerabilities in AI-generated code (AIUC-1 C006)
XSS Vulnerability in AI Output
Detect cross-site scripting vulnerabilities in AI-generated content (AIUC-1 C006)
High Severity
(7)Angry or Hostile Response
Detect angry, hostile, or confrontational language in AI output (AIUC-1 C003)
Custom Risk Category Violation
Detect AI output that falls into enterprise high-risk categories (AIUC-1 C005)
Deceptive or Misleading Content
Detect deliberately deceptive or misleading information in AI output (AIUC-1 C003)
High-Risk Advice Without Disclaimer
Detect high-risk medical, legal, or financial advice without disclaimers (AIUC-1 C003)
High-Risk Recommendation Flagging
Flag high-risk recommendations requiring human review (AIUC-1 C007)
Unauthorized Domain Advice
Detect AI output providing advice outside its intended domain (AIUC-1 C004)
Unsafe URL in AI Output
Detect unsafe URLs or embedded scripts in AI output (AIUC-1 C006)
Medium Severity
(2)Anomalous Output Pattern
Detect anomalous AI behavior patterns indicating system issues or manipulation (AIUC-1 C008)
Political Discussion in AI Output
Detect political discussion outside the AI system's intended purpose (AIUC-1 C004)
Enforcement by Integration
What happens when a violation is detected, based on the enforcement mode and integration type.
| Integration | Block | Approval | Warn | Monitor |
|---|---|---|---|---|
Version Control GitHub, GitLab, Bitbucket | Fail check run / merge request status | Pending check run — held for review | Neutral check run / comment on PR | Pass check run (silent) |
Email — Gmail Gmail | Quarantine label; + violation label (outbound) | Quarantine label — held for review | Add warning label | Log only |
Email — Outlook Outlook | Move to quarantine folder; + flag (outbound) | Move to quarantine — held for review | Flag + categorize | Log only |
Messaging Slack, Teams | Post violation warning in channel | Post 'held for review' warning | Post warning in channel | Log only |
Storage Google Drive, Dropbox, OneDrive | Move file to quarantine folder | Quarantine file — held for review | Log only | Log only |
AI Proxy OpenAI, Anthropic, Gemini, MCP, Agent | Block request (return 403) | Hold request — return review ID | Allow request + audit trail | Log only |
API REST API | Return BLOCK outcome (client decides) | Return APPROVAL_REQUIRED + poll URL | Return WARN outcome | Log only |
Version History
1 version published
Initial release
Ready to Install AIUC-1 Safety Controls?
Get started with pre-built governance policies in minutes.