AIUC-1 Societal Safety Controls
Enforce AIUC-1 Domain F requirements — prevent AI-enabled cyber attacks and catastrophic misuse including CBRN threats.
About This Policy Template
AIUC-1 Domain F compliance pack covering controls F001 and F002. Prevents AI-enabled cyber misuse by detecting malware or exploit generation, blocking attack planning assistance, and flagging vulnerability exploitation content. Prevents catastrophic misuse by detecting CBRN (chemical, biological, radiological, nuclear) instruction content, blocking mass harm planning, and flagging dual-use research exploitation. These controls address the most severe societal risks from AI systems and are essential for any organization deploying general-purpose AI models or code generation systems.
Policy Rules(6)
Critical Severity
(4)Attack Planning Assistance
Detect AI output providing strategic guidance for cyber attacks (AIUC-1 F001)
CBRN Instruction Detection
Detect instructions for chemical, biological, radiological, or nuclear weapons (AIUC-1 F002)
Malware or Exploit Generation
Detect AI output generating malware, exploits, or offensive cyber tools (AIUC-1 F001)
Mass Harm Planning
Detect guidance that could facilitate mass casualty events (AIUC-1 F002)
High Severity
(2)Dual-Use Research Exploitation
Detect dual-use scientific information in potentially weaponization context (AIUC-1 F002)
Vulnerability Exploitation Guidance
Detect vulnerability exploitation content and proof-of-concept code (AIUC-1 F001)
Enforcement by Integration
What happens when a violation is detected, based on the enforcement mode and integration type.
| Integration | Block | Approval | Warn | Monitor |
|---|---|---|---|---|
Version Control GitHub, GitLab, Bitbucket | Fail check run / merge request status | Pending check run — held for review | Neutral check run / comment on PR | Pass check run (silent) |
Email — Gmail Gmail | Quarantine label; + violation label (outbound) | Quarantine label — held for review | Add warning label | Log only |
Email — Outlook Outlook | Move to quarantine folder; + flag (outbound) | Move to quarantine — held for review | Flag + categorize | Log only |
Messaging Slack, Teams | Post violation warning in channel | Post 'held for review' warning | Post warning in channel | Log only |
Storage Google Drive, Dropbox, OneDrive | Move file to quarantine folder | Quarantine file — held for review | Log only | Log only |
AI Proxy OpenAI, Anthropic, Gemini, MCP, Agent | Block request (return 403) | Hold request — return review ID | Allow request + audit trail | Log only |
API REST API | Return BLOCK outcome (client decides) | Return APPROVAL_REQUIRED + poll URL | Return WARN outcome | Log only |
Version History
1 version published
Initial release
Ready to Install AIUC-1 Societal Safety Controls?
Get started with pre-built governance policies in minutes.