Legal · Responsible AI
Responsible AI Policy
Last updated: April 2026
Principles
- Evaluate before you deploy. No agent ships to production without a scorecard and a rollback path.
- Governance at runtime, not just in policy. The platform enforces what the policy document promises.
- Provenance by default. Every change is signed, versioned, and replayable.
- Human in the loop where it matters. High-impact actions require approval. We publish the default thresholds.
- Honest limitations. We state readiness level per domain. We state when a score is a proxy rather than ground truth.
Prohibited uses
- Autonomous clinical diagnosis or treatment without a regulated partner.
- Credit, insurance, or employment decisions that disadvantage protected groups.
- Generation of content that violates applicable law, including CSAM and illegal weapons design.
- Social scoring systems as defined by the EU AI Act.
- Disinformation, impersonation, or deceptive persuasion at scale.
Model providers
We are model-agnostic. Providers are selected per case for capability, safety, and cost. Prompts to third-party model APIs are governed by that provider's terms and our DPA. Single-tenant deployments can restrict providers per policy.
Evaluation integrity
- Judges are rotated and calibrated quarterly.
- Held-out splits prevent contamination.
- Scoring outputs are signed and versioned.
- See /leaderboard/methodology.
Red-teaming
Every agent that appears on the public leaderboard passes an Agent 007 red-team suite. Enterprise deployments extend this with domain-specific adversarial cases.
Incident response
If an agent causes harm, we will (i) freeze the affected tool and version, (ii) notify customers within 72 hours where material, (iii) publish a post-mortem on the blog.
Contact
Policy questions: hello@xploreintelligence.co.uk (subject: Responsible AI).