Safety classifications

One profile. No escape hatch.

  • read (navigation, assertions): always allowed
  • write-low (form input, drafts): allowed
  • write-high (delete, purchase, transfer): blocked unconditionally

The runtime enforces a single policy profile (controlled-web). There is no CLI flag, environment variable, or API argument to weaken it. Sensitive input (passwords, credit cards) is blocked unless explicitly allowed per-call.

How it works

The gate is in the same process as the browser.

The safety check runs in the same V8 isolate as the executor. There's no way to bypass it. The agent can't skip the check, can't call the DOM directly, can't sneak past with a raw script. If the policy says block, the step doesn't execute. Every allow and every block is signed and logged.

The NLP compiler infers intent: "delete the user account" is classified as write-high and blocked under the default profile. "type my password" is blocked unless allowSensitiveInput: true is explicitly set.

VITRON-EA1 is designed as an open standard. Other runtimes can implement conformance via signed verification keys. Specification available on request.

Audit trail

Cryptographically chained evidence packs.

Each run produces a SHA-256 chained event log: every step, every policy decision, every DOM snapshot. Ed25519-signable, replayable, and reviewable. Built for regulated workflows where "trust me" is not a valid answer.

  • SHA-256 integrity hash per run
  • Ed25519 signable for non-repudiation
  • JSON-formatted for CI/CD consumption
  • Generated locally, never transmitted

For regulated environments

Air-gapped. WCAG. NIST 800-53.

Alethia includes built-in compliance audits that run inside the same runtime with no external dependencies, no network calls.

  • alethia_audit_wcag: WCAG 2.1 AA, 14 criteria, Section 508 ready
  • alethia_audit_nist: NIST SP 800-53 security controls, AC/IA/SI families
  • alethia_export_session: signed evidence pack export