Prompt Cards

Create an incident response plan specific to AI: detection, containment, user comms, rollback, forensic logging, and post-incident retraining rules. Include severity levels and example incidents.

Define monitoring signals: policy violations, anomaly detection, tool misuse attempts, unusual output distributions, and drift. Provide alert thresholds, runbooks, and an on-call playbook.

Design a continuous red team program: scenarios, cadence, severity scoring, triage workflow, and how findings feed back into the improvement loop. Include a template for red-team reports.

Create a safety regression suite: prompt injection tests, data leakage tests, refusal/guardrail tests, and policy adherence checks. Include how to maintain and evolve the suite over time.

Design an offline sandbox environment for experimenting with improvements: isolated data, limited tools, no external side effects, and deterministic replay. Provide a checklist for containment.

Design an evaluation ladder for recursive improvement: unit tests, integration tests, simulation, canaries, and production monitoring. Provide pass/fail gates and minimum coverage targets.

Create a boundary model that separates: advisory outputs, drafts, and automated actions. Include criteria for graduating features from advice→action, and safety evidence required.

Define where humans must remain in the loop: high-impact actions, security-sensitive steps, and ambiguous decisions. Provide a decision taxonomy and UI/ops requirements for approval workflows.

Write a behavioral contract for the system: allowed actions, forbidden actions, escalation rules, and acceptable uncertainty. Include examples and counterexamples to reduce ambiguity.

Create an RFC-style change control process tailored to recursive AI: what must be documented, reviewers, rollout plan, rollback triggers, and postmortem requirements. Provide a reusable RFC template.

Design a safety-gated iteration loop: propose→simulate→test→review→deploy→monitor. Include stage gates, required evidence at each gate, and ‘stop conditions’ that automatically halt rollout.

Perform a structured threat model (STRIDE-style or similar) for a recursive AI pipeline. Cover misuse, data exfiltration, prompt injection, model drift, and over-automation. Output mitigations and test cases.