ilia/atlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
atlas/docs/SAFETY_CONSTRAINTS.md

2.4 KiB
Raw Blame History

Safety Constraints

This document defines the safety constraints and boundaries for the Atlas home voice agent, particularly concerning the separation between the "work" and "family" agents.

Guiding Principle: Strict Separation

The system is designed to enforce a strict separation between the work agent and the family agent. The family agent should never be able to access, modify, or interfere with any work-related data, files, or applications.

Forbidden Actions for the Family Agent

The following actions are strictly forbidden for the family agent and its tools:

  • Accessing Work Files: The family agent cannot read, write, or list files in any directory related to the work agent or any other work-related project.
  • Accessing Work Services: The family agent cannot make requests to any local or remote services that are designated for work use.
  • Executing Shell Commands: The family agent and its tools are not allowed to execute arbitrary shell commands.
  • Installing Packages: The family agent cannot install software or packages.

Tool and File System Access

Path Whitelists

  • Tools are only allowed to access files and directories that are explicitly on their whitelist.
  • The family-agent-config repository is the primary location for the family agent's configuration and data.
  • The home tasks tool, for example, is only allowed to access the family-agent-config/tasks/home/ directory.

Network Access

  • Local Network: By default, tools are only allowed to access services on the local network.
  • External Network: Access to the external internet is blocked by default and only allowed for specific, approved tools (see PRIVACY_POLICY.md).

Confirmation Flows

Certain actions, even when allowed, require explicit user confirmation. These include, but are not limited to:

  • Sending Emails or Messages: Any action that sends a communication to another person.
  • Making Purchases: Any action that involves financial transactions.
  • Modifying System Settings: Any action that changes the configuration of the agent or the system it runs on.

Work Agent Constraints

While the work agent has more permissions, it is also subject to constraints:

  • No Access to Family Data: The work agent is not allowed to access the family-agent-config repository or any family-related data.
  • Approval for Sensitive Actions: The work agent also requires user confirmation for high-risk actions.