Prox OS Internal Docs
ProductClientsDevice Studio

Mobile Policy Boundaries

This document is product and engineering policy guidance. It is not legal

Status

This document is product and engineering policy guidance. It is not legal advice and it does not determine App Store or Google Play approval.

Core Risk

Mobile app stores are more sensitive to dynamic code, mini apps, user-generated content, payments, native API exposure, age ratings, moderation, privacy claims, and developer-distributed experiences than a web-only product.

A future Prox OS native companion app must not become an unreviewed app marketplace.

Product Rules

  • Dynamic mobile views are render-only by default.
  • Mobile dynamic UI should use Studio View JSON and trusted blocks.
  • Do not execute arbitrary remote JavaScript or uploaded React bundles inside a native companion app.
  • Do not expose native APIs directly to user-generated mini experiences.
  • Use permission manifests and host-mediated actions.
  • Keep native permission copy visible near the action that needs it.
  • Treat publish, deploy, external write, payment, sharing, destructive edit, and sensitive connector actions as high-impact.
  • Do not claim store approval, privacy compliance, or platform compatibility before review and testing.

Risk Areas

AreaRiskEarly mitigation
Dynamic codeStore policies may reject unreviewed executable code or app-like runtimes.Use declarative Studio View JSON and trusted renderer blocks.
Mini appsA mini app platform implies review, metadata, reporting, and policy enforcement.Use Gallery, Templates, Verified Views, and Dynamic Blocks first.
UGCPublic user content requires reporting, takedown, moderation, and age/content posture.Keep early mobile private-first and reviewed where public.
PaymentsIn-app purchases and external payment links have strict platform rules.Do not add mobile payment flows until product, legal, and platform policy are ready.
Native APIsCamera, contacts, photos, files, background upload, and notifications need clear purpose.Ask for permission at the moment of need and keep actions host-mediated.
AI actionsAI suggestions can modify or publish content if not constrained.Require explicit approval, provenance, and audit for high-impact actions.
ConnectorsConnector data may include sensitive personal or business context.Show source, scope, retention, and permission boundaries.

Future Requirements Before Native Distribution

RequirementWhy it matters
Content reportingRequired before public or community-distributed mobile content scales.
Block / mute / hide controlsLets users control exposure to people, Spaces, and shared content.
Age rating metadataNeeded for public Gallery, mini experiences, and store review posture.
Permission descriptionsUsers and reviewers need clear purpose for camera, photos, contacts, push, files, and AI actions.
App / view metadataRequired for review, discovery, support, and takedown.
Takedown flowNeeded for hosted public content and policy enforcement.
Audit logRequired for sensitive approvals, AI actions, external writes, publish, deploy, and permissions.
Privacy policyRequired before native permissions, accounts, analytics, push, or uploads are shipped.
Terms and developer agreementNeeded before third-party publishing, templates, mini experiences, payments, or public submissions.

Store Review Posture

Future mobile review material should explain:

  • Prox OS is web-first and Runtime-first.
  • The native app, if shipped, is a companion shell.
  • Dynamic views are data-rendered and constrained by a host renderer.
  • User-generated experiences do not receive direct native API access.
  • High-impact actions require explicit user approval.
  • Public content and templates are governed by metadata, reporting, and takedown workflows before broad distribution.

Not Now

  • No native app submission.
  • No mobile App Store or mini app marketplace.
  • No third-party code execution in native mobile.
  • No native payment flow.
  • No public UGC launch through mobile without reporting and takedown readiness.

On this page