Prox OS Internal Docs
TrustTrust Safety

Trust And Safety Overview

Trust and Safety is a product boundary capability for Prox OS. It is not a late-stage paperwork layer. It shapes which surfaces can become public, which ones re

Trust and Safety is a product boundary capability for Prox OS. It is not a late-stage paperwork layer. It shapes which surfaces can become public, which ones remain private, and what operational readiness is required before Prox Cloud hosts user content at scale.

This guidance is product and operations guidance. It is not a formal compliance determination.

Product Posture

  • Prox OS is private-first in early stages.
  • Self-hosting should remain clear and operator-owned.
  • Prox Cloud should launch in stages, starting with private and invite-only hosted workspaces.
  • Public user-generated content is not enabled by default.
  • Public Spaces, public profiles, comments, recommendations, and open app submission require launch gates before production rollout.
  • AI agents, connectors, and future workflow execution require explicit scopes, human confirmation for sensitive actions, revocation paths, cost limits, and audit logs before they become production capabilities.

Data Sovereignty Posture

The trust story is not only moderation. It is also user agency:

Promise directionTrust implication
Own your dataDo not hide user-owned Space, source, connector, or app data behind unclear platform custody.
Export your dataFuture hosted features need export paths before they become durable systems of record.
Delete your dataPrivacy request handling and deletion workflows must be defined before broad hosted scale.
Audit your agentsAgent reads, writes, tool calls, costs, and approval decisions should become visible events.
Move your appsApp manifests, BYO GitHub, BYO deployment, and portable interfaces reduce platform lock-in.

See EU GDPR Baseline for the privacy-by-design and European data sovereignty baseline.

What This Area Owns

  • Product boundaries for public and private surfaces.
  • Abuse reporting and takedown readiness.
  • Self-hosting and hosted-content responsibility boundaries.
  • Region profile notes for global availability and CN Lite constraints.
  • Public UGC launch gates.
  • Trust Center user-facing messaging.

On this page