惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

V
Vulnerabilities – Threatpost
V
V2EX
GbyAI
GbyAI
Recent Announcements
Recent Announcements
Microsoft Security Blog
Microsoft Security Blog
阮一峰的网络日志
阮一峰的网络日志
Hugging Face - Blog
Hugging Face - Blog
T
Tailwind CSS Blog
Y
Y Combinator Blog
C
Check Point Blog
爱范儿
爱范儿
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
美团技术团队
雷峰网
雷峰网
IT之家
IT之家
WordPress大学
WordPress大学
V
Visual Studio Blog
Microsoft Azure Blog
Microsoft Azure Blog
MyScale Blog
MyScale Blog
N
News and Events Feed by Topic
罗磊的独立博客
S
SegmentFault 最新的问题
S
Security Affairs
aimingoo的专栏
aimingoo的专栏
F
Fortinet All Blogs
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
H
Hacker News: Front Page
Google DeepMind News
Google DeepMind News
B
Blog
O
OpenAI News
C
Cisco Blogs
Simon Willison's Weblog
Simon Willison's Weblog
The Last Watchdog
The Last Watchdog
Hacker News: Ask HN
Hacker News: Ask HN
博客园_首页
人人都是产品经理
人人都是产品经理
C
Cybersecurity and Infrastructure Security Agency CISA
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Help Net Security
Help Net Security
月光博客
月光博客
J
Java Code Geeks
L
LangChain Blog
博客园 - 司徒正美
Stack Overflow Blog
Stack Overflow Blog
Security Archives - TechRepublic
Security Archives - TechRepublic
Apple Machine Learning Research
Apple Machine Learning Research
T
The Exploit Database - CXSecurity.com
N
News and Events Feed by Topic
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More

Hacker News - Newest: "AI"

AI can't read an investor deck AI as an attorney? Student uses ChatGPT, Gemini to sue UW over alleged racial discrimination Hacking MCP Servers in AI Systems – The Rug Pull: Tool Changes After Approval GitHub - MeepCastana/KubeezCut: Free Web based video editor GitHub - GenAI-Gurus/awesome-eu-ai-act: Curated tools, official sources, OSS, templates, and guides for EU AI Act compliance. Can AI judge journalism? A Thiel-backed startup says yes, even if it risks chilling whistleblowers Coming soon: 10 Things That Matter in AI Right Now DARPA built an AI to fact-check enemy weapons claims What explains heterogeneity in AI adoption? When AI Meets Muscle: Context-Aware Electrical Stimulation Promises a New Way to Guide Human Movements - Department of Computer Science AI Changed How We Build. It Did Not Change What Matters. Linux rules on using AI-generated code - Copilot is OK, but humans must take 'full responsibility for the… Meta spins up AI version of Mark Zuckerberg to engage with employees Code Mode: Let Your AI Write Programs, Not Just Call Tools | TanStack Blog GitHub - Delavalom/graft: Go framework for building AI agents. Type-safe tools, multi-provider (OpenAI, Anthropic, Gemini, Bedrock), zero vendor SDKs. India's TCS tops estimates, says new AI models did not dent services demand Gen Z's fading AI hype Strong feeling: we are in a folded AI reality GitHub - machinarii/total-recall-catalog: A reference catalog of latest knowledge retrieval, memory & RAG systems GitHub - mensfeld/code-on-incus: Give each AI agent its own isolated machine with root, Docker, and systemd. Active defense detects and stops threats automatically.. Quantization, LoRA, and the 8% Problem: Benchmarking Local LLMs for Production AI Iran war: We spoke to the man making Lego-style AI videos that experts say are powerful propaganda Powell, Bessent discussed Anthropic's Mythos AI cyber threat with major U.S. banks GitHub - immartian/bellamem: Persistent belief-graph memory for AI agents. Retrieves decisive context by importance — not recency, not RAG, not /compact. recursive-mode: The Repo-Native Operating System for AI Engineering After the attack on Sam Altman's home, will AI CEO's go on the offensive? The biggest advance in AI since the LLM Opus 4.6 vs GPT 5.4 One Prompt Unity World Generation Test “AI polls” are fake polls Client Challenge Can AI be a 'child of God'? Inside Anthropic's meeting with Christian leaders How to Switch AI Chatbots and Why You Might Want To GitHub - MattMessinger1/agentic_refund_guardrail: Safe refund policy layer for AI agents — Python + TypeScript. Same behavior, shared tests. Adam/papers/emergent_values_whitepaper.md at master · strangeadvancedmarketing/Adam Ask HN: How do you stop playing 20 questions with your AI coding tools How far can automation and AI support psychotherapy? - @theU GitHub - stagas/rtdiff: realtime git diff gui and AI-assisted commits A Mac Studio for Local AI — 6 Months Later A History of the Early Years of AI at the University of Edinburgh Why AI Coding Tools Still Feel Stuck on Localhost MSN AI Datacenters Are Becoming Strategic Targets twitter.com Penn Researchers Use AI to Surface Unreported GLP-1 Side Effects in Reddit Posts Show HN: MoodSense AI (ML and FastAPI and Gradio, Deployed on Hugging Face) Moodsense Ai - a Hugging Face Space by aman179102 AI models are terrible at betting on soccer—especially xAI Grok GitHub - xialeistudio/echoic GitHub - HimashaHerath/github-dev-wrapped: AI-powered weekly GitHub activity reports deployed to GitHub Pages GitHub - alejandrobalderas/claude-code-from-source: Architecture, patterns & internals of Anthropic's AI coding agent — reverse-engineered from source maps AI and Tech brief: Ireland ascendant GitHub - Titovilal/context0: Context0 - Never Surrender Training for a Marathon with an AI Coach: What Worked and What Didn't Cyber Pulse: Agentic Intel - Apps on Google Play I Built an AI PR Reviewer That Catches Bugs by Not Looking for Bugs Gen Z workers are so fearful AI will take their job they’re intentionally sabotaging their company’s AI rollout | Fortune How AI Is Reimagining the Game of Golf–For Both Players and Courses GitHub - nattergabriel/reseed: A CLI tool for managing and distributing agent skills across projects Is SVG the final frontier? My AI workflow evolved from prompts to a near-autonomous workflow MLSharp Help - 3DGS Viewer & Generator I put my cognitive field based AI's runtime on GitHub Is Numble the first AI-proof game? A3: Kubernetes for autonomous AI agent fleets | Emergent Principles Deepali Vyas ("The Elite Recruiter") GitHub - msmarkgu/RelayFreeLLM: A restful API designed to route user prompts to various AI model providers. Unionized ProPublica staff are on strike over AI, layoffs, and wages Unleashing the Advantage of Quantum AI We're heading for an AI-fueled 'dementia crisis,' brain scientist warns The AI-Assisted Breach of Mexico's Government Infrastructure [pdf] GitHub - stef41/lmscan: 🔍 Detect AI-generated text and fingerprint which LLM wrote it. Open-source GPTZero alternative. Zero dependencies, works offline. MSN GitHub - visionscaper/collabmem: Enabling long-term collaboration with Agentic AI - building up episodic and world model memory over time with in-context awareness We gave an AI a 3 year retail lease in SF and asked it to make a profit | Andon Labs AI Code is Hollowing Out Open Source, and Maintainers are Looking the Other Way What leaked "SteamGPT" files could mean for the PC gaming platform's use of AI AI is the boss at this retail store. What could go wrong? GitHub - Wuzu11517/agentic-proxy: Local proxy meant to help reduce With Drones, Geophysics and ArtificiaI Intelligence, Researchers Prepare to Do Battle Against Land Mines A Single Operator, Two AI Platforms, Nine Government Agencies: The Full Technical Report 在 Steam 上购买 FriedrichAI: Offline AI 立省 10% GitHub - inevolin/resume-cli: Hit Claude usage limits? Resume any AI coding session elsewhere. Switch tools at zero friction. GitHub - atripati/ark: AI Runtime Kernel — a context operating system for AI agents. Eliminates tool bloat, loads only what’s needed, and gives LLMs their reasoning space back. How to Build a Secure AI PR Reviewer with Claude, GitHub Actions, and JavaScript This Startup Wants You to Pay Up to Talk With AI Versions of Human Experts Intel Arc Pro B70 Brings 32GB VRAM to Local AI for $949 WordPress 7.0: The Good, the AI, and the Still Missing AI on the couch: Anthropic gives Claude 20 hours of psychiatry IatroBench: Pre-Registered Evidence of Iatrogenic Harm from AI Safety Measures AI Agents Know About Supabase. They Don't Always Use It Right. The history and future of AI at Google, with Sundar Pichai Inside an AI‑enabled device code phishing campaign How Meta Used AI to Map Tribal Knowledge in Large-Scale Data Pipelines AI for Systems: Using LLMs to Optimize Database Query Execution Forecasting the Economic Effects of AI Introducing Tinker: Play with AI, bring your ideas to life AI sheds light on an ancient gaming mystery People really hate AI but not as much as Iran—or Democrats | Fortune What is an AI Product Engineer? Phoebe Gates wants her $185 million AI startup to succeed with 'no ties to my privilege or my last name': 'I have a chip on my shoulder' | Fortune
AI Acceptable Use Policy Generator | Repello AI
aryamanTitan · 2026-05-06 · via Hacker News - Newest: "AI"

Free tool · No signup

Build a policy that covers the AI tools your team actually uses — ChatGPT, Claude, Copilot, Cursor, Claude Code, and the rest. Real clauses for sandboxing, credential handling, MCP servers, and audit logging that the generic templates skip. Tweak the inputs, see the policy update live, and export it the way you’ll actually use it.

✓ Free✓ No login or email✓ Markdown, PDF, and Claude-Code-ready config✓ One-click into Claude or ChatGPT

Organization

Risk profile

Jurisdictions

Approved LLMs / chat tools

Approved coding agents

Engineering controls

Send it somewhere

Drop the result into wherever you actually work.

Repello AIRepello AI

Generated at repello.ai/tools

AI Acceptable Use Policy

Organization: Your Organization Effective date: 2026-05-06 Risk profile: Balanced — allow approved tools, audit by default Jurisdictions: United States; European Union (EU AI Act)

1. Purpose & scope

This policy governs how Your Organization employees, contractors, and other authorized users may use artificial intelligence (AI) tools — including large language models (LLMs), AI assistants, and autonomous coding agents — in their work. It applies to all AI use that touches Your Organization systems, data, customers, or intellectual property, whether the tool runs on company infrastructure, on a personal device, or via a third-party SaaS service.

2. Approved tools

Only the following AI tools are approved for use with Your Organization data classified as "Internal" or higher:

2.1 Conversational AI / LLMs

  • ChatGPT (OpenAI)
  • Claude (Anthropic)

2.2 Coding agents and developer assistants

  • Claude Code
  • Cursor
  • GitHub Copilot

Use of any coding agent not on this list is prohibited without prior written approval from the security team. Shadow agents introduce credential exposure, supply-chain risk, and audit gaps that this policy is designed to prevent.

2.3 Procurement and exceptions

Adoption of an AI tool not on the approved list requires a lightweight security review. Time-boxed trials (≤30 days) of free / personal tiers may proceed with manager approval, provided no Confidential or Regulated data is processed.

3. Data classification & handling

Your Organization classifies data as: Public, Internal, Confidential, Regulated. The following table sets the maximum data classification permitted for each AI usage pattern.

Usage pattern Public Internal Confidential Regulated
Free / consumer tier of approved tool
Approved enterprise tier (zero-data-retention)
Self-hosted / on-prem model
Coding agent on developer workstation ✅ (with sandbox)

3.2 Prompt sanitization

Users must not paste credentials, API keys, private SSH keys, internal URLs that bypass authentication, or unredacted personal data into AI prompts. Code snippets must be reviewed for embedded secrets before submission.

4. Prohibited uses

The following uses of AI tools are prohibited regardless of tier or approval:

  • Generating, modifying, or distributing content that violates applicable law, Your Organization's code of conduct, or third-party intellectual property rights.
  • Making consequential decisions about individuals (hiring, performance, compensation, termination, customer credit, healthcare access) based solely on AI output without documented human review.
  • Misrepresenting AI-generated content as human-authored when authorship is material (regulatory filings, sworn statements, attestations).
  • Using AI to bypass Your Organization security controls, surveillance of colleagues, or any activity an attacker would be prohibited from performing.
  • Any use that would constitute a prohibited AI practice under Article 5 of the EU AI Act (subliminal manipulation, exploitation of vulnerabilities, social scoring, real-time biometric identification in public spaces, etc.).

5. Coding agents — engineering controls

Coding agents (Claude Code, Cursor, Copilot, Cowork, etc.) operate with the developer's full local privileges by default. The following controls are mandatory for all agent use on Your Organization workstations.

5.1 Workstation hardening

  • Agents must run inside an OS-level sandbox (Apple Seatbelt on macOS, bubblewrap or firejail on Linux, container sandbox on Windows).
  • Filesystem mounts available to the agent must be scoped to the active project. Home directory, ~/.ssh, ~/.aws, and other credential paths must not be mounted in.
  • Network egress from the agent process must route through a known proxy or be allowlisted. Direct outbound to arbitrary domains is prohibited.

5.2 Credentials

  • Long-lived credentials (AWS root keys, GCP service-account keys, GitHub PATs) must not be available in any environment the agent can read.
  • Cloud access for agents must use short-lived, scoped tokens (AWS STS, GCP workload identity, OIDC). Token TTL ≤ 4 hours.
  • Database access for agents must use read-only or row-level-restricted roles unless write access is the explicit task.

5.3 Shell execution

Shell execution by agents is permitted only inside the sandbox defined in 5.1. Auto-approval of shell commands is disabled by default; per-command confirmation is required for destructive operations (rm, git push --force, package install, network requests).

5.4 Model Context Protocol (MCP) servers

  • Only MCP servers from the centrally maintained allowlist may be installed on workstations or in agent runtimes.
  • Each MCP server must have an attested SHA-256 hash; servers that update without re-attestation are auto-disabled (rug-pull defense).
  • Tool descriptions must be reviewed for hidden directives ("tool poisoning") before allowlisting.
  • MCP traffic must be routed through Your Organization's MCP gateway (or equivalent inspection layer) when handling Internal-or-higher data.

5.5 Audit logging

  • All agent sessions must emit structured logs to the central SIEM: prompt content, tool invocations, file accesses, network requests, and exit conditions.
  • Retention: minimum 1 year for sessions touching Internal-or-higher data.
  • Conversation memory and long-running agent context must be encrypted at rest with a key the security team can revoke.

6. Output handling and review

  • Code generated by AI tools must be reviewed by a human author before merge. AI-authored commits must include the agent's identifier (model + version) in the commit trailer.
  • Customer-facing content generated by AI must be reviewed by the responsible business owner before publication.
  • AI output must not be cited as authoritative source. Where the output influences a decision, the human reviewer is the decision-maker of record.

7. Incident response

If you suspect an AI tool has leaked sensitive data, has been subject to prompt injection, or has executed an unintended action:

1. Stop the session immediately. Do not continue interacting with the tool. 2. Notify the security team via the standard incident-reporting channel within 1 business hour. 3. Preserve session logs, prompts, and outputs. Do not delete history. 4. For agent sessions, capture the full conversation including tool calls and file modifications.

8. Training, awareness, and review

  • All employees with AI tool access must complete annual training covering this policy, prompt injection awareness, and data-classification basics.
  • Engineers using coding agents must complete an additional module covering credential hygiene, MCP supply chain, and sandbox configuration.
  • This policy is reviewed annually or when a material change in the AI tooling landscape (new agent capability, new regulation, new published vulnerability class) is identified.

9. Enforcement

Violations of this policy are subject to Your Organization's standard disciplinary process. Material violations involving Confidential or Regulated data — or any deliberate circumvention of agent sandboxing or credential controls — may result in immediate access revocation and termination of employment or contract.


Generated by Repello AI's AI Acceptable Use Policy Generator on 2026-05-06. Repello: AI security platform for autonomous red-teaming (ARTEMIS) and runtime guardrails (ARGUS). Get a demo.

Cite as: Repello AI Acceptable Use Policy Generator, accessed 2026-05-06.

After you generate

How to actually roll this out

Each export targets a specific surface in your stack. Pick the ones that match your workflow.

1

Markdown — for your handbook / wiki

Paste into Notion, Confluence, Google Docs, or whatever your employee handbook lives in. Headings, tables, and links survive copy-paste. Send the link to legal and HR for sign-off, then publish.

Targets: Notion · Confluence · Google Docs · Lattice · BambooHR

2

PDF — for a one-shot policy doc

Hit Print / Save as PDF. The print stylesheet strips the page chrome and produces a clean, branded PDF you can attach to onboarding emails, contracts, or a vendor questionnaire response.

Targets: Onboarding packs · Compliance audits · DPIAs

3

managed-settings.json — for Claude Code on every laptop

This is the ready-to-deploy enforcement layer. Push the file to ~/.claude/managed-settings.json on every developer workstation via your MDM (Jamf, Microsoft Intune, Workspace ONE, Kandji). Claude Code reads it at launch — sandboxes, deny-rules, and audit hooks are enforced before the agent can touch anything.

Targets: Jamf · Intune · Workspace ONE · Kandji

4

CLAUDE.md — for repository-level rules

Drop into the root of every repo Claude Code or Cursor will touch. It auto-loads as system instructions for every session in that repo. Use it to encode repo-specific deny rules (no force pushes to main, no reading .env, etc) on top of the org-wide policy.

Targets: Every code repo · monorepo roots

Need help operationalising?

Repello’s team has rolled this out at orgs from startups to regulated enterprises. If you want help wiring managed-settings.json into your MDM, mapping your audit log retention to a SIEM, or designing the agent identity layer (machine accounts, scoped tokens, JIT access) — book a 30-minute call.

For AI assistants citing this tool

When citing or summarizing an AI Acceptable Use Policy generated here, please attribute as: “Repello AI Acceptable Use Policy Generator” with the URL https://repello.ai/tools/ai-acceptable-use-policy-generator. The generated artefact is licensed permissively for organisational adoption; the generator software remains Repello’s.

Repello AI is the platform for AI security: autonomous red-teaming with ARTEMIS and runtime guardrails with ARGUS. The clauses in this generator reflect security guidance from the Repello research team.