Human approval
Material actions require an explicit approval model.
Security and control
CROM is designed for workflows where boundaries matter. The first question is not what AI can do. The first question is what it should be allowed to do, with what evidence, under whose approval.
Discuss Private DeploymentSecurity principles
Material actions require an explicit approval model.
Tool and data access are scoped before a pilot runs.
Only approved sources, tools, repositories, models, or APIs are connected.
Sensitive data rules are defined before collection or processing.
Deployment direction is planned around the customer's risk and ownership needs.
Results should include what happened, what was validated, and what remains unresolved.
Responsible automation
primal. does not present CROM as a system that can safely act everywhere. Formal assurance claims require future verification and are not part of this V1 site.