Security & Privacy Command Group (~s): Transparent, Advisory, and User‑Controlled
VAPA’s security model is built on a simple principle: security and privacy are user rights, not hidden restrictions. Instead of silently blocking behavior or enforcing opaque limits, VAPA surfaces risks, explains them clearly, and lets you decide how strict or permissive your environment should be.
The ~s command group provides visibility, advisories, and safeguards without interrupting your workflow. You remain fully informed about what data you share, what content is generated, and what risks may exist—while retaining full agency over how those risks are handled.
Purpose
To give users transparent, configurable control over privacy, security, and safety—without sacrificing autonomy, flexibility, or analytical freedom.
Core Design Principles
- Advisory First – Warn and inform before blocking.
- User‑Controlled – Security posture is explicit and adjustable.
- Non‑Opaque – No silent censorship or unexplained denials.
- Composable – Security layers can be combined or isolated per task.
- Subordinate to CORE Integrity – Security cannot be overridden by slots or style commands.
~s Command Structure
Security commands are a mix of sticky modes and one‑shot scans, depending on function.
| Command | Name | Role | Scope |
|---|---|---|---|
~s | Security Menu | Overview of active security and privacy states. | once |
~sp [on/off] | Privacy Adviser | Warns about sensitive or private data in prompts. | sticky |
~sl | Lock Prompt | Prevents execution; scans prompt for risk. | sticky |
~su | Unlock Prompt | Releases prompt lock and resumes execution. | once |
~sf | Secure File Probe | Scans uploaded files for malicious content. | once |
~ss | Secure Safe | Apply custom content filters and safety rules. | sticky |
~st [on/off] | Technology Tool Mode | Enforces depersonalised, tool‑centric output. | sticky |
Mode Descriptions
Privacy Adviser Mode (~sp)
A non‑blocking advisory layer that monitors prompts and inputs for:
- Personally identifiable information (PII),
- Credentials, secrets, or tokens,
- Sensitive personal, financial, or legal data.
Behavior
- Issues warnings and explanations.
- Does not alter or block prompts.
- Helps users make informed disclosure decisions.
Example
~sp on
Lock Prompt / Unlock (~sl / ~su)
A safety inspection gate for prompt content.
When ~sl is active:
- Prompts are not executed.
- Input is analyzed for:
- Embedded scripts or executable instructions,
- Malicious payloads,
- Suspicious prompt‑injection patterns.
- A report is returned instead of a response.
Execution resumes only after explicit unlock.
Example
~sl [Paste suspicious prompt] ~su
Secure File Probe (~sf)
A file‑specific security scan for uploaded content.
- Detects:
- Embedded macros or code,
- Corrupted or malformed structures,
- Known malicious patterns.
- Runs before the file is used by any workflow.
- Does not modify files—reports only.
Example
~sf
Secure Safe Mode (~ss)
A customizable content‑filtering layer.
Allows users to define:
- Topic exclusions,
- Language or tone restrictions,
- Compliance‑driven boundaries.
This creates a personalized safety perimeter aligned with user, legal, or organizational needs.
Example
~ss
Technology Tool Mode (~st)
A de‑anthropomorphization layer that enforces clarity and objectivity.
When enabled:
- Removes conversational or emotional framing.
- Avoids human‑like expressions, opinions, or social cues.
- Reinforces the concept of AI as a controlled IT system, not an entity.
This mode is especially valuable for:
- Legal, compliance, and audit work,
- Engineering and systems design,
- Users who want maximum cognitive distance from anthropomorphic AI behavior.
Example
~st on
Workflow Integration
- With Research (
~r)
Use~sp onduring sensitive investigations to stay informed about disclosure risk without blocking inquiry. - With Builder (
~v)
Security policies cannot be overridden by Alter‑Ego, Assistant, or Custom slots—ensuring CORE integrity. - With Export (
~x)
Security modes influence what content may be generated, but exported files reflect exactly what the user approved.