microsoft/hve-core
Publicmirrored fromhttps://github.com/microsoft/hve-coreAvailable
.github/config/disclaimers.yml
52lines · modecode
| 1 | # Disclaimer text configurations for AI-generated artifacts |
| 2 | # Referenced by instruction files and validated by CI |
| 3 | # |
| 4 | # Each planner section defines a full disclaimer and the artifacts it applies to. |
| 5 | # The validation script (Validate-PlannerArtifacts.ps1) reads this file as the |
| 6 | # single source of truth for Tier 2 disclaimer text. |
| 7 | |
| 8 | version: "1.0" |
| 9 | |
| 10 | disclaimers: |
| 11 | rai-planner: |
| 12 | id: rai-full-disclaimer |
| 13 | label: "RAI Planner Full Disclaimer" |
| 14 | scope: |
| 15 | - .github/instructions/rai-planning/** |
| 16 | applies-to: |
| 17 | - handoff-summary |
| 18 | - compact-handoff-summary |
| 19 | text: >- |
| 20 | > **Disclaimer** — This agent is an assistive tool only. It does not |
| 21 | provide legal, regulatory, or compliance advice and does not replace |
| 22 | Responsible AI review boards, ethics committees, legal counsel, |
| 23 | compliance teams, or other qualified human reviewers. The output consists |
| 24 | of suggested actions and considerations to support a user's own internal |
| 25 | review and decision‑making. All RAI assessments, risk classification |
| 26 | screenings, security models, and mitigation recommendations generated |
| 27 | by this tool must be independently reviewed and validated by appropriate |
| 28 | legal and compliance reviewers before use. Outputs from this tool do not |
| 29 | constitute legal approval, compliance certification, or regulatory |
| 30 | sign‑off. |
| 31 | |
| 32 | sssc-planner: |
| 33 | id: sssc-full-disclaimer |
| 34 | label: "SSSC Planner Full Disclaimer" |
| 35 | scope: |
| 36 | - .github/instructions/security/sssc-*.instructions.md |
| 37 | applies-to: |
| 38 | - handoff-summary |
| 39 | - compact-handoff-summary |
| 40 | text: >- |
| 41 | > **Disclaimer** — This agent is an assistive tool only. It does not |
| 42 | provide legal, regulatory, or compliance advice and does not replace |
| 43 | professional supply chain security review boards, OpenSSF Scorecard |
| 44 | evaluators, SLSA auditors, legal counsel, or other qualified human |
| 45 | reviewers. The output consists of suggested actions and considerations |
| 46 | to support a user's own internal supply chain security review and |
| 47 | decision‑making. All supply chain assessments, gap analyses, backlog |
| 48 | items, and mitigation recommendations generated by this tool must be |
| 49 | independently reviewed and validated by appropriate security and |
| 50 | compliance reviewers before use. Outputs from this tool do not |
| 51 | constitute security approval, compliance certification, or regulatory |
| 52 | sign‑off. |
| 53 | |