In the interest of fostering an open, welcoming, and ethical environment, we as contributors and maintainers pledge to make participation in our project and our community a harassment-free and legally compliant experience for everyone. We are committed to responsible development and use of AI security tools, with a strong emphasis on ethical considerations and legal compliance.
Examples of behavior that contributes to creating a positive environment include:
- Using welcoming and inclusive language
- Being respectful of differing viewpoints and experiences
- Gracefully accepting constructive criticism
- Focusing on what is best for the community
- Showing empathy towards other community members
- Adhering to cybersecurity ethics and best practices
- Respecting legal boundaries and intellectual property rights
Examples of unacceptable behavior by participants include:
- The use of sexualized language or imagery and unwelcome sexual attention or advances
- Trolling, insulting/derogatory comments, and personal or political attacks
- Public or private harassment
- Publishing others' private information, such as a physical or electronic address, without explicit permission
- Any conduct which could reasonably be considered inappropriate in a professional setting
- Engaging in illegal activities or promoting the use of tools for malicious purposes
- Intentionally causing harm to systems or individuals through the use of project tools
As a project focused on AI security, we have additional ethical and legal responsibilities:
-
Responsible Disclosure: If you discover vulnerabilities through the use of OllaDeck tools, practice responsible disclosure. Do not publicly disclose vulnerabilities without first notifying the affected parties and allowing reasonable time for mitigation.
-
Legal Compliance: Ensure that your use of OllaDeck tools complies with all applicable local, national, and international laws and regulations. This includes, but is not limited to, data protection laws, computer misuse acts, and intellectual property rights.
-
Ethical Red Teaming: When conducting red team activities:
- Obtain explicit permission before testing any system or AI model you do not own or have the right to test.
- Clearly define the scope of your activities and adhere to it strictly.
- Minimize potential damage or disruption to systems and data.
- Maintain detailed records of your activities for accountability.
-
Data Privacy: Respect individual privacy and data protection rights. Do not use OllaDeck tools to collect, process, or store personal data without proper authorization and safeguards.
-
Intellectual Property: Respect the intellectual property rights of AI models and systems. Do not use OllaDeck tools to extract or replicate proprietary AI models without permission.
-
Transparency: Be transparent about the use of AI and security tools, especially when interacting with end-users or subjects of security testing.
-
Bias and Fairness: Work to identify and mitigate biases in AI systems, and do not use OllaDeck tools to perpetuate or exploit societal biases.
Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event.
Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at 2i332ma7h@mozmail.com. All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
By participating in the OllaDeck project or cloning the OllaDeck repository, you acknowledge that you have read and agree to abide by this Code of Conduct. You understand the ethical and legal responsibilities associated with AI security tools and commit to using OllaDeck and its components responsibly and legally.
Remember that the goal of OllaDeck is to improve the security and robustness of AI systems, not to cause harm or enable malicious activities. Always prioritize ethical considerations and legal compliance in your contributions and use of the project.
This Code of Conduct may be amended from time to time to address new ethical challenges or legal requirements in the rapidly evolving field of AI security. Contributors are encouraged to review this document periodically and raise any concerns or suggestions for improvement to the project maintainers.
Thank you for helping to make OllaDeck a safe, ethical, and legally compliant project for AI security research and development.