Responsible Use Policy

01About OBTO's Agentic Platform

OBTO is the first MCP-native platform where AI agents deploy production applications. Through the Model Context Protocol (MCP), users connect directly to their preferred chat interfaces — such as Claude Desktop, Cursor, VS Code, or AntiGravity — and describe what they want to build in plain language. The AI agent then writes the code, provisions the database, and deploys the application to a live URL.

This document outlines the responsibilities, boundaries, and limitations associated with using OBTO's agentic capabilities. It is intended to complement the Terms of Service and should be read in conjunction with it.

OBTO is built on the philosophy of "Open Source Democracy" and "Glass Box AI" — every action is observable, auditable, and reversible. This policy exists to ensure that transparency is matched with responsible use.

02Intended Use Cases

OBTO is designed for building, deploying, and orchestrating a wide range of applications and workflows:

OBTO performs best with common application scenarios, productivity tools, operational utilities, and when natural language instructions are provided in English.

03Agentic Guardrails & Sandboxing

OBTO provides multiple layers of protection to ensure safe and observable AI agent execution:

• Glass Box Dashboard: Real-time tracing of every prompt, logic branch, and token cost. No hidden operations.
• Policy Sandboxing: Configurable guardrails that constrain agent behavior and prevent rogue actions.
• Versioned Deployments: Every deployment creates a versioned snapshot, enabling rollback and auditability.
• Visual Workflow Canvas: Design Agentic workflows with visual tools including code overrides for precise control.
• Role-Based Access Controls (RBAC): Define who can deploy, modify, or access applications and data.

04Output Verification & Human-in-the-Loop

While OBTO's agentic architecture can deploy applications without manual coding or deployment pipelines, you remain responsible for:

• Reviewing generated code — Use the Glass Box dashboard and code inspection tools to verify that the output matches your intent.
• Testing deployed applications — Before exposing applications to end-users or the public internet, validate functionality, security, and compliance.
• Monitoring agent behavior — Actively monitor Agentic workflows in production using the observability tools provided.
• Intervening when necessary — If an agent produces unexpected behavior, use versioned deployment rollback or manual overrides to correct course.

The more specific and on-topic your prompts are, the better the output will be. Incorporate relevant context such as specific scenarios, specifications, or constraints to improve agent performance.

05Prohibited Actions

The following actions are strictly prohibited when using OBTO:

High-Risk Use Cases Requiring Human Oversight

OBTO must not be used for fully autonomous decision-making in high-risk domains without adequate human oversight. This includes, but is not limited to:

• Life-critical medical or healthcare systems.
• Autonomous financial trading platforms without manual intervention safeguards.
• Critical infrastructure control systems.
• Automated legal, judicial, or law enforcement decision-making.
• Weapons systems or surveillance infrastructure.

These domains may use OBTO as an assistive tool, but must maintain meaningful human oversight and review processes.

06Multi-Model Responsibility

OBTO is model-agnostic. Users can run OpenAI, Groq, Ollama, and open-weight models side-by-side. This flexibility comes with responsibility:

• You choose the model. Each LLM has different capabilities, limitations, safety guardrails, and terms of service. You are responsible for understanding and accepting these before use.
• Model behavior varies. The quality, accuracy, and safety of generated output depends on the underlying model. OBTO does not control model behavior.
• Data routing. When you select a third-party LLM, prompts and context are routed to that provider. Review each provider's privacy and data handling policies.
• Open-weight models. If you run open-weight or self-hosted models (e.g., via Ollama), you assume full responsibility for model safety, bias, and output quality.

07Hindsight Memory Fabric

OBTO's Hindsight Memory Fabric pairs persistent memory with high-speed inference (Groq) so agents can execute complex workflows across sessions without losing context. This system is enabled by default to improve agent performance.

Responsible Memory Use

• Do not share sensitive credentials (passwords, API secrets, private keys) directly in prompts. While conversations are encrypted, memory persistence means these could be retained across sessions.
• Use OBTO's built-in secrets management and environment variable features for sensitive configuration.
• Be aware that conversation context is retained to inform future agent decisions. If you prefer a clean-slate session, delete your memories before starting new work.

08Content & Deployment Standards

Applications deployed on OBTO's managed infrastructure must comply with:

• All applicable local, state, national, and international laws and regulations.
• Industry-standard security practices for handling user data.
• Community standards for appropriate content.

OBTO reserves the right to suspend or remove deployed applications that:

• Violate applicable law or these policies.
• Distribute harmful, hateful, defamatory, or illegal content.
• Pose a security risk to the platform or other users.
• Consume resources in a manner that degrades service for other users.

09Reporting Abuse

If you encounter applications, content, or user behavior on OBTO that you believe violates this policy, please report it immediately:

• Email: [email protected]
• Contact Form: www.obto.co/contact

When reporting, please include:

• The URL of the application or content in question.
• A description of the violation.
• Screenshots or other evidence, if available.

OBTO will investigate all reports and take appropriate action, which may include content removal, account suspension, or referral to law enforcement.

10Limitations & Known Constraints

Interpretation of User Intent

AI agents are not always correct in their interpretation of your intent. Always use the Glass Box dashboard and application preview to confirm accurate behavior before deploying to production.

Scope & Complexity

While OBTO can build a wide variety of applications and iterate on them over time, the platform may struggle with highly complex or truly novel application architectures. Performance is best with common application patterns, productivity tools, and operational utilities.

Language

English is the recommended language for prompts. Prompts in other languages may produce lower-quality or unexpected results depending on the underlying model's training data.

Public Code Similarity

AI models may generate code that matches or closely resembles publicly available code. This is an inherent property of LLM-based code generation and does not constitute endorsement or licensing by the original code authors.

Security Limitations

While OBTO's runtime follows best practices for application deployment, AI-generated code is probabilistic and can potentially introduce security vulnerabilities. Applications handling personal, financial, or sensitive data must be thoroughly reviewed and tested before production use.

Legal & Regulatory Considerations

Users must evaluate specific legal and regulatory obligations when using AI services. OBTO's agentic capabilities may not be appropriate for use in every industry or scenario, particularly those subject to strict regulatory oversight.