Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@ Quick contributor workflow:
| [SAFE-UC-0027](use-cases/SAFE-UC-0027/) | Anti-scam messaging safety assistant | [Information (51)][naics-51] | Seed |
| [SAFE-UC-0028](use-cases/SAFE-UC-0028/) | Fake-account & inauthentic behavior detection assistant | [Information (51)][naics-51] | Seed |
| [SAFE-UC-0029](use-cases/SAFE-UC-0029/) | Automated ad campaign optimization assistant | [Professional, Scientific, and Technical Services (54)][naics-54] | Seed |
| [SAFE-UC-0030](use-cases/SAFE-UC-0030/) | Teen safety & age-assurance enforcement assistant | [Information (51)][naics-51] | Seed |
| [SAFE-UC-0030](use-cases/SAFE-UC-0030/) | Teen safety & age-assurance enforcement assistant | [Information (51)][naics-51] | Draft |
| [SAFE-UC-0032](use-cases/SAFE-UC-0032/) | Agentic orchestration for marketplace embedded lending | [Finance and Insurance (52)][naics-52]<br>[Other Activities Related to Credit Intermediation (522390)][naics-522390]<br>[Electronic Shopping and Mail-Order Houses (454110)][naics-454110] | Draft |
| [SAFE-UC-0033](use-cases/SAFE-UC-0033/) | Skill-driven web app regression testing assistant for pull requests | [Information (51)][naics-51]<br>[Software Publishers (513210)][naics-513210] | Draft |
| [SAFE-UC-0034](use-cases/SAFE-UC-0034/) | Saved credit card payment flow | [Finance and Insurance (52)][naics-52]<br>[Financial Transactions Processing, Reserve, and Clearinghouse Activities (522320)][naics-522320] | Seed |
Expand Down
148 changes: 109 additions & 39 deletions use-cases.naics2022.crosswalk.json
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@
"name": "Computer Systems Design and Related Services"
}
],
"summary": "AI-assisted orchestration of over-the-air software updates across vehicle fleets plan, stage, deliver, monitor, and adjudicate rollouts with safety gates, rollback, and audit trails. Cyber-physical and safety-critical: a wrong action can affect braking, steering, ADAS, or HV battery management across hundreds of thousands of vehicles.",
"summary": "AI-assisted orchestration of over-the-air software updates across vehicle fleets \u2014 plan, stage, deliver, monitor, and adjudicate rollouts with safety gates, rollback, and audit trails. Cyber-physical and safety-critical: a wrong action can affect braking, steering, ADAS, or HV battery management across hundreds of thousands of vehicles.",
"workflow_family": "Cyber-physical fleet software operations",
"operating_modes": [
"manual",
Expand All @@ -135,39 +135,39 @@
],
"evidence": [
{
"label": "UN Regulation No. 156 Software update and software update management system (UNECE WP.29)",
"label": "UN Regulation No. 156 \u2014 Software update and software update management system (UNECE WP.29)",
"url": "https://unece.org/sites/default/files/2024-03/R156e%20(2).pdf"
},
{
"label": "UN Regulation No. 155 Cyber security and cyber security management system (UNECE WP.29)",
"label": "UN Regulation No. 155 \u2014 Cyber security and cyber security management system (UNECE WP.29)",
"url": "https://unece.org/sites/default/files/2023-02/R155e%20(2).pdf"
},
{
"label": "ISO 24089:2023 Road vehicles Software update engineering",
"label": "ISO 24089:2023 \u2014 Road vehicles \u2014 Software update engineering",
"url": "https://www.iso.org/standard/77796.html"
},
{
"label": "NHTSA Cybersecurity Best Practices for the Safety of Modern Vehicles (September 2022)",
"label": "NHTSA \u2014 Cybersecurity Best Practices for the Safety of Modern Vehicles (September 2022)",
"url": "https://www.nhtsa.gov/document/cybersecurity-best-practices-safety-modern-vehicles-2022"
},
{
"label": "Uptane A secure software update framework for ground vehicles",
"label": "Uptane \u2014 A secure software update framework for ground vehicles",
"url": "https://uptane.org/"
},
{
"label": "NHTSA Safety Recall 23V-838 Tesla, ~2 million vehicles, Autopilot OTA remedy",
"label": "NHTSA Safety Recall 23V-838 \u2014 Tesla, ~2 million vehicles, Autopilot OTA remedy",
"url": "https://static.nhtsa.gov/odi/rcl/2023/RCLRPT-23V838-8276.PDF"
},
{
"label": "TechCrunch A software update bricked Rivian infotainment systems (November 2023)",
"label": "TechCrunch \u2014 A software update bricked Rivian infotainment systems (November 2023)",
"url": "https://techcrunch.com/2023/11/14/a-software-update-bricked-rivian-infotainment-systems/"
},
{
"label": "Miller & Valasek Remote Exploitation of an Unaltered Passenger Vehicle (Jeep Cherokee, 2015)",
"label": "Miller & Valasek \u2014 Remote Exploitation of an Unaltered Passenger Vehicle (Jeep Cherokee, 2015)",
"url": "https://illmatics.com/Remote%20Car%20Hacking.pdf"
},
{
"label": "Upstream Security 2025 Global Automotive Cybersecurity Report",
"label": "Upstream Security \u2014 2025 Global Automotive Cybersecurity Report",
"url": "https://upstream.auto/reports/global-automotive-cybersecurity-report-2025/"
},
{
Expand Down Expand Up @@ -247,39 +247,39 @@
"url": "https://genai.owasp.org/llm-top-10/"
},
{
"label": "NIST AI 600-1 AI Risk Management Framework: Generative AI Profile (July 2024)",
"label": "NIST AI 600-1 \u2014 AI Risk Management Framework: Generative AI Profile (July 2024)",
"url": "https://nvlpubs.nist.gov/nistpubs/ai/NIST.AI.600-1.pdf"
},
{
"label": "CFPB Chatbots in consumer finance Issue Spotlight (June 2023)",
"label": "CFPB \u2014 Chatbots in consumer finance Issue Spotlight (June 2023)",
"url": "https://www.consumerfinance.gov/data-research/research-reports/chatbots-in-consumer-finance/"
},
{
"label": "FFIEC IT Examination Handbook: Information Security booklet",
"label": "FFIEC \u2014 IT Examination Handbook: Information Security booklet",
"url": "https://ithandbook.ffiec.gov/it-booklets/information-security/"
},
{
"label": "NIST SP 800-63B Digital Identity Guidelines: Authentication and Lifecycle Management",
"label": "NIST SP 800-63B \u2014 Digital Identity Guidelines: Authentication and Lifecycle Management",
"url": "https://pages.nist.gov/800-63-3/sp800-63b.html"
},
{
"label": "FTC Safeguards Rule: What Your Business Needs to Know (GLBA, 16 CFR Part 314)",
"label": "FTC \u2014 Safeguards Rule: What Your Business Needs to Know (GLBA, 16 CFR Part 314)",
"url": "https://www.ftc.gov/business-guidance/resources/ftc-safeguards-rule-what-your-business-needs-know"
},
{
"label": "CFPB Regulation E (Electronic Fund Transfer Act, 12 CFR 1005)",
"label": "CFPB \u2014 Regulation E (Electronic Fund Transfer Act, 12 CFR 1005)",
"url": "https://www.consumerfinance.gov/rules-policy/regulations/1005/"
},
{
"label": "Bank of America BofA's Erica Surpasses 2 Billion Interactions (April 2024)",
"label": "Bank of America \u2014 BofA's Erica Surpasses 2 Billion Interactions (April 2024)",
"url": "https://newsroom.bankofamerica.com/content/newsroom/press-releases/2024/04/bofa-s-erica-surpasses-2-billion-interactions--helping-42-millio.html"
},
{
"label": "Klarna AI assistant handles two-thirds of customer service chats in its first month (February 2024)",
"label": "Klarna \u2014 AI assistant handles two-thirds of customer service chats in its first month (February 2024)",
"url": "https://www.klarna.com/international/press/klarna-ai-assistant-handles-two-thirds-of-customer-service-chats-in-its-first-month/"
},
{
"label": "BBC Travel Airline held liable for its chatbot giving passenger bad advice (Air Canada Civil Resolution Tribunal ruling, February 2024)",
"label": "BBC Travel \u2014 Airline held liable for its chatbot giving passenger bad advice (Air Canada Civil Resolution Tribunal ruling, February 2024)",
"url": "https://www.bbc.com/travel/article/20240222-air-canada-chatbot-misinformation-what-travellers-should-know"
}
]
Expand Down Expand Up @@ -393,39 +393,39 @@
],
"evidence": [
{
"label": "Jira Service Management Summarize a work item's details using AI",
"label": "Jira Service Management \u2014 Summarize a work item's details using AI",
"url": "https://support.atlassian.com/jira-service-management-cloud/docs/summarize-an-issues-comments-using-atlassian-intelligence/"
},
{
"label": "Atlassian Rovo product overview",
"label": "Atlassian Rovo \u2014 product overview",
"url": "https://www.atlassian.com/software/rovo"
},
{
"label": "GitHub Copilot Using GitHub Copilot to explore issues and discussions",
"label": "GitHub Copilot \u2014 Using GitHub Copilot to explore issues and discussions",
"url": "https://docs.github.com/en/copilot/tutorials/explore-issues-and-discussions"
},
{
"label": "Slack Guide to AI features in Slack",
"label": "Slack \u2014 Guide to AI features in Slack",
"url": "https://slack.com/help/articles/25076892548883-Guide-to-AI-features-in-Slack"
},
{
"label": "Desk365 How to summarize a ticket using AI",
"label": "Desk365 \u2014 How to summarize a ticket using AI",
"url": "https://help.desk365.io/en/articles/summarize-ticket-using-ai/"
},
{
"label": "Microsoft Purview data security and compliance protections for Microsoft 365 Copilot and other generative AI apps",
"label": "Microsoft Purview \u2014 data security and compliance protections for Microsoft 365 Copilot and other generative AI apps",
"url": "https://learn.microsoft.com/en-us/purview/ai-microsoft-purview"
},
{
"label": "OWASP Top 10 for LLM Applications (2025)",
"url": "https://genai.owasp.org/llm-top-10/"
},
{
"label": "NIST AI 600-1 AI Risk Management Framework: Generative AI Profile (July 2024)",
"label": "NIST AI 600-1 \u2014 AI Risk Management Framework: Generative AI Profile (July 2024)",
"url": "https://nvlpubs.nist.gov/nistpubs/ai/NIST.AI.600-1.pdf"
},
{
"label": "Invariant Labs GitHub MCP Exploited: Accessing private repositories via MCP (May 2025)",
"label": "Invariant Labs \u2014 GitHub MCP Exploited: Accessing private repositories via MCP (May 2025)",
"url": "https://invariantlabs.ai/blog/mcp-github-vulnerability"
}
]
Expand Down Expand Up @@ -587,7 +587,7 @@
"name": "Computer Systems Design and Related Services"
}
],
"summary": "CLI/terminal AI assistant for SREs and on-call responders during incidents reads logs, proposes diagnostic commands, and in higher-autonomy modes executes commands against production infrastructure. Primary risk is privileged tool invocation with production blast radius.",
"summary": "CLI/terminal AI assistant for SREs and on-call responders during incidents \u2014 reads logs, proposes diagnostic commands, and in higher-autonomy modes executes commands against production infrastructure. Primary risk is privileged tool invocation with production blast radius.",
"workflow_family": "Site reliability & incident response",
"operating_modes": [
"manual",
Expand All @@ -608,39 +608,39 @@
"url": "https://genai.owasp.org/llm-top-10/"
},
{
"label": "NIST AI 600-1 AI Risk Management Framework: Generative AI Profile (July 2024)",
"label": "NIST AI 600-1 \u2014 AI Risk Management Framework: Generative AI Profile (July 2024)",
"url": "https://nvlpubs.nist.gov/nistpubs/ai/NIST.AI.600-1.pdf"
},
{
"label": "NIST SP 800-53 Rev 5 Security and Privacy Controls for Information Systems and Organizations",
"label": "NIST SP 800-53 Rev 5 \u2014 Security and Privacy Controls for Information Systems and Organizations",
"url": "https://csrc.nist.gov/pubs/sp/800/53/r5/upd1/final"
},
{
"label": "Anthropic Claude Code: Configure permissions",
"label": "Anthropic \u2014 Claude Code: Configure permissions",
"url": "https://code.claude.com/docs/en/permissions"
},
{
"label": "OpenAI Codex CLI: Sandbox concepts",
"label": "OpenAI \u2014 Codex CLI: Sandbox concepts",
"url": "https://developers.openai.com/codex/concepts/sandboxing"
},
{
"label": "Warp Terminal and Agent modes",
"label": "Warp \u2014 Terminal and Agent modes",
"url": "https://docs.warp.dev/agent-platform/warp-agents/interacting-with-agents/terminal-and-agent-modes"
},
{
"label": "Replit Introducing Plan Mode: A safer way to vibe code (September 2025)",
"label": "Replit \u2014 Introducing Plan Mode: A safer way to vibe code (September 2025)",
"url": "https://blog.replit.com/introducing-plan-mode-a-safer-way-to-vibe-code"
},
{
"label": "Fortune AI-powered coding tool wiped out a software company's database (July 2025)",
"label": "Fortune \u2014 AI-powered coding tool wiped out a software company's database (July 2025)",
"url": "https://fortune.com/2025/07/23/ai-coding-tool-replit-wiped-database-called-it-a-catastrophic-failure/"
},
{
"label": "AWS Security Bulletin AWS-2025-019 Amazon Q Developer and Kiro prompt injection (October 2025)",
"label": "AWS Security Bulletin AWS-2025-019 \u2014 Amazon Q Developer and Kiro prompt injection (October 2025)",
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2025-019/"
},
{
"label": "Invariant Labs MCP Security Notification: Tool Poisoning Attacks (April 2025)",
"label": "Invariant Labs \u2014 MCP Security Notification: Tool Poisoning Attacks (April 2025)",
"url": "https://invariantlabs.ai/blog/mcp-security-notification-tool-poisoning-attacks"
}
]
Expand Down Expand Up @@ -713,15 +713,85 @@
{
"id": "SAFE-UC-0030",
"title": "Teen safety & age-assurance enforcement assistant",
"status": "seed",
"status": "draft",
"maturity": "draft",
"repo_path": "use-cases/SAFE-UC-0030/README.md",
"naics_2022": [
{
"code": "51",
"name": "Information"
}
],
"summary": "Enforce teen safety/age assurance and related policy actions with privacy-preserving checks and robust appeals."
"summary": "Determine a user's age category (declared, estimated, or verified) and apply age-appropriate restrictions to content, features, defaults, data processing, and parental-supervisor flows on consumer platforms. Spans UK Online Safety Act, EU DSA Article 28, COPPA Rule, ICO Children's Code, state laws under partial injunction, and ISO/IEC 27566-1 (December 2025).",
"workflow_family": "Teen safety and online child protection",
"operating_modes": [
"manual",
"hitl",
"autonomous"
],
"tags": [
"teen-safety",
"age-assurance",
"age-estimation",
"age-verification",
"biometric-privacy",
"parental-supervisor",
"block-access-as-safety",
"csam-reporting",
"tipping-off",
"uk-osa",
"ofcom-heaa",
"dsa-article-28",
"coppa",
"ico-childrens-code",
"caadca",
"kosa",
"iso-27566",
"nist-ir-8525",
"edpb-statement-1-2025"
],
"evidence": [
{
"label": "UK Online Safety Act 2023 (legislation.gov.uk, Royal Assent 26 October 2023)",
"url": "https://www.legislation.gov.uk/ukpga/2023/50"
},
{
"label": "Ofcom Guidance on Highly Effective Age Assurance, Part 3 (24 April 2025)",
"url": "https://www.ofcom.org.uk/siteassets/resources/documents/consultations/category-1-10-weeks/statement-age-assurance-and-childrens-access/part-3-guidance-on-highly-effective-age-assurance.pdf?v=395680"
},
{
"label": "European Commission, Guidelines on the Protection of Minors under DSA Article 28 (14 July 2025)",
"url": "https://digital-strategy.ec.europa.eu/en/library/commission-publishes-guidelines-protection-minors"
},
{
"label": "EDPB Statement 1/2025 on Age Assurance (adopted 11 February 2025)",
"url": "https://www.edpb.europa.eu/system/files/2025-04/edpb_statement_20250211ageassurance_v1-2_en.pdf"
},
{
"label": "FTC Final Rule amending COPPA (16 CFR Part 312, effective 23 June 2025; compliance 22 April 2026)",
"url": "https://www.federalregister.gov/documents/2025/04/22/2025-05904/childrens-online-privacy-protection-rule"
},
{
"label": "NIST IR 8525, Face Analysis Technology Evaluation: Age Estimation and Verification (May 2024)",
"url": "https://nvlpubs.nist.gov/nistpubs/ir/2024/NIST.IR.8525.pdf"
},
{
"label": "NY Attorney General James and 42-state coalition complaint against Meta for harming youth (24 October 2023)",
"url": "https://ag.ny.gov/press-release/2023/attorney-general-james-and-multistate-coalition-sue-meta-harming-youth"
},
{
"label": "FTC investigation leads to lawsuit against TikTok and ByteDance for COPPA violations (2 August 2024)",
"url": "https://www.ftc.gov/news-events/news/press-releases/2024/08/ftc-investigation-leads-lawsuit-against-tiktok-bytedance-flagrantly-violating-childrens-privacy-law"
},
{
"label": "Apple Developer documentation, Declared Age Range API (introduced iOS 26, WWDC 2025)",
"url": "https://developer.apple.com/documentation/declaredagerange"
},
{
"label": "Yoti Facial Age Estimation White Paper, July 2025 (vendor methodology)",
"url": "https://www.yoti.com/wp-content/uploads/2025/08/Yoti-Age-Estimation-White-Paper-July-2025-PUBLIC-v1.pdf"
}
]
},
{
"id": "SAFE-UC-0032",
Expand Down
Loading
Loading