SCOI Atlas · L3 Gates
L3C Safety, Security & Provenance
Guardrails, jailbreak defenses, PII redaction, content provenance and watermarking.
TL;DR · Direct answer
L3C Safety, Security & Provenance is a sublayer of L3 Gates in the Supply Chain of Intelligence™ (SCOI) by Anand Arivukkarasu. It is a required capability but not on its own a durable moat. Assume any agent-driven product will be prompt-injected. Design least-privilege tool access from day one.
What actually matters at L3C
- Guardrails without evals are theater.
- Prompt injection is the SQL injection of the agent era — assume it exists in every tool.
- Provenance (C2PA, watermarking) becomes a legal artifact, not just a feature.
The startup lens
Assume any agent-driven product will be prompt-injected. Design least-privilege tool access from day one.
Vertical lens — how this plays across categories
Consumer AI
Age-appropriate design + safety by default.
Enterprise AI
SOC2 + tenant isolation + PII handling as three separate stories.
Media AI
Provenance manifests on every generated asset.
How to defend L3C
- Red-team + eval loops, not just filters.
- Provenance built into the pipeline, not bolted on.
Other sublayers in L3 Gates
L3A
Compliance & Export Controls
Export licenses, sanctions, national-security controls on models and compute.
L3B
Quality Gates
Evals, benchmarks, regression suites — the tests that decide what ships.
L3D ★
Editorial Gates
Human editorial control over what models say — style, tone, factual thresholds, brand voice.
L3E ★
Distribution Gates
App stores, model marketplaces, enterprise procurement — who is allowed to reach the user.