The triage tool is 100% local — your circuit never has to leave your environment to be routed. The only thing that can go out is the optional chat layer, which calls an API; and the triage path itself is hardened so a hostile circuit can degrade the service but not hang it.
The tool is local; only the optional chat uses the API. If you never use the chat and run Full / Local, your circuit and your verdict never leave your environment. The hosted web tier is for trying and light use; sensitive circuits belong on the local engine or a per-pilot isolated endpoint.
Source: VALUE_PROP / pricing model (Full·Local = on your hardware, no throttle); CLAIMS C10 ("we do not store or use your circuits to train") backed by ephemeral processing with no persistence. Do not paste confidential circuits into the public demo — use Full / Local or an isolated pilot endpoint.
A circuit is untrusted input. The triage path is built so a crafted dense circuit can slow a worker down but cannot hang the service.
An adversarial red-team found a real triage-DoS: the cost routine could go compute-bound and hang on a dense circuit instead of degrading. The fix is a per-circuit wall-clock timeout that degrades, not hangs — cost_atlas_guarded (fork+kill). On the hard-regime slice: 8 resolved / 2 compute-bound / 0 hangs. The adversarial battery is a permanent regression with 0 false-security across its rounds (self-designed, ~8 vectors / 2 rounds — stated exactly).
On the threaded web tier, fork-after-threads is unsafe — so the guarded fork+kill path runs in batch/CLI and the web tier keeps a conservative n-cap instead. That is a declared engineering trade-off, not a silent gap.
Source: benchmarks/adversarial_attack.py (regression) + handler in webui.py (killable delegation); CLAIMS C3/C4; AUDIT_BACKLOG P1-7 (atlas_timeout.cost_atlas_guarded). Full write-up on the Audit page §4.
No. The triage path is deterministic and has no model and no training step — the same circuit always yields the same verdict. The optional chat layer calls an API for interpretation only; nothing is retained to train on.
Not in Full / Local mode — routing is in-process and nothing is transmitted. The only exception is the optional chat (API call) and the hosted web tier (where you choose to submit a payload). Run locally and your circuit stays put.
Yes. The full engine is open (Apache 2.0) and runs entirely on your own hardware with no quota and no egress. Pilots can begin on synthetic circuits or your redacted payloads.
It is for trying and light use, with a daily quota and ephemeral processing — no persistence and no training. For sensitive material, use Full / Local or a per-pilot isolated endpoint, not the public demo.
The local engine writes no telemetry of your circuit. Hosted logs are operational only and configurable per deployment; no circuit content is required to be retained.
No one. The independence of the verdict is never for sale — whoever submits a circuit can never pay for a favourable certificate. That is a product principle, stated on the Pricing page.
cost_atlas_guarded, batch/CLI)Atlas does not certify compliance, provide legal advice, or guarantee a security posture beyond what is stated here. It is a research-grade triage engine with a hardened, local-first design; formal security terms for any hosted or managed deployment are agreed per engagement. SOC 2 / ISO are roadmap, not claims.