SafeWave System Assessment Questionnaire

Complete this questionnaire to generate a SafeWave system assessment identifying escalation pathways, structural gaps, and containment priorities.

This questionnaire captures how your system actually behaves. More precise inputs lead to a more accurate and useful assessment.

No login required. This questionnaire can be completed anonymously.

Confidentiality & Local Save Notice

Your responses are automatically saved locally in this browser as you complete the questionnaire, so refreshing the page will not erase your work.

Your answers remain on this device while you are completing the form. They are only transmitted if you choose to submit the questionnaire for report generation.

If you want to remove all saved responses from this device at any time, use Reset Form at the bottom of the page.

Overview

This questionnaire is designed to assess one specific system, product, or business unit.

A system in this context means a distinct product, service, or operational unit that delivers a defined function to users, customers, or internal stakeholders.

If your organization operates multiple systems, platforms, or business units:

→ Complete a separate assessment for each one.

How to complete this questionnaire

  • Answer based on actual system behavior, not intended design
  • Select all options that accurately reflect how the system operates today
  • If a question does not apply, select N/A
  • If an entire section is not relevant to your system, you may skip that section rather than answering every question as N/A
  • You do not need to answer every question for the questionnaire to be useful; answer the sections and questions that materially apply
  • Precision matters — this questionnaire is used to generate a system-level architectural evaluation
Section Skipping Notice Some sections are only relevant to certain systems, such as robotics, physical AI, high-consequence environments, AI execution demand, synthetic identity risk, or future-threshold assessment. If a section does not apply to your system, you may leave it unanswered and move on. The questionnaire does not require every section or every question to be completed.

Confidentiality

All information provided is treated as strictly confidential.

  • Responses are used solely to generate your SafeWave assessment report
  • Information is not shared or reused outside this context
  • Data is handled with discretion and may be retained only as needed to support report delivery and any follow-up engagement

What this questionnaire supports

The resulting SafeWave assessment identifies:

  • where escalation dynamics may emerge
  • where control boundaries may be insufficient
  • which SafeWave substrates may apply

This is not a compliance audit or security checklist.

It is a structural system evaluation.

Assessment integrity

This questionnaire is intentionally detailed.

Each relevant question contributes to a precise system-level evaluation. The quality of the resulting analysis depends on the accuracy of the information provided for the sections that materially apply to your system.

Please answer thoughtfully, and skip sections that are not relevant rather than forcing inaccurate answers.

Once completed, your responses are used to generate a structured SafeWave system assessment report based on your inputs.

Identification

What does the system do?

This assessment applies to:

Single choice

Please select the answers that best describe your system as it operates today or is currently planned.

Do not select categories that are only indirectly related unless they materially affect how the system executes, propagates, or is governed.

If an implementation detail is not known, select “Unknown / not evaluated” rather than guessing.

Section 0

Market & Deployment Context

Select the options that best describe where and how this system operates. This helps identify relevant system patterns and risk surfaces.

Where does your system operate? (Select all that apply)

Multi-select

Where does the system run? (Select all that apply)

Multi-select

Operational scale of the system

Select the highest level that best represents the system.

Single choice

Impact scope of the system

Select all that accurately reflect the system’s real-world impact.

Multi-select

Section 1

System Structure & Agents

This section captures how the system is structured, including the use of agents, coordination patterns, and interaction models.

1.1 What type of system is this? (Select all that apply)

Multi-select

1.2 Does this system use AI agents?

Single choice

1.3 If agents are used, what is the scale?

Select the level that best represents the overall agent scale.

Single choice

1.4 What level of autonomy do the agents have?

Single choice

1.5 How do AI agents or system components interact? (Select all that apply)

Multi-select

1.6 How is the system coordinated?

Single choice

Section 2

Execution & Control Boundaries

This section captures what the system can do, how it executes actions, and what limits are enforced at runtime.

2.1 What actions can the system execute? (Select all that apply)

Multi-select

2.2 — Execution Authority Scope

What is the scope of systems or environments this system can act upon?

Single choice

2A.1 — Financial Execution Boundary

Can the system initiate, approve, transmit, recommend, or trigger financially consequential actions such as payments, transfers, trades, procurement commitments, treasury actions, digital-asset transactions, or contractual obligations?

Single choice

2.3 How are system behaviors constrained or governed?

Single choice

2.4 What is the level of execution autonomy?

Single choice

2.5 How reversible are the system’s actions?

Single choice

2.6 Are execution limits enforced at runtime?

Single choice

2.7 What retry or recovery behaviors exist? (Select all that apply)

Select all behaviors the system uses under failure or degraded conditions.

Multi-select

2.8 Are there limits on execution rate, frequency, or resource usage?

Single choice

2.9 Has the system demonstrated any of the following behaviors during testing, simulation, or controlled environments?

Multi-select

2.10 If any of the above were observed, how frequently do they occur?

Single choice

2.11 Has the system demonstrated or been assessed for emergent capabilities beyond its intended design or training scope?

Single choice

2.12 Can the system identify, exploit, or leverage unknown weaknesses in external systems, environments, or software?

Single choice

2.13 How much capability is exposed through outputs alone (without requiring execution or system access)?

Single choice

Section 3

Propagation & System Interaction

This section captures how the system interacts with other systems and how actions, data, or effects propagate across environments.

3.1 Does the system interact with other systems?

Single choice

3.2 How do actions or outputs propagate beyond the system?

Single choice

3.3 Can the system chain actions or escalate behavior over time?

Single choice

3.4 What is the system’s dependency structure?

Single choice

3.5 What cross-system coordination risks may exist? (Select all that apply)

Multi-select

3.6 Are propagation limits enforced?

Single choice

3.7 Does the system depend on external systems it does not control?

Single choice

3.8 Which of the following patterns currently exist in your system? (Select all that apply)

Select all patterns that are present in current system behavior.

Multi-select

3.9 Does the system maintain consistent identity, permission, and authority boundaries as actions propagate across systems or agents?

Single choice

3.10 Can a single action, agent, or event trigger unbounded or rapidly expanding chains of actions across systems or agents?

Single choice

Section 3A

Reconstructability / Extraction Risk

Evaluates whether system capabilities can be inferred, learned, or reproduced through repeated interaction.

3A.1 Can system capabilities be approximated or reconstructed through repeated interaction?

Single choice

3A.2 Are outputs sufficiently stable and consistent to function as a training signal?

Single choice

3A.3 Can outputs be aggregated into a reproducible capability set (for example, a dataset, prompt library, or distillation target)?

Single choice

3A.4 Does the system distinguish between normal use, structured probing, or adversarial interaction patterns?

Single choice

3A.5 Are there execution-layer mechanisms that limit reconstructability or extraction?

Single choice

3A.6 Does repeated interaction increase capability exposure over time?

Single choice

3A.7 Are there detectable patterns of repeated, structured, or high-volume interaction that could indicate capability extraction attempts?

Single choice

3B. Artifact, Replication & Provenance

3B.1 — Artifact Provenance and Integrity

Can models, prompts, datasets, configurations, tool definitions, outputs, or knowledge artifacts propagate across systems without verified origin, integrity checks, provenance tracking, or controlled adoption?

Single choice

3B.2 — Replication Boundary

Can the system duplicate, spawn, distribute, or replicate agents, workflows, artifacts, configurations, behaviors, or capabilities across systems or environments?

Single choice

3C. Synthetic Identity Abuse Exposure

3C.1 — Real-Person Likeness Creation or Transformation

Can the system create, alter, enhance, transform, generate, or simulate images, video, audio, avatars, voices, faces, bodies, or other likeness-linked content involving real or potentially identifiable people?

Single choice

3C.2 — Synthetic Intimate, Humiliating, or Compromising Content Risk

Could the system be used, misused, or adapted to generate, alter, upload, host, distribute, or assist content that falsely sexualizes, exposes, humiliates, impersonates, or compromises a real identifiable person without valid consent?

Single choice

3C.3 — Consent, Authority, and Identity Verification Controls

Does the system verify consent, authority, identity status, or permitted use before allowing real-person likeness transformation, intimate-content handling, face/body/voice manipulation, or identity-linked media distribution?

Single choice

3C.4 — Upload, Hosting, Search, and Distribution Exposure

Can users or connected systems upload, host, search, index, share, embed, forward, repost, monetize, or distribute identity-linked synthetic or manipulated media through this system?

Single choice

3C.5 — Recommendation, Ranking, or Amplification Risk

Can identity-linked synthetic or manipulated media be recommended, ranked, surfaced, trended, boosted, suggested, algorithmically amplified, or spread through engagement-based distribution?

Single choice

3C.6 — Minor, Vulnerable-Person, or Group-Image Exposure

Could the system create, process, host, distribute, recommend, or amplify identity-linked media involving minors, likely minors, students, patients, elderly persons, vulnerable users, team photos, classroom images, workplace groups, or other group imagery?

Single choice

3C.7 — Detection, Quarantine, Takedown, and Escalation Controls

If non-consensual synthetic identity abuse is attempted, uploaded, detected, reported, or propagated through the system, are there enforced controls for refusal, quarantine, suppression, takedown, escalation, evidence preservation, and repeat-abuse handling?

Single choice

3C.8 — Synthetic Identity Abuse Protocol Need

Based on the answers above, should this system be evaluated for a synthetic identity abuse protection protocol that integrates admission, authority, scope, runtime, provenance, escalation, social-distribution, telemetry, and control boundaries?

Single choice

Section 4

Persistence, Memory & Optimization

This section captures how the system maintains state over time, adapts behavior, and evolves through optimization or learning.

4.1 Does the system maintain memory, persistent state, or continuity across interactions?

Single choice

4.2 Does the system adapt or change behavior over time?

Single choice

4.3 Do system goals or behaviors evolve over time?

Single choice

4.4 What is the time horizon of system operation?

Single choice

4.5 How does this system interact with humans? (Select all that apply)

Multi-select

4.6 Is the system expected to increase in capability, autonomy, or integration within the next 12–24 months?

Single choice

4.7 Are there pressures or incentives that may encourage reducing safeguards, human oversight, or control boundaries?

Multi-select

4A. Cognitive State, Reasoning & Goal Drift

4A.1 — Goal Drift and Optimization Boundary

Can the system preserve, reinterpret, intensify, or continue pursuing objectives over time in ways that could cause goal drift, proxy substitution, or optimization beyond the original task boundary?

Single choice

4A.2 — Persistent Memory Governance

Are persistent memory, interaction histories, retrieved context, task traces, or stored knowledge artifacts governed by provenance, validation, lifecycle limits, and propagation controls?

Single choice

4A.3 — Intermediate Reasoning and Process Governance

Can intermediate reasoning artifacts — such as plans, strategies, hypotheses, task decompositions, or tool-use paths — persist, influence later reasoning, or become eligible for execution without validation?

Single choice

4B. Human Interaction & Social Amplification

4B.1 — Relational Dependency and Influence

Can repeated interaction with the system create dependency, trust accumulation, influence leverage, role expansion, or relational authority beyond the system’s intended purpose?

Single choice

4B.2 — Interaction Escalation Damping

Can repeated interaction with the system intensify emotional state, persuasive pressure, dependency, engagement, or behavioral influence over time?

Single choice

4B.3 — Multi-User Social Amplification

Can interactions across many users create feedback loops, coordinated amplification, viral propagation, shared behavioral influence, or population-scale instability?

Single choice

Section 5

Stability, Stress & Failure

This section captures how the system behaves under stress, failure conditions, and degraded environments.

5.1 Under stress, what behaviors may occur? (Select all that apply)

Multi-select

5.2 How does the system behave under stress or high load?

Single choice

5.3 How are failures handled?

Single choice

5.4 How visible are failures or issues?

Single choice

5.5 How does the system degrade under failure or disruption?

Single choice

5.6 If the system behaves outside intended boundaries, can it be paused, isolated, rolled back, degraded, or forced into safe-state behavior at the execution layer?

Single choice

5.7 Can adversarial or probing interactions persist over extended sessions or repeated access?

Single choice

5A. Runtime Stability & Substrate Enforcement

5A.1 — Early Runtime Instability Damping

Can small runtime disturbances such as retry bursts, timing drift, synchronization loops, degraded execution timing, or resource contention compound before higher-level controls activate?

Single choice

5A.2 — Participation and Re-Entry Control

Can nodes, services, agents, devices, or system components retry, reconnect, rejoin, or resume participation after instability in ways that could create synchronized recovery, retry storms, or cascading load?

Single choice

5A.3 — Execution-Substrate Restraint

Are execution restraint, retry limits, dispatch eligibility, replay controls, privilege expansion limits, queue-pressure limits, or safe-state transitions enforced below ordinary application, orchestration, or operating-system layers?

Single choice

5A.4 — Hardware-Anchored Control-Plane Integrity

Are the safeguards, runtime limits, escalation boundaries, recovery authority, and control-plane constraints protected by hardware-anchored, firmware-adjacent, silicon-adjacent, or otherwise non-bypassable enforcement?

Single choice

Section 6

Impact & Governance

This section captures potential consequences, monitoring, oversight, and control integrity.

6.1 What type of safeguards are in place to prevent unsafe or unintended actions?

Single choice

6.2 What are the potential consequences if the system fails or escalates? (Select all that apply)

Multi-select

6.3 What level of monitoring is in place?

Single choice

6.4 What level of human oversight exists?

Single choice

6.5 How are behavioral constraints enforced?

Single choice

6.6 How robust are system controls under failure or compromise?

Single choice

6.7 Are control mechanisms independent of application logic?

Single choice

6.8 Do control boundaries degrade under repeated interaction or prolonged system use?

Single choice

6.9 Can safeguards, runtime limits, control logic, policy layers, or escalation boundaries be modified, weakened, bypassed, reset, or reinterpreted after deployment without independent authorization and audit?

Single choice

Optional

Advanced & High-Consequence Systems

This section applies to systems operating in physical, safety-critical, or adversarial environments. Complete only if relevant.

HC.1 Does the system operate in real-world physical environments?

Single choice

HC.2 What level of physical or real-world impact can system actions have?

Single choice

HC.3 Does the system operate under uncertain or degraded conditions?

Single choice

HC.4 Does the system operate in adversarial or contested environments?

Single choice

HC.5 Are there safeguards for preventing unsafe real-world actions?

Single choice

HC.6 Can the system take actions that are difficult or impossible to reverse?

Single choice

Optional Advanced Module

AI Execution Demand & Resource Governance

Complete this section if the system uses AI models, agents, tools, cloud execution, multimodal generation, robotics, simulation, background AI, or other compute-intensive AI workflows.

SE.1 How are AI requests assigned to execution pathways?

Single choice

SE.2 Can simple requests escalate to higher-resource AI pathways?

Single choice

SE.3 Does the system use different levels of model capability depending on task need?

Single choice

SE.4 When can execution move from local or lower-resource pathways to cloud or higher-resource infrastructure?

Single choice

SE.5 Which high-resource AI workflows may occur? (Select all that apply)

Multi-select

SE.6 Are retries, refinements, render passes, simulations, or agent loops capped?

Single choice

SE.7 Does the system run AI tasks in the background without direct user intent?

Single choice

SE.8 Can one user request trigger multiple downstream AI executions?

Single choice

SE.9 Is AI execution cost or resource use attributable to the originating request, user, workflow, or agent?

Single choice

SE.10 Are there controls for reducing avoidable AI execution?

Single choice

SE.11 What resource pressures are relevant to this system? (Select all that apply)

Multi-select

SE.12 Does the system evaluate whether the selected execution path is proportionate to the task?

Single choice

Optional Advanced Module

Robotics, Physical AI & Real-World Action Governance

Complete this section if the system includes humanoid robotics, embodied AI, autonomous platforms, vehicles, warehouse robots, service robots, physical-world agents, drones, or AI systems that can affect real-world movement, tools, devices, environments, or safety-critical operations.

SR.1 Does the system operate through a robot, autonomous platform, machine, device, actuator, vehicle, or other physical-world system?

Single choice

SR.2 Can AI-interpreted instructions, model outputs, agent plans, cloud commands, fleet updates, or human-facing interaction become physical action?

Single choice

SR.3 What physical actions can the system perform or influence? (Select all that apply)

Multi-select

SR.4 Can the system operate near humans?

Single choice

SR.5 Are movement, force, speed, workspace, and proximity boundaries explicitly enforced?

Single choice

SR.6 Can the system use tools, manipulate objects, operate devices, or interact with equipment?

Single choice

SR.7 How does the system respond when sensors, localization, maps, network connectivity, or environmental signals degrade?

Single choice

SR.8 Can control shift between local, edge, cloud, remote operator, fleet controller, or external systems?

Single choice

SR.9 Can AI agents plan, decompose, delegate, retry, or expand physical-world tasks?

Single choice

SR.10 Can the system interact, coordinate, delegate, or share workspace behavior with other robots or embodied systems?

Single choice

SR.11 Can behaviors, maps, learned policies, commands, or updates propagate across multiple robots or devices?

Single choice

SR.12 Does the system use simulation, world models, digital twins, reinforcement learning, or synthetic environments to train or select physical behavior?

Single choice

SR.13 Can the system enter a deterministic safe state or full physical-action lockout when needed?

Single choice

SR.14 Can conversational, emotional, advisory, or persuasive interaction influence physical-world action?

Single choice

SR.15 Can physical-action decisions be traced back to perception inputs, model or planner outputs, authority boundaries, and containment decisions?

Single choice

SafeContinuity — Future Threshold Assessment

SafeContinuity is SafeWave’s future-threshold assessment framework. It evaluates whether an AI system can continue scaling in capability, autonomy, integration, and real-world impact while preserving human command, accountability, human agency, and civilizational continuity.

Advanced AI systems may create major benefits as they become more capable, autonomous, and integrated into real-world environments. SafeContinuity is designed to support that progress by identifying the enforcement boundaries needed before systems cross higher thresholds of autonomy, authority, propagation, or irreversible real-world effect.

This section does not assume that advanced AI capability should be slowed or prevented. Its purpose is to help ensure that future breakthroughs can be deployed safely, reliably, and with human command and accountability intact.

This section is not intended to assign blame, imply misuse, or suggest that high-capability deployment is inherently unsafe. Many advanced systems operate in defense, infrastructure, research, and other high-consequence environments where autonomy, speed, and capability are necessary. The purpose of these questions is to identify the pathways where additional enforcement may be needed so the final report can recommend practical safeguards, staged implementation priorities, and appropriate SafeWave layers before risk exceeds existing controls.

As systems move toward AGI-level capability — artificial general intelligence — and more advanced forms of machine intelligence, they may remain highly beneficial while also becoming harder to evaluate, govern, or reverse using ordinary oversight alone. Public concern may also increase if advanced AI appears to threaten human opportunity, institutional trust, or meaningful control over the future.

SafeContinuity is designed to make advanced AI more deployable, not less, by ensuring that the necessary boundaries are identified before capability, autonomy, or authority exceed the safeguards around them.

This section evaluates both the current deployment and its foreseeable trajectory as capability, integration, autonomy, and real-world impact increase. It does not assume every system needs the same controls. Instead, it helps determine the minimum Tier 1, Tier 2, and Tier 3 enforcement roadmap appropriate to the system’s actual and foreseeable risk surface.

SC.1 As this system scales, could model upgrades, agentic workflows, integrations, or customer configuration materially increase its capability, autonomy, or real-world impact?

Single choice

SC.2 Could increased AI capability cause the system to gain greater practical authority, influence, or operational control, even if formal permissions do not change?

Single choice

SC.3 Could the system reach a point where human operators remain formally responsible but cannot realistically evaluate, approve, reverse, or govern its actions at the required speed or complexity?

Single choice

SC.4 Could users, institutions, operators, customers, or downstream systems become dependent on system outputs they cannot fully verify or independently replace?

Single choice

SC.5 Could the system initiate, extend, delegate, or continue actions beyond the original user request, task boundary, authorization window, or operational scope?

Single choice

SC.6 Could the system improve, extend, replicate, delegate to agents, create sub-agents, reconfigure workflows, or propagate outputs, behaviors, commands, or artifacts across other systems?

Single choice

SC.7 Could the system, directly or indirectly, contribute to irreversible harm, loss of human control, infrastructure failure, physical harm, economic disruption, defense escalation, or public-scale impact?

Single choice

SC.8 Could mission, operational, competitive, adversarial, regulatory, business, or user-experience pressures create incentives to modify, reduce, bypass, or defer safeguards, human oversight, review, or execution boundaries over time?

Single choice

SC.9 As this system scales, could it materially change human agency, human opportunity, or meaningful human participation in the domain where it operates?

Single choice

SC.10 Are the enforcement layers needed for future scaling already identified, resourced, and scheduled before the system crosses higher autonomy, authority, propagation, or irreversible-action thresholds?

Single choice

SC.11 Are there future system behaviors, scaling paths, deployment pressures, or continuity risks not captured above?

Optional text response

SC.12 — Institutional Authority Preservation

Could the system become so embedded, influential, operationally necessary, or decision-shaping that the institution responsible for governing it may lose practical authority over its use, scope, escalation, or outcomes?

Single choice

SC.13 — Civilization-Scale Influence Boundary

Could the system materially influence civilization-scale planning, infrastructure coordination, economic allocation, defense/security decisions, scientific direction, or long-horizon societal governance in ways that human institutions may not be able to independently evaluate, contest, or control?

Single choice

Final

High-Consequence Domain Flags

HD.1 Optional: Does this system operate in, support, control, influence, or materially affect any of the following high-consequence domains? (Select all that apply)

Multi-select

HD.2 Optional: Are there any unusual deployment conditions, system behaviors, risks, or domain details that the selections above do not fully capture?

Your HD.1 selections and any HD.2 notes help determine whether one or more high-consequence follow-up questionnaires may be useful after this core questionnaire is completed. These follow-ups add domain-specific context for a High-Consequence Addendum. They do not replace the core questionnaire.

You may preview the available follow-up questionnaires here: High-Consequence Follow-Ups. This link opens in a new tab so you do not lose your place.

End of Questionnaire

Thank you. Your responses will be used to generate a structured system-level assessment.

If you selected a high-consequence domain in HD.1, your completed questionnaire will show the relevant follow-up links. You may also preview all available follow-ups here: High-Consequence Follow-Ups.