Legal

Agent Operations

Last updated: March 19, 2026.

Why This Page Exists

Étincel is built on orchestrated agents. They touch your writing, your project data, and the pipeline that produces your manuscript. That level of access warrants a clear, honest account of how those agents are bounded, what they can and cannot do, and how we audit their behavior.

This page is not marketing copy. It is an operational disclosure. If something here is unclear, email us at legal@etincel.ai and we will clarify it.

Core Principles

1

Scoped by design

Every agent is defined with an explicit capability set. An agent that drafts chapters has no access to billing data. An agent that handles onboarding cannot modify published content. Capabilities are granted at the architecture level, not at runtime.

2

No persistent external reach

Agents cannot initiate outbound network requests to arbitrary URLs. All external integrations are explicitly approved, enumerated at build time, and restricted to the minimum surface required for the task.

3

Read before write

For any agent action that modifies data, a read step is logged first. This creates a clear before-and-after record for every mutation and enables targeted rollback when needed.

4

User-owned context

Agents operate strictly within the project context of the authenticated user making the request. Cross-user data access is structurally impossible at the query level, not just through policy.

5

Bounded output size

Agent outputs are subject to size constraints that prevent runaway generation. Outputs exceeding defined thresholds are truncated and flagged rather than silently accepted.

6

No self-modification

Agents cannot modify their own instructions, system prompts, or capability definitions. The configuration that defines what an agent can do is managed exclusively through the application codebase, not by the agents themselves.

What Agents Can Do

Each agent in the Étincel pipeline is authorized to perform a specific, bounded set of operations:

  • Read project metadata and manuscript content belonging to the authenticated user
  • Write structured outputs (chapter drafts, outlines, voiceprint models) to the user's project
  • Call the Anthropic API with a scoped, system-prompt-constrained context
  • Log their own actions to the audit trail
  • Surface structured status updates to the user-facing pipeline view

What Agents Cannot Do

  • Access data belonging to any other user account
  • Initiate requests to external URLs outside of approved integrations
  • Modify their own system prompts, capability definitions, or tool access
  • Take actions on external services (email, payments, publishing platforms) without an explicit user-triggered workflow
  • Persist memory or context across separate user sessions unless explicitly stored in the project database under the user's account
  • Execute code or shell commands on the host infrastructure
  • Escalate their own privileges or request elevated access at runtime

Technical Guardrails

Content filtering

All agent outputs pass through a content safety layer before being stored or displayed. Outputs that trigger safety thresholds are blocked and logged for review.

Rate limiting

Each agent function is rate-limited per user account to prevent runaway execution, whether from bugs, abuse, or unexpected loops.

Circuit breakers

If an agent call fails or returns an unexpected response structure more than a defined number of times within a window, the circuit breaker trips and the function pauses pending investigation.

Token budget enforcement

Each agent invocation is given an explicit token budget for both input context and output. Requests that would exceed the budget are rejected before the model call is made.

Human Oversight

Every agent action that modifies your project is visible to you in the pipeline view. You can inspect what each agent produced, revert a draft to a prior state, or pause a pipeline run at any point.

No agent output is considered final until you review and accept it. Drafts are proposals, not published work. The publishing step requires explicit user action and cannot be triggered autonomously.

We do not allow agents to send communications on your behalf (email, social, or otherwise) without a workflow you have explicitly configured and confirmed.

Audit Logging

All agent invocations are logged with the following information: agent identity, user account, project context, timestamp, input token count, output token count, and whether the output was accepted, rejected, or flagged by safety filters.

Logs are retained for 90 days. You may request a copy of the agent activity log for your account by contacting us at legal@etincel.ai.

Model Provider

The agents in Étincel's pipeline are powered by models provided by Anthropic. We pass your project content to Anthropic's API strictly to execute pipeline tasks within scoped, purpose-bound prompts. We do not instruct the model to retain, reproduce, or act on your content beyond the immediate task.

Anthropic's API terms prohibit training on API inputs by default. We rely on that commitment and do not separately grant Anthropic any training rights to your content.

Changes to Agent Capabilities

When we expand the capability set of any agent in a way that affects data access or external integrations, we will update this page and notify active users by email before the change takes effect. Capability reductions do not require advance notice.

Privacy Policy·Terms of Service·Security·Agent-Led Growth