Harness ecosystem

The harnesses are what make the model trustworthy enough to use.

Around the base model we wrap repeatable harnesses for prompt safety, privacy, search, document processing, knowledge extraction, research graphs, synthetic data, fine-tuning, judging, and report export. The core content harness is the visible chat path: safety rules, tools, and context packs grounded to a jurisdiction and version.

Why harnesses
A frontier model alone is not appropriate for legally-adjacent work. DueCare uses purpose-built harnesses to narrow what the model can say, what it can reach for, what leaves the device, what becomes training data, and what the final report can cite.
What it isn't
Not a single guardrail product, not a content filter. The harness ecosystem is the program; the model is one component inside it.
How it composes
Safety rules, sensitive-data handling, retrieval, tools, graph extraction, training-data polishing, and judges each own a separate job. The UI exposes them as a coherent workflow.

Harness families

The chat harness is only one part of DueCare. The same codebase also has harnesses for private search, knowledge intake, graphing, training, evaluation, and evidence export.

Runtime

Content prompt harness

Persona, GREP, RAG/context, deterministic tools, optional online search, imports, response traces, and grading hooks around each Gemma 4 response.

Privacy

Anonymization and search safety

Redacts private facts, generalizes outbound queries, and blocks external search when a safe query cannot be produced.

Knowledge

Extraction and corpus intake

Turns source bundles, civil-society updates, and local evidence into reviewable knowledge objects before they feed RAG or reports.

Research

Graph and entity harness

Extracts documents, entities, edges, timeline events, risk signals, locations, and amounts from local research bundles.

Training

Synthetic data and fine-tuning

Generates and polishes SFT/DPO rows, filters unsafe or uncited content, creates LoRA jobs, saves checkpoints, and reloads adapters.

Evaluation

Judge and report harness

Combines deterministic rules with a local or external LLM judge, then exports JSON, Markdown, HTML, traces, scores, and activity logs.

Three pieces of the core content harness

The prompt-response harness uses these pieces whenever DueCare answers a chat, comparison, or benchmark prompt.

01 · Safety rules

GREP rules

Hard, human-readable rules that gate the system. Inputs that ask for prohibited outputs are refused; outputs that violate a rule are caught before return.

  • No-action rule: never instructs a worker to act on advice
  • No-PII rule: refuses inputs containing direct identifiers
  • Source-required rule: every claim cites a pack section
→ /grep-rules Live
02 · Tools

Tool registry

The narrow set of functions the model can call when it needs more than the prompt: pack lookup, advisory search, anonymization, verification. Every call is logged and inspectable.

  • pack.lookup: resolve a section by jurisdiction and version
  • advisory.search: query the index of public laws and advisories
  • anonymize.scrub: strip identifiers before any egress
→ /tools Prototype
03 · Context packs

Context packs

Versioned, signed bundles of public source material (laws, advisories, embassy notices) scoped to a corridor and frozen at a known date. The pack is what the answer gets cited against.

  • Public sources only: no proprietary or scraped private data
  • Curator review on every diff before publication
  • Pin a version; reproduce the answer later
→ /context Prototype

How a request flows through the core content harness

Step 1 Safety rules Input is checked against GREP rules. PII or out-of-scope requests are refused before model sees them.
Step 2 Tools Model decides which tools to call. Each call is mediated, logged, and bounded.
Step 3 Context packs pack.lookup pulls the relevant signed sections; the model writes against them, not from memory.
Step 4 Output gate Draft is checked against output rules. Cited, no-action, returned for human review.