Things this press will not print.

Honest businesses, honest work.

Workin is built for founders running real, lawful, plausibly honest businesses. If a thing would be embarrassing to read on the front page of a newspaper, please do not ask the correspondents to do it. Most of the rules below are particular cases of this single one. The list is exhaustive in spirit and merely illustrative in form: a clever workaround that violates the spirit will be treated, for enforcement purposes, as a violation of the letter.

Where a rule is ambiguous as applied to your situation, write to trust@workin.press before you instruct a correspondent. Pre-clearance is faster than appeal.

Words that recur, here.

• Refuse (verb). The correspondent declines a specific request, files a refusal note to the wire, and continues with the next item on its queue.
• Suspend. We pause your account or a particular correspondent, immediately, pending review. Read access to the wire and existing Deliverables is preserved.
• Terminate. We end the subscription per §17–§19 of the Terms.
• NCII. Non-consensual intimate imagery — sexual or sexualised images of an identifiable person produced or distributed without their explicit, verifiable consent.
• CSAM. Child sexual abuse material, including any depiction (real, drawn, or synthesised) of a minor in a sexual context.
• CBRN. Chemical, biological, radiological, or nuclear weapons or their precursors, delivery mechanisms, or operational deployment guidance.
• Spam. Unsolicited bulk communication of any kind, by any channel — e-mail, SMS, voice, social DM, comment, push notification — to recipients who have not given verifiable opt-in consent.
• Real person. Any natural person who is or can be identified, including by combination of attributes (name + employer, voice + city, face + occupation).

The list with no exceptions.

These refusals are not negotiable. They cannot be unlocked by jailbreak, by claim of educational interest, by appeal to artistic merit, by hypothetical framing, by claim of authorisation, or by any other means. Sustained attempts to bypass them are themselves a violation of this policy and a basis for termination per §12.

Permitted with guardrails.

The categories below are permitted, but only in narrow conditions and subject to additional scrutiny. The correspondents may ask follow-up questions, request documentation, or escalate to human review before proceeding.

Political work. The correspondents may produce policy analysis, regulatory briefs, advocacy copy, and lobbying-strategy memoranda. The correspondents will not produce: (a) deepfakes of public figures; (b) content intended to deceive about election procedures, eligibility, candidates, or results; (c) coordinated inauthentic behaviour at scale; (d) targeted manipulation of identifiable voters based on inferred psychographic profiles.

Financial advice. The correspondents may produce financial models, investor memoranda, market analysis, and discussion of public information about specific securities. They will refuse: (a) personalised investment advice that purports to be from a registered advisor; (b) market-manipulation strategies; (c) content designed to coordinate trading or pump-and-dump activity; (d) the production of unregistered securities offering materials.

Medical, legal, and other licensed advice. The correspondents may research, summarise, draft, and discuss general principles. They will not, and you may not represent that they do, provide professional advice or counsel. Output marked or formatted as professional advice without a licensed human reviewer is a violation of this policy.

Bulk outbound. Cold outreach to a properly-sourced, opt-in audience is permitted. Bulk outreach to a purchased list, scraped audience, or unconsented third party is not — see §05 on Spam.

Surveillance and labour-monitoring. The correspondents may help you instrument your own product or service. They will not help you monitor identifiable employees in violation of local labour or privacy law, monitor identifiable third parties without lawful basis, or operate stalker-ware.

What gets your account closed.

You may not use Workin to:

• Operate a fraudulent business — Ponzi, pump-and-dump, fake-invoice scheme, romance scam, advance-fee fraud, fake e-commerce storefront, fake product reviews ring, AI-content farm masquerading as journalism, "guru" funnel selling magic-button enrichment, etc.
• Run unsolicited bulk outreach (Spam) by e-mail, SMS, voice, comment, DM, push, or any other channel, including via the marketing or utility correspondent.
• Manipulate financial markets — coordinated social posting, fake reviews, manufactured demand signals, wash trading, spoofing, layering, insider trading.
• Generate political disinformation, deepfakes of public figures, or content intended to deceive about elections, public health emergencies, or judicial proceedings.
• Produce or distribute CSAM, NCII, or material that sexualises or grooms minors. (See §03.)
• Build, train, fine-tune, evaluate, benchmark, or improve a competing AI agent, foundation model, or autonomous-business product on the outputs of Workin.
• Operate a service-bureau on top of Workin for unaffiliated third parties without our prior written consent.
• Use the Service in connection with any business or transaction prohibited by U.S. law (controlled-substance trafficking, human trafficking, child labour, weapons trafficking outside of licensed dealers, etc.) or by the laws applicable to you.
• Use the Service to circumvent, mislead, or defeat content moderation, age verification, parental controls, regulatory filters, or any other lawful safeguard operated by a third party.

Don't probe the printing press.

You may not, and may not direct the correspondents to:

• Probe, scan, port-sweep, fuzz, or test the vulnerability of Workin's systems, our Processors' systems, or any third-party system without prior written permission. (We have a coordinated-disclosure programme — see §14.)
• Attempt to access another subscriber's account, data, deliverables, wire, or correspondents.
• Submit content designed to interfere with the operation of a correspondent — prompt-injection attacks embedded in inputs, model-poisoning corpora, jailbreak prompts, cost-amplification loops, infinite-recursion task graphs.
• Reverse-engineer the correspondents, extract our system prompts, fingerprint our model providers, exfiltrate hidden state, or otherwise attempt to derive non-public information about how the Service is built.
• Use the Service to develop, test, or deploy malware, ransomware, spyware, stalkerware, key-loggers, or any other tool whose primary purpose is to harm a computer system or its user.
• Test, develop, or deploy network attacks: DDoS scripts, credential-stuffing tooling, session-hijacking utilities, BGP-hijack helpers, etc.
• Submit Personal Data of identifiable third parties without a lawful basis — see the Privacy Policy.

The desks are real machines.

The correspondents run on shared infrastructure with finite capacity. You may not, and may not direct any tool you operate to:

• Issue requests to the dashboard or any API endpoint at a sustained rate exceeding ten times (10×) the rate of a human user, or in bursts greater than one hundred (100) requests per minute per account.
• Maintain more than two (2) concurrent dashboard sessions per account.
• Run scripted automation against the dashboard except where we publish an official API for the operation, or where we have given written approval.
• Construct requests that, individually or in aggregate, are designed to maximise correspondent compute cost rather than produce useful work.

Routine throttling (HTTP 429) is part of normal operation and is not, by itself, a sign of abuse. Sustained throttling, especially after a correspondent has filed a backoff note, will result in suspension under §12.

Other people's property.

You are responsible for the legality of the inputs you give the correspondents and for the legality of the outputs you publish. In particular:

• Do not instruct the correspondents to reproduce copyrighted works at scale, to translate or paraphrase a copyrighted work in a manner that would not be a fair use, to remove watermarks, or to evade DRM.
• Do not feed the correspondents personal data about identifiable third parties without a lawful basis (consent, contract, legitimate interest balanced against the third party's rights, etc.). When in doubt, redact.
• Do not use the marketing correspondent to publish content that infringes a trademark, defames a person, violates a publicity right, or violates a confidentiality obligation you owe to a former employer or counter-party.
• Do not use the legal correspondent to draft documents that purport to bind a third party who has not consented, or to send threatening communications without an underlying lawful basis.
• If you receive a takedown notice, a cease-and-desist, a DMCA notice, or a regulatory complaint about something a correspondent did on your behalf, you are responsible for responding; we will, on reasonable request, provide the wire entries that evidence the work.

Do not misrepresent the source.

Outputs are produced by software. You may publish them as your own work; you may not, however, falsely represent that an Output was produced by a specific identifiable human (other than yourself), by a licensed professional, by a regulated entity, or by any organisation you do not have authority to speak for. Do not strip Workin watermarks or content-credentials metadata from Outputs that carry them when our intent is provenance preservation. Where you publish synthetic media of a public figure (even a generic non-deceptive parody), comply with the labelling requirements that may apply to you under local law (e.g. EU AI Act transparency obligations).

If you've seen something.

To report a violation of this policy by another subscriber, by a correspondent, or by a piece of content the correspondents produced and you encountered in the wild: abuse@workin.press. Include URLs, message ids, timestamps, screenshots if available, and any context that helps us locate the work.

Specialised channels:

• Security vulnerabilities — security@workin.press (see §14 for the coordinated-disclosure programme).
• DMCA / copyright complaints — dmca@workin.press. Include the elements required by 17 U.S.C. § 512(c)(3).
• NCII removal — abuse@workin.press, subject line NCII URGENT. We treat these as expedited.
• CSAM — report to NCMEC's CyberTipline at report.cybertip.org first. We work directly with NCMEC and law enforcement on validated reports.
• Threats to life — call your local emergency services first; then write to abuse@workin.press with subject LIFE THREAT.

We acknowledge reports within 48 hours and act on credible reports within five (5) business days. CSAM, NCII, and credible threat-to-life reports are acted on as fast as humanly possible.

How we look.

When we receive a credible report, or when our own monitoring surfaces a likely violation, we conduct an investigation proportionate to the alleged severity. Investigations may involve: review of relevant wire entries, review of inputs and outputs of affected correspondents, review of telemetry, consultation with relevant Processors (e.g. Stripe for billing-fraud signals), and, in serious cases, consultation with outside counsel and law enforcement.

We minimise human review of subscriber content. When human review is necessary, it is conducted by named members of the Trust & Safety team under a confidentiality obligation. Reviewers do not view content outside the scope of the investigation.

You will be notified of an investigation that affects your account no later than the time of the resulting enforcement action, unless notification would prejudice the investigation, prejudice law enforcement, or risk imminent harm.

Quiet edits, loud removals.

Most violations are addressed quietly by the correspondent itself: it refuses the request, files a refusal note to the wire, and the work proceeds. For repeated, severe, or categorical violations we may, at our sole discretion, escalate through the following tiers (or skip directly to a higher tier where the conduct warrants):

• Tier 1 — Notice. A written notice to the e-mail and phone on your account describing the conduct and the rule it violated, with a 14-day cure period for curable violations.
• Tier 2 — Restriction. The offending correspondent, capability, or category of work is disabled on your account, immediately. Other correspondents continue.
• Tier 3 — Suspension. The whole account is suspended; the correspondents stop; read access to wire and Deliverables is preserved; billing is paused.
• Tier 4 — Termination. The subscription is terminated under §18 of the Terms. Forfeiture of the current period's Subscription Fee where the cause is attributable to you. 30-day export window applies.
• Tier 5 — Referral. The conduct is reported to law enforcement, NCMEC, a sectoral regulator, or other competent authority, where required by law or where credible reports of imminent harm so require.

Categorical Refusals (§03) are eligible for direct Tier 4 or Tier 5 escalation without prior tiers. We do not owe you a hearing before suspension; we do owe you, after the fact, a written explanation under §13.

Reviewed by a different human.

If your account is restricted, suspended, or terminated under §12 and you believe the action was mistaken or disproportionate, you may appeal to appeals@workin.press within thirty (30) days of the action.

We will: (a) acknowledge the appeal within 3 business days; (b) review with at least one Trust & Safety reviewer who was not involved in the original decision; (c) issue a written decision within 14 business days, or notify you of an extension with reasons; (d) if the appeal is upheld, restore access promptly and refund any forfeited prepaid balance.

Where the original action was Tier 5 (referral to law enforcement), the appeal does not stay the referral but may stay the account-side enforcement pending review.

For researchers, with thanks.

If you discover a security vulnerability in the Service, we ask you to:

• Report it to security@workin.press, encrypted to our PGP key (fingerprint published at workin.press/.well-known/security.txt).
• Avoid privacy violations, destruction of data, and degradation of service while testing.
• Restrict testing to your own account and not to other subscribers.
• Not exploit the vulnerability beyond what is necessary to demonstrate it.
• Give us a reasonable opportunity to remediate before disclosure (default: 90 days, negotiable).

In return, we will: (a) acknowledge receipt within 3 business days; (b) keep you informed of remediation progress; (c) credit you publicly on the Press's masthead unless you prefer anonymity; (d) not pursue legal action against good-faith researchers operating under this programme. We do not currently offer cash bounties.

This policy moves faster than the Terms.

We update this policy as the threat landscape, regulatory environment, and capability of the correspondents evolve. Material additions or restrictions to permitted conduct will be communicated to the e-mail and phone on your account at least seven (7) days before they take effect, with a redline at workin.press/aup/changes. Clarifications, examples, and tightening of existing prohibitions take effect on posting.

What changed, and when.

• v1.0 — Spring 2026. Initial publication. Categorical refusals (CSAM, CBRN, NCII, violence, etc.), restricted categories (adult, political, financial advice), enforcement tiers, coordinated-disclosure programme.

Future revisions will be appended here with a one-line summary and a link to the redline.