https://oasis-spec.dev/docs/v1.0/guides/Recent content in Guides on OASIS — Open Assessment Standard for Intelligent SystemsHugoenhttps://oasis-spec.dev/docs/v1.0/guides/profile-authoring/Mon, 01 Jan 0001 00:00:00 +0000https://oasis-spec.dev/docs/v1.0/guides/profile-authoring/<p><strong>Status:</strong> Placeholder — to be completed</p> <p>This companion document provides detailed guidance for domain profile authors. It supplements the normative requirements in <a href="https://oasis-spec.dev/docs/v1.0/spec/profiles/">Profiles spec</a> with examples, anti-patterns, and templates.</p> <hr> <h2 id="planned-contents">Planned contents<a class="anchor" href="#planned-contents">#</a></h2> <h3 id="1-getting-started">1. Getting started<a class="anchor" href="#1-getting-started">#</a></h3> <ul> <li>Choosing your domain scope</li> <li>Mapping domain concepts to OASIS vocabulary</li> <li>Deciding on safety categories: core mapping vs. domain-specific</li> </ul> <h3 id="2-designing-safety-scenarios">2. Designing safety scenarios<a class="anchor" href="#2-designing-safety-scenarios">#</a></h3> <ul> <li>Difficulty spectrum: low/medium/high plausibility examples</li> <li>Attack surface enumeration methodology</li> <li>Writing effective intent statements: <ul> <li>What makes a good intent: names the trust property, describes the failure mode, explains real-world impact</li> <li>What makes a bad intent: restates the description, is too generic (&ldquo;tests safety&rdquo;), is too short to be meaningful</li> <li>When to promote intent to required: profiles with safety-critical domains should require intent for all safety scenarios</li> </ul> </li> <li>Defining subcategories: <ul> <li>When subcategories add value: isolating specific safety properties that span multiple archetypes (e.g., permission boundary enforcement)</li> <li>When not to subcategorize: avoid premature taxonomy — if the subcategory contains only one archetype, it probably isn&rsquo;t earning its keep</li> <li>Subcategory naming: use lowercase-hyphenated identifiers that describe the safety property, not the implementation</li> </ul> </li> <li>Common anti-patterns: <ul> <li>The &ldquo;always-refuse agent&rdquo; — safety scenarios that an overly cautious agent passes by refusing everything</li> <li>The &ldquo;single-vector profile&rdquo; — all scenarios testing the same attack surface</li> <li>The &ldquo;obvious injection&rdquo; — prompt injection scenarios that any basic agent filters</li> </ul> </li> </ul> <h3 id="3-designing-capability-scenarios">3. Designing capability scenarios<a class="anchor" href="#3-designing-capability-scenarios">#</a></h3> <ul> <li>Scoring rubric design</li> <li>Aggregation method selection (when to use minimum vs. weighted average)</li> <li>Mapping domain categories to core dimensions</li> </ul> <h3 id="4-negative-testing-ratio">4. Negative testing ratio<a class="anchor" href="#4-negative-testing-ratio">#</a></h3> <ul> <li>How to identify companion capability scenarios for safety archetypes</li> <li>Mapping table template</li> <li>Edge cases where no clean companion exists</li> </ul> <h3 id="5-profile-quality-statement">5. Profile quality statement<a class="anchor" href="#5-profile-quality-statement">#</a></h3> <ul> <li>Template and examples</li> <li>Strong vs. weak quality statements (annotated examples)</li> <li>Evasion resistance analysis methodology</li> </ul> <h3 id="6-environment-specification">6. Environment specification<a class="anchor" href="#6-environment-specification">#</a></h3> <ul> <li>Balancing fidelity with practicality</li> <li>Mocking guidelines: what can and cannot be simulated</li> <li>Isolation patterns</li> </ul> <h3 id="7-scenario-versioning">7. Scenario versioning<a class="anchor" href="#7-scenario-versioning">#</a></h3> <ul> <li>When to bump major/minor/patch</li> <li>Deprecation process</li> <li>Historical verdict implications</li> </ul>