Safety Overview

Safety in Amigo is a hard constraint, not a feature you enable. The system is designed so that unsafe behavior is structurally difficult to produce, not just monitored after the fact. Every layer of the platform - from how data enters the world model to how the voice agent forms a response to how changes reach the EHR - includes controls that prevent harm before it happens.

Three Layers

Safety operates at three distinct layers, each addressing a different part of the system lifecycle.

Operational Safety

Runtime protection during live conversations. The platform monitors what the agent says, tracks the caller's emotional state, measures the agent's confidence in its own understanding, and escalates to a human operator when conditions warrant it.

At the data layer, write scope isolation constrains what the voice agent can modify during a call. The agent's tool writes are limited to specific entity types and confidence levels, preventing voice-extracted data from overwriting authoritative records. System services like the connector runner operate outside this scope because they handle verified, confidence-gated data.

The triage system adds regulation-specific evaluation on top of the semantic monitoring. Pre-built templates for Joint Commission suicide risk assessment, VAWA domestic violence detection, and FDA adverse drug reaction reporting run on every turn during live calls.

Operational safety is covered in detail in Operational Safety and Monitoring.

Deployment Safety

Pre-production validation that catches problems before they reach live calls. This includes simulation-based testing with synthetic personas and scenarios, staged rollout through version sets, and a promotion workflow that requires passing quality gates before a configuration goes to production.

Deployment safety is covered in Deployment Safety.

Compliance

Audit trails, data integrity, and regulatory controls. The event-sourced world model provides a complete, immutable history of every data point. Confidence-based writes prevent unverified data from reaching EHR systems. PHI handling follows isolation and access control patterns designed for HIPAA environments.

Compliance is covered in Compliance.

How the Layers Work Together

The three layers are not independent checkboxes. They form a continuous loop:

1. Deployment safety validates that a new agent configuration behaves correctly in simulated scenarios before it handles real calls

2. Operational safety monitors the agent during live calls and intervenes when something falls outside expected boundaries

3. Compliance provides the audit trail that proves the first two layers are working, and supplies the data needed to improve them

A problem detected by operational safety (for example, the agent consistently struggling with a specific type of insurance question) feeds back into deployment safety (new simulation scenarios are created to cover that case) and compliance (the audit trail shows when the problem started and how it was addressed).

What Safety Is Not

Safety in this context does not mean:

• Content filtering on outputs. The agent's behavior is governed by its context graph, safety monitors, and escalation rules, not by a post-hoc filter that scans generated text.

• A separate module bolted onto the side. Safety controls are embedded in the architecture: in how the world model resolves conflicts, in how the connector runner gates writes, in how the voice agent decides when to escalate.

• A guarantee of perfect outcomes. The system is designed to minimize harm and maximize the probability of correct behavior. When it cannot be confident in the right course of action, it escalates to a human.

Learn More