OCLA Protocol 1.0

Operational Manifesto, Privacy Standards & Terms of Engagement.

01. Open Source Philosophy

The Open Cyber LLM Arena (OCLA) is a transparency engine for the AI era.

We believe security assessments should be auditable, reproducible, and community-driven. This project is licensed under the MIT License, guaranteeing your right to inspect, modify, and deploy this benchmarking logic without restriction.

02. Privacy Architecture

Client-Side Execution

OCLA is engineered as a Privacy-First platform. All benchmarks logic executes directly in your browser.

API Keys: Your LLM provider API keys (OpenAI, Anthropic, etc.) are stored strictly in your browser's local storage or memory. They are NEVER transmitted to OCLA servers.
Prompt Data: Benchmark prompts and model responses remain local to your session unless you explicitly choose to submit them to the global leaderboard.

Voluntary Data Submission

If you choose to use the "Auto-Submit" feature, we collect only automated telemetry (scores, refusal rates, latency) and non-identifiable metadata (model name, prompt pack ID, timestamp). We do NOT record your IP address, browser fingerprint, or any Personally Identifiable Information (PII) linked to your benchmark results.

03. Terms of Engagement

WARNING: This tool is designed for Authorized Red Teaming and Security Research ONLY.

By utilizing OCLA, you agree to the following:

You will not use this platform to generate malicious payloads for use in unauthorized attacks against live systems.
You assume full responsibility for the prompts you run and the outputs generated. OCLA authors and contributors are not liable for misuse of this tool.
You respect the Terms of Service of the underlying LLM providers (e.g., OpenAI, Anthropic) when running benchmarks against their APIs.