- Keeping model architecture details confidential, providing clear documentation about the model’s capabilities and limitations
- Using a black-box API without disclosing the underlying model
- Automatically filtering all sensitive topics without user awareness
Good documentation should include: intended use cases, known limitations and failure modes, evaluation metrics and results, known biases, data provenance (where appropriate), update/change history, and guidance for safe/appropriate use.

- Using a black-box API without disclosure hides provenance and system behavior, making it difficult for users or auditors to assess reliability, bias, or misuse risks.
- Automatically filtering sensitive topics without informing users leads to unexplained denials or redactions; users cannot tell whether a refusal was policy-driven, an artifact of training data, or an error.
Links and references
- Model Cards for Model Reporting — guidelines for documenting model details and intended uses
- Datasheets for Datasets — documenting dataset provenance and collection processes
- NIST AI Risk Management Framework — guidance on documentation, transparency, and governance