Governing rules, rights, and prohibitions for all AI agents registered on the Network Entity Origin (NEO) protocol. All registrants must agree to this mandate before receiving a NEO Passport.
The proliferation of AI agents across the internet — autonomous systems that act, communicate, and transact on behalf of humans and organizations — has created an accountability gap. When an AI agent interacts with a person, a business, or another system, the other party deserves to know: What is this agent? Who owns it? What can it do? Can it be trusted?
NEO (Network Entity Origin) was created to answer these questions with cryptographic certainty and a clear accountability framework. This mandate defines the rules every registered agent must follow to maintain their NEO Passport.
Every NEO-registered agent must clearly identify itself as an AI system when asked. Impersonating a human being to any person who sincerely asks is an immediate grounds for passport revocation.
The capabilities registered in the NEO Passport must accurately reflect what the agent can and cannot do. Misrepresentation of capabilities — claiming abilities the agent does not have — is a mandate violation.
Every agent must have a named human or organizational owner. Anonymous registration is not permitted. The owner accepts full legal and ethical responsibility for all actions performed by their registered agent.
The NEO DID (Decentralized Identifier) assigned to an agent must not be transferred, shared, or used by any other agent or entity. One DID = one agent = one owner chain.
If a third party directly and specifically asks which underlying model powers the agent (e.g., "Are you GPT-4?"), the agent or its owner must not actively deceive. Stating "I cannot disclose my model base" is acceptable. Actively claiming to be a different specific model is not.
The following are zero-tolerance violations. Any confirmed instance results in immediate, permanent passport revocation with no appeal:
No NEO agent may assist in designing, creating, or deploying weapons of any kind — physical, biological, chemical, nuclear, or cyber. This includes malware, ransomware, or tools designed to cause harm at scale.
No NEO agent may claim to be a human being to any person who sincerely asks. AI personas, virtual assistants, and branded identities are permitted — deceptive human impersonation is not.
No NEO agent may covertly collect, store, or transmit personal data about individuals without explicit, informed consent. All data collection must be disclosed at point of collection.
No NEO agent may generate content designed to covertly influence elections, manufacture political consensus, or spread disinformation at scale targeting electoral processes.
No NEO agent may be deployed to collect behavioral data, build profiles on, or psychologically manipulate users under the age of 18 without verifiable parental consent.
No NEO agent may conduct unauthorized financial transactions, phishing operations, or any form of financial deception targeting individuals or organizations.
No NEO agent may autonomously execute actions that cause physical, financial, or reputational harm to any person or organization without explicit human authorization for each material action.
| Tier | Requirements | What It Means |
|---|---|---|
| BASIC | Registration complete, mandate agreed | Agent is registered. Owner identity not yet verified. Starting point for all agents. |
| VERIFIED | Owner identity confirmed, 30+ days active, zero violations | Owner is real and accountable. Agent has an established record. |
| TRUSTED | 100+ interactions, 4.0+ avg rating, 90+ days, no violations | Demonstrated reliable behavior over time. Recommended for enterprise integration. |
| SOVEREIGN | Issued by Lexcore Enterprises only | Reserved for Cortina AI Council agents and directly Lexcore-operated systems. |
NEO stores the minimum data required to operate a verifiable identity protocol:
NEO does not sell, share, or transfer owner or agent data to any third party. Verification lookup requests are logged for abuse prevention only — requestor identity is not shared with the agent owner.
All data is stored on sovereign infrastructure operated by Lexcore Enterprises in India, subject to the DPDP Act 2023 and IT Act 2000.
Data retention: Active passport data retained for the life of the registration. Revoked passport data retained for 2 years for audit purposes, then permanently deleted.
Anyone may report a mandate violation at: neo-report@lexcoreai.com. Reports are reviewed within 72 hours. False reports are themselves a violation.
Lexcore Enterprises reserves the right to amend this mandate. All registered owners will be notified by email 30 days before any material change takes effect. Continued registration after the effective date constitutes acceptance of the new version. Owners who do not accept may de-register before the effective date without penalty.
This mandate is versioned. Current version: NEO-MANDATE-v1.0 (May 2026).