{"slug": "guardrails-for-a-company-of-cyborgs", "title": "Guardrails for a Company of Cyborgs", "summary": "An AI company trading on NASDAQ hired a consultant to design guardrails preventing employees from posting AI-generated content that could violate disclosure rules or damage the brand. The system uses a learning gate that automatically approves clean posts, rejects clear violations with explanations, and routes doubtful cases to humans whose decisions update the rules. The design addresses the risk that 57% of AI users hide their use and 66% rely on unchecked AI output, which for a public company could trigger FINRA penalties like the $850,000 fine against M1 Finance.", "body_md": "# Guardrails for a Company of Cyborgs\n\n### An AI company from NASDAQ asked us to let their employees post with AI without burning the brand or the ticker. Here is the system we designed, and why both obvious answers to this problem are wrong.\n\nLast week I wrote that [my agent speaks under my name](https://www.bulaev.net/p/the-new-cyborgs-dont-have-implants) and I own every word it sends. A few days later a client asked, politely, what happens when \"I\" is two hundred employees.\n\nThe client is an AI company, trades on NASDAQ. Their situation: employees discovered Claude and started posting on LinkedIn. A lot. Some posts are great. Some are word soup with hashtags. And some, sooner or later, will casually touch revenue expectations - and that stops being a branding problem. That's a call from a lawyer about disclosure rules.\n\nThe ask sounded simple. Let people post, with AI, in their own voice. Just make sure nothing stupid or illegal leaves the building under the company's name. At company scale. Forever.\n\nI love this problem, because both obvious answers to it fail in a measurable way.\n\nTL;DRWe design guardrails as a gate that learns, not an approval queue. Every employee post passes one enforcement point before LinkedIn: clean posts publish automatically, clear violations bounce back with reasons, doubtful ones go to a human. Every human decision gets written back into the rules. So the system needs less babysitting as it grows, not more. Built on Publora plus pieces we already shipped open source.\n\n## 1. Employees are the best channel a company has\n\nThe numbers here are old news for marketers and still surprising for everyone else.\n\nPeople trust their employer more than any other institution: 79%, above business, government and media ([Edelman Trust Barometer](https://www.edelman.com/trust/2024/trust-barometer/special-report-trust-at-work)). Employee networks hold about [10x more connections](https://business.linkedin.com/content/dam/me/business/en-us/elevate/Resources/pdf/official-guide-to-employee-advocacy-ebook.pdf) than the same company has followers, and content shared by an employee gets twice the click-through of the brand page (LinkedIn's own guide). And [72% of socially active employees](https://sproutsocial.com/insights/employee-advocacy-stats/) say they would post about their company if someone prepared the content for them.\n\nFunny detail I found while checking sources. The most quoted number in this industry, \"employee content gets 561% more reach\", leads nowhere. The original report vanished years ago, every citation is a blog quoting a blog. The flagship stat of employee advocacy is unauditable. Fits the theme of this essay better than any real number would.\n\nSo companies want employees posting. That part was never the problem.\n\n## 2. AI made the best channel the most dangerous one\n\nWhat changed in the last two years: employees stopped writing their posts. Their agents write. And the numbers around that are honestly worse than I expected.\n\nIn a KPMG global study of 48,000 workers, [57% of AI users hide it](https://assets.kpmg.com/content/dam/kpmgsites/xx/pdf/2025/05/trust-attitudes-and-use-of-ai-global-report.pdf) and present AI output as their own, and 66% rely on that output without checking it. Salesforce found [64% passing off AI work as their own](https://www.salesforce.com/news/stories/ai-at-work-research/) and 40% using tools their company explicitly banned. Per SHRM, [30% knowingly break their org's AI rules](https://www.shrm.org/mena/topics-tools/research/navigating-ai-in-the-workplace/full-report), and a third of those would do it again to save time.\n\nPut these together and you get the picture our client saw in their feed: confident, fluent, unchecked text going out under employee names, every day. Most of it harmless. Statistically, some of it not.\n\nFor a public company \"some of it not\" has a price tag. FINRA fined M1 Finance [$850,000](https://www.finra.org/media-center/newsreleases/2024/finra-fines-m1-finance-850000-violations-regarding-use-social-media) for social posts that nobody pre-reviewed, approved or even retained. Not for malicious content. For the absence of a system.\n\n## 3. Both obvious answers fail\n\n**Answer one: ban it.** Already failed. The 40% using banned tools are the measurement of that failure. Prohibition just moves AI use into the shadow, where you can't see it and definitely can't audit it.\n\n**Answer two: route everything through PR.** An approval queue works at ten posts a month and collapses at two hundred. Every queued post waits days, employees learn that posting is painful, participation dies. And participation is already the hardest part: [74% of social media managers](https://www.gaggleamp.com/employee-advocacy-statistics-you-need-to-know) call getting employees to engage their number one challenge. Roughly [one company in five](https://www.oktopost.com/blog/employee-advocacy-statistics-2026/) has a formal advocacy program at all, and 75% of employee advocates never got any training.\n\nA policy PDF is not a system. A queue is a system that kills the thing it protects. What's left is the interesting part.\n\n## 4. The design: a gate that learns\n\nHere is the system we designed for this client, on top of [Publora](https://publora.com), our posting platform.\n\nThe entry point is corporate Claude with our custom skill connected. An employee writes a post the way they already do, with their agent, in their voice. The moment they say \"publish\", the skill fires and nothing goes to LinkedIn directly. The post goes to the guardrails system first.\n\nThe guardrails check runs the text through several iterations against a live rules database: information disclosure, customer agreements, brand rules, listed-company restrictions. Three outcomes, not two.\n\n**Clean**- published automatically through the employee's Publora seat. No human in the loop, no waiting.** Clear violation**- declined, with reasons and suggested edits back to the author. Not a silent block. The author learns the rule.** Doubt**- flagged to a human moderator in comms. They approve or decline.\n\nThe flagged path is where the system earns its keep. Every human decision is written back into the rules database. Moderator declined a post about an unannounced partnership? The system remembers the pattern. Next similar case doesn't reach the moderator.\n\nEvery decision updates the guardrails.\n\nThis inverts the economics of review. An approval queue grows linearly with headcount: more people, more waiting, more moderators. A learning gate compresses: the more it processes, the less it asks. Month one the comms team sees maybe a fifth of posts. By month six they see the genuinely new cases only, which is exactly what senior humans should be looking at.\n\nTwo design details I insisted on. First, the gate is the only door: manual posts from the Publora editor pass the same check, so the story is \"every post\", not \"AI posts\". Second, the rules aren't invented by us. They're seeded from documents the company already has - the comms policy, the social etiquette deck, disclosure requirements for listed companies in both US and UK, then enriched with deep research. The system enforces the company's own rulebook, just consistently.\n\n## 5. The part the lawyers actually asked about\n\nEvery check, decision and publication lands in a timestamped decision log. When a regulator or an auditor asks \"show me your supervision process for employee communications\", the answer is a report, not a shrug. That's the difference between our client and M1 Finance: FINRA's fine wasn't about a bad post, it was about no pre-review and no retention. The log **is** the retention.\n\nOn top of that: role-based access, escalation paths, and a versioned rulebook so you can answer \"what was the policy on March 3rd\" precisely. Boring features. They close deals with legal departments, not with marketing.\n\n## 6. What it costs, roughly\n\nThe pricing pattern matters more than numbers. Two components: a fixed per-seat fee for the posting infrastructure, and consumption for guardrails checks, because every check burns real AI tokens and pretending otherwise just hides the cost somewhere worse. Seats scale with headcount, checks scale with activity. A quiet month costs little.\n\nThe build-vs-buy math the client did themselves: an internal version is 2-3 engineers for 6-12 months plus permanent support, for a company whose business is not social media tooling. Our version reuses a platform that already serves other clients. This is the whole reason the deal makes sense for both sides.\n\nWho staffs the human review is a dial, not a fixed decision. Start vendor-managed while the rules mature, hand it to the internal comms lead when the flag rate drops.\n\n## 7. What we're building it from\n\nFull disclosure: Publora is my product, and half the pieces here started as our internal tools that we later [open-sourced](https://github.com/sergebulaev/linkedin-skills).\n\nThe policy checker grew from our humanizer's audit mode, a 20-point pass/fail review we run on every draft before publishing. The governance model comes from our employee advocacy skill, which draws a hard line I want to underline: reviewers check facts, confidential information and legal risk. Reviewers do not touch voice, tone or opinions. The fastest way to kill an advocacy program is to make everyone sound like the press office.\n\nThe monitoring and dashboards come from the same stack we use to track thousands of LinkedIn creators daily for our own content intelligence. Nice bonus for the client: same rails, so managers get progress dashboards for the whole team's LinkedIn presence.\n\nAnd honest engineering note, because I know some of you will check: the open-source pieces enforce approval by convention, not by runtime. Turning conventions into actual blocking gates, with SSO, roles and an audit log, is precisely the enterprise build. That's the work.\n\nGuardrails sound like bureaucracy until you remember what I wrote last week: a person owns every word their agent sends. A company is under the same rule, multiplied by every employee, watched by regulators, priced by the market. \"Our employee's bot glitched\" is not a sentence you want in an SEC filing.\n\nAt my scale, letting the agent speak is a habit. At company scale, the letting has to become infrastructure.\n\nThree things, if this landed:\n\n**Running a team that posts?** Tell me what your review process looks like today, I'm collecting failure patterns.**Want the free pieces?**[linkedin-skills](https://github.com/sergebulaev/linkedin-skills)has the humanizer, the audit checklist and the advocacy playbook, MIT-licensed.**Have this exact problem at your company?** Write me. We're building this now and one more design partner makes the rules smarter for everyone.\n\nNext issue: how the guardrails database actually works inside - rules, embeddings, and what a moderator's \"no\" turns into. Subscribe if you want the wiring.", "url": "https://wpnews.pro/news/guardrails-for-a-company-of-cyborgs", "canonical_source": "https://www.bulaev.net/p/guardrails-for-a-company-of-cyborgs", "published_at": "2026-07-16 17:07:53+00:00", "updated_at": "2026-07-16 17:26:07.674044+00:00", "lang": "en", "topics": ["ai-policy", "ai-ethics", "ai-tools", "generative-ai"], "entities": ["Claude", "LinkedIn", "NASDAQ", "Publora", "Edelman Trust Barometer", "KPMG", "Salesforce", "FINRA"], "alternates": {"html": "https://wpnews.pro/news/guardrails-for-a-company-of-cyborgs", "markdown": "https://wpnews.pro/news/guardrails-for-a-company-of-cyborgs.md", "text": "https://wpnews.pro/news/guardrails-for-a-company-of-cyborgs.txt", "jsonld": "https://wpnews.pro/news/guardrails-for-a-company-of-cyborgs.jsonld"}}