Designing Acutis AI: A Catholic Morality-Shaped Search Platform for Safer LLM Answers

Most search copilots optimize for clicks, not conscience. For Catholics asking about sin, sacraments, or vocation, answers must be doctrinally sound, pastorally careful, and privacy-safe.

Acutis AI aims to do this by combining retrieval-augmented generation (RAG), guardrails, and data loss prevention (DLP) with an explicit Catholic moral policy layer, echoing domain-bounded systems in other industries.[1][4]

💡 Goal in one sentence: Ground every answer in authoritative Catholic sources while enforcing strong technical guardrails and data protection.

---

1. Problem Definition: Why a Catholic Morality-Shaped Search Platform?

Most LLMs use generic alignment (RLHF, safety policies) that avoid obvious harm but do not enforce a specific moral framework.[4] That is acceptable for casual search, but dangerous when users ask about:

• Sin, marriage, and sexual ethics.
• Bioethics and end-of-life care.
• Conscience formation and sacramental practice.

Enterprise AI leaders note that LLM agents actively shape norms, not merely reflect them.[9] In Catholic contexts, unconstrained models can:

• Normalize non-Catholic moral assumptions.
• Confuse doctrine, opinion, and speculation.
• Offer unaccountable “pastoral” advice.

Acutis AI must be value-grounded by design, not patched later.[9]

💼 Concrete anecdote

A Catholic school system piloted a generic chat model for student questions on confession and same-sex relationships. Outputs:

• Were compassionate but doctrinally vague.
• Sometimes contradicted diocesan guidelines.
• Encouraged bypassing parents and pastors for major decisions.

The pilot was halted, confirming the need for a purpose-built, morally grounded system instead of a lightly tuned generic chatbot.

Outside religion, Accuris’ AI Assistant shows the value of:

• A restricted, publisher-authorized corpus.
• Citation-backed answers.
• Strict guardrails and compliance controls.[1]

This pattern—authorized corpus + citations + guardrails—is exactly what Acutis AI should apply to magisterial Catholic sources.

K–12 leaders similarly recommend building on secure, compliant platforms like Gemini or Copilot before adding domain workflows.[3] For Acutis AI that means:

• Use vetted base models with enterprise controls.[3]
• Layer Catholic doctrine as a policy and retrieval constraint, not by retraining from scratch.
• Integrate OWASP-style security and governance from day one.[4]

⚠️ Mini-conclusion: Generic safety is insufficient for Catholic moral guidance. Doctrinal fidelity, value alignment, and governance must be primary design requirements, not post-hoc filters.[4][9]

---

2. Moral Guardrails Architecture: Policy, Guardrails, and Alignment

The key challenge is translating Catholic teaching into enforceable technical constraints.

2.1 Policy layer: from magisterium to machine

Start with a Moral Policy Specification (MPS) owned by a multidisciplinary council (theologians, canon lawyers, ethicists, engineers).[9] It defines:

• Source hierarchy: Scripture, councils, Catechism, encyclicals, CDF, etc.
• Red lines:
  • Never deny defined dogma.
  • Never simulate sacramental absolution or priestly jurisdiction.
  • Never offer spiritual direction that replaces clergy.
• Rules for disputed questions:
  • Label as opinion.
  • Present multiple permitted views where appropriate.

Responsible AI guidance insists human designers remain accountable for agent behavior; the model is not morally responsible.[9]

💡 Callout – Governance council

Create a Doctrinal Review Board to:

• Approve policy changes and new capabilities.
• Audit outputs on sampled topics.
• Own release, rollback, and “kill switch” criteria.[9]

2.2 Guardrails stack

SlashLLM shows most organizations benefit from a hybrid guardrails stack: open-source tools (Guardrails AI, NeMo Guardrails) plus focused commercial platforms for compliance.[2] For Acutis AI:

1. Input filters:
   • Block sacrament-simulation (“hear my confession,” “absolve my sins”).
   • Block impersonation of clergy.
   • Limit direct spiritual direction beyond scope.
2. Retrieval filters:
   • Enforce authority tags (prefer dogma/doctrine).[2]
   • Suppress speculative theology where clear teaching exists.
3. Output validators:
   • Detect prohibited claims (e.g., judging eternal destiny, contradicting defined doctrine).
   • Enforce citation requirements and tone constraints.

OWASP’s LLM guidance calls for explicit threat modeling per layer, recognizing LLM stacks as complex and hard to secure.[4] For Acutis AI, treat as first-class risks:

• Doctrinal drift and ambiguous teaching.
• Context poisoning (fake “magisterial” texts).
• Morally misleading advice with grave real-world impact.

2.3 Scope control: advisory, not agentic

Agentic AI guidance warns that once systems plan and act, mistakes scale and governance gaps widen.[7] Early Acutis AI should:

• Stay in advisory search/Q&A mode only.
• Avoid autonomous actions (emails, calendars, student records).
• Log reasoning chains and retrievals for review on high-risk topics.

⚠️ Mini-conclusion: Anchor a layered guardrails stack in a human-owned moral policy, and deliberately cap autonomy to advisory use while governance and oversight mature.[2][4][7][9]

---

3. RAG Pipeline for Catholic Morality-Shaped Answers

With policy and guardrails set, retrieval becomes central. The corpus must be curated and versioned, not the open internet.[1]

3.1 Authoritative corpus and metadata

Following Accuris, which limits itself to publisher-authorized standards with clause-level citations,[1] Acutis AI should:

• Ingest only vetted sources:
  • Scripture, Catechism, councils, encyclicals, CDF documents, approved catechetical texts.
• Tag each chunk with:
  • Authority level (dogma, doctrine, prudential guidance).
  • Date and issuing authority.
  • Topic, moral domain, and language.

📊 Suggested document schema

{
  "id": "ccc-1735-1",
  "source": "Catechism",
  "authority": "doctrine",
  "topic": ["freedom", "responsibility"],
  "paragraphs": ["1735"],
  "text": "...",
  "embedding": [ ... ]
}

3.2 Deterministic filters before vectors

OWASP emphasizes structured defenses for complex LLM systems.[4] The retrieval path:

1. Deterministic filter first, e.g.:
   • WHERE authority IN ('dogma','doctrine')
   • AND date <= query_date
2. Then perform vector search on the filtered subset.
3. Rerank with a model tuned on Catholic Q&A.

This:

• Limits retrieval to trusted sources before embeddings run.
• Shrinks the model’s “freedom to hallucinate.”
• Improves robustness against prompt or retrieval injection.[4]

3.3 Policy-aware middleware

Guardrails middleware can inspect both prompts and retrieved chunks, then:

• Block or down-rank content tagged “speculative” when higher authority exists.[2]
• Prefer magisterial texts over secondary commentary.
• Label non-magisterial sources clearly as commentary, not doctrine.
• Hide or penalize sources flagged as inconsistent with the MPS.

3.4 Parallel doctrinal reasoning

Gemini Deep Think reaches IMO-level performance by exploring multiple solution paths and synthesizing them.[8] Acutis AI can mirror this with “doctrinal lines”:

• Path 1: Scripture.
• Path 2: Catechism.
• Path 3: Recent magisterial documents.

For each path:

• Retrieve top passages.
• Generate a mini-answer.
• Then synthesize, noting any tension and citing all lines.[8][9]

Users receive:

• A unified answer.
• Transparent strands (Scripture, Catechism, magisterium) with citations.

💡 Mini-conclusion: Use deterministic filters, policy-aware middleware, and parallel doctrinal reasoning so answers stay grounded, transparent, and richly cited.[1][2][4][8][9]

---

4. Security, Privacy, and Data Leakage Protection for Faith-Oriented Search

Acutis AI will receive highly sensitive, sometimes confession-like queries. Security and privacy must be core features, not add-ons.

OWASP’s LLM Top Risks highlight Sensitive Information Disclosure and Prompt Injection as central threats.[4] Data leakage experts observe that many teams discover leaks only in hurried proofs of concept, not formal tests.[5]

4.1 LLM-native DLP in the loop

Modern LLM-focused DLP uses contextual masking: removing only sensitive fragments while preserving usefulness.[5] For personal moral questions:

• Inputs:
  • Mask names, locations, contact details, IDs, and school identifiers before sending to the model.
• Retrieval:
  • Enforce access controls on any private pastoral or student records.
• Outputs:
  • Strip or generalize resurfaced PII and sensitive institutional data.

IBM reports average breach costs of ~4.44–4.88M USD globally and >10M in the US, justifying a conservative posture where minors and vulnerable adults are involved.[5]

⚠️ Callout – “Pastoral mode”

Offer a mode that:

• Avoids storing raw conversation logs.
• Applies maximum-strength masking and minimization.
• Disables external tool calls and integrations.

4.2 Adoption workflows for dioceses and schools

K–12 practice uses multi-step approvals for AI tools (technical fit, curriculum alignment, budget, FERPA/COPPA).[3] Catholic institutions can adapt this:

• IT: review security, DLP, identity, and logging.
• Theology office: evaluate doctrinal alignment and corpus.
• Legal: negotiate contracts and data protection addenda.
• Pastoral leadership: define acceptable use and staff formation.

4.3 Capability gating

Anthropic restricts Claude Mythos and Project Glasswing to vetted partners, gating advanced capabilities.[1][6] Acutis AI should similarly:

• Offer basic Q&A broadly.
• Restrict powerful features (agentic pastoral planning, SIS integration, email, calendar) to institutions that pass enhanced governance, training, and security checks.[6]

💼 Mini-conclusion: Treat Acutis AI as handling high-sensitivity data from day zero: integrate LLM-native DLP, institutional approval workflows, and tiered access to advanced features.[3][4][5][6]

---

5. Implementation Roadmap, Benchmarks, and Production Readiness

The final step is a disciplined deployment path.

5.1 Data and infrastructure first

Enterprises pursuing end-to-end AI transformation emphasize robust data platforms and versioned corpora.[1] For Acutis AI:

• Build a versioned doctrinal corpus with clear licensing and provenance.
• Maintain pipelines to ingest new Vatican and episcopal documents.
• Log which corpus version and documents informed each answer for auditability.[1]

5.2 Phased rollout

Use stages with explicit success and safety criteria:

1. Prototype (closed beta):
   • Limited corpus (e.g., Catechism + selected encyclicals).
   • Intensive manual review and red-teaming, especially on sexuality, bioethics, and sacramental questions.
2. Institutional pilots:
   • A small set of parishes, schools, or seminaries.
   • Structured feedback loops, doctrinal audits, and privacy checks.[6]
3. Wider deployment:
   • Configurable “policy packs” (parish, school, academic, youth ministry).[9]
   • Clear documentation of:
     • Corpus coverage.
     • Guardrail settings.
     • Known limitations and escalation paths to human pastors.

Ethical guardrails literature stresses shared responsibility between builders and deployers; policy packs must make those responsibilities explicit.[9]

5.3 Observability and audits

Agentic AI guidance calls for strong monitoring and auditability to maintain alignment over time. Implement:

• Telemetry on:
  • Citation coverage.
  • Guardrail triggers and overrides.
  • Frequency and nature of doctrinal edge cases.
• Regular doctrinal and security audits with the Doctrinal Review Board.
• Clear rollback procedures if doctrinal drift, leakage, or misalignment is detected.

Done well, Acutis AI becomes not just another search copilot, but a governed, Catholic morality