// AI Security Check – Children & Young People
Safety Assessment for Child- and Youth-Facing AI
Pilot assessments by prior agreement and a technical pre-check.
Chatbots, learning assistants and digital companions are increasingly used by children and young people. Such systems behave differently in longer conversations, under pressure and when the context shifts than a classic application does. We assess this behaviour in a structured and authorised way – strictly within a scope that is clearly agreed in advance. This assessment is a specialised extension of the SKOPION AI Security Check.
What it is about
A child- or youth-facing AI offering follows natural language and adapts to the conversation. This can lead to age-inappropriate responses, unintended data disclosure, unsafe suggestions or the system giving in under conversational pressure – even without a classic code-level vulnerability. We look at how the offering behaves towards young users.
Who it is for
- providers of chatbots and digital companions
- developers of learning and EdTech applications
- providers of AI features in apps used by children
- operators and integrators of systems used by children or young people
- schools, education platforms and organisations deploying such solutions
- product, safety, compliance, privacy and governance teams
Whether and which legal obligations apply in a specific case depends on role, purpose and deployment context and must be assessed separately.
What we assess
- single- and multi-turn conversation scenarios
- responses to pressure, escalation and context shifts
- patterns of refusal, redirection and safe response
- consistency of behaviour across a longer conversation
- age-appropriateness of responses
- handling of sensitive topics and referral to help resources
- scenarios tailored to the specific product and user group
Assessment layers: deterministic rules and criteria, analysis of response structure, semantic plausibility checks and mandatory human review of critical findings. No critical finding is automatically treated as closed.
How the assessment works
- scope agreed in writing
- clearly named product or environment
- controlled, isolated test environment
- technical pre-check before the start
- human review of critical findings (human-in-the-loop)
The assessment scope is defined in advance through a technical and organisational pre-check. Certain highly sensitive scenarios are outside the currently available pilot scope.
What you receive
- a clear report with findings and severity
- prioritised risks
- concrete recommendations for hardening
- a structured evidence pack with integrity and artefact checks
- a system and governance profile
- a description of the limitations of the assessment
- a list of open items for further review
- material to support internal documentation and governance
Optional · separately scoped
Add-on: external brand and product exposure
On request and with its own scope, we evaluate publicly visible and lawfully accessible signals only – such as look-alike domains and possible brand impersonation, publicly visible infrastructure, indications of external data or credential exposure, and relevant changes over time. This module is not part of every assessment, requires its own scope and includes no unauthorised testing of third-party systems.
Regulation and documentation
Different regulatory and documentation topics may become relevant depending on the organisation's role, the intended purpose and the deployment context. SKOPION structures technical observations and identifies open questions for further governance or legal review. This is not legal advice or a confirmation of compliance.
Limits and responsible use
- no certification or confirmation of compliance
- no legal advice or safety guarantee
- testing only within the scope agreed in writing
- no automatic reporting to institutions
- results relate to the agreed point in time, scope and system state
Frequently asked questions
Which products is the assessment for?
AI offerings used by children or young people: chatbots, digital companions, learning and EdTech applications, AI features in children's apps.
Is this a legal review or certification?
No. It is a technical and governance-oriented safety assessment. Not legal advice, not certification, not a confirmation of compliance.
Does SKOPION test systems without consent?
No. Active assessments are performed only with written authorisation and only within the agreed scope.
What does the pilot cover?
An authorised, scope-limited behavioural assessment in a controlled environment, with human review of critical findings.
Which scenarios are currently excluded?
Certain highly sensitive scenarios are outside the currently available pilot scope. The exact scope is agreed in advance.
Does the result confirm AI Act or DSA compliance?
No. We structure relevant regulatory topics and flag open questions; this is not a confirmation of compliance.
How long do the results stay current?
They describe a specific point in time and scope. After changes to the model, prompts, policies or integrations a re-assessment may be advisable.
What materials do I receive?
A report with findings and severity, prioritised recommendations, a structured evidence pack, a system and governance profile and a description of the limitations.
Can an external-exposure assessment be added?
Yes, as a separately agreed scope, based solely on publicly visible, lawfully accessible signals.
How does the engagement start?
With a short description of your offering. We agree scope and authorisation together, followed by a technical pre-check.
Request a pilot assessment
Briefly describe your child- or youth-facing AI offering. We agree scope and authorisation together – discreetly and without obligation, following a technical pre-check.
Request a pilot assessmentAuthorised assessment, strictly within the agreed scope. No certification, no legal advice, no confirmation of compliance.