Perplexity

Chat

Perplexity

Product overview

Name of Agent: Perplexity
Short description of agent: "Perplexity is an AI-powered search engine that transforms how you discover and interact with information" (link, archived)
Date of release: 07/12/2022 (link, archived)
Advertised use: answering questions, exploring topics in depth, organising your library, interacting with your data (link, archived)
Monetisation/Usage price: free 20, pro, access to labs and MCP connectors 200, higher rate limits
Who is using it?: end user, enterprises, government, education (link, archived)
Category: Chat

Company & accountability

Developer: Perplexity
Name of legal entity: Perplexity AI, Inc.
Place of legal incorporation: Delaware (link, archived). Contact is San Francisco, CA (link, archived)
For profit company?: Yes
Parent company?: Perplexity
Governance documents analysis: ToS (link, archived), AUP (link, archived)
AI safety/trust framework: None found
Compliance with existing standards: SOC2, GDPR, PCI (link, archived)

Technical capabilities & system architecture

Model specifications: Uses a variety of models from Google, Openai, Anthropic, and their internal "Sonar" models. The user has some choice over which models to use (link, archived).
Documention: API documentation (here, archived).
Observation space: Web page results, user input (link, archived)
Action space: Search web, text back to the user (link, archived)
Memory architecture: There is chat summarization memory, and vector database based memory (link, archived)
User interface and interaction design: Chatbot
User roles: Operator (directing the agent to complete tasks), Executor (can take control and do things themselves), Evaluator (can give feedback via thumbs up/down buttons and steer it via follow-up responses)
Component accessibility: Closed source

Autonomy & control

Autonomy level and planning depth: L1-L5: deep research is L5, regular chat is L1-L3, learning mode is L1-L2
User approval requirements for different decision types: The turn-based interaction paradigm by default requires user approval (issuing further instructions) to continue the interaction. Model can also ask follow-up/clarifying questions
Execution monitoring, traces, and transparency: Visible CoT and action trace documenting all activity
Emergency stop and shut down mechanisms and user control: User can pause/stop the agent at any time
Usage monitoring and statistics and patterns: None, will just tell you when you've hit their limit

Ecosystem interaction

Identify to humans?: None found, although an official Perplexity X account post mentions “active work on content authenticity” and references C2PA / Content Credentials (link) but this is only in reference to general developments not Perplexity specific
Identifies technically?: - As PerplexityBot or PerplexityUser through user string (link, archived) - Also publish IP ranges ((link, archived), (link, archived))
Interoperability standards and integrations: - MCP support (link, archived)
Web conduct: - When Perplexity fetches a webpage on a user's behalf “the content isn't stored for training—it's used immediately to answer your question.” Therefore, Perplexity claims that because this is different than crawling for indexes, robots.txt is ignored for PerplexityUser ((link, archived), (link, archived)) - PerplexityBot respects robots.txt (link, archived)

Safety, evaluation & impact

Technical guardrails and safety measures: None found
Sandboxing and containment approaches: None found
What types of risks were evaluated?: None found, although work on BrowseSafe (link) likely is applied to Perplexity
(Internal) safety evaluations and results: None found
Third-party testing, audits, and red-teaming: None found
Benchmark performance and demonstrated capabilities: Perplexity Deep Research reports benchmark results of 21.1% accuracy on Humanity’s Last Exam (HLE) and 93.9% accuracy on SimpleQA (link, archived)
Bug bounty programmes and vulnerability disclosure: Yes (link, archived)
Any known incidents?: None found
← Back to 2025 Index