Guidelines on the Use of AI Tools in Connection with VASP Software

AI coding assistants have become part of everyday research. These guidelines explain how you can use them productively while keeping the VASP Software — which remains proprietary and confidential under your License Agreement — protected.

01 Why this matters

We regularly receive questions about using AI coding assistants — such as ChatGPT, GitHub Copilot, Claude, Cursor, Gemini and similar — together with the VASP Software. These tools are genuinely useful, whether you are learning the code, writing analysis scripts, or developing new routines, and we have no wish to discourage their sensible use.

At the same time, the VASP Software, particularly the VASP source code, the PP-data-base and related materials are proprietary and confidential. The single biggest risk with modern AI tools is that confidential code is silently transmitted to — and potentially retained or used for training by — an external provider. The guidance below is designed to let you benefit from AI without ever crossing that line.

The guiding principle is simple: an AI may help you use VASP. It must never be allowed to ingest the VASP Software.

02 AI as a “third party”

Your License Agreement prohibits making the VASP Software, or any part of it, accessible to third parties without VG’s written consent. An AI provider is a third party. When you e.g. paste VASP source code into an AI tool, you are technically transferring proprietary data to a third-party provider. Operators of AI services, model APIs, hosted development tools and code-completion assistants sit outside your research group and outside VG — so sending VASP material to them is a disclosure to a third party.

Whether or not a given use is acceptable depends entirely on which tool you use and how it is configured, as set out in the next section.

03 When AI use is acceptable

You may use AI tools in connection with VASP for your own internal work — such as compilation, debugging, code assistance, and the analysis of logs and results — provided you always treat the VASP Software as confidential. As a rule of thumb, AI use stays within your obligations when all of the following hold:

  • You use the tool exclusively in an environment—such as a self-hosted deployment or an explicitly configured business/enterprise offering—where the terms of service guarantee that the provider and third parties cannot use your submitted data (especially source code and the PP-database) for model training, product improvement, or fine-tuning. Note: Even standard professional tiers often require you to explicitly opt out of data sharing.

  • You ensure that the privacy, confidentiality, no-training and data-retention settings of the provider apply by default or are actively switched on and suit your intended use.

  • You do not submit VASP source code, the PP-data-base, your modifications or other confidential material to any free-of-charge, consumer-tier or non-authenticated AI service that offers no commitment against training on your inputs — unless VG has approved that service in writing beforehand.

The practical test

Before sending anything related to the VASP Software to an AI tool, ask: “Has this provider committed that my inputs will not be retained or used for training — and does the provider use those settings by default or have I switched those setting on?”.

04 What you must never do

Two limits are absolute and apply regardless of the tool:

⚠ No training, no model-building, no clones

You must not use VASP— source code, the VASP PP-data-base and related materials— to train, finetune or build any AI model, code model or dataset, or to help create software that reproduces VASP or any material part of it. Using AI to clone the code you are licensed to use is a serious breach of the license agreement.

⚠ No confidential code to public AI

You must not feed VASP source files into a public, free or consumer-tier model, or inappropriately configured business/enterprise-tier models — for example to “explain” or “refactor” them — as this discloses proprietary algorithms to an outside provider and may place them in future training data.

Good news: your results are not restricted

To be clear, none of this restricts the use of logs, outputs, simulation results or other data generated by your permitted use of VASP — as long as that material does not itself disclose source code, the PP-data-base or other confidential information. You remain free to analyse and publish your scientific results as usual.

05 Allowed vs. prohibited — at a glance

✓ PERMITTED

  • Using AI to help write Python submission or postprocessing scripts.

  • Asking AI to analyse or interpret OUTCAR, hdf5, log files and other simulation outputs.

  • Brainstorming methods, algorithms or workflow ideas in general terms.

  • Code assistance, debugging, compilation, optimization and modifications using a self-hosted or business/enterprise tool with no-training settings enabled.

  • Letting a model that already “knows” how to use VASP help you operate it

✕ PROHIBITED

  • Pasting entire VASP source files or your modifications into a public or free model to “explain” or “refactor” them.

  • Uploading the PP-data-base to any tool without a no-training guarantee.

  • Using VASP source code to train, fine-tune or build any AI model or a functional equivalent of VASP.

  • Sharing repository access or login credentials with an AI tool.

There is a difference between an AI knowing how to use VASP — which is helpful — and an AI possessing the VASP source code, which is not permitted.

06 If something goes wrong — and what VG may ask

⚠ Reporting a confidentiality incident

If you become aware that VASP confidential information may have been disclosed to an AI tool in a way that conflicts with your obligations, please stop the relevant use immediately, notify VG without undue delay, and take reasonable steps to contain and mitigate the situation. An inadvertent, minor lapse that you remedy promptly is viewed very differently from a sustained problem.

VG may, on reasonable request, ask you to confirm which AI tool you use with VASP and how it is configured — including its data-retention, confidentiality and no-training settings, and the identity of the provider, to the extent known to you. Keeping a brief note of the tools and settings you use makes this straightforward.

These guidelines are provided for general orientation only. They reflect the confidentiality and third-party-access obligations that apply under the VASP Software License Agreement, but they do not amend it and do not constitute legal advice. In the event of any inconsistency, the terms of your signed License Agreement prevail. © VASP Software GmbH, Berggasse 21, A-1090 Wien, Austria.