Features

Upload your existing AI documentation in any format — PDF, Word, Markdown, HTML, CSV. The audit engine uses semantic analysis (not keyword matching) to classify each document against the 13 compliance artifact types and evaluate field-level coverage.

• ✓Per-article readiness scoring across EU AI Act Articles 9-17
• ✓COVERED, PARTIAL, and MISSING status for every requirement
• ✓Actionable remediation plan with specific fields to write
• ✓Download results as PDF, HTML, or JSON
• ✓Works with Anthropic, OpenAI, and Google AI models

Every field in every template links to a specific EU AI Act Article and paragraph. Your team does not need to read the regulation. The template tells them exactly what to write, why it matters, and what good content looks like.

• ✓13 compliance artifacts covering Articles 9-17 and Annex IV
• ✓REQUIRED FOR comments linking each section to regulation text
• ✓Example content from a real Annex III Category 4 build
• ✓Standard tier (8 artifacts) and Enterprise tier (13 artifacts)
• ✓8 Annex III categories supported

Artifacts are connected by validated dependencies. You cannot submit a test plan without a verified architecture. You cannot deploy without QA sign-off. The engine enforces the rules your team might otherwise skip under deadline pressure.

• ✓12 pipeline phases from INTAKE to DONE
• ✓Gate conditions at every phase transition
• ✓Dependency verification: each artifact must reference verified upstream artifacts
• ✓Version tracking with content hashes for every submission
• ✓Phase-locked submissions prevent out-of-order work

Change your architecture? Every downstream artifact — security review, test plan, deployer guide — is automatically flagged as stale with specific re-evaluation instructions. No silent compliance drift. No forgotten dependencies.

• ✓55+ invalidation triggers with human-readable reason and action text
• ✓Two trigger types: input_content_changed (direct) and input_became_stale (transitive)
• ✓Three effect levels: invalid, stale, and blocked
• ✓Cascade depth tracking shows how far a change propagates
• ✓Impact preview: see what would break before you commit a change

Every submission is an immutable event with a SHA-256 content hash, dependency verification, and timestamp. When a regulator asks you to prove your compliance process, you can point to a chain of evidence that is mathematically verifiable.

• ✓Event-sourced architecture: append-only, immutable events
• ✓Content-addressed artifacts: SHA-256 hash of every artifact version
• ✓Dependency verification: each submission proves it read verified upstream artifacts
• ✓Hash chain integrity: tamper detection through sequential event hashing
• ✓HMAC-SHA256 agent identity signing (optional, configurable)

A data-driven dependency graph shows the real-time status of every artifact in the pipeline. Click any node to preview the downstream impact of a change before you commit it. See which artifacts would go stale, why, and what to do about it.

• ✓Visual dependency graph rendered from constraint configuration
• ✓Node colors: draft, submitted, stale, frozen, impact preview
• ✓What-if analysis: preview cascade effects without committing changes
• ✓Per-artifact reason and action text from the constraint engine
• ✓Multi-regulation ready: graph structure adapts to any regulation pipeline

One click generates a regulator-ready compliance report from your audit chain. Article-by-article evidence mapping with artifact references, approval timestamps, and cascade history. Download as PDF, HTML, or JSON.

• ✓Article-by-article evidence mapping with specific artifact references
• ✓Audit chain summary with integrity proof
• ✓Human oversight evidence with approval timestamps
• ✓Cascade history showing how changes were managed
• ✓Artifact inventory with dependency verification status