SentinelEU AI Act
Log inStart free audit
How it works

Static forensic analysis.
Deterministic results.

Sentinel reads your repository — source code, configuration, documentation, and manifest — and maps every detected technical signal directly to a specific article of Regulation (EU) 2024/1689. No code is executed. The same input always produces the same signed output.

0
Pipeline phases
0
Articles assessed
0+
Signal patterns
0
Output formats
Input layer

4 input sources — each with a trust weight

Code evidence outweighs documentation. Documentation outweighs manifest declarations. A declaration without a code signal triggers a contradiction finding.

Evidence trust weight by source

Source code
0.85
Config & build files
0.80
Documentation & policies
0.60
Manifest declarations
0.40

Source code

Weight
0.85

AST-level parsing across 15 languages. Detects AI library imports, human oversight patterns, logging infrastructure, kill-switch mechanisms.

Example signals

import torch / from openai importhuman_review_trigger()logger = logging.getLogger()risk_mitigation_applied()

Config & build files

Weight
0.80

package.json, requirements.txt, Cargo.toml, Dockerfile, CI/CD YAML — cross-referenced against 89 tracked AI packages.

Example signals

tensorflow==2.15.0openai in dependenciesface-api.js detectedaws-rekognition present

Documentation & policies

Weight
0.60

Markdown, PDF, DOCX files scored for substance — keyword density, word count, boilerplate detection. <40 words penalised.

Example signals

risk_assessment.mdMODEL_CARD.mdOVERSIGHT_PROTOCOL.mddata_governance_policy.md

Manifest declarations

Weight
0.40

sentinel.manifest.json — lowest evidence weight. Every declared flag is cross-checked against code. Contradiction = HIGH finding.

Example signals

risk_category: HIGH_RISKhuman_oversight_enabled: truefria_completed: trueentity_role: provider
The engine

18-phase forensic pipeline

Four sequential groups. Fully deterministic — the same repository state always produces the same output. Every phase writes to an evidence registry included in the final signed bundle.

01–04
Initialisation
100+ rule slotsSHA-256 Merkle root15 languagesDelta link

100+ rule IDs registered from the authoritative namespace. Every file SHA-256 hashed for integrity. Language mix identified. Delta ID linked for re-audit.

05–07
Discovery
89 AI packagesAST parsingRegex probingDoc scoring

Dependencies cross-referenced against 89 tracked AI packages. AST + regex finds strong signals (1.0), traceability (0.7), weak hints (0.5). Docs substance-scored.

08–12
Analysis
Evidence registryConfidence scoringNegative evidence7 contradiction types

Every finding classified by source and confidence. Absence = negative evidence, not neutral. Contradiction Engine checks manifest vs code — each contradiction = −15 pts.

13–18
Verdict
ARTICLE_WEIGHTED_V34 verdict tracksSector multipliersRSA-PSS signed

ARTICLE_WEIGHTED_V3 applied. Four independent tracks evaluate the result. SIG Integrity strips comments — comment-only compliance rejected. RSA-PSS bundle generated.

Full phase-by-phase breakdown
Signal mapping

Code pattern → legal obligation

Every signal detected in your repository is mapped to a specific article — defined in probing-rules.json and locked to a rule ID in the authoritative namespace.

Code signalArticleRequirementStrength
winston / pino / logging.basicConfigArt. 20Logging & TraceabilityHIGH
human_review_trigger / override / kill_switchArt. 14Human OversightHIGH
validate_data / bias_check / fairness_metricArt. 10Data GovernanceHIGH
ai_disclosure / powered_by_ai patternArt. 13TransparencyHIGH
risk_log / risk_mitigation / residual_riskArt. 9Risk ManagementHIGH
adversarial_test / robustness_checkArt. 15Robustness & SecurityMEDIUM
watermark / synthetic_content_markingArt. 50AI Output TransparencyMEDIUM
qms / quality_management patternArt. 17Quality ManagementMEDIUM
Scoring & verdict

ARTICLE_WEIGHTED_V3 — how the score is computed

Normalised against applicable weight only. Minimal-risk systems are never penalised for high-risk obligations. The final verdict is determined by four independent tracks, not just the number.

audit-logic.js
normalized_score = (total_earned_pts / applicable_weight) × 100
final_score = min(100, max(0, normalized_score + signal_bonus))

// logging_infra_present → +1 pt
// human_oversight_confirmed → +1 pt
// test_coverage_present → +1 pt

≥ 85
Statically Aligned
≥ 65
Aligned
≥ 40
Gap
< 40
Fail

Article scores — sample audit (TalentScreen Pro v3.1)

0255075100Art. 9Art. 14Art. 10Art. 13Art. 20Art. 5Art. 15Art. 47Art. 17
Compliant / Aligned
Gap
Fail / Critical

4 verdict tracks — any can override the numeric score

AGovernance

Required documents must exist and exceed quality threshold

BTechnical

Code-level signals for critical articles verified independently

CScore Gate

Hard floor per article — no article may fall below minimum

DSIG Integrity

Strips comments — comment-only compliance is rejected

Output bundle

7 outputs. Every audit. Cryptographically signed.

Machine-readable, human-readable, legally formatted, DevOps-ready, and verifiable by any third party.

Core
audit.json

Full machine-readable report. RFC8785-Lite canonical.

Core
report.html

Standalone visual report with score, breakdown, dossier.

DevOps
SARIF v2.1.0

Native GitHub Security tab, VS Code, any CI/CD pipeline.

DevOps
SBOM CycloneDX

AI component inventory for supply chain compliance.

Legal
Annex IV pack

Pre-filled Annex IV templates for high-risk placement.

Security
checksums.txt

SHA-256 hashes — enables independent bundle verification.

Security
RSA-PSS signature

Cryptographic proof verifiable without access to Sentinel.

Cryptographic reproducibility: RFC8785-Lite canonical JSON + RSA-PSS signature + SHA-256 hashes. The same repository state always produces an identical audit.json — byte-for-byte. Verifiable by any third party, including a Notified Body, without access to Sentinel.

Audit boundaries

What Sentinel covers — and what it doesn't

Covered

Maps 33+ technical signals from source code to EU AI Act article requirements

Detects contradictions between manifest declarations and actual code evidence

Records absence of expected signals as negative evidence — not neutral silence

Produces cryptographically signed, reproducible audit bundles (RFC8785 + RSA-PSS)

Generates Annex IV–compliant documentation and gap remediation templates

Tracks compliance delta over time with automatic regression detection

Applies sector multipliers and hard floors for high-risk sectors

Not covered

Execute any code — static analysis only, zero side effects on your system

Evaluate runtime behaviour, model accuracy, fairness outcomes, or live API calls

Replace a Notified Body or issue CE certification under EU AI Act

Verify generic HTTP calls made without recognised AI SDK patterns

Provide legal advice — all findings carry an explicit legal disclaimer

Legal notice: Sentinel findings constitute technical evidence, not legal advice. A score of 100/100 does not constitute CE certification or replace evaluation by an accredited Notified Body under Regulation (EU) 2024/1689. Enforcement date: 2 August 2026.

Enforcement: 2 August 2026

See the methodology. Run the audit.

Every claim on this page is verifiable in the methodology. Every output is signed and reproducible.

Start free audit Read the methodology
Zero code executionRSA-PSS signed22 articles scoredAnnex IV generatedSARIF for CI/CDReproducible output