gap-engine

Adversarial stress-tester for rule-based systems.

Every rule-based system has a stated layer (what the rules say) and a processing layer (how the system actually evaluates inputs). These are never identical. The gap between them is structural, permanent, and universal.

gap-engine finds those gaps.

What it does

1. Ingest any rule system — law, regulation, financial guidelines, policy, social norms
2. Reverse-engineer the actual processing layer from outcomes and patterns
3. Generate adversarial actor profiles and simulate their paths through the system
4. Score gaps by exploitability, impact, detectability, and cross-system convergence
5. Generate narrative paths for legitimate actors navigating the system
6. Report findings with severity ratings and remediation options

Why it exists

Adversarial actors stress-test every system continuously. Currently that stress-testing is invisible, uncoordinated, and exploitative — findings are used, not disclosed. Systems patch reactively, after damage.

gap-engine makes the stress-testing deliberate, coordinated, and constructive. Same function as a security red team, applied to all rule-based systems. Pre-deployment mode finds gaps before the system goes live. Continuous monitoring finds new gaps as adjacent systems change.

Domains

• Legal (statutes, case law, regulatory guidance)
• Regulatory (agency rules, enforcement patterns)
• Financial (underwriting, compliance, filing requirements)
• Political (procedure, coalition dynamics, lobbying)
• Social (platform policy, community norms, status systems)
• Custom (any rule system with parseable structure)

Architecture

See SPEC.md for full technical specification.

Status

Spec phase. Building Phase 1 MVP.

Related

• gonzih.github.io — AI-gile Manifesto
• github.com/Gonzih