portunus-attest
v0.2.1
Published
AI-code governance as audit-grade evidence (EU AI Act Article 12 / Annex IV) — assembled deterministically from portunus data, exportable as a CycloneDX 1.6 AIBOM.
Maintainers
Readme
portunus-attest
AI-code governance as audit-grade evidence — EU AI Act Article 12.
From 2026-08-02, EU AI Act high-risk obligations require a queryable record of AI-driven decisions — including whether each governance intervention was a hard gate or a soft gate (Art. 12). AI coding tools (Copilot, Cursor, Claude Code) don't produce this audit trail — most teams have none. Non-compliance with high-risk obligations carries penalties up to €15M or 3% of global turnover (Art. 12 sits in the high-risk tier, not the €35M/7% prohibited-practices tier — accuracy matters in a compliance tool). The Aug 2026 date is still enforceable but under debate (a Digital Omnibus proposal could push high-risk duties toward late 2027); either way the pain — no audit trail exists today — is present now.
portunus-attest assembles the record auditors ask for deterministically from data portunus
already emits — no LLM, no fabrication. Missing fields are listed as honest gaps, never
invented (that honesty is why an auditor can trust it).
The minimum provenance record → where portunus already has it
| Auditor asks (per AI-generated change) | portunus source |
|---|---|
| Governing spec version | ruleVersion (SHA of enforcement fields) |
| Hard gate vs soft gate | severity — block vs warn/shadow |
| Tests that passed | .brain/check-runs.jsonl (per-actor pass-rate) |
| Human who accepted the control | reviewedBy (promotion lineage) |
| Governance interventions | .brain/gate-ledger.jsonl (block events) |
| Autonomous decisions | .brain/graduation-ledger.jsonl (sim graduate/rollback) |
| Model + provider | Agent Trace (if wired; else reported as a gap) |
| Agent runtime interventions | airlock-ledger.jsonl — the airlock gateway's tool-call blocks/holds/approvals (if wired; else a gap) |
Art. 12 covers AI-driven decisions across the whole system — not just the code an agent
writes, but what the agent does at runtime. attest now assembles both: repo-level
controls + the runtime tool-call interventions logged by airlock (the free
open-core gateway). One command → one unified, tamper-evident Art. 12 record. This is the
open-core seam: airlock (free) produces the runtime ledger → attest (evidence) assembles it.
Synergy with portunus-orchestrate
The autonomous governor (portunus-orchestrate) makes evidence-based
decisions — graduate a shadowed rule to enforcing, roll a rule back on drift. Each is a
soft→hard gate transition = exactly an Art. 12 governance intervention. attest records them
with their honest provenance (by:sim-graduate / by:orchestrator), turning the self-evolving
governance loop into an audit-grade decision log.
Use
node attest.mjs <repo> [--json] # Markdown (auditor) or JSON (queryable)
node attest.mjs <repo> --runtime airlock-ledger.jsonl # include agent runtime evidence
# (also auto-detected at <repo>/airlock-ledger.jsonl or $AIRLOCK_LEDGER)Deterministic · zero-dep (Node built-ins only) · no-LLM · git-native. Honest by construction.
