Benjamin_Boenisch/breakpilot-compliance
1
1
Fork 0
Code Issues 24 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(ai-sdk): control-intent — technical_standard may win implementation questions (#36)
CI / detect-changes (push) Successful in 5s
Details
CI / branch-name (push) Has been skipped
Details
CI / guardrail-integrity (push) Has been skipped
Details
CI / secret-scan (push) Has been skipped
Details
CI / dep-audit (push) Has been skipped
Details
CI / sbom-scan (push) Has been skipped
Details
CI / build-sha-integrity (push) Successful in 4s
Details
CI / validate-canonical-controls (push) Successful in 4s
Details
CI / loc-budget (push) Successful in 15s
Details
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / nodejs-build (push) Has been skipped
Details
CI / test-go (push) Successful in 54s
Details
CI / iace-gt-coverage (push) Successful in 14s
Details
CI / test-python-backend (push) Has been skipped
Details
CI / test-python-document-crawler (push) Has been skipped
Details
CI / test-python-dsms-gateway (push) Has been skipped
Details

Browse Source
This commit was merged in pull request #36.
This commit is contained in:
Benjamin_Boenisch
2026-06-24 09:58:35 +00:00
parent e24a551ee4
commit 05d75e8039
2 changed files with 114 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ai-compliance-sdk/internal/ucca/legal_rag_intent_test.go
+62
View File
@@ -70,3 +70,65 @@ func TestRerank_OffTopicGuidance_BlockedByGuard(t *testing.T) {
t.Errorf("off-topic guidance must not win even with intent, got %s", out[0].SourceClass)
}
}
func TestQueryWantsControls(t *testing.T) {
wants := []string{
"Welche Controls passen zu Security Updates?",
"Welche Maßnahmen sollten wir umsetzen?",
"Wie härten wir den Server ab?",
"Gibt es NIST-Controls dafür?",
"OWASP Best Practice für Logging?",
"BSI Grundschutz Bausteine",
}
plain := []string{
"Welche Anforderungen bestehen an Security Updates?",
"Ab wann braucht man einen Datenschutzbeauftragten?",
}
for _, q := range wants {
if !queryWantsControls(q) {
t.Errorf("should detect control/implementation intent: %q", q)
}
}
for _, q := range plain {
if queryWantsControls(q) {
t.Errorf("should NOT detect control intent (norm question): %q", q)
}
}
}
func TestRerank_ControlQuestion_StandardMayWin(t *testing.T) {
// Explicit implementation intent + standard semantically competitive → standard wins.
results := []LegalSearchResult{
intentRes("NIST SP 800-82", "technical_standard", 0.62, 80),
intentRes("CRA", "binding_law", 0.58, 100),
}
out := rerankByAuthority("Welche Controls passen zu Security Updates?", results)
if out[0].SourceClass != "technical_standard" {
t.Errorf("control question: technical_standard should win Top-1, got %s", out[0].SourceClass)
}
}
func TestRerank_NormQuestion_BindingOverStandard(t *testing.T) {
// "Anforderungen" → no control intent → binding stays Top-1 over the standard.
results := []LegalSearchResult{
intentRes("NIST SP 800-82", "technical_standard", 0.62, 80),
intentRes("CRA", "binding_law", 0.58, 100),
}
out := rerankByAuthority("Welche Anforderungen bestehen an Security Updates?", results)
if out[0].SourceClass != "binding_law" {
t.Errorf("norm question: binding must stay Top-1 over standard, got %s", out[0].SourceClass)
}
}
func TestRerank_OffTopicStandard_BlockedByGuard(t *testing.T) {
// Control intent present, but the standard is semantically far below binding →
// the margin guard keeps binding Top-1 (no off-topic standard override).
results := []LegalSearchResult{
intentRes("NIST SP 800-82", "technical_standard", 0.40, 80),
intentRes("CRA", "binding_law", 0.58, 100),
}
out := rerankByAuthority("Welche Controls passen zu Security Updates?", results)
if out[0].SourceClass != "binding_law" {
t.Errorf("off-topic standard must not win even with control intent, got %s", out[0].SourceClass)
}
}