feat: Domain-Fragen fuer 10 weitere Domains (14 total)

10 neue Context-Structs + Field-Resolver + ~30 YAML-Regeln + Frontend:
- Legal/Justice: Rechtsberatung, Urteilsprognose, Mandantengeheimnis
- Public Sector: Verwaltungsentscheidungen, Leistungsverteilung, FRIA
- Critical Infra: Netzsteuerung, Sicherheitskritisch, Redundanz
- Automotive: Autonomes Fahren, ADAS, ISO 26262
- Retail/E-Commerce: Preise, Scoring, Dark Patterns
- IT/Cybersecurity: Surveillance, Threat Detection, Log-Retention
- Logistics: Fahrer-Tracking, Workload-Scoring
- Construction: Mieterauswahl, Arbeitsschutz
- Marketing/Media: Deepfakes=BLOCK, Minderjaehrige, Targeting
- Manufacturing: Maschinensicherheit=BLOCK, CE-Kennzeichnung

Domains mit Fragen: 14 von 39 (36%)
YAML-Regeln total: ~44 (14 vorher + 30 neu)
BLOCK-Regeln: Deepfakes ungekennzeichnet, Maschinensicherheit unvalidiert,
              Kritische Infra ohne Redundanz

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

admin-compliance/app/sdk/advisory-board/page.tsx

@@ -356,6 +356,26 @@ function AdvisoryBoardPageInner() {
     hc_patient_data: false,
     hc_medical_device: false,
     hc_clinical_validation: false,
+    // Legal
+    leg_legal_advice: false, leg_court_prediction: false, leg_client_confidential: false,
+    // Public Sector
+    pub_admin_decision: false, pub_benefit_allocation: false, pub_transparency: false,
+    // Critical Infrastructure
+    crit_grid_control: false, crit_safety_critical: false, crit_redundancy: false,
+    // Automotive
+    auto_autonomous: false, auto_safety: false, auto_functional_safety: false,
+    // Retail
+    ret_pricing: false, ret_profiling: false, ret_credit_scoring: false, ret_dark_patterns: false,
+    // IT Security
+    its_surveillance: false, its_threat_detection: false, its_data_retention: false,
+    // Logistics
+    log_driver_tracking: false, log_workload_scoring: false,
+    // Construction
+    con_tenant_screening: false, con_worker_safety: false,
+    // Marketing
+    mkt_deepfake: false, mkt_minors: false, mkt_targeting: false, mkt_labeled: false,
+    // Manufacturing
+    mfg_machine_safety: false, mfg_ce_required: false, mfg_validated: false,
     // Hosting (single-select tile)
     hosting_provider: '' as string,
     hosting_region: '' as string,
@@ -471,6 +491,55 @@ function AdvisoryBoardPageInner() {
           medical_device: form.hc_medical_device,
           clinical_validation: form.hc_clinical_validation,
         } : undefined,
+        legal_context: ['legal', 'consulting', 'tax_advisory'].includes(form.domain) ? {
+          legal_advice: form.leg_legal_advice,
+          court_prediction: form.leg_court_prediction,
+          client_confidential: form.leg_client_confidential,
+        } : undefined,
+        public_sector_context: ['public_sector', 'defense', 'justice'].includes(form.domain) ? {
+          admin_decision: form.pub_admin_decision,
+          benefit_allocation: form.pub_benefit_allocation,
+          transparency_ensured: form.pub_transparency,
+        } : undefined,
+        critical_infra_context: ['energy', 'utilities', 'oil_gas'].includes(form.domain) ? {
+          grid_control: form.crit_grid_control,
+          safety_critical: form.crit_safety_critical,
+          redundancy_exists: form.crit_redundancy,
+        } : undefined,
+        automotive_context: ['automotive', 'aerospace'].includes(form.domain) ? {
+          autonomous_driving: form.auto_autonomous,
+          safety_relevant: form.auto_safety,
+          functional_safety: form.auto_functional_safety,
+        } : undefined,
+        retail_context: ['retail', 'ecommerce', 'wholesale'].includes(form.domain) ? {
+          pricing_personalized: form.ret_pricing,
+          credit_scoring: form.ret_credit_scoring,
+          dark_patterns: form.ret_dark_patterns,
+        } : undefined,
+        it_security_context: ['it_services', 'cybersecurity', 'telecom'].includes(form.domain) ? {
+          employee_surveillance: form.its_surveillance,
+          threat_detection: form.its_threat_detection,
+          data_retention_logs: form.its_data_retention,
+        } : undefined,
+        logistics_context: ['logistics'].includes(form.domain) ? {
+          driver_tracking: form.log_driver_tracking,
+          workload_scoring: form.log_workload_scoring,
+        } : undefined,
+        construction_context: ['construction', 'real_estate', 'facility_management'].includes(form.domain) ? {
+          tenant_screening: form.con_tenant_screening,
+          worker_safety: form.con_worker_safety,
+        } : undefined,
+        marketing_context: ['marketing', 'media', 'entertainment'].includes(form.domain) ? {
+          deepfake_content: form.mkt_deepfake,
+          behavioral_targeting: form.mkt_targeting,
+          minors_targeted: form.mkt_minors,
+          ai_content_labeled: form.mkt_labeled,
+        } : undefined,
+        manufacturing_context: ['mechanical_engineering', 'electrical_engineering', 'plant_engineering', 'chemicals', 'food_beverage', 'textiles', 'packaging'].includes(form.domain) ? {
+          machine_safety: form.mfg_machine_safety,
+          ce_marking_required: form.mfg_ce_required,
+          safety_validated: form.mfg_validated,
+        } : undefined,
         store_raw_text: true,
       }
 
@@ -972,6 +1041,222 @@ function AdvisoryBoardPageInner() {
                 </div>
               </div>
             )}
+
+            {/* Legal / Justice */}
+            {['legal', 'consulting', 'tax_advisory'].includes(form.domain) && (
+              <div className="mt-6 pt-6 border-t border-gray-200">
+                <h3 className="text-sm font-semibold text-gray-900 mb-1">Recht & Beratung — Compliance-Fragen</h3>
+                <p className="text-xs text-gray-500 mb-4">AI Act Annex III Nr. 8 — KI in Rechtspflege und Demokratie.</p>
+                <div className="space-y-3">
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-gray-200 hover:bg-gray-50 cursor-pointer">
+                    <input type="checkbox" checked={form.leg_legal_advice} onChange={(e) => updateForm({ leg_legal_advice: e.target.checked })} className="w-4 h-4 rounded border-gray-300 text-purple-600 focus:ring-purple-500" />
+                    <div><span className="text-sm font-medium text-gray-900">KI gibt Rechtsberatung oder rechtliche Empfehlungen</span><p className="text-xs text-gray-500">Vertragsanalyse, rechtliche Einschaetzungen, Compliance-Checks</p></div>
+                  </label>
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-gray-200 hover:bg-gray-50 cursor-pointer">
+                    <input type="checkbox" checked={form.leg_court_prediction} onChange={(e) => updateForm({ leg_court_prediction: e.target.checked })} className="w-4 h-4 rounded border-gray-300 text-purple-600 focus:ring-purple-500" />
+                    <div><span className="text-sm font-medium text-gray-900">KI prognostiziert Verfahrensausgaenge</span><p className="text-xs text-gray-500">Urteilsprognosen, Risikoeinschaetzung von Rechtsstreitigkeiten</p></div>
+                  </label>
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-gray-200 hover:bg-gray-50 cursor-pointer">
+                    <input type="checkbox" checked={form.leg_client_confidential} onChange={(e) => updateForm({ leg_client_confidential: e.target.checked })} className="w-4 h-4 rounded border-gray-300 text-purple-600 focus:ring-purple-500" />
+                    <div><span className="text-sm font-medium text-gray-900">Mandantengeheimnis betroffen</span><p className="text-xs text-gray-500">Vertrauliche Mandantendaten werden durch KI verarbeitet (§ 203 StGB)</p></div>
+                  </label>
+                </div>
+              </div>
+            )}
+
+            {/* Public Sector */}
+            {['public_sector', 'defense', 'justice'].includes(form.domain) && (
+              <div className="mt-6 pt-6 border-t border-gray-200">
+                <h3 className="text-sm font-semibold text-gray-900 mb-1">Oeffentlicher Sektor — Compliance-Fragen</h3>
+                <p className="text-xs text-gray-500 mb-4">Art. 27 AI Act — FRIA-Pflicht fuer oeffentliche Stellen.</p>
+                <div className="space-y-3">
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-red-200 bg-red-50 hover:bg-red-100 cursor-pointer">
+                    <input type="checkbox" checked={form.pub_admin_decision} onChange={(e) => updateForm({ pub_admin_decision: e.target.checked })} className="w-4 h-4 rounded border-red-300 text-red-600 focus:ring-red-500" />
+                    <div><span className="text-sm font-medium text-red-900">KI beeinflusst Verwaltungsentscheidungen</span><p className="text-xs text-red-700">Bescheide, Bewilligungen, Genehmigungen — FRIA erforderlich</p></div>
+                  </label>
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-gray-200 hover:bg-gray-50 cursor-pointer">
+                    <input type="checkbox" checked={form.pub_benefit_allocation} onChange={(e) => updateForm({ pub_benefit_allocation: e.target.checked })} className="w-4 h-4 rounded border-gray-300 text-purple-600 focus:ring-purple-500" />
+                    <div><span className="text-sm font-medium text-gray-900">KI verteilt Leistungen oder Foerderung</span><p className="text-xs text-gray-500">Sozialleistungen, Subventionen, Zuteilungen</p></div>
+                  </label>
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-green-200 bg-green-50 hover:bg-green-100 cursor-pointer">
+                    <input type="checkbox" checked={form.pub_transparency} onChange={(e) => updateForm({ pub_transparency: e.target.checked })} className="w-4 h-4 rounded border-green-300 text-green-600 focus:ring-green-500" />
+                    <div><span className="text-sm font-medium text-green-900">Transparenz gegenueber Buergern sichergestellt</span><p className="text-xs text-green-700">Buerger werden ueber KI-Nutzung informiert</p></div>
+                  </label>
+                </div>
+              </div>
+            )}
+
+            {/* Critical Infrastructure */}
+            {['energy', 'utilities', 'oil_gas'].includes(form.domain) && (
+              <div className="mt-6 pt-6 border-t border-gray-200">
+                <h3 className="text-sm font-semibold text-gray-900 mb-1">Kritische Infrastruktur — Compliance-Fragen</h3>
+                <p className="text-xs text-gray-500 mb-4">AI Act Annex III Nr. 2 + NIS2.</p>
+                <div className="space-y-3">
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-gray-200 hover:bg-gray-50 cursor-pointer">
+                    <input type="checkbox" checked={form.crit_grid_control} onChange={(e) => updateForm({ crit_grid_control: e.target.checked })} className="w-4 h-4 rounded border-gray-300 text-purple-600 focus:ring-purple-500" />
+                    <div><span className="text-sm font-medium text-gray-900">KI steuert Netz oder Infrastruktur</span><p className="text-xs text-gray-500">Stromnetz, Wasserversorgung, Gasverteilung</p></div>
+                  </label>
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-red-200 bg-red-50 hover:bg-red-100 cursor-pointer">
+                    <input type="checkbox" checked={form.crit_safety_critical} onChange={(e) => updateForm({ crit_safety_critical: e.target.checked })} className="w-4 h-4 rounded border-red-300 text-red-600 focus:ring-red-500" />
+                    <div><span className="text-sm font-medium text-red-900">Sicherheitskritische Steuerung</span><p className="text-xs text-red-700">Fehler koennen Menschenleben gefaehrden</p></div>
+                  </label>
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-green-200 bg-green-50 hover:bg-green-100 cursor-pointer">
+                    <input type="checkbox" checked={form.crit_redundancy} onChange={(e) => updateForm({ crit_redundancy: e.target.checked })} className="w-4 h-4 rounded border-green-300 text-green-600 focus:ring-green-500" />
+                    <div><span className="text-sm font-medium text-green-900">Redundante Systeme vorhanden</span><p className="text-xs text-green-700">Fallback bei KI-Ausfall sichergestellt</p></div>
+                  </label>
+                </div>
+              </div>
+            )}
+
+            {/* Automotive / Aerospace */}
+            {['automotive', 'aerospace'].includes(form.domain) && (
+              <div className="mt-6 pt-6 border-t border-gray-200">
+                <h3 className="text-sm font-semibold text-gray-900 mb-1">Automotive / Aerospace — Compliance-Fragen</h3>
+                <p className="text-xs text-gray-500 mb-4">Safety-critical AI — Typgenehmigung + Functional Safety.</p>
+                <div className="space-y-3">
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-red-200 bg-red-50 hover:bg-red-100 cursor-pointer">
+                    <input type="checkbox" checked={form.auto_autonomous} onChange={(e) => updateForm({ auto_autonomous: e.target.checked })} className="w-4 h-4 rounded border-red-300 text-red-600 focus:ring-red-500" />
+                    <div><span className="text-sm font-medium text-red-900">Autonomes Fahren / ADAS</span><p className="text-xs text-red-700">Hochrisiko — erfordert Typgenehmigung und extensive Validierung</p></div>
+                  </label>
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-gray-200 hover:bg-gray-50 cursor-pointer">
+                    <input type="checkbox" checked={form.auto_safety} onChange={(e) => updateForm({ auto_safety: e.target.checked })} className="w-4 h-4 rounded border-gray-300 text-purple-600 focus:ring-purple-500" />
+                    <div><span className="text-sm font-medium text-gray-900">Sicherheitsrelevante Funktion</span><p className="text-xs text-gray-500">Bremsen, Lenkung, Kollisionsvermeidung</p></div>
+                  </label>
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-green-200 bg-green-50 hover:bg-green-100 cursor-pointer">
+                    <input type="checkbox" checked={form.auto_functional_safety} onChange={(e) => updateForm({ auto_functional_safety: e.target.checked })} className="w-4 h-4 rounded border-green-300 text-green-600 focus:ring-green-500" />
+                    <div><span className="text-sm font-medium text-green-900">ISO 26262 Functional Safety beruecksichtigt</span><p className="text-xs text-green-700">ASIL-Einstufung und Sicherheitsvalidierung durchgefuehrt</p></div>
+                  </label>
+                </div>
+              </div>
+            )}
+
+            {/* Retail / E-Commerce */}
+            {['retail', 'ecommerce', 'wholesale'].includes(form.domain) && (
+              <div className="mt-6 pt-6 border-t border-gray-200">
+                <h3 className="text-sm font-semibold text-gray-900 mb-1">Handel & E-Commerce — Compliance-Fragen</h3>
+                <p className="text-xs text-gray-500 mb-4">DSA, Verbraucherrecht, DSGVO Art. 22.</p>
+                <div className="space-y-3">
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-gray-200 hover:bg-gray-50 cursor-pointer">
+                    <input type="checkbox" checked={form.ret_pricing} onChange={(e) => updateForm({ ret_pricing: e.target.checked })} className="w-4 h-4 rounded border-gray-300 text-purple-600 focus:ring-purple-500" />
+                    <div><span className="text-sm font-medium text-gray-900">Personalisierte Preisgestaltung</span><p className="text-xs text-gray-500">Individuelle Preise basierend auf Nutzerprofil</p></div>
+                  </label>
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-gray-200 hover:bg-gray-50 cursor-pointer">
+                    <input type="checkbox" checked={form.ret_credit_scoring} onChange={(e) => updateForm({ ret_credit_scoring: e.target.checked })} className="w-4 h-4 rounded border-gray-300 text-purple-600 focus:ring-purple-500" />
+                    <div><span className="text-sm font-medium text-gray-900">Bonitaetspruefung bei Kauf auf Rechnung</span><p className="text-xs text-gray-500">Kredit-Scoring beeinflusst Zugang zu Zahlungsarten</p></div>
+                  </label>
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-gray-200 hover:bg-gray-50 cursor-pointer">
+                    <input type="checkbox" checked={form.ret_dark_patterns} onChange={(e) => updateForm({ ret_dark_patterns: e.target.checked })} className="w-4 h-4 rounded border-gray-300 text-purple-600 focus:ring-purple-500" />
+                    <div><span className="text-sm font-medium text-gray-900">Manipulative UI-Muster moeglich (Dark Patterns)</span><p className="text-xs text-gray-500">Kuenstliche Verknappung, Social Proof, versteckte Kosten</p></div>
+                  </label>
+                </div>
+              </div>
+            )}
+
+            {/* IT / Cybersecurity / Telecom */}
+            {['it_services', 'cybersecurity', 'telecom'].includes(form.domain) && (
+              <div className="mt-6 pt-6 border-t border-gray-200">
+                <h3 className="text-sm font-semibold text-gray-900 mb-1">IT & Cybersecurity — Compliance-Fragen</h3>
+                <p className="text-xs text-gray-500 mb-4">NIS2, DSGVO, BetrVG §87.</p>
+                <div className="space-y-3">
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-gray-200 hover:bg-gray-50 cursor-pointer">
+                    <input type="checkbox" checked={form.its_surveillance} onChange={(e) => updateForm({ its_surveillance: e.target.checked })} className="w-4 h-4 rounded border-gray-300 text-purple-600 focus:ring-purple-500" />
+                    <div><span className="text-sm font-medium text-gray-900">Mitarbeiterueberwachung (SIEM, DLP, UBA)</span><p className="text-xs text-gray-500">User Behavior Analytics, Data Loss Prevention mit Personenbezug</p></div>
+                  </label>
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-gray-200 hover:bg-gray-50 cursor-pointer">
+                    <input type="checkbox" checked={form.its_threat_detection} onChange={(e) => updateForm({ its_threat_detection: e.target.checked })} className="w-4 h-4 rounded border-gray-300 text-purple-600 focus:ring-purple-500" />
+                    <div><span className="text-sm font-medium text-gray-900">KI-gestuetzte Bedrohungserkennung</span><p className="text-xs text-gray-500">Anomalie-Erkennung, Intrusion Detection</p></div>
+                  </label>
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-gray-200 hover:bg-gray-50 cursor-pointer">
+                    <input type="checkbox" checked={form.its_data_retention} onChange={(e) => updateForm({ its_data_retention: e.target.checked })} className="w-4 h-4 rounded border-gray-300 text-purple-600 focus:ring-purple-500" />
+                    <div><span className="text-sm font-medium text-gray-900">Umfangreiche Log-Speicherung</span><p className="text-xs text-gray-500">Security-Logs mit Personenbezug werden langfristig gespeichert</p></div>
+                  </label>
+                </div>
+              </div>
+            )}
+
+            {/* Logistics */}
+            {['logistics'].includes(form.domain) && (
+              <div className="mt-6 pt-6 border-t border-gray-200">
+                <h3 className="text-sm font-semibold text-gray-900 mb-1">Logistik — Compliance-Fragen</h3>
+                <p className="text-xs text-gray-500 mb-4">BetrVG §87, DSGVO — Worker Tracking.</p>
+                <div className="space-y-3">
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-gray-200 hover:bg-gray-50 cursor-pointer">
+                    <input type="checkbox" checked={form.log_driver_tracking} onChange={(e) => updateForm({ log_driver_tracking: e.target.checked })} className="w-4 h-4 rounded border-gray-300 text-purple-600 focus:ring-purple-500" />
+                    <div><span className="text-sm font-medium text-gray-900">Fahrer-/Kurier-Tracking (GPS)</span><p className="text-xs text-gray-500">Standortverfolgung von Mitarbeitern</p></div>
+                  </label>
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-gray-200 hover:bg-gray-50 cursor-pointer">
+                    <input type="checkbox" checked={form.log_workload_scoring} onChange={(e) => updateForm({ log_workload_scoring: e.target.checked })} className="w-4 h-4 rounded border-gray-300 text-purple-600 focus:ring-purple-500" />
+                    <div><span className="text-sm font-medium text-gray-900">Leistungsbewertung von Lager-/Liefermitarbeitern</span><p className="text-xs text-gray-500">Picks/Stunde, Liefergeschwindigkeit, Performance-Scores</p></div>
+                  </label>
+                </div>
+              </div>
+            )}
+
+            {/* Construction / Real Estate */}
+            {['construction', 'real_estate', 'facility_management'].includes(form.domain) && (
+              <div className="mt-6 pt-6 border-t border-gray-200">
+                <h3 className="text-sm font-semibold text-gray-900 mb-1">Bau & Immobilien — Compliance-Fragen</h3>
+                <p className="text-xs text-gray-500 mb-4">AGG, DSGVO, Arbeitsschutz.</p>
+                <div className="space-y-3">
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-gray-200 hover:bg-gray-50 cursor-pointer">
+                    <input type="checkbox" checked={form.con_tenant_screening} onChange={(e) => updateForm({ con_tenant_screening: e.target.checked })} className="w-4 h-4 rounded border-gray-300 text-purple-600 focus:ring-purple-500" />
+                    <div><span className="text-sm font-medium text-gray-900">KI-gestuetzte Mieterauswahl</span><p className="text-xs text-gray-500">Bonitaetspruefung, Bewerber-Ranking fuer Wohnungen</p></div>
+                  </label>
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-gray-200 hover:bg-gray-50 cursor-pointer">
+                    <input type="checkbox" checked={form.con_worker_safety} onChange={(e) => updateForm({ con_worker_safety: e.target.checked })} className="w-4 h-4 rounded border-gray-300 text-purple-600 focus:ring-purple-500" />
+                    <div><span className="text-sm font-medium text-gray-900">KI-Arbeitsschutzueberwachung auf Baustellen</span><p className="text-xs text-gray-500">Kamera-basierte Sicherheitsueberwachung, Helm-Erkennung</p></div>
+                  </label>
+                </div>
+              </div>
+            )}
+
+            {/* Marketing / Media */}
+            {['marketing', 'media', 'entertainment'].includes(form.domain) && (
+              <div className="mt-6 pt-6 border-t border-gray-200">
+                <h3 className="text-sm font-semibold text-gray-900 mb-1">Marketing & Medien — Compliance-Fragen</h3>
+                <p className="text-xs text-gray-500 mb-4">Art. 50 AI Act (Deepfakes), DSA, DSGVO.</p>
+                <div className="space-y-3">
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-red-200 bg-red-50 hover:bg-red-100 cursor-pointer">
+                    <input type="checkbox" checked={form.mkt_deepfake} onChange={(e) => updateForm({ mkt_deepfake: e.target.checked })} className="w-4 h-4 rounded border-red-300 text-red-600 focus:ring-red-500" />
+                    <div><span className="text-sm font-medium text-red-900">Synthetische Inhalte (Deepfakes)</span><p className="text-xs text-red-700">KI-generierte Bilder, Videos oder Stimmen — Kennzeichnungspflicht!</p></div>
+                  </label>
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-gray-200 hover:bg-gray-50 cursor-pointer">
+                    <input type="checkbox" checked={form.mkt_targeting} onChange={(e) => updateForm({ mkt_targeting: e.target.checked })} className="w-4 h-4 rounded border-gray-300 text-purple-600 focus:ring-purple-500" />
+                    <div><span className="text-sm font-medium text-gray-900">Verhaltensbasiertes Targeting</span><p className="text-xs text-gray-500">Personalisierte Werbung basierend auf Nutzerverhalten</p></div>
+                  </label>
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-red-200 bg-red-50 hover:bg-red-100 cursor-pointer">
+                    <input type="checkbox" checked={form.mkt_minors} onChange={(e) => updateForm({ mkt_minors: e.target.checked })} className="w-4 h-4 rounded border-red-300 text-red-600 focus:ring-red-500" />
+                    <div><span className="text-sm font-medium text-red-900">Minderjaehrige als Zielgruppe</span><p className="text-xs text-red-700">Besonderer Schutz — DSA Art. 28 verbietet Profiling Minderjaehriger</p></div>
+                  </label>
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-green-200 bg-green-50 hover:bg-green-100 cursor-pointer">
+                    <input type="checkbox" checked={form.mkt_labeled} onChange={(e) => updateForm({ mkt_labeled: e.target.checked })} className="w-4 h-4 rounded border-green-300 text-green-600 focus:ring-green-500" />
+                    <div><span className="text-sm font-medium text-green-900">KI-Inhalte werden als solche gekennzeichnet</span><p className="text-xs text-green-700">Art. 50 AI Act: Pflicht zur Kennzeichnung synthetischer Inhalte</p></div>
+                  </label>
+                </div>
+              </div>
+            )}
+
+            {/* Manufacturing */}
+            {['mechanical_engineering', 'electrical_engineering', 'plant_engineering', 'chemicals', 'food_beverage', 'textiles', 'packaging'].includes(form.domain) && (
+              <div className="mt-6 pt-6 border-t border-gray-200">
+                <h3 className="text-sm font-semibold text-gray-900 mb-1">Fertigung — Compliance-Fragen</h3>
+                <p className="text-xs text-gray-500 mb-4">Maschinenverordnung (EU) 2023/1230, CE-Kennzeichnung.</p>
+                <div className="space-y-3">
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-red-200 bg-red-50 hover:bg-red-100 cursor-pointer">
+                    <input type="checkbox" checked={form.mfg_machine_safety} onChange={(e) => updateForm({ mfg_machine_safety: e.target.checked })} className="w-4 h-4 rounded border-red-300 text-red-600 focus:ring-red-500" />
+                    <div><span className="text-sm font-medium text-red-900">KI in Maschinensicherheit</span><p className="text-xs text-red-700">Sicherheitsrelevante Steuerung — Validierung erforderlich</p></div>
+                  </label>
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-gray-200 hover:bg-gray-50 cursor-pointer">
+                    <input type="checkbox" checked={form.mfg_ce_required} onChange={(e) => updateForm({ mfg_ce_required: e.target.checked })} className="w-4 h-4 rounded border-gray-300 text-purple-600 focus:ring-purple-500" />
+                    <div><span className="text-sm font-medium text-gray-900">CE-Kennzeichnung erforderlich</span><p className="text-xs text-gray-500">Maschinenverordnung (EU) 2023/1230</p></div>
+                  </label>
+                  <label className="flex items-center gap-3 p-3 rounded-lg border border-green-200 bg-green-50 hover:bg-green-100 cursor-pointer">
+                    <input type="checkbox" checked={form.mfg_validated} onChange={(e) => updateForm({ mfg_validated: e.target.checked })} className="w-4 h-4 rounded border-green-300 text-green-600 focus:ring-green-500" />
+                    <div><span className="text-sm font-medium text-green-900">Sicherheitsvalidierung durchgefuehrt</span><p className="text-xs text-green-700">Konformitaetsbewertung nach Maschinenverordnung abgeschlossen</p></div>
+                  </label>
+                </div>
+              </div>
+            )}
           </div>
         )}
 

ai-compliance-sdk/internal/ucca/models.go

@@ -223,9 +223,19 @@ type UseCaseIntake struct {
 	WorksCouncilConsulted bool `json:"works_council_consulted,omitempty"` // Works council has been consulted
 
 	// Domain-specific contexts (AI Act Annex III high-risk domains)
-	HRContext         *HRContext         `json:"hr_context,omitempty"`
-	EducationContext  *EducationContext  `json:"education_context,omitempty"`
-	HealthcareContext *HealthcareContext `json:"healthcare_context,omitempty"`
+	HRContext            *HRContext            `json:"hr_context,omitempty"`
+	EducationContext     *EducationContext     `json:"education_context,omitempty"`
+	HealthcareContext    *HealthcareContext    `json:"healthcare_context,omitempty"`
+	LegalContext         *LegalContext         `json:"legal_context,omitempty"`
+	PublicSectorContext  *PublicSectorContext  `json:"public_sector_context,omitempty"`
+	CriticalInfraContext *CriticalInfraContext `json:"critical_infra_context,omitempty"`
+	AutomotiveContext    *AutomotiveContext    `json:"automotive_context,omitempty"`
+	RetailContext        *RetailContext        `json:"retail_context,omitempty"`
+	ITSecurityContext    *ITSecurityContext    `json:"it_security_context,omitempty"`
+	LogisticsContext     *LogisticsContext     `json:"logistics_context,omitempty"`
+	ConstructionContext  *ConstructionContext  `json:"construction_context,omitempty"`
+	MarketingContext     *MarketingContext     `json:"marketing_context,omitempty"`
+	ManufacturingContext *ManufacturingContext `json:"manufacturing_context,omitempty"`
 
 	// Opt-in to store raw text (otherwise only hash)
 	StoreRawText bool `json:"store_raw_text,omitempty"`
@@ -262,6 +272,93 @@ type HealthcareContext struct {
 	ClinicalValidation   bool `json:"clinical_validation"`       // Klinisch validiert
 }
 
+// LegalContext captures legal/justice-specific compliance data (AI Act Annex III Nr. 8)
+type LegalContext struct {
+	LegalAdvice          bool `json:"legal_advice"`           // KI gibt Rechtsberatung
+	ContractAnalysis     bool `json:"contract_analysis"`      // KI analysiert Vertraege
+	CourtPrediction      bool `json:"court_prediction"`       // KI prognostiziert Urteile
+	AccessToJustice      bool `json:"access_to_justice"`      // KI beeinflusst Zugang zu Recht
+	ClientConfidential   bool `json:"client_confidential"`    // Mandantengeheimnis betroffen
+}
+
+// PublicSectorContext captures public sector compliance data (Art. 27 FRIA)
+type PublicSectorContext struct {
+	AdminDecision        bool `json:"admin_decision"`         // KI beeinflusst Verwaltungsentscheidungen
+	CitizenService       bool `json:"citizen_service"`        // KI in Buergerservices
+	BenefitAllocation    bool `json:"benefit_allocation"`     // KI verteilt Leistungen/Mittel
+	PublicSafety         bool `json:"public_safety"`          // KI in oeffentlicher Sicherheit
+	TransparencyEnsured  bool `json:"transparency_ensured"`   // Transparenz gegenueber Buergern
+}
+
+// CriticalInfraContext captures critical infrastructure data (NIS2 + Annex III Nr. 2)
+type CriticalInfraContext struct {
+	GridControl          bool `json:"grid_control"`           // KI steuert Netz/Infrastruktur
+	SafetyCritical       bool `json:"safety_critical"`        // Sicherheitskritische Steuerung
+	AnomalyDetection     bool `json:"anomaly_detection"`      // KI erkennt Anomalien
+	RedundancyExists     bool `json:"redundancy_exists"`      // Redundante Systeme vorhanden
+	IncidentResponse     bool `json:"incident_response"`      // Incident Response Plan vorhanden
+}
+
+// AutomotiveContext captures automotive/aerospace safety data
+type AutomotiveContext struct {
+	AutonomousDriving    bool `json:"autonomous_driving"`     // Autonomes Fahren / ADAS
+	SafetyRelevant       bool `json:"safety_relevant"`        // Sicherheitsrelevante Funktion
+	TypeApprovalNeeded   bool `json:"type_approval_needed"`   // Typgenehmigung erforderlich
+	FunctionalSafety     bool `json:"functional_safety"`      // ISO 26262 relevant
+}
+
+// RetailContext captures retail/e-commerce compliance data
+type RetailContext struct {
+	PricingPersonalized  bool `json:"pricing_personalized"`   // Personalisierte Preise
+	CustomerProfiling    bool `json:"customer_profiling"`     // Kundenprofilbildung
+	RecommendationEngine bool `json:"recommendation_engine"`  // Empfehlungssystem
+	CreditScoring        bool `json:"credit_scoring"`         // Bonitaetspruefung bei Kauf
+	DarkPatterns         bool `json:"dark_patterns"`          // Manipulative UI-Muster moeglich
+}
+
+// ITSecurityContext captures IT/cybersecurity/telecom data
+type ITSecurityContext struct {
+	EmployeeSurveillance bool `json:"employee_surveillance"`  // Mitarbeiterueberwachung
+	NetworkMonitoring    bool `json:"network_monitoring"`     // Netzwerkueberwachung
+	ThreatDetection      bool `json:"threat_detection"`       // Bedrohungserkennung
+	AccessControl        bool `json:"access_control_ai"`      // KI-gestuetzte Zugriffskontrolle
+	DataRetention        bool `json:"data_retention_logs"`    // Umfangreiche Log-Speicherung
+}
+
+// LogisticsContext captures logistics/transport compliance data
+type LogisticsContext struct {
+	DriverTracking       bool `json:"driver_tracking"`        // Fahrer-/Kurier-Tracking
+	RouteOptimization    bool `json:"route_optimization"`     // Routenoptimierung mit Personenbezug
+	WorkloadScoring      bool `json:"workload_scoring"`       // Leistungsbewertung Lagerarbeiter
+	PredictiveMaint      bool `json:"predictive_maintenance"` // Vorausschauende Wartung
+}
+
+// ConstructionContext captures construction/real estate data
+type ConstructionContext struct {
+	SafetyMonitoring     bool `json:"safety_monitoring"`      // Baustellensicherheit per KI
+	TenantScreening      bool `json:"tenant_screening"`       // KI-gestuetzte Mieterauswahl
+	BuildingAutomation   bool `json:"building_automation"`    // Gebaeudesteuerung
+	WorkerSafety         bool `json:"worker_safety"`          // Arbeitsschutzueberwachung
+}
+
+// MarketingContext captures marketing/media compliance data
+type MarketingContext struct {
+	DeepfakeContent      bool `json:"deepfake_content"`       // Synthetische Inhalte (Deepfakes)
+	ContentModeration    bool `json:"content_moderation"`     // Automatische Inhaltsmoderation
+	BehavioralTargeting  bool `json:"behavioral_targeting"`   // Verhaltensbasiertes Targeting
+	MinorsTargeted       bool `json:"minors_targeted"`        // Minderjaehrige als Zielgruppe
+	AIContentLabeled     bool `json:"ai_content_labeled"`     // KI-Inhalte als solche gekennzeichnet
+}
+
+// ManufacturingContext captures manufacturing/CE safety data
+type ManufacturingContext struct {
+	MachineSafety        bool `json:"machine_safety"`         // Maschinensicherheit
+	QualityControl       bool `json:"quality_control"`        // KI in Qualitaetskontrolle
+	ProcessControl       bool `json:"process_control"`        // KI steuert Fertigungsprozess
+	CEMarkingRequired    bool `json:"ce_marking_required"`    // CE-Kennzeichnung erforderlich
+	SafetyValidated      bool `json:"safety_validated"`       // Sicherheitsvalidierung durchgefuehrt
+}
+
 // DataTypes specifies what kinds of data are processed
 type DataTypes struct {
 	PersonalData     bool `json:"personal_data"`

ai-compliance-sdk/internal/ucca/policy_engine.go

@@ -482,6 +482,56 @@ func (e *PolicyEngine) getFieldValue(field string, intake *UseCaseIntake) interf
 			return nil
 		}
 		return e.getHealthcareContextValue(parts[1], intake)
+	case "legal_context":
+		if len(parts) < 2 || intake.LegalContext == nil {
+			return nil
+		}
+		return e.getLegalContextValue(parts[1], intake)
+	case "public_sector_context":
+		if len(parts) < 2 || intake.PublicSectorContext == nil {
+			return nil
+		}
+		return e.getPublicSectorContextValue(parts[1], intake)
+	case "critical_infra_context":
+		if len(parts) < 2 || intake.CriticalInfraContext == nil {
+			return nil
+		}
+		return e.getCriticalInfraContextValue(parts[1], intake)
+	case "automotive_context":
+		if len(parts) < 2 || intake.AutomotiveContext == nil {
+			return nil
+		}
+		return e.getAutomotiveContextValue(parts[1], intake)
+	case "retail_context":
+		if len(parts) < 2 || intake.RetailContext == nil {
+			return nil
+		}
+		return e.getRetailContextValue(parts[1], intake)
+	case "it_security_context":
+		if len(parts) < 2 || intake.ITSecurityContext == nil {
+			return nil
+		}
+		return e.getITSecurityContextValue(parts[1], intake)
+	case "logistics_context":
+		if len(parts) < 2 || intake.LogisticsContext == nil {
+			return nil
+		}
+		return e.getLogisticsContextValue(parts[1], intake)
+	case "construction_context":
+		if len(parts) < 2 || intake.ConstructionContext == nil {
+			return nil
+		}
+		return e.getConstructionContextValue(parts[1], intake)
+	case "marketing_context":
+		if len(parts) < 2 || intake.MarketingContext == nil {
+			return nil
+		}
+		return e.getMarketingContextValue(parts[1], intake)
+	case "manufacturing_context":
+		if len(parts) < 2 || intake.ManufacturingContext == nil {
+			return nil
+		}
+		return e.getManufacturingContextValue(parts[1], intake)
 	}
 
 	return nil
@@ -552,6 +602,123 @@ func (e *PolicyEngine) getHealthcareContextValue(field string, intake *UseCaseIn
 	return nil
 }
 
+func (e *PolicyEngine) getLegalContextValue(field string, intake *UseCaseIntake) interface{} {
+	if intake.LegalContext == nil { return nil }
+	switch field {
+	case "legal_advice": return intake.LegalContext.LegalAdvice
+	case "contract_analysis": return intake.LegalContext.ContractAnalysis
+	case "court_prediction": return intake.LegalContext.CourtPrediction
+	case "access_to_justice": return intake.LegalContext.AccessToJustice
+	case "client_confidential": return intake.LegalContext.ClientConfidential
+	}
+	return nil
+}
+
+func (e *PolicyEngine) getPublicSectorContextValue(field string, intake *UseCaseIntake) interface{} {
+	if intake.PublicSectorContext == nil { return nil }
+	switch field {
+	case "admin_decision": return intake.PublicSectorContext.AdminDecision
+	case "citizen_service": return intake.PublicSectorContext.CitizenService
+	case "benefit_allocation": return intake.PublicSectorContext.BenefitAllocation
+	case "public_safety": return intake.PublicSectorContext.PublicSafety
+	case "transparency_ensured": return intake.PublicSectorContext.TransparencyEnsured
+	}
+	return nil
+}
+
+func (e *PolicyEngine) getCriticalInfraContextValue(field string, intake *UseCaseIntake) interface{} {
+	if intake.CriticalInfraContext == nil { return nil }
+	switch field {
+	case "grid_control": return intake.CriticalInfraContext.GridControl
+	case "safety_critical": return intake.CriticalInfraContext.SafetyCritical
+	case "anomaly_detection": return intake.CriticalInfraContext.AnomalyDetection
+	case "redundancy_exists": return intake.CriticalInfraContext.RedundancyExists
+	case "incident_response": return intake.CriticalInfraContext.IncidentResponse
+	}
+	return nil
+}
+
+func (e *PolicyEngine) getAutomotiveContextValue(field string, intake *UseCaseIntake) interface{} {
+	if intake.AutomotiveContext == nil { return nil }
+	switch field {
+	case "autonomous_driving": return intake.AutomotiveContext.AutonomousDriving
+	case "safety_relevant": return intake.AutomotiveContext.SafetyRelevant
+	case "type_approval_needed": return intake.AutomotiveContext.TypeApprovalNeeded
+	case "functional_safety": return intake.AutomotiveContext.FunctionalSafety
+	}
+	return nil
+}
+
+func (e *PolicyEngine) getRetailContextValue(field string, intake *UseCaseIntake) interface{} {
+	if intake.RetailContext == nil { return nil }
+	switch field {
+	case "pricing_personalized": return intake.RetailContext.PricingPersonalized
+	case "customer_profiling": return intake.RetailContext.CustomerProfiling
+	case "recommendation_engine": return intake.RetailContext.RecommendationEngine
+	case "credit_scoring": return intake.RetailContext.CreditScoring
+	case "dark_patterns": return intake.RetailContext.DarkPatterns
+	}
+	return nil
+}
+
+func (e *PolicyEngine) getITSecurityContextValue(field string, intake *UseCaseIntake) interface{} {
+	if intake.ITSecurityContext == nil { return nil }
+	switch field {
+	case "employee_surveillance": return intake.ITSecurityContext.EmployeeSurveillance
+	case "network_monitoring": return intake.ITSecurityContext.NetworkMonitoring
+	case "threat_detection": return intake.ITSecurityContext.ThreatDetection
+	case "access_control_ai": return intake.ITSecurityContext.AccessControl
+	case "data_retention_logs": return intake.ITSecurityContext.DataRetention
+	}
+	return nil
+}
+
+func (e *PolicyEngine) getLogisticsContextValue(field string, intake *UseCaseIntake) interface{} {
+	if intake.LogisticsContext == nil { return nil }
+	switch field {
+	case "driver_tracking": return intake.LogisticsContext.DriverTracking
+	case "route_optimization": return intake.LogisticsContext.RouteOptimization
+	case "workload_scoring": return intake.LogisticsContext.WorkloadScoring
+	case "predictive_maintenance": return intake.LogisticsContext.PredictiveMaint
+	}
+	return nil
+}
+
+func (e *PolicyEngine) getConstructionContextValue(field string, intake *UseCaseIntake) interface{} {
+	if intake.ConstructionContext == nil { return nil }
+	switch field {
+	case "safety_monitoring": return intake.ConstructionContext.SafetyMonitoring
+	case "tenant_screening": return intake.ConstructionContext.TenantScreening
+	case "building_automation": return intake.ConstructionContext.BuildingAutomation
+	case "worker_safety": return intake.ConstructionContext.WorkerSafety
+	}
+	return nil
+}
+
+func (e *PolicyEngine) getMarketingContextValue(field string, intake *UseCaseIntake) interface{} {
+	if intake.MarketingContext == nil { return nil }
+	switch field {
+	case "deepfake_content": return intake.MarketingContext.DeepfakeContent
+	case "content_moderation": return intake.MarketingContext.ContentModeration
+	case "behavioral_targeting": return intake.MarketingContext.BehavioralTargeting
+	case "minors_targeted": return intake.MarketingContext.MinorsTargeted
+	case "ai_content_labeled": return intake.MarketingContext.AIContentLabeled
+	}
+	return nil
+}
+
+func (e *PolicyEngine) getManufacturingContextValue(field string, intake *UseCaseIntake) interface{} {
+	if intake.ManufacturingContext == nil { return nil }
+	switch field {
+	case "machine_safety": return intake.ManufacturingContext.MachineSafety
+	case "quality_control": return intake.ManufacturingContext.QualityControl
+	case "process_control": return intake.ManufacturingContext.ProcessControl
+	case "ce_marking_required": return intake.ManufacturingContext.CEMarkingRequired
+	case "safety_validated": return intake.ManufacturingContext.SafetyValidated
+	}
+	return nil
+}
+
 func (e *PolicyEngine) getDataTypeValue(field string, intake *UseCaseIntake) interface{} {
 	switch field {
 	case "personal_data":

ai-compliance-sdk/policies/ucca_policy_v1.yaml

@@ -1150,6 +1150,249 @@ rules:
     gdpr_ref: "Art. 9 DSGVO"
     rationale: "Gesundheitsdaten sind besondere Kategorien mit erhoehtem Schutzbedarf"
 
+  # Legal / Justice (Annex III Nr. 8)
+  - id: R-LEG-001
+    category: "K. Legal Hochrisiko"
+    title: "KI gibt Rechtsberatung"
+    description: "KI generiert rechtliche Empfehlungen oder Einschaetzungen"
+    condition: { field: "legal_context.legal_advice", operator: "equals", value: true }
+    effect: { risk_add: 15, controls_add: [C_HUMAN_OVERSIGHT] }
+    severity: WARN
+    gdpr_ref: "Annex III Nr. 8 AI Act"
+    rationale: "Rechtsberatung durch KI kann Zugang zur Justiz beeintraechtigen"
+
+  - id: R-LEG-002
+    category: "K. Legal Hochrisiko"
+    title: "KI prognostiziert Gerichtsurteile"
+    description: "System erstellt Prognosen ueber Verfahrensausgaenge"
+    condition: { field: "legal_context.court_prediction", operator: "equals", value: true }
+    effect: { risk_add: 20, dsfa_recommended: true }
+    severity: WARN
+    rationale: "Urteilsprognosen koennen rechtliches Verhalten verzerren"
+
+  - id: R-LEG-003
+    category: "K. Legal Hochrisiko"
+    title: "Mandantengeheimnis bei KI-Verarbeitung"
+    description: "Vertrauliche Mandantendaten werden durch KI verarbeitet"
+    condition: { field: "legal_context.client_confidential", operator: "equals", value: true }
+    effect: { risk_add: 15, controls_add: [C_ENCRYPTION] }
+    severity: WARN
+    rationale: "Mandantengeheimnis erfordert besonderen Schutz (§ 203 StGB)"
+
+  # Public Sector (Art. 27 FRIA)
+  - id: R-PUB-001
+    category: "K. Oeffentlicher Sektor"
+    title: "KI in Verwaltungsentscheidungen"
+    description: "KI beeinflusst Verwaltungsakte oder Bescheide"
+    condition: { field: "public_sector_context.admin_decision", operator: "equals", value: true }
+    effect: { risk_add: 25, dsfa_recommended: true, controls_add: [C_FRIA, C_HUMAN_OVERSIGHT] }
+    severity: WARN
+    rationale: "Verwaltungsentscheidungen erfordern FRIA (Art. 27 AI Act)"
+
+  - id: R-PUB-002
+    category: "K. Oeffentlicher Sektor"
+    title: "KI verteilt oeffentliche Leistungen"
+    description: "KI entscheidet ueber Zuteilung von Sozialleistungen oder Foerderung"
+    condition: { field: "public_sector_context.benefit_allocation", operator: "equals", value: true }
+    effect: { risk_add: 25, feasibility: CONDITIONAL }
+    severity: WARN
+    rationale: "Leistungszuteilung betrifft Grundrecht auf soziale Sicherheit"
+
+  - id: R-PUB-003
+    category: "K. Oeffentlicher Sektor"
+    title: "Fehlende Transparenz gegenueber Buergern"
+    condition:
+      all_of:
+        - field: "public_sector_context.citizen_service"
+          operator: "equals"
+          value: true
+        - field: "public_sector_context.transparency_ensured"
+          operator: "equals"
+          value: false
+    effect: { risk_add: 15, controls_add: [C_TRANSPARENCY] }
+    severity: WARN
+    rationale: "Oeffentliche Stellen haben erhoehte Transparenzpflicht"
+
+  # Critical Infrastructure (NIS2 + Annex III Nr. 2)
+  - id: R-CRIT-001
+    category: "K. Kritische Infrastruktur"
+    title: "Sicherheitskritische KI-Steuerung ohne Redundanz"
+    condition:
+      all_of:
+        - field: "critical_infra_context.safety_critical"
+          operator: "equals"
+          value: true
+        - field: "critical_infra_context.redundancy_exists"
+          operator: "equals"
+          value: false
+    effect: { risk_add: 30, feasibility: NO }
+    severity: BLOCK
+    rationale: "Sicherheitskritische Steuerung ohne Redundanz ist unzulaessig"
+
+  - id: R-CRIT-002
+    category: "K. Kritische Infrastruktur"
+    title: "KI steuert Netz-/Infrastruktur"
+    condition: { field: "critical_infra_context.grid_control", operator: "equals", value: true }
+    effect: { risk_add: 20, controls_add: [C_INCIDENT_RESPONSE, C_HUMAN_OVERSIGHT] }
+    severity: WARN
+    rationale: "Netzsteuerung durch KI erfordert NIS2-konforme Absicherung"
+
+  # Automotive / Aerospace
+  - id: R-AUTO-001
+    category: "K. Automotive Hochrisiko"
+    title: "Autonomes Fahren / ADAS"
+    condition: { field: "automotive_context.autonomous_driving", operator: "equals", value: true }
+    effect: { risk_add: 30, controls_add: [C_HUMAN_OVERSIGHT, C_FRIA] }
+    severity: WARN
+    rationale: "Autonomes Fahren ist sicherheitskritisch und hochreguliert"
+
+  - id: R-AUTO-002
+    category: "K. Automotive Hochrisiko"
+    title: "Sicherheitsrelevant ohne Functional Safety"
+    condition:
+      all_of:
+        - field: "automotive_context.safety_relevant"
+          operator: "equals"
+          value: true
+        - field: "automotive_context.functional_safety"
+          operator: "equals"
+          value: false
+    effect: { risk_add: 25, feasibility: CONDITIONAL }
+    severity: WARN
+    rationale: "Sicherheitsrelevante Systeme erfordern ISO 26262 Konformitaet"
+
+  # Retail / E-Commerce
+  - id: R-RET-001
+    category: "K. Retail"
+    title: "Personalisierte Preise durch KI"
+    condition: { field: "retail_context.pricing_personalized", operator: "equals", value: true }
+    effect: { risk_add: 15, controls_add: [C_TRANSPARENCY] }
+    severity: WARN
+    rationale: "Personalisierte Preise koennen Verbraucher benachteiligen (DSA Art. 25)"
+
+  - id: R-RET-002
+    category: "K. Retail"
+    title: "Bonitaetspruefung bei Kauf"
+    condition: { field: "retail_context.credit_scoring", operator: "equals", value: true }
+    effect: { risk_add: 20, dsfa_recommended: true, art22_risk: true }
+    severity: WARN
+    rationale: "Kredit-Scoring ist Annex III Nr. 5 AI Act (Zugang zu Diensten)"
+
+  - id: R-RET-003
+    category: "K. Retail"
+    title: "Dark Patterns moeglich"
+    condition: { field: "retail_context.dark_patterns", operator: "equals", value: true }
+    effect: { risk_add: 15 }
+    severity: WARN
+    rationale: "Manipulative UI-Muster verstossen gegen DSA und Verbraucherrecht"
+
+  # IT / Cybersecurity / Telecom
+  - id: R-ITS-001
+    category: "K. IT-Sicherheit"
+    title: "KI-gestuetzte Mitarbeiterueberwachung"
+    condition: { field: "it_security_context.employee_surveillance", operator: "equals", value: true }
+    effect: { risk_add: 20, dsfa_recommended: true }
+    severity: WARN
+    rationale: "Mitarbeiterueberwachung ist §87 BetrVG + DSGVO relevant"
+
+  - id: R-ITS-002
+    category: "K. IT-Sicherheit"
+    title: "Umfangreiche Log-Speicherung"
+    condition: { field: "it_security_context.data_retention_logs", operator: "equals", value: true }
+    effect: { risk_add: 10, controls_add: [C_DATA_MINIMIZATION] }
+    severity: INFO
+    rationale: "Datenminimierung beachten auch bei Security-Logs"
+
+  # Logistics
+  - id: R-LOG-001
+    category: "K. Logistik"
+    title: "Fahrer-/Kurier-Tracking"
+    condition: { field: "logistics_context.driver_tracking", operator: "equals", value: true }
+    effect: { risk_add: 20 }
+    severity: WARN
+    rationale: "GPS-Tracking ist Verhaltenskontrolle (§87 BetrVG)"
+
+  - id: R-LOG-002
+    category: "K. Logistik"
+    title: "Leistungsbewertung Lagerarbeiter"
+    condition: { field: "logistics_context.workload_scoring", operator: "equals", value: true }
+    effect: { risk_add: 20, art22_risk: true }
+    severity: WARN
+    rationale: "Leistungs-Scoring ist Annex III Nr. 4 (Employment)"
+
+  # Construction / Real Estate
+  - id: R-CON-001
+    category: "K. Bau/Immobilien"
+    title: "KI-gestuetzte Mieterauswahl"
+    condition: { field: "construction_context.tenant_screening", operator: "equals", value: true }
+    effect: { risk_add: 20, dsfa_recommended: true }
+    severity: WARN
+    rationale: "Mieterauswahl betrifft Zugang zu Wohnraum (Grundrecht)"
+
+  - id: R-CON-002
+    category: "K. Bau/Immobilien"
+    title: "KI-Arbeitsschutzueberwachung"
+    condition: { field: "construction_context.worker_safety", operator: "equals", value: true }
+    effect: { risk_add: 15 }
+    severity: WARN
+    rationale: "Arbeitsschutzueberwachung kann Verhaltenskontrolle sein"
+
+  # Marketing / Media
+  - id: R-MKT-001
+    category: "K. Marketing/Medien"
+    title: "Deepfake-Inhalte ohne Kennzeichnung"
+    condition:
+      all_of:
+        - field: "marketing_context.deepfake_content"
+          operator: "equals"
+          value: true
+        - field: "marketing_context.ai_content_labeled"
+          operator: "equals"
+          value: false
+    effect: { risk_add: 20, feasibility: NO }
+    severity: BLOCK
+    rationale: "Art. 50 Abs. 4 AI Act: Deepfakes muessen gekennzeichnet werden"
+
+  - id: R-MKT-002
+    category: "K. Marketing/Medien"
+    title: "Minderjaehrige als Zielgruppe"
+    condition: { field: "marketing_context.minors_targeted", operator: "equals", value: true }
+    effect: { risk_add: 20, controls_add: [C_DSFA] }
+    severity: WARN
+    rationale: "Besonderer Schutz Minderjaehriger (DSA + DSGVO)"
+
+  - id: R-MKT-003
+    category: "K. Marketing/Medien"
+    title: "Verhaltensbasiertes Targeting"
+    condition: { field: "marketing_context.behavioral_targeting", operator: "equals", value: true }
+    effect: { risk_add: 15, dsfa_recommended: true }
+    severity: WARN
+    rationale: "Behavioral Targeting ist Profiling (Art. 22 DSGVO)"
+
+  # Manufacturing / CE
+  - id: R-MFG-001
+    category: "K. Fertigung"
+    title: "KI in Maschinensicherheit ohne Validierung"
+    condition:
+      all_of:
+        - field: "manufacturing_context.machine_safety"
+          operator: "equals"
+          value: true
+        - field: "manufacturing_context.safety_validated"
+          operator: "equals"
+          value: false
+    effect: { risk_add: 30, feasibility: NO }
+    severity: BLOCK
+    rationale: "Maschinenverordnung (EU) 2023/1230 erfordert Sicherheitsvalidierung"
+
+  - id: R-MFG-002
+    category: "K. Fertigung"
+    title: "CE-Kennzeichnung erforderlich"
+    condition: { field: "manufacturing_context.ce_marking_required", operator: "equals", value: true }
+    effect: { risk_add: 15, controls_add: [C_CE_CONFORMITY] }
+    severity: WARN
+    rationale: "CE-Kennzeichnung ist Pflicht fuer Maschinenprodukte mit KI"
+
   # ---------------------------------------------------------------------------
   # G. Aggregation & Ergebnis
   # ---------------------------------------------------------------------------