Benjamin_Boenisch/breakpilot-compliance
1
1
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity

feat(ai-sdk): classify NIST/OWASP/Grundschutz as technical_standard #37

Merged
Benjamin_Boenisch merged 1 commits from feat/technical-standard-class into main 2026-06-24 10:15:17 +00:00
Conversation 0 Commits 1 Files Changed 4
+36 -6

1 Commits

Author SHA1 Message Date
Benjamin Admin 90e0a57799 feat(ai-sdk): classify technical standards (NIST/OWASP/Grundschutz) as technical_standard
CI / detect-changes (pull_request) Successful in 5s
Details
CI / branch-name (pull_request) Successful in 1s
Details
CI / guardrail-integrity (pull_request) Successful in 4s
Details
CI / secret-scan (pull_request) Successful in 6s
Details
CI / dep-audit (pull_request) Failing after 55s
Details
CI / sbom-scan (pull_request) Failing after 58s
Details
CI / build-sha-integrity (pull_request) Successful in 6s
Details
CI / validate-canonical-controls (pull_request) Successful in 4s
Details
CI / loc-budget (pull_request) Successful in 18s
Details
CI / go-lint (pull_request) Successful in 41s
Details
CI / python-lint (pull_request) Failing after 13s
Details
CI / nodejs-lint (pull_request) Failing after 1m4s
Details
CI / nodejs-build (pull_request) Successful in 3m0s
Details
CI / test-go (pull_request) Successful in 58s
Details
CI / iace-gt-coverage (pull_request) Successful in 14s
Details
CI / test-python-backend (pull_request) Successful in 25s
Details
CI / test-python-document-crawler (pull_request) Successful in 13s
Details
CI / test-python-dsms-gateway (pull_request) Successful in 10s
Details 
The existing NIST corpus (SP 800-82r3 etc., ingested before source_class tagging)
was classified supervisory_guidance because "NIST" sat in guidanceMarkers, so the
control-intent lift (#36) could never surface it. Add a technical_standard class:

- authority.go: new standardMarkers (NIST/OWASP/Grundschutz/ISO 27001/CSA CCM/CIS),
  checked before guidanceMarkers (so "BSI Grundschutz" -> standard, not BSI guidance);
  move NIST out of guidanceMarkers; sourceClassFromWeight maps weight 80 -> standard.
- authority_rerank.go: the intent-lift path (liftAboveBinding + bestBindingSemantic)
  now classifies via classifyAuthority instead of trusting the raw payload source_class,
  so the untagged legacy corpus is recognized — untagged NIST is now lifted on a
  control question ("Welche Controls passen zu Security Updates?").

Tested: classifier cases for NIST/Grundschutz/weight-80, and an untagged-NIST lift case.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-06-24 12:11:07 +02:00