Benjamin Admin 659b37cc21 feat(ai-sdk): source_role control-pool — controls are not only technical_standard ...

Live gate test showed control-intent (#36/#37) was inert for the EU cyber corpus:
"Welche Controls passen zu Security Updates?" recalls ENISA good-practices
(relevant measures, but source_class=supervisory_guidance) + binding regs, never
NIST — so lifting technical_standard above binding did nothing.

Per the finalized control-corpus model (User 2026-06-24): add source_role
(functional role) ORTHOGONAL to source_class (legal authority). source_class still
decides rank; source_role decides CONTROL-POOL membership. classifyRole derives 7
roles from markers (no re-tagging): obligation / operational_requirement /
procedural_requirement / control_standard / implementation_guidance /
interpretation / definition.

Control-intent now boosts the control-pool (operational/procedural requirement,
control standard, implementation guidance) over the abstract obligation, soft-
ordered op_req > procedural > standard > guidance (controlPoolGain + role bonus) —
replacing "lift technical_standard above binding". So CRA Annex I
(operational_requirement) wins over NIST (control_standard) for "which measures",
and ENISA (implementation_guidance) enters the pool while staying guidance.

Recall of not-retrieved standards (NIST) for generic control queries = next step
(searchControls). Tested: classifyRole table, role-preference, op_req-Top-1.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

2026-06-24 13:07:22 +02:00

..

ai_act_module_test.go

Initial commit: breakpilot-compliance - Compliance SDK Platform

2026-02-11 23:47:28 +01:00

ai_act_module.go

refactor(go/ucca): split policy_engine, legal_rag, ai_act, nis2, financial_policy, dsgvo_module

2026-04-19 09:48:41 +02:00

ai_act_obligations.go

refactor(go/ucca): split policy_engine, legal_rag, ai_act, nis2, financial_policy, dsgvo_module

2026-04-19 09:48:41 +02:00

ai_act_yaml.go

refactor(go/ucca): split policy_engine, legal_rag, ai_act, nis2, financial_policy, dsgvo_module

2026-04-19 09:48:41 +02:00

authority_rerank_test.go

feat(ai-sdk): authority-aware re-ranking for legal RAG (Phase 1) (#31)

2026-06-23 09:30:52 +00:00

authority_rerank.go

feat(ai-sdk): source_role control-pool — controls are not only technical_standard

2026-06-24 13:07:22 +02:00

authority_test.go

feat(ai-sdk): classify NIST/OWASP/Grundschutz as technical_standard (#37)

2026-06-24 10:15:17 +00:00

authority.go

feat(ai-sdk): classify NIST/OWASP/Grundschutz as technical_standard (#37)

2026-06-24 10:15:17 +00:00

betrvg_test.go

feat: Unified Facts Bridge — Company Profile fuer alle Bewertungsmodule

2026-04-23 16:20:57 +02:00

canonical_control_loader_test.go

feat(canonical-controls): Canonical Control Library — rechtssichere Security Controls

2026-03-12 19:55:06 +01:00

canonical_control_loader.go

feat(canonical-controls): Canonical Control Library — rechtssichere Security Controls

2026-03-12 19:55:06 +01:00

company_profile_test.go

feat: Unified Facts Bridge — Company Profile fuer alle Bewertungsmodule

2026-04-23 16:20:57 +02:00

company_profile.go

feat: Unified Facts Bridge — Company Profile fuer alle Bewertungsmodule

2026-04-23 16:20:57 +02:00

control_role_test.go

feat(ai-sdk): source_role control-pool — controls are not only technical_standard

2026-06-24 13:07:22 +02:00

control_role.go

feat(ai-sdk): source_role control-pool — controls are not only technical_standard

2026-06-24 13:07:22 +02:00

corpus_version.go

feat: add RAG corpus versioning and source policy backend

2026-03-02 07:58:08 +01:00

decision_tree_engine_test.go

feat: AI Act Decision Tree — Zwei-Achsen-Klassifikation (GPAI + High-Risk)

2026-03-29 10:14:09 +02:00

decision_tree_engine.go

feat: AI Act Obligations erweitert (60→81) + Decision Tree Q8 fix

2026-04-12 16:41:29 +02:00

domain_context_test.go

feat: Unified Facts Bridge — Company Profile fuer alle Bewertungsmodule

2026-04-23 16:20:57 +02:00

dsgvo_module.go

refactor(go/ucca): split policy_engine, legal_rag, ai_act, nis2, financial_policy, dsgvo_module

2026-04-19 09:48:41 +02:00

dsgvo_obligations.go

refactor(go/ucca): split policy_engine, legal_rag, ai_act, nis2, financial_policy, dsgvo_module

2026-04-19 09:48:41 +02:00

dsgvo_yaml.go

refactor(go/ucca): split policy_engine, legal_rag, ai_act, nis2, financial_policy, dsgvo_module

2026-04-19 09:48:41 +02:00

escalation_models.go

feat: BetrVG-Compliance-Modul — Obligations, Konflikt-Score, Frontend

2026-04-12 10:49:56 +02:00

escalation_store_dsb.go

refactor(go/ucca): split license_policy, models, pdf_export, escalation_store, obligations_registry

2026-04-19 10:03:51 +02:00

escalation_store.go

refactor(go/ucca): split license_policy, models, pdf_export, escalation_store, obligations_registry

2026-04-19 10:03:51 +02:00

escalation_test.go

Initial commit: breakpilot-compliance - Compliance SDK Platform

2026-02-11 23:47:28 +01:00

examples.go

Initial commit: breakpilot-compliance - Compliance SDK Platform

2026-02-11 23:47:28 +01:00

financial_policy_test.go

Initial commit: breakpilot-compliance - Compliance SDK Platform

2026-02-11 23:47:28 +01:00

financial_policy_types.go

refactor(go/ucca): split policy_engine, legal_rag, ai_act, nis2, financial_policy, dsgvo_module

2026-04-19 09:48:41 +02:00

financial_policy.go

refactor(go/ucca): split policy_engine, legal_rag, ai_act, nis2, financial_policy, dsgvo_module

2026-04-19 09:48:41 +02:00

json_regulation_module.go

feat: Domain-spezifische UCCA-Fragen (HR, Education, Healthcare) + AGG-Modul

2026-04-12 22:06:15 +02:00

legal_corpus_structure_test.go

feat(ai-sdk): legal-corpus coverage + Phase-2 citation-graph assessment (#33)

2026-06-24 06:37:22 +00:00

legal_corpus_structure.go

feat(ai-sdk): legal-corpus coverage + Phase-2 citation-graph assessment (#33)

2026-06-24 06:37:22 +00:00

legal_rag_assess_test.go

feat(ai-sdk): legal-corpus coverage + Phase-2 citation-graph assessment (#33)

2026-06-24 06:37:22 +00:00

legal_rag_assess.go

feat(ai-sdk): legal-corpus coverage + Phase-2 citation-graph assessment (#33)

2026-06-24 06:37:22 +00:00

legal_rag_client.go

feat(ai-sdk): legal-corpus coverage + Phase-2 citation-graph assessment (#33)

2026-06-24 06:37:22 +00:00

legal_rag_context.go

refactor(go/ucca): split policy_engine, legal_rag, ai_act, nis2, financial_policy, dsgvo_module

2026-04-19 09:48:41 +02:00

legal_rag_graph_test.go

feat(ai-sdk): legal-corpus coverage + Phase-2 citation-graph assessment (#33)

2026-06-24 06:37:22 +00:00

legal_rag_graph.go

feat(ai-sdk): legal-corpus coverage + Phase-2 citation-graph assessment (#33)

2026-06-24 06:37:22 +00:00

legal_rag_http.go

feat(ai-sdk): authority-aware re-ranking for legal RAG (Phase 1) (#31)

2026-06-23 09:30:52 +00:00

legal_rag_intent_test.go

feat(ai-sdk): source_role control-pool — controls are not only technical_standard

2026-06-24 13:07:22 +02:00

legal_rag_scroll.go

feat(ai-sdk): authority-aware re-ranking for legal RAG (Phase 1) (#31)

2026-06-23 09:30:52 +00:00

legal_rag_supersede_test.go

feat(ai-sdk): legal-corpus coverage + Phase-2 citation-graph assessment (#33)

2026-06-24 06:37:22 +00:00

legal_rag_test.go

feat(ai-sdk): authority-aware re-ranking for legal RAG (Phase 1) (#31)

2026-06-23 09:30:52 +00:00

legal_rag_types.go

feat(ai-sdk): legal-corpus coverage + Phase-2 citation-graph assessment (#33)

2026-06-24 06:37:22 +00:00

legal_rag.go

refactor(go/ucca): split policy_engine, legal_rag, ai_act, nis2, financial_policy, dsgvo_module

2026-04-19 09:48:41 +02:00

license_policy_test.go

Initial commit: breakpilot-compliance - Compliance SDK Platform

2026-02-11 23:47:28 +01:00

license_policy_types.go

refactor(go/ucca): split license_policy, models, pdf_export, escalation_store, obligations_registry

2026-04-19 10:03:51 +02:00

license_policy.go

refactor(go/ucca): split license_policy, models, pdf_export, escalation_store, obligations_registry

2026-04-19 10:03:51 +02:00

models_assessment.go

feat: Compliance Maximizer — Regulatory Optimization Engine

2026-04-23 09:10:20 +02:00

models_intake.go

feat: Compliance Maximizer — Regulatory Optimization Engine

2026-04-23 09:10:20 +02:00

models.go

feat: Compliance Maximizer — Regulatory Optimization Engine

2026-04-23 09:10:20 +02:00

nis2_module_test.go

Initial commit: breakpilot-compliance - Compliance SDK Platform

2026-02-11 23:47:28 +01:00

nis2_module.go

refactor(go/ucca): split policy_engine, legal_rag, ai_act, nis2, financial_policy, dsgvo_module

2026-04-19 09:48:41 +02:00

nis2_obligations.go

refactor(go/ucca): split policy_engine, legal_rag, ai_act, nis2, financial_policy, dsgvo_module

2026-04-19 09:48:41 +02:00

nis2_yaml.go

refactor(go/ucca): split policy_engine, legal_rag, ai_act, nis2, financial_policy, dsgvo_module

2026-04-19 09:48:41 +02:00

obligation_condition_engine_test.go

feat(ucca): Pflichtendatenbank v2 (325 Obligations), Trigger-Engine, TOM-Control-Mapping

2026-03-05 14:51:44 +01:00

obligation_condition_engine.go

feat(ucca): Pflichtendatenbank v2 (325 Obligations), Trigger-Engine, TOM-Control-Mapping

2026-03-05 14:51:44 +01:00

obligation_yaml_types.go

refactor(go/ucca): split policy_engine, legal_rag, ai_act, nis2, financial_policy, dsgvo_module

2026-04-19 09:48:41 +02:00

obligations_framework.go

feat(ucca): Pflichtendatenbank v2 (325 Obligations), Trigger-Engine, TOM-Control-Mapping

2026-03-05 14:51:44 +01:00

obligations_registry_grouping.go

refactor(go/ucca): split license_policy, models, pdf_export, escalation_store, obligations_registry

2026-04-19 10:03:51 +02:00

obligations_registry.go

refactor(go/ucca): split license_policy, models, pdf_export, escalation_store, obligations_registry

2026-04-19 10:03:51 +02:00

obligations_store.go

Initial commit: breakpilot-compliance - Compliance SDK Platform

2026-02-11 23:47:28 +01:00

pattern_loader_test.go

feat(multi-layer): complete Multi-Layer Control Architecture (Phases 1-8 + Pass 0)

2026-03-17 09:00:37 +01:00

pattern_loader.go

feat(iace): Sprint 3A — Operational State Graph + fix(ucca) flaky keyword sort

2026-05-10 08:05:02 +02:00

patterns.go

Initial commit: breakpilot-compliance - Compliance SDK Platform

2026-02-11 23:47:28 +01:00

pdf_export_markdown.go

refactor(go/ucca): split license_policy, models, pdf_export, escalation_store, obligations_registry

2026-04-19 10:03:51 +02:00

pdf_export_test.go

Initial commit: breakpilot-compliance - Compliance SDK Platform

2026-02-11 23:47:28 +01:00

pdf_export.go

refactor(go/ucca): split license_policy, models, pdf_export, escalation_store, obligations_registry

2026-04-19 10:03:51 +02:00

policy_engine_eval.go

refactor(go/ucca): split policy_engine, legal_rag, ai_act, nis2, financial_policy, dsgvo_module

2026-04-19 09:48:41 +02:00

policy_engine_gen.go

refactor(go/ucca): split policy_engine, legal_rag, ai_act, nis2, financial_policy, dsgvo_module

2026-04-19 09:48:41 +02:00

policy_engine_loader.go

refactor(go/ucca): split policy_engine, legal_rag, ai_act, nis2, financial_policy, dsgvo_module

2026-04-19 09:48:41 +02:00

policy_engine_test.go

Initial commit: breakpilot-compliance - Compliance SDK Platform

2026-02-11 23:47:28 +01:00

policy_engine_types.go

refactor(go/ucca): split policy_engine, legal_rag, ai_act, nis2, financial_policy, dsgvo_module

2026-04-19 09:48:41 +02:00

policy_engine.go

refactor(go/ucca): split policy_engine, legal_rag, ai_act, nis2, financial_policy, dsgvo_module

2026-04-19 09:48:41 +02:00

registration_store.go

feat: EU AI Database Registration (Art. 49) — Backend + Frontend

2026-04-12 17:13:39 +02:00

regulatory_news_test.go

fix(ci): regulatory_news Zeitbomben-Test entschaerfen — test-go + Deploy entsperren

2026-06-21 00:51:47 +02:00

regulatory_news.go

fix(ci): regulatory_news Zeitbomben-Test entschaerfen — test-go + Deploy entsperren

2026-06-21 00:51:47 +02:00

rules_controls.go

refactor(go): split training/store, ucca/rules, ucca_handlers, document_export under 500 LOC

2026-04-19 09:29:54 +02:00

rules_data_fj.go

refactor(go): split training/store, ucca/rules, ucca_handlers, document_export under 500 LOC

2026-04-19 09:29:54 +02:00

rules_data.go

refactor(go): split training/store, ucca/rules, ucca_handlers, document_export under 500 LOC

2026-04-19 09:29:54 +02:00

rules.go

refactor(go): split training/store, ucca/rules, ucca_handlers, document_export under 500 LOC

2026-04-19 09:29:54 +02:00

scope_facts_mapper.go

feat(ucca): Pflichtendatenbank v2 (325 Obligations), Trigger-Engine, TOM-Control-Mapping

2026-03-05 14:51:44 +01:00

store.go

feat: AI Act Decision Tree — Zwei-Achsen-Klassifikation (GPAI + High-Risk)

2026-03-29 10:14:09 +02:00

tom_control_loader.go

feat(ucca): Pflichtendatenbank v2 (325 Obligations), Trigger-Engine, TOM-Control-Mapping

2026-03-05 14:51:44 +01:00

tom_gap_analysis.go

feat(ucca): Pflichtendatenbank v2 (325 Obligations), Trigger-Engine, TOM-Control-Mapping

2026-03-05 14:51:44 +01:00

tom_mapper_test.go

feat(ucca): Pflichtendatenbank v2 (325 Obligations), Trigger-Engine, TOM-Control-Mapping

2026-03-05 14:51:44 +01:00

tom_obligation_mapper.go

feat(ucca): Pflichtendatenbank v2 (325 Obligations), Trigger-Engine, TOM-Control-Mapping

2026-03-05 14:51:44 +01:00

unified_facts.go

feat(ucca): Pflichtendatenbank v2 (325 Obligations), Trigger-Engine, TOM-Control-Mapping

2026-03-05 14:51:44 +01:00

v2_loader_test.go

feat(ucca): Pflichtendatenbank v2 (325 Obligations), Trigger-Engine, TOM-Control-Mapping

2026-03-05 14:51:44 +01:00

v2_loader.go

feat: Regulatory News Dashboard — proaktive Compliance-Alerts

2026-04-25 17:43:19 +02:00