Archived

This repository has been archived on 2026-02-15. You can view files and clone it. You cannot open issues or pull requests or push a commit.

Files

BreakPilot Dev 19855efacc

Tests / Go Tests (push) Has been cancelled

Details

Tests / Python Tests (push) Has been cancelled

Details

Tests / Integration Tests (push) Has been cancelled

Details

Tests / Go Lint (push) Has been cancelled

Details

Tests / Python Lint (push) Has been cancelled

Details

Tests / Security Scan (push) Has been cancelled

Details

Tests / All Checks Passed (push) Has been cancelled

Details

Security Scanning / Secret Scanning (push) Has been cancelled

Details

Security Scanning / Dependency Vulnerability Scan (push) Has been cancelled

Details

Security Scanning / Go Security Scan (push) Has been cancelled

Details

Security Scanning / Python Security Scan (push) Has been cancelled

Details

Security Scanning / Node.js Security Scan (push) Has been cancelled

Details

Security Scanning / Docker Image Security (push) Has been cancelled

Details

Security Scanning / Security Summary (push) Has been cancelled

Details

CI/CD Pipeline / Go Tests (push) Has been cancelled

Details

CI/CD Pipeline / Python Tests (push) Has been cancelled

Details

CI/CD Pipeline / Website Tests (push) Has been cancelled

Details

CI/CD Pipeline / Linting (push) Has been cancelled

Details

CI/CD Pipeline / Security Scan (push) Has been cancelled

Details

CI/CD Pipeline / Docker Build & Push (push) Has been cancelled

Details

CI/CD Pipeline / Integration Tests (push) Has been cancelled

Details

CI/CD Pipeline / Deploy to Staging (push) Has been cancelled

Details

CI/CD Pipeline / Deploy to Production (push) Has been cancelled

Details

CI/CD Pipeline / CI Summary (push) Has been cancelled

Details

ci/woodpecker/manual/build-ci-image Pipeline was successful

Details

ci/woodpecker/manual/main Pipeline failed

Details

feat: BreakPilot PWA - Full codebase (clean push without large binaries)

All services: admin-v2, studio-v2, website, ai-compliance-sdk,
consent-service, klausur-service, voice-service, and infrastructure.
Large PDFs and compiled binaries excluded via .gitignore.

2026-02-11 13:25:58 +01:00

5.0 KiB

Raw Permalink Blame History

AI Compliance SDK

Das AI Compliance SDK ist ein Go-basierter Service zur Compliance-Bewertung von KI-Anwendungsfällen.

Übersicht

Eigenschaft	Wert
Port	8090
Framework	Go (Gin)
Datenbank	PostgreSQL
Vector DB	Qdrant (Legal RAG)

Kernkomponenten

┌─────────────────────────────────────────────────────────────────────────────┐
│                              UCCA System                                      │
├─────────────────────────────────────────────────────────────────────────────┤
│                                                                               │
│   ┌──────────────┐    ┌──────────────┐    ┌──────────────┐                  │
│   │   Frontend   │───>│   SDK API    │───>│  PostgreSQL  │                  │
│   │  (Next.js)   │    │    (Go)      │    │   Database   │                  │
│   └──────────────┘    └──────┬───────┘    └──────────────┘                  │
│                              │                                               │
│         ┌────────────────────┼────────────────────┐                         │
│         │                    │                    │                         │
│         ▼                    ▼                    ▼                         │
│   ┌──────────────┐    ┌──────────────┐    ┌──────────────┐                  │
│   │ Policy       │    │ Escalation   │    │  Legal RAG   │                  │
│   │ Engine       │    │ Workflow     │    │  (Qdrant)    │                  │
│   │ (45 Regeln)  │    │ (E0-E3)      │    │ 2,274 Chunks │                  │
│   └──────────────┘    └──────────────┘    └──────────────┘                  │
│                                                                               │
└─────────────────────────────────────────────────────────────────────────────┘

Features

UCCA (Use-Case Compliance Advisor): Deterministische Bewertung von KI-Anwendungsfällen
Policy Engine: 45 regelbasierte Compliance-Prüfungen
License Policy Engine: Standards/Normen-Compliance (DIN, ISO, VDI)
Legal RAG: Semantische Suche in EU-Verordnungen (DSGVO, AI Act, NIS2)
Eskalations-Workflow: E0-E3 Stufen mit Human-in-the-Loop
Wizard & Legal Assistant: Geführte Eingabe mit Rechtsassistent
Generic Obligations Framework: NIS2, DSGVO, AI Act Module

Kernprinzip

"LLM ist NICHT die Quelle der Wahrheit. Wahrheit = Regeln + Evidenz. LLM = Übersetzer + Subsumptionshelfer"

Das System folgt einem strikten Human-in-the-Loop Ansatz:

Deterministische Regeln treffen alle Compliance-Entscheidungen
LLM erklärt nur Ergebnisse, überschreibt nie BLOCK-Entscheidungen
Menschen (DSB, Legal) treffen finale Entscheidungen bei kritischen Fällen

API-Endpunkte

Assessment

Method	Endpoint	Beschreibung
POST	`/sdk/v1/ucca/assess`	Assessment erstellen
GET	`/sdk/v1/ucca/assessments`	Assessments auflisten
GET	`/sdk/v1/ucca/assessments/:id`	Assessment abrufen
POST	`/sdk/v1/ucca/assessments/:id/explain`	LLM-Erklärung generieren

Eskalation

Method	Endpoint	Beschreibung
GET	`/sdk/v1/ucca/escalations`	Eskalationen auflisten
POST	`/sdk/v1/ucca/escalations/:id/decide`	Entscheidung treffen

Obligations Framework

Method	Endpoint	Beschreibung
POST	`/sdk/v1/ucca/obligations/assess`	Pflichten-Assessment
POST	`/sdk/v1/ucca/obligations/export/memo`	PDF-Export

Weiterführende Dokumentation

Architektur - Detaillierte Systemarchitektur
Entwickler-Guide - Entwickler-Dokumentation
Auditor-Dokumentation - Dokumentation für externe Auditoren

Tests

cd ai-compliance-sdk
go test -v ./...

# Mit Coverage
go test -cover ./...

5.0 KiB Raw Permalink Blame History

AI Compliance SDK

Übersicht

Kernkomponenten

Features

Kernprinzip

API-Endpunkte

Assessment

Eskalation

Obligations Framework

Weiterführende Dokumentation

Tests

5.0 KiB

Raw Permalink Blame History