Sentinel Sovereignty Report

Project: sentinel-preview · Storage: sqlite · Data residency: EU-DE · Sovereign scope: EU
Generated: 2026-04-11
EU AI Act Annex III enforcement: 2 August 2026. High-risk AI systems must prove automatic tamper-resistant logging.
113
days remaining

Executive summary

Your system meets EU sovereignty requirements.

The runtime sovereignty score is 98% — that is the fraction of installed Python packages with no US CLOUD Act exposure. EU AI Act overall status: PARTIAL. Automated coverage of the required articles: 50%.

Where the report flags partial or non-compliant items, the "recommended actions" block below names each one in priority order. Every action corresponds to a specific file or configuration change.

98%
Sovereignty score

108 of 110 installed packages are EU-sovereign or neutral. 3 are US-incorporated and subject to the CLOUD Act. 80 are unknown.

Critical-path violations: 0. This is a runtime snapshot. CI/CD and infrastructure are reported separately below.

EU AI Act compliance

Overall: PARTIAL · Automated coverage: 50%

Article Title Status Detail What to do
Art. 9Risk managementPARTIALPolicy evaluator configured; every decision records the policy result.Configure a PolicyEvaluator — SimpleRuleEvaluator or LocalRegoEvaluator.
Art. 10Data governanceACTION_REQUIREDData governance is not automatable by a middleware kernel.Data governance is a human process — see docs/bsi-profile.md.
Art. 11Technical documentationACTION_REQUIREDAnnex IV technical documentation is a human deliverable.Review manually.
Art. 12Automatic record keepingCOMPLIANTEvery wrapped call produces a DecisionTrace automatically, stored append-only.Enable storage backend for append-only trace persistence.
Art. 13Transparency & information to deployersCOMPLIANTTraces record agent, model, policy name/version, and result per decision.Populate agent, model, and policy metadata on every trace.
Art. 14Human oversightCOMPLIANTKill switch implemented; every override recorded as linked trace entry.Test the kill switch with engage_kill_switch() before go-live.
Art. 15Accuracy, robustness, cybersecurityACTION_REQUIREDModel evaluation and adversarial testing are outside the trace layer.Configure accuracy thresholds and human review workflows.
Art. 17Quality management systemCOMPLIANTContinuous, append-only trace record satisfies the traceability requirement.Run sentinel compliance check as part of CI on every release.

Recommended actions

HIGH
Art. 9 — Risk management
Configure a PolicyEvaluator — SimpleRuleEvaluator or LocalRegoEvaluator.
MEDIUM
Art. 10 — Data governance
Data governance is a human process — see docs/bsi-profile.md.
MEDIUM
Art. 11 — Technical documentation
Review manually.
MEDIUM
Art. 15 — Accuracy, robustness, cybersecurity
Configure accuracy thresholds and human review workflows.

Manifesto status

Overall manifesto score: 100%

DimensionDetail
jurisdiction0 critical-path violations
kill_switchkill switch API present
storagebackend: sqlite
bsitargeting 2026-12-31

Runtime packages

Showing first 60 of 110 installed packages. Sovereign: 108 · US-owned: 3 · Unknown: 80

Package Version Parent Jurisdiction CLOUD Act Critical
typing_extensions4.15.0UnknownUnknownno
pip26.0.1UnknownUnknownno
cffi2.0.0UnknownUnknownno
ptyprocess0.7.0UnknownUnknownno
opentelemetry-exporter-otlp-proto-http1.41.0UnknownUnknownno
uv0.11.6UnknownUnknownno
idna3.11Kim DaviesNeutralNOno
charset-normalizer3.4.7OusretNeutralNOno
mypy_extensions1.1.0UnknownUnknownno
stack-data0.6.3UnknownUnknownno
httpcore1.0.9EncodeNeutralNOno
asttokens3.0.1UnknownUnknownno
urllib32.6.3urllib3NeutralNOno
distlib0.4.0UnknownUnknownno
SecretStorage3.5.0UnknownUnknownno
importlib_metadata8.7.1UnknownUnknownno
matplotlib-inline0.2.1UnknownUnknownno
opentelemetry-semantic-conventions0.62b0UnknownUnknownno
sentinel-kernel2.4.0sentinel-kernelEUNOyes
rich14.3.4UnknownUnknownno
jupyterlab_widgets3.0.16UnknownUnknownno
markdown-it-py4.0.0UnknownUnknownno
pytest-asyncio1.3.0pytest-devNeutralNOno
platformdirs4.9.6UnknownUnknownno
httpx0.28.1EncodeNeutralNOno
backoff2.2.1UnknownUnknownno
opentelemetry-api1.41.0CNCFNeutralNOno
protobuf6.33.6UnknownUnknownno
shellingham1.5.4UnknownUnknownno
pycparser3.0UnknownUnknownno
prometheus_client0.25.0PrometheusNeutralNOno
orjson3.11.8UnknownUnknownno
opentelemetry-exporter-otlp-proto-common1.41.0UnknownUnknownno
pyproject_hooks1.2.0UnknownUnknownno
hyperlink21.0.0UnknownUnknownno
keyring25.7.0UnknownUnknownno
mypy1.20.0Python Software FoundationNeutralNOno
jsonpatch1.33UnknownUnknownno
widgetsnbextension4.0.15UnknownUnknownno
python-discovery1.2.2UnknownUnknownno
zstandard0.25.0UnknownUnknownno
Django6.0.4UnknownUnknownno
pytest-cov7.1.0pytest-covNeutralNOno
psycopg2-binary2.9.11PostgreSQL Global Dev GroupNeutralNOno
zipp3.23.0UnknownUnknownno
prompt_toolkit3.0.52UnknownUnknownno
librt0.9.0UnknownUnknownno
opentelemetry-sdk1.41.0CNCFNeutralNOno
PyYAML6.0.3YAMLNeutralNOno
requests2.33.1Python Software FoundationNeutralNOno
tomlkit0.14.0UnknownUnknownno
iniconfig2.3.0UnknownUnknownno
opentelemetry-proto1.41.0UnknownUnknownno
mdurl0.1.2UnknownUnknownno
certifi2026.2.25CertifiNeutralNOno
grpcio1.80.0UnknownUnknownno
Pygments2.20.0UnknownUnknownno
comm0.2.3UnknownUnknownno
typing-inspection0.4.2UnknownUnknownno
langsmith0.7.30LangChain Inc.USYESno

CI/CD findings

File Component Vendor Jurisdiction CLOUD Act
.github/workflows/ci.ymlgithub_actionsGitHub (Microsoft)USYES
.github/workflows/pages.ymlgithub_actionsGitHub (Microsoft)USYES
.github/workflows/release.ymlgithub_actionsGitHub (Microsoft)USYES
.github/workflows/rust.ymlgithub_actionsGitHub (Microsoft)USYES
pyproject.tomlpypiPython Package IndexUSNO

Infrastructure findings

File Component Vendor Jurisdiction CLOUD Act
No infrastructure findings