Sentinel Sovereignty Report

Project: sentinel-preview · Storage: sqlite · Data residency: EU-DE · Sovereign scope: EU
Generated: 2026-04-11
EU AI Act Annex III enforcement: 2 August 2026. High-risk AI systems must prove automatic tamper-resistant logging.
113
days remaining

Executive summary

Your system meets EU sovereignty requirements.

The runtime sovereignty score is 98% — that is the fraction of installed Python packages with no US CLOUD Act exposure. EU AI Act overall status: PARTIAL. Automated coverage of the required articles: 50%.

Where the report flags partial or non-compliant items, the "recommended actions" block below names each one in priority order. Every action corresponds to a specific file or configuration change.

98%
Sovereignty score

109 of 111 installed packages are EU-sovereign or neutral. 3 are US-incorporated and subject to the CLOUD Act. 81 are unknown.

Critical-path violations: 0. This is a runtime snapshot. CI/CD and infrastructure are reported separately below.

EU AI Act compliance

Overall: PARTIAL · Automated coverage: 50%

Article Title Status Detail What to do
Art. 9Risk managementPARTIALPolicy evaluator configured; every decision records the policy result.Configure a PolicyEvaluator — SimpleRuleEvaluator or LocalRegoEvaluator.
Art. 10Data governanceACTION_REQUIREDData governance is not automatable by a middleware kernel.Data governance is a human process — see docs/bsi-profile.md.
Art. 11Technical documentationACTION_REQUIREDAnnex IV technical documentation is a human deliverable.Review manually.
Art. 12Automatic record keepingCOMPLIANTEvery wrapped call produces a DecisionTrace automatically, stored append-only.Enable storage backend for append-only trace persistence.
Art. 13Transparency & information to deployersCOMPLIANTTraces record agent, model, policy name/version, and result per decision.Populate agent, model, and policy metadata on every trace.
Art. 14Human oversightCOMPLIANTKill switch implemented; every override recorded as linked trace entry.Test the kill switch with engage_kill_switch() before go-live.
Art. 15Accuracy, robustness, cybersecurityACTION_REQUIREDModel evaluation and adversarial testing are outside the trace layer.Configure accuracy thresholds and human review workflows.
Art. 17Quality management systemCOMPLIANTContinuous, append-only trace record satisfies the traceability requirement.Run sentinel compliance check as part of CI on every release.

Recommended actions

HIGH
Art. 9 — Risk management
Configure a PolicyEvaluator — SimpleRuleEvaluator or LocalRegoEvaluator.
MEDIUM
Art. 10 — Data governance
Data governance is a human process — see docs/bsi-profile.md.
MEDIUM
Art. 11 — Technical documentation
Review manually.
MEDIUM
Art. 15 — Accuracy, robustness, cybersecurity
Configure accuracy thresholds and human review workflows.

Manifesto status

Overall manifesto score: 100%

DimensionDetail
jurisdiction0 critical-path violations
kill_switchkill switch API present
storagebackend: sqlite
bsitargeting 2026-12-31

Runtime packages

Showing first 60 of 111 installed packages. Sovereign: 109 · US-owned: 3 · Unknown: 81

Package Version Parent Jurisdiction CLOUD Act Critical
shellingham1.5.4UnknownUnknownno
requests2.33.1Python Software FoundationNeutralNOno
more-itertools10.8.0UnknownUnknownno
pexpect4.9.0UnknownUnknownno
grpcio1.80.0UnknownUnknownno
platformdirs4.9.4UnknownUnknownno
rfc39862.0.0UnknownUnknownno
uuid_utils0.14.1UnknownUnknownno
traitlets5.14.3UnknownUnknownno
jaraco.classes3.4.0UnknownUnknownno
opentelemetry-exporter-otlp-proto-common1.41.0UnknownUnknownno
click8.3.1PalletsNeutralNOno
asttokens3.0.1UnknownUnknownno
ptyprocess0.7.0UnknownUnknownno
certifi2026.2.25CertifiNeutralNOno
iniconfig2.3.0UnknownUnknownno
jaraco.context6.1.2UnknownUnknownno
sentinel-kernel1.7.0sentinel-kernelEUNOyes
virtualenv21.2.0UnknownUnknownno
asgiref3.11.1UnknownUnknownno
starlette1.0.0EncodeNeutralNOno
executing2.2.1UnknownUnknownno
pydantic2.12.5Pydantic ServicesUKNOno
pytest-cov7.1.0pytest-covNeutralNOno
uv0.11.3UnknownUnknownno
tomlkit0.14.0UnknownUnknownno
jedi0.19.2UnknownUnknownno
hyperlink21.0.0UnknownUnknownno
idna3.11Kim DaviesNeutralNOno
distlib0.4.0UnknownUnknownno
zstandard0.25.0UnknownUnknownno
build1.4.2UnknownUnknownno
jsonpatch1.33UnknownUnknownno
ipython_pygments_lexers1.1.1UnknownUnknownno
rich14.3.3UnknownUnknownno
userpath1.9.2UnknownUnknownno
librt0.8.1UnknownUnknownno
tenacity9.1.4UnknownUnknownno
prompt_toolkit3.0.52UnknownUnknownno
Django6.0.4UnknownUnknownno
tomli_w1.2.0UnknownUnknownno
psycopg2-binary2.9.11PostgreSQL Global Dev GroupNeutralNOno
httpcore1.0.9EncodeNeutralNOno
filelock3.25.2UnknownUnknownno
decorator5.2.1UnknownUnknownno
opentelemetry-exporter-otlp-proto-http1.41.0UnknownUnknownno
nh30.3.4UnknownUnknownno
stack-data0.6.3UnknownUnknownno
orjson3.11.8UnknownUnknownno
opentelemetry-semantic-conventions0.62b0UnknownUnknownno
markdown-it-py4.0.0UnknownUnknownno
matplotlib-inline0.2.1UnknownUnknownno
docutils0.22.4UnknownUnknownno
opentelemetry-api1.41.0CNCFNeutralNOno
wrapt1.17.3UnknownUnknownno
hatchling1.29.0Ofek LevNeutralNOno
ipython9.12.0UnknownUnknownno
opentelemetry-proto1.41.0UnknownUnknownno
twine6.2.0UnknownUnknownno
h110.16.0python-hyperNeutralNOno

CI/CD findings

File Component Vendor Jurisdiction CLOUD Act
.github/workflows/ci.ymlgithub_actionsGitHub (Microsoft)USYES
.github/workflows/pages.ymlgithub_actionsGitHub (Microsoft)USYES
.github/workflows/release.ymlgithub_actionsGitHub (Microsoft)USYES
pyproject.tomlpypiPython Package IndexUSNO

Infrastructure findings

File Component Vendor Jurisdiction CLOUD Act
No infrastructure findings