EU AI Act · Art. 12/13/14 · Apache 2.0

AI decisions. Sovereign. Auditable.

Sentinel wraps any AI agent and records tamper-resistant decision traces to local sovereign storage. Zero cloud dependencies. Zero US CLOUD Act exposure. Air-gapped capable.

✓304 tests ✓97% coverage ✓40/40 smoke

View on GitHub → sentinel report ↗

~/sentinel — python

$ pip install sentinel-kernel
$ python3
>>> from sentinel import Sentinel
>>> s = Sentinel()
>>> @s.trace
... async def approve(ctx):
...     return {"ok": True}
>>> import asyncio
>>> asyncio.run(approve({"amount": 5000}))
{

  "trace_id": "01hx7k9m2n3p",

  "policy_result": "ALLOW",

  "sovereign_scope": "EU",

  "data_residency": "local",

  "inputs_hash": "sha256:a3f8c2d1...",

  "latency_ms": 3,

  "schema_version": "1.0.0"

}
✓ Trace written. Sovereign. Local. Yours.

Most solutions fail the sovereignty test

Three ways to log AI decisions. Only one passes the EU AI Act, the CLOUD Act, and the air-gap test.

Requirement	Cloud observability	Proprietary platforms	Sentinel
Decision records	✓	✓	✓
EU AI Act Art. 12	Partial	Partial	✓ Full
US CLOUD Act exposure	✗ Applies	✗ Applies	✓ None
Air-gapped capable	✗	✗	✓
Open source	Some	✗	✓ Apache 2.0
On-premise	✗	Expensive	✓ Default
BSI path	✗	✗	✓ v2.0 roadmap

The US CLOUD Act (18 U.S.C. § 2713) requires US-incorporated companies to produce data stored anywhere in the world. No EU data-centre agreement eliminates this obligation.

What Sentinel shows you

Live data from a sample deployment. Every chart is inline SVG — zero external resources.

Sovereignty score

Overall sovereignty

Runtime: EU ✓ · Storage: On-premise ✓ · CI/CD: ⚠ acknowledged

EU AI Act coverage

Art. 12

compliant

Art. 13

compliant

Art. 14

compliant

Art. 9

partial

Art. 17

partial

Art. 10

human action

Art. 15

human action

Live decision feed

Time	Agent	Result	ms
12:34:51	procurement_agent	ALLOW	3
12:34:52	access_control	DENY	2
12:34:53	doc_classifier	ALLOW	4
12:34:54	procurement_agent	ALLOW	3
12:34:55	mission_eval	EXCEPTION	8
12:34:56	access_control	ALLOW	2
12:34:57	doc_classifier	DENY	3
12:34:58	procurement_agent	ALLOW	4

Dependency map

Sovereign ✓

sentinel-kernel EU · DE
postgresql EU-neutral
langfuse/self EU · DE (self-hosted)
prometheus CNCF · neutral

Acknowledged gaps ⚠

github-actions US · Microsoft
pypi US-hosted

Acknowledged gaps are documented. Not violations.

Kill switch

● INACTIVE

EU AI Act Art. 14 — human oversight active

sentinel.engage_kill_switch("reason")

Halts all agent calls instantly. No restart.

Enforcement countdown

113

Days to EU AI Act Annex III

2 August 2026 · Penalties up to €15M

Start in 5 minutes

Three steps. Real working code. No placeholders.

from sentinel import Sentinel

sentinel = Sentinel()  # SQLite, zero config

@sentinel.trace
async def my_agent(context: dict) -> dict:
    return {"decision": "approved"}

# Every call produces a sovereign trace
result = await my_agent({"amount": 5000})
print(result)  # {"decision": "approved"}

# Query traces
traces = sentinel.query(limit=1)
print(traces[0].policy_result)  # ALLOW

from sentinel import Sentinel
from sentinel.policy.evaluator import SimpleRuleEvaluator
from sentinel.storage.filesystem import FilesystemStorage

sentinel = Sentinel(
    policy_evaluator=SimpleRuleEvaluator({
        "threshold": lambda ctx: ctx["amount"] <= 10_000
    }),
    storage=FilesystemStorage("/mnt/traces"),
    sovereign_scope="EU",
    data_residency="on-premise-de",
)

@sentinel.trace
async def approve_procurement(ctx: dict) -> dict:
    return {"approved": ctx["amount"] <= 10_000}

# DENY recorded automatically for high-value requests
await approve_procurement({"amount": 50_000})

from sentinel import Sentinel
from sentinel.manifesto import SentinelManifesto
from sentinel.manifesto.requirements import (
    EUOnly, Required, AcknowledgedGap,
)
from sentinel.compliance.euaiact import EUAIActChecker

class OurPolicy(SentinelManifesto):
    name = "Production Sovereignty Policy v1"
    jurisdiction = EUOnly()
    kill_switch = Required()
    ci_cd = AcknowledgedGap(
        provider="GitHub Actions (Microsoft/US)",
        migrating_to="Self-hosted Forgejo",
        by="2027-Q2",
        reason="No EU-sovereign CI with comparable UX",
    )

sentinel = Sentinel()

# Check EU AI Act compliance
report = EUAIActChecker().check(sentinel)
print(report.diff())

# Generate self-contained HTML report
report.save_html("sovereignty_report.html")

# Check manifesto vs reality
manifesto_report = OurPolicy().check(sentinel_instance=sentinel)
print(f"Score: {manifesto_report.overall_score:.0%}")

Built for regulated industries

Four scenarios where a missing trace is worse than a crash.

Defence & Aerospace

Autonomous go/no-go decisions with mission policy evaluation. Kill switch for immediate halt (Art. 14). Air-gapped deployment verified by dedicated test suite. VS-NfD roadmap.

Healthcare AI

Treatment recommendation audit trail. GDPR-compliant data residency. Every clinical AI decision recorded with SHA-256 hash. Art. 14 human oversight for escalation workflows.

Financial Services

Transaction approval automation with DORA-aligned logging. Append-only tamper-resistant records. Regulators get the full trace: what, when, which model, which policy.

Public Administration

Government AI transparency requirements met by default. Sovereign deployment — no foreign jurisdiction access possible. EU AI Act compliance diff for internal auditors.

What's inside

Fourteen features. Seven articles. One honest compliance story.

@sentinel.trace — any agent, sync or async
Kill switch — Art. 14, no restart, thread-safe
SimpleRule + LocalRego (OPA) policy evaluation
SQLite + PostgreSQL + Filesystem storage backends
Air-gapped — network blocked at socket level in CI
LangChain SentinelCallbackHandler
OpenTelemetry — sovereignty attrs in every span
LangFuse — join key: trace_id
Sovereignty scanner — 60+ packages mapped
Manifesto-as-code — COMPLIANT / ACKNOWLEDGED / TARGETING
EU AI Act checker — Art. 9/12/13/14/17
Self-contained HTML report
Full CLI — demo, scan, compliance, report
Docker Compose — Grafana + LangFuse + OTel

Article	Requirement	Sentinel
Art. 12	Auto logging	✓ Full
Art. 13	Transparency	✓ Full
Art. 14	Human oversight	✓ Full
Art. 9	Risk management	~ Partial
Art. 17	Quality management	~ Partial
Art. 10	Data governance	→ Human action
Art. 15	Accuracy	→ Human action

Sentinel is honest about what can and cannot be automated. Articles requiring human action are clearly marked.

Try it now

$ pip install sentinel-kernel

$ sentinel demo

Runs 50 decisions · Kill switch demo · Compliance check
Generates sovereignty_report.html · No Docker required

or — full Grafana demo

git clone https://github.com/sebastianweiss83/sentinel-kernel
cd sentinel-kernel/demo
docker compose -f docker-compose.minimal.yml up
# http://localhost:3001 — Grafana dashboard