Sentinel v3.3.0 — Agility infrastructure for regulated AI

What's new in v3.3.0

The Auditor Release. Signed PDF evidence packs. One-stop CI check. Honest-scope framing. Runtime briefing for technical evaluators.

Signed PDF evidence pack

sentinel evidence-pack — one command produces a cover page, executive summary, EU AI Act / DORA / NIS2 coverage, trace samples, SHA-256 hash manifest, and a sovereign attestation. Reproducible, offline-verifiable, suitable as an audit binder artefact.

sentinel evidence-pack --output audit-q2.pdf

One-stop CI check

sentinel ci-check — aggregates the EU AI Act snapshot, runtime sovereignty scan, and an optional manifesto check into a single exit code. Fully in-process. No subprocesses. No network. Works air-gapped.

sentinel ci-check --manifesto manifesto.py:MyManifesto

Runtime briefing

New operator-grade briefing page. Operating picture, runtime walkthrough, decision record, evidence route, deployment posture, and scope. Dark and light mode, keyboard navigable, no framework, no tracking.

runtime-briefing.html ↗

Honest-scope framing

README, CLI --help, and docs/eu-ai-act.md now consistently name Sentinel as the decision-trace and policy-enforcement layer for EU AI Act Art. 12 / 13 / 14 / 17. Not a full compliance solution, and no middleware kernel can be.

sentinel compliance check --all-frameworks

Test suite: 686 tests, 100% line and branch coverage enforced in CI. Policy-as-code runs as 5 CI gates on every PR. No new hard dependencies — reportlab is an optional [pdf] extra.

Most solutions fail the provability test

Three ways to log autonomous decisions in Europe. Only one passes the EU AI Act, the CLOUD Act, and the air-gap test together.

Requirement	Cloud observability	Proprietary platforms	Sentinel
Decision records	✓	✓	✓
EU AI Act Art. 12	Partial	Partial	✓ Full
US CLOUD Act exposure	✗ Applies	✗ Applies	✓ None
Air-gapped capable	✗	✗	✓
Open source	Some	✗	✓ Apache 2.0
On-premise	✗	Expensive	✓ Default
BSI path	✗	✗	✓ v3.0 ready
Policy-as-code CI	✗	✗	✓ 5 gates, every PR
ML classifier governance	✗	✗	✓
Rule engine audit trail	✗	✗	✓

The US CLOUD Act (18 U.S.C. § 2713) requires US-incorporated companies to produce data stored anywhere in the world. No EU data-centre agreement eliminates this obligation.

The four modules

One codebase. One CLI. One installation. Four named entry points — Trace, Policy, Evidence, Federation — for four buyer archetypes.

Trace

Record every decision. EU AI Act Art. 12 automated. @sentinel.trace in one line.

Policy

Enforce every policy. Kill switch (Art. 14), OPA/Rego, Python rules, preflight.

Evidence

Prove to your auditor. Signed PDF packs, portable attestations, compliance reports.

Federation

Multi-institution aggregation. Roadmap — RFC-002 planned.

What Sentinel shows you

Live data from a sample deployment. Every chart is inline SVG — zero external resources.

Provability score

Overall provability

Runtime: EU ✓ · Storage: On-premise ✓ · CI/CD: ⚠ acknowledged

EU AI Act coverage

Art. 12

compliant

Art. 13

compliant

Art. 14

compliant

Art. 9

partial

Art. 17

partial

Art. 10

human action

Art. 15

human action

Live decision feed

Time	Agent	Result	ms
12:34:51	procurement_agent	ALLOW	3
12:34:52	access_control	DENY	2
12:34:53	doc_classifier	ALLOW	4
12:34:54	procurement_agent	ALLOW	3
12:34:55	mission_eval	EXCEPTION	8
12:34:56	access_control	ALLOW	2
12:34:57	doc_classifier	DENY	3
12:34:58	procurement_agent	ALLOW	4

Dependency map

Provable ✓

sentinel-kernel EU · DE
postgresql EU-neutral
langfuse/self EU · DE (self-hosted)
prometheus CNCF · neutral

Acknowledged gaps ⚠

github-actions US · Microsoft
pypi US-hosted

Acknowledged gaps are documented. Not violations.

Kill switch

● INACTIVE

EU AI Act Art. 14 — human oversight active

sentinel.engage_kill_switch("reason")

Halts all agent calls instantly. No restart.

Enforcement countdown

107

Days to EU AI Act Annex III

2 August 2026 · Penalties up to €15M

Start in 2 minutes

Evaluate the full Record · Enforce · Prove stack — or embed it in your code.

# Install + full end-to-end demo (no code required)
$ pipx install sentinel-kernel
$ sentinel demo

# Dependency scan of your environment
$ sentinel scan

# EU AI Act compliance check
$ sentinel compliance check

# Generate a self-contained HTML provability report
$ sentinel report --output provability.html

# Generate a portable attestation
$ sentinel attestation generate --output attestation.json

from sentinel import Sentinel

sentinel = Sentinel()  # SQLite, zero config

@sentinel.trace
async def my_agent(context: dict) -> dict:
    return {"decision": "approved"}

# Every call produces an auditor-grade decision record
result = await my_agent({"amount": 5000})
print(result)  # {"decision": "approved"}

# Query traces
traces = sentinel.query(limit=1)
print(traces[0].policy_result)  # ALLOW

from sentinel import Sentinel
from sentinel.policy.evaluator import SimpleRuleEvaluator
from sentinel.storage.filesystem import FilesystemStorage

sentinel = Sentinel(
    policy_evaluator=SimpleRuleEvaluator({
        "threshold": lambda ctx: ctx["amount"] <= 10_000
    }),
    storage=FilesystemStorage("/mnt/traces"),
    sovereign_scope="EU",
    data_residency="on-premise-de",
)

@sentinel.trace
async def approve_procurement(ctx: dict) -> dict:
    return {"approved": ctx["amount"] <= 10_000}

# DENY recorded automatically for high-value requests
await approve_procurement({"amount": 50_000})

from sentinel import Sentinel
from sentinel.manifesto import SentinelManifesto
from sentinel.manifesto.requirements import (
    EUOnly, Required, AcknowledgedGap,
)
from sentinel.compliance.euaiact import EUAIActChecker

class OurPolicy(SentinelManifesto):
    name = "Production provability policy v1"
    jurisdiction = EUOnly()
    kill_switch = Required()
    ci_cd = AcknowledgedGap(
        provider="GitHub Actions (Microsoft/US)",
        migrating_to="Self-hosted Forgejo",
        by="2027-Q2",
        reason="No EU-operated CI with comparable UX",
    )

sentinel = Sentinel()

# Check EU AI Act compliance
report = EUAIActChecker().check(sentinel)
print(report.diff())

# Generate self-contained HTML report
report.save_html("provability_report.html")

# Check policy vs reality
policy_report = OurPolicy().check(sentinel_instance=sentinel)
print(f"Score: {policy_report.overall_score:.0%}")

from sentinel import (
    Sentinel, BudgetTracker,
    generate_attestation, verify_attestation,
)

sentinel = Sentinel()

# Evidence — signed PDF pack an auditor accepts
# (sentinel evidence-pack --output audit.pdf --financial-sector)

# Preflight — check before you act, no trace written
result = sentinel.preflight("data:delete:production")
if not result.cleared:
    raise RuntimeError(result.reasons)

# BudgetTracker — every cost entry is a traced decision
budget = BudgetTracker(sentinel=sentinel, limit=10.0)
check = budget.check(estimated_cost=0.25)
budget.record("api:mistral", actual_cost=0.23)

# Portable attestation — verifiable offline, no service needed
att = generate_attestation(sentinel=sentinel)
assert verify_attestation(att).valid

# Optional long-term-retention signing (ML-DSA-65, FIPS 204)
# lives in sentinel-kernel[pqc] — see docs/sentinel-evidence.md

Built for regulated industries

Four scenarios where a missing trace is worse than a crash.

Defence & Aerospace

Autonomous go/no-go decisions with mission policy evaluation. Kill switch for immediate halt (Art. 14). Air-gapped deployment verified by dedicated test suite. VS-NfD roadmap.

Healthcare AI

Treatment recommendation audit trail. GDPR-compliant data residency. Every clinical AI decision recorded with SHA-256 hash. Art. 14 human oversight for escalation workflows.

Financial Services

Transaction approval automation with DORA-aligned logging. Append-only tamper-resistant records. Regulators get the full trace: what, when, which model, which policy.

Public Administration

Government AI transparency requirements met by default. Sovereign deployment — no foreign jurisdiction access possible. EU AI Act compliance diff for internal auditors.

What's inside

Every v1 → v3 capability. Eleven articles mapped. One honest compliance story.

@sentinel.trace — any agent, sync or async
Kill switch — Art. 14, no restart, thread-safe
Preflight — check before you act, no trace written
BudgetTracker — every cost entry is a traced decision
Attestations — portable, verifiable offline
Output verification — hash-check any stored output
SimpleRule + LocalRego (OPA) policy evaluation
SQLite + PostgreSQL + Filesystem storage backends
Air-gapped — network blocked at socket level in CI
LangChain · CrewAI · AutoGen callbacks & hooks
Haystack component wrapper
OpenTelemetry — provability attrs in every span
LangFuse provability panel — self-contained HTML widget
Jupyter · FastAPI · Django · Prometheus integrations
Dependency scanner — 60+ packages mapped by jurisdiction
Policy-as-code — 5 named CI gates
EU AI Act · DORA · NIS2 compliance checkers
RFC-001 SovereigntyManifest — Python reference (Rust experimental; DRAFT paused)
Full CLI — demo, scan, compliance, report, attestation, evidence-pack
Docker Compose — Grafana + LangFuse + OTel

Article	Requirement	Sentinel	What to do
Art. 12	Automatic logging	✓ Full	Nothing — automated
Art. 13	Transparency	✓ Full	Nothing — automated
Art. 14	Human oversight	✓ Full	Name the operator of the kill switch
Art. 9	Risk management	~ Partial	Document risk categories and plan
Art. 11	Technical documentation	→ Human action	Write the Annex IV tech doc package
Art. 17	Quality management	~ Partial	Define change control and QMS procedures
Art. 16	Provider obligations	~ Partial	Register, CE mark, conformity assessment
Art. 26	Deployer obligations	~ Partial	Staff training, oversight procedures
Art. 10	Data governance	→ Human action	Document training data provenance
Art. 15	Accuracy & robustness	→ Human action	Accuracy metrics and pen testing
Art. 72	GPAI post-market	~ Conditional	Model card if deploying GPAI as high-risk

Sentinel is honest about what can and cannot be automated. Articles requiring human action are clearly marked — we never overclaim.

Roadmap

Phase 1 done. Phase 2 in motion. Phase 3 designed. Every version reflects shipped code, not plans.

Trace · Policy · Evidence · v3.0–v3.3 ✓

trace Tamper-resistant decision records
policy Policy-as-code · kill switch (Art. 14)
evid Signed PDF evidence packs · CI check
v3.2 Privacy by default (hash-only storage)
v3.3 Agility Infrastructure positioning

Shipped and verified on main.

Certify · 2026 →

v3.x LF Europe stewardship application
v3.x BSI IT-Grundschutz formal assessment
v3.x First lighthouse design-partner deployments

Issues #19, #20 open.

Federation · Ecosystem · 2027+

v4.0 Federation module — multi-institution aggregation (RFC-002 planned)
pipe EU-sovereign build pipeline (Gitea/Forgejo)
pkg EU package registry instead of PyPI
sign Signed build artefacts, keys on EU hardware

Close the last acknowledged gap in the supply chain.

⚠ 107 days until EU AI Act Annex III enforcement (2 August 2026)

Try it now

macOS (recommended)

$ brew install pipx && pipx install sentinel-kernel

$ sentinel demo

Linux / Docker / CI

$ pip install sentinel-kernel

$ sentinel demo

Runs 50 decisions · Kill switch demo · Compliance check
Generates sovereignty_report.html · No Docker required

or — full Grafana demo (requires Docker)

git clone https://github.com/sebastianweiss83/sentinel-kernel
cd sentinel-kernel/demo
docker compose -f docker-compose.minimal.yml up

Then open http://localhost:3001 (Grafana · admin / sentinel)

Record. Enforce. Prove.

What's new in v3.3.0

Signed PDF evidence pack

One-stop CI check

Runtime briefing

Honest-scope framing

Most solutions fail the provability test

The four modules

Trace

Policy

Evidence

Federation

What Sentinel shows you

Provability score

EU AI Act coverage

Live decision feed

Dependency map

Provable ✓

Acknowledged gaps ⚠

Kill switch

Enforcement countdown

Start in 2 minutes

Built for regulated industries

Defence & Aerospace

Healthcare AI

Financial Services

Public Administration

What's inside

Roadmap

Trace · Policy · Evidence · v3.0–v3.3 ✓

Certify · 2026 →

Federation · Ecosystem · 2027+

Try it now