66[ ![ PyPI] ( https://img.shields.io/pypi/v/specsmith?label=stable&style=flat&color=blue&cacheSeconds=60 )] ( https://pypi.org/project/specsmith/ )
77[ ![ Python 3.10+] ( https://img.shields.io/badge/python-3.10%2B-blue.svg )] ( https://www.python.org/downloads/ )
88[ ![ License: MIT] ( https://img.shields.io/badge/license-MIT-green.svg )] ( LICENSE )
9+
910** Applied Epistemic Engineering toolkit for AI-assisted development.**
1011
1112> Intelligence proposes. Constraints decide. The ledger remembers.
@@ -14,17 +15,19 @@ specsmith treats belief systems like code: codable, testable, and deployable. It
1415epistemically-governed projects, stress-tests requirements as BeliefArtifacts, runs
1516cryptographically-sealed trace vaults, and orchestrates AI agents under formal AEE governance.
1617
17- ** 0.10.1 — Governance REST API, machine-state sync , and least-privilege permissions .**
18- Specsmith now serves as the governance backend for Kairos ( the epistemically-governed
19- Rust terminal) via ` specsmith governance-serve ` , keeps ` .specsmith/ ` JSON in sync
20- with ` docs/ ` Markdown via ` specsmith sync ` , and gates every agent tool call via
21- ` specsmith agent permissions-check ` . Multi-agent profiles, BYOE endpoints, and the
22- AEE phase lifecycle are all fully wired .
18+ ** 0.11.0 — EU AI Act / NIST AI RMF compliance, context window management , and governance tools panel .**
19+ Specsmith now ships a full compliance and auditability layer aligned to the EU AI Act (2024/1689)
20+ and the NIST AI Risk Management Framework 1.0. Every agent action is cryptographically sealed,
21+ every AI-generated output is disclosed, context windows are GPU-aware and protected against
22+ overflow, and a dedicated governance tools panel in Kairos surfaces compliance settings
23+ per-session and per-project .
2324
2425``` bash
2526specsmith governance-serve --port 7700 # Kairos governance REST API
2627specsmith sync # sync .specsmith/ from docs/ markdown
27- specsmith agent permissions-check git_push # check tool permission (REG-012)
28+ specsmith agent permissions-check git_push # check tool permission (REQ-012)
29+ specsmith ollama gpu # detect GPU VRAM, recommend context size
30+ specsmith export # generate full compliance report
2831```
2932
3033It also co-installs the standalone ` epistemic ` Python library for direct use in any project:
@@ -169,6 +172,223 @@ agent:
169172
170173---
171174
175+ ## AI Compliance & Governance
176+
177+ specsmith is designed from the ground up for **auditable, explainable, and human-overseen AI**.
178+ It implements concrete compliance mechanisms mapped to the two major regulatory frameworks
179+ that govern AI systems in production today.
180+
181+ ### Standards Coverage
182+
183+ **EU AI Act (Regulation 2024/1689)** — The world's first comprehensive legal framework for AI,
184+ enforced across the European Union. High-risk AI systems must provide transparency, auditability,
185+ human oversight, and robustness. specsmith implements:
186+
187+ | EU AI Act Requirement | specsmith Mechanism |
188+ |---|---|
189+ | Art. 9 — Risk Management System | AEE verification loop with confidence scoring and equilibrium checks |
190+ | Art. 12 — Logging & Record-Keeping | ` TraceVault` SHA-256 chained ledger (tamper-evident, append-only) |
191+ | Art. 13 — Transparency & Explainability | `ai_disclosure` block in every preflight response; `/why` in Nexus REPL |
192+ | Art. 14 — Human Oversight | Human escalation threshold (`--escalate-threshold`); kill-switch CLI |
193+ | Art. 15 — Accuracy & Robustness | Bounded retry (max 3×), confidence gates, hard context ceiling (REQ-247) |
194+ | Art. 53 — GPAI Model Transparency | Provider + model name emitted in every `ai_disclosure` block |
195+
196+ **NIST AI Risk Management Framework 1.0 (AI RMF)** — The US standard for managing AI risk
197+ across the AI lifecycle. specsmith addresses all four core functions :
198+
199+ | NIST AI RMF Function | specsmith Mechanism |
200+ |---|---|
201+ | **GOVERN** — Policies & accountability | Governance rules (H1–H13), permissions profile, `scaffold.yml` policy |
202+ | **MAP** — Risk identification | AEE stress-test, belief graph, contradictions and uncertainty metrics |
203+ | **MEASURE** — Risk analysis | Confidence scoring, epistemic equilibrium, `specsmith epistemic-audit` |
204+ | **MANAGE** — Risk treatment | Kill-switch, escalation, bounded retry, safe-write backup, permissions deny-list |
205+
206+ # ## How Each Compliance Mechanism Works
207+
208+ # ### 1. Tamper-Evident Audit Log — `TraceVault` (REQ-206)
209+
210+ Every agent action, decision, milestone, and audit gate is recorded as a JSONL entry in
211+ ` .specsmith/trace.jsonl` . Each entry contains a SHA-256 hash of its own content plus the
212+ hash of the previous entry, forming a cryptographic chain :
213+
214+ ` ` ` jsonl
215+ {"seq":1, "type":"DECISION", "description":"...", "hash":"a3f9...", "prev":"genesis"}
216+ {"seq":2, "type":"MILESTONE", "description":"...", "hash":"7c2b...", "prev":"a3f9..."}
217+ ` ` `
218+
219+ Any modification to a past entry breaks every subsequent hash. `specsmith trace verify`
220+ detects and reports the first corrupted entry. The file is append-only — overwrites are
221+ blocked by `safe_write`. This satisfies **EU AI Act Art. 12** (logging and record-keeping)
222+ and **NIST AI RMF GOVERN** (accountability trail).
223+
224+ # ### 2. AI Disclosure — Every Response (REQ-207)
225+
226+ Every preflight response includes a mandatory `ai_disclosure` block :
227+
228+ ` ` ` json
229+ {
230+ "ai_disclosure": {
231+ "governed_by": "specsmith",
232+ "governance_gated": true,
233+ "provider": "ollama",
234+ "model": "qwen2.5:14b",
235+ "spec_version": "0.11.0"
236+ }
237+ }
238+ ` ` `
239+
240+ This ensures every AI-generated output is traceable to its source model and version,
241+ meeting **EU AI Act Art. 13** (transparency) and **Art. 53** (GPAI transparency).
242+ It is impossible to suppress — the field is injected at the governance layer before
243+ any response is returned to the client.
244+
245+ # ### 3. Human Escalation — Configurable Threshold (REQ-209)
246+
247+ When an action's confidence is below the escalation threshold, specsmith sets
248+ `escalation_required : true` and includes an `escalation_reason` in the preflight payload.
249+ Kairos surfaces this as a confirmation dialog before execution proceeds.
250+
251+ ` ` ` bash
252+ specsmith preflight "deploy to production" --escalate-threshold 0.85 --json
253+ # → escalation_required: true, escalation_reason: "confidence 0.71 < threshold 0.85"
254+ ` ` `
255+
256+ This implements **EU AI Act Art. 14** (human oversight) and **NIST AI RMF MANAGE**.
257+
258+ # ### 4. Kill-Switch — Immediate Session Termination (REQ-210)
259+
260+ A `kill-session` CLI command and keyboard shortcut (surfaced in Kairos) immediately
261+ terminates all active agent sessions and records a timestamped kill event in `LEDGER.md` :
262+
263+ ` ` ` bash
264+ specsmith kill-session # terminate all sessions, log kill event
265+ specsmith kill-session --session abc123 # terminate a specific session
266+ ` ` `
267+
268+ This satisfies **EU AI Act Art. 14 §4** (ability to intervene and stop the AI system)
269+ and is required for certification of high-risk AI systems.
270+
271+ # ### 5. Append-Only Safe Write — `safe_write` (REQ-213)
272+
273+ All governance file writes go through `safe_write`, which :
274+ - **Appends** to `LEDGER.md` and `.specsmith/ledger.jsonl` — never truncates
275+ - **Backs up** any file before overwriting it (timestamped `.bak` copy)
276+ - **Prevents** accidental destruction of audit history
277+
278+ This satisfies **EU AI Act Art. 12** (records must be kept for the lifetime of the system)
279+ and provides recovery capability per **NIST AI RMF MANAGE**.
280+
281+ # ### 6. Least-Privilege Permissions (REQ-217, REQ-012)
282+
283+ Every agent tool call is gated through a permission profile. Tools outside the active
284+ profile are denied with exit code 3 and a ledger entry :
285+
286+ ` ` ` bash
287+ specsmith agent permissions-check git_push # exit 0 = allowed, exit 3 = denied
288+ specsmith agent permissions # show active profile
289+ ` ` `
290+
291+ Four built-in presets (`read_only`, `standard`, `extended`, `admin`) plus full
292+ custom allow/deny lists in `.specsmith/config.yml`. This implements **NIST AI RMF GOVERN**
293+ (policy enforcement) and principle of least privilege per standard security practice.
294+
295+ # ### 7. Policy Guardrails — `is_safe_command` (REQ-220)
296+
297+ Before any shell command is executed, `agent.safety.is_safe_command()` classifies it
298+ against a deny list of destructive patterns (`rm -rf`, `git push origin main`,
299+ ` kubectl apply` , `cat .env`, etc.). Denied commands are blocked and logged.
300+ This implements **NIST AI RMF MANAGE** (risk treatment at the action level).
301+
302+ # ### 8. Compliance Export Report (REQ-208, REQ-215)
303+
304+ `specsmith export` generates a full compliance report containing :
305+ - **AI System Inventory** — all providers, models, and versions used
306+ - **Risk Classification** — AEE phase, confidence scores, open work items
307+ - **Human Oversight Controls** — active permission profile, escalation settings, kill-switch state
308+ - **Audit Trail Summary** — TraceVault chain length, last verification, any tampering
309+
310+ ` ` ` bash
311+ specsmith export --format markdown > compliance-report.md
312+ specsmith export --format json > compliance-report.json
313+ ` ` `
314+
315+ This report is suitable for submission to regulators, internal audit teams, or
316+ SOC-2 / ISO-42001 reviewers.
317+
318+ # ## Compliance per Session and per Project
319+
320+ Compliance settings are layered :
321+
322+ 1. **Global defaults** — `~/.specsmith/config.yml` (user-level defaults)
323+ 2. **Per-project policy** — `.specsmith/config.yml` (committed to the repo)
324+ 3. **Per-session overrides** — Kairos Governance panel or CLI flags
325+
326+ The Kairos **Governance Tools Panel** (Settings → Governance) exposes all compliance
327+ controls in a live UI : escalation threshold, permission profile, kill-switch, audit log
328+ viewer, and context window settings. Changes take effect immediately for the active
329+ session and can optionally be written back to the per-project `.specsmith/config.yml`.
330+
331+ ---
332+
333+ # # Context Window Management
334+
335+ specsmith enforces safe, efficient use of LLM context windows — especially critical
336+ when running local models via Ollama where the context limit directly affects GPU VRAM.
337+
338+ # ## GPU-Aware Context Sizing (REQ-244)
339+
340+ ` ` ` bash
341+ specsmith ollama gpu # detect GPU VRAM (NVIDIA + AMD supported)
342+ specsmith ollama available # show models within your VRAM budget
343+ ` ` `
344+
345+ VRAM tiers and recommended context sizes :
346+
347+ | VRAM | Recommended Context |
348+ |---|---|
349+ | < 6 GB (CPU or low-end GPU) | 4,096 tokens |
350+ | 6–11 GB | 8,192 tokens |
351+ | 12–19 GB | 16,384 tokens |
352+ | 20 GB+ | 32,768 tokens |
353+
354+ Override via `SPECSMITH_OLLAMA_CONTEXT_LENGTH` or `ollama.context_length` in `.specsmith/config.yml`.
355+
356+ # ## Live Context Fill Indicator (REQ-245)
357+
358+ The context fill tracker emits real-time JSONL events consumed by Kairos :
359+
360+ ` ` ` jsonl
361+ {"type": "context_fill", "used": 27500, "limit": 32768, "pct": 83.9}
362+ ` ` `
363+
364+ Kairos displays a compact fill bar in the agent footer. When fill reaches the
365+ compression threshold (default 80%), specsmith signals that context summarization
366+ should run before the next turn.
367+
368+ # ## Auto Context Compression (REQ-246)
369+
370+ When fill reaches the compression threshold, specsmith automatically triggers
371+ conversation summarization — the current context is condensed to a compact summary
372+ that preserves key decisions and facts while freeing window space. This happens
373+ transparently before the next agent turn.
374+
375+ Configure in `.specsmith/config.yml` :
376+
377+ ` ` ` yaml
378+ context:
379+ compression_threshold_pct: 80 # trigger summarization at 80% fill
380+ auto_compress: true # enable automatic compression
381+ ` ` `
382+
383+ # ## Hard Context Ceiling — Never 100% Full (REQ-247)
384+
385+ A hard reservation of **15% of the context window** (minimum 2,048 tokens) is always
386+ held back for the governance layer. Attempts to fill beyond the effective ceiling raise
387+ ` ContextFullError` — making it impossible to reach a state where even a compression
388+ request cannot be processed. This is a safety invariant, not a configuration option.
389+
390+ ---
391+
172392# # Kairos + Governance REST API
173393
174394**Kairos** is the companion Rust terminal runtime (`BitConcepts/kairos`). specsmith
0 commit comments