Every verdict traces to a named regulation, carries a signed model record,
and is independently cross-checked by a deterministic verifier.
Runs on your infrastructure. Your data never leaves.
Across 6 published adversarial eval campaigns. Every model mistake was caught and routed to human review.
77
Conformance tests
30 provenance · 30 durability · 17 sovereignty. Level 3 fully runnable including the air-gapped-boot CI rig.
0
Outbound connections
Sovereignty is architectural. Proven by a --network=none CI rig that boots the full stack inside the gap.
0.36 ms
Framework overhead, p99
Measured on 2 vCPUs. ~250x inside the 100 ms budget. CI gates every build on this number.
Why SKI
Six reasons regulated industries have not deployed AI
These are not hesitations. They are the reasons AI adoption has stalled in compliance functions across critical infrastructure. SKI was designed from first principles to address each one.
01 · SOVEREIGNTY
"If our operational data flows through a third-party cloud AI, we lose control of our most sensitive asset."
SKI resolves this
The inference engine runs entirely within your sovereign boundary. No operational data leaves at runtime. The constraint is architectural, enforced by a CI rig that boots the full runtime with --network=none and verifies verdicts from inside the gap.
On-premiseAir-gap provenZero cloud
02 · NON-DETERMINISM
"AI gives different answers to the same question. That is incompatible with audit and regulatory compliance."
SKI resolves this
Every verdict carries verifiable provenance: a signed LLM transcript, KG citations, model-weight and KG-version hashes, and an independent Symbolic Verifier's per-assertion result. An auditor can replay any verdict from the recorded transcript and verify it is authentic.
Signed transcriptsReplayableCryptographic proof
03 · LIABILITY
"When an AI flags a compliance issue, we cannot explain the basis of the decision to a regulator."
SKI resolves this
Every verdict traces to a specific Knowledge Graph node and a named policy clause in a source regulatory document. Every verdict also carries a signed LLM transcript so an auditor can reconstruct the model's reasoning step by step. No black boxes.
Named citationsSource documentsFull audit trail
04 · UNSAFE INTERVENTION
"An AI that can control or modify operational systems introduces catastrophic risk."
SKI resolves this
SKI is a passive, read-only observer. It monitors and reports. It has zero control path to operational systems by architectural design, not by configuration. Primary operations continue uninterrupted if SKI goes offline.
Read-only sidecarZero control pathFail-safe
05 · RULE DRIFT
"Regulations change. We cannot guarantee the AI is evaluating against the current rules, not last year's."
SKI resolves this
The Knowledge Graph is a living, versioned artifact with a governed update pipeline. Every change requires extraction, human expert validation, cryptographic signing, and deployment. The audit ledger records which graph version produced each verdict.
Versioned rulebookHuman reviewSealed and signed
06 · ACCOUNTABILITY
"If the AI is making compliance decisions, who is accountable? The regulator will ask."
SKI resolves this
Human reviewers validate every Knowledge Graph rule before production. Human authority is preserved on all escalations. The DISCRETIONARY verdict explicitly routes ambiguous cases to a named reviewer. The AI augments judgement; it does not replace it.
Human oversightNamed accountabilityAudit-ready
How it works
From a regulatory requirement to a verifiable verdict in plain language
The 2-minute animated walkthrough explains how SKI turns thousands of regulations into a sealed digital rulebook, applies two independent examiners to every reading, and produces a verdict any auditor can verify in language that does not require an engineering degree.
1
The problem: rules vs. scale
2
Meet SKI: watch-only, on-premise
3
The sealed digital rulebook
4
Two independent examiners
5
Five verdict types, nothing ambiguous
6
The tamper-evident audit trail
7
What SKI delivers vs. what it doesn't
8
Get started in 5 minutes
The verdict envelope
Every evaluation produces exactly this shape
A real verdict envelope: categorical verdict, KG citations, formalizable assertions, the Symbolic Verifier's cross-check, and six hash anchors. Hover any field to see the audit guarantee it carries.
V3VerdictEnvelope · spec v3.0 §4.2
{"verdict":"FLAG","reasoning":"SO2 at 142 ppm exceeds the §60.2(a) cap of 100 ppm.","kg_citations":[{"node_id":"energy.so2.lte_100ppm","role":"obligation","source_document":"40 CFR 60.2(a)","source_clause":"Subpart A: General Provisions"}],"formalizable_assertions":[{"obligation_id":"energy.so2.lte_100ppm","metric":"so2_ppm","operator":"must_not_exceed","observed":142,"expected":100,"unit":"ppm","satisfied":false}],"verifier_result":{"status":"AGREED","verifier_observed":142,"verifier_expected":100},"model_provenance":{"model_weight_hash":"sha256:7c2d1f8a…","kg_version_hash":"sha256:eb21125f…","prompt_template_id":"ski.v3.evaluate.5","decoder_seed":0},"transcript_ref":"ledger:tenant.demo/seq:00042"}
Tap or hover any field to see the audit guarantee it carries
SKI Evals
Measured, not asserted
SKI ships its own adversarial evaluation suite and publishes every run, including the failures. A 50-case human-graded golden dataset runs through the real production path and reports accuracy, recall, and the one invariant that cannot move.
Run
Accuracy
Silent clears
What changed
1
26%
0
Baseline
2
22%
0
Schema crash found and fixed
3
54%
0
Prompt v3
4
76%
0
Fabricated-observation gap fixed
5
72%
0
Unverified-CLEAR gap fixed
6
In progress
0
In progress
Accuracy is an iteration target. The safety property is an architectural invariant.
Across every eval campaign to date. When the model errs, the Symbolic Verifier catches it and routes to human review.
0.36 ms
Framework overhead p99
p50 0.10 ms · p95 0.16 ms · ~8,500 verdicts/s single worker. CI gates every build on ≤ 100 ms.
77
Conformance tests, 3 levels
Level 3 Sovereignty is fully runnable, including the air-gapped-boot rig that boots inside --network=none.
EU AI Act · Regulation (EU) 2024/1689
High-risk AI obligations apply from 2 August 2026
SKI publishes an article-level control crosswalk covering provider obligations (Articles 9–19, 72) and deployer obligations (Article 26), with an element-by-element Article 12(3) record-keeping mapping onto the audit ledger.
Continuous wellhead pressure, flow rate, and emissions monitoring against permit conditions. Detection of threshold breaches before reporting deadlines. SCADA integration via read-only OPC-UA sidecar.
Model risk governance and trading compliance monitoring with full audit trail. Every algorithmic decision traced to a named policy clause for regulatory examination. No cloud exposure for sensitive position data.
Model governanceRegulatory reportingTrade surveillance
Classification handling compliance and access monitoring in air-gapped environments. Cryptographic integrity verification on every compliance verdict. Full audit trail for security reviews.
Bulk electric reliability standards · ICS security frameworks · Energy regulator directives
Grid operations compliance monitoring with sub-millisecond framework overhead per verdict. Reliability standards enforcement across distributed substations with on-premise edge nodes per site.
Environmental monitoring compliance for tailings, water treatment, and air quality against permit conditions. Continuous tracking of reportable events with a tamper-evident ledger available directly to regulators.
Electronic records and signature regulations · GMP · Quality management standards
Manufacturing process compliance and deviation detection in pharmaceutical and medical device production. Complete electronic records with validated audit trails. Passive monitoring with zero impact on batch processes.
Process deviationElectronic recordsGMP compliance
Get started
Running in 5 minutes
Six packages on PyPI. A 5-minute demo mode that exercises every framework guarantee with no model download. Or run the full 77-test conformance suite.
A refinery, a trading floor, a power grid — each produces thousands of readings and decisions every day, and regulators expect every one of them to comply. Checking them all by hand is impossible. Ordinary AI could help, but no board hands compliance to a black box that cannot explain itself.
02 · Meet SKI
A digital compliance examiner inside your own building
SKI watches your operational data and checks it against the rules, continuously. Two promises are built into its architecture, not its settings: your data never leaves your premises, and SKI is watch-only. It has no ability to touch or control equipment. If SKI went offline tomorrow, operations would not notice.
03 · The rulebook
Rules become a sealed digital rulebook
Regulations are translated into precise, checkable rules: "SO2 must not exceed 100 ppm."Your own experts review and approve every rule, and the finished rulebook is cryptographically sealed — a digital wax seal that visibly breaks if anyone alters a single character. SKI refuses to run on a rulebook whose seal does not verify.
04 · The double-check
Every reading gets two examiners
An AI reads each measurement against the rulebook and explains its reasoning, like a junior analyst. An independent checker then re-does every piece of arithmetic, like a calculator that cannot be charmed. The AI cannot invent a reading, a limit, or a rule: every claim is verified against the actual data and the sealed rulebook. If the two ever disagree, a person decides.
05 · The answers
Only five possible answers. Never a guess.
No confidence scores. No "probably fine." Every check ends in exactly one of five verdicts, and when SKI is not certain, it says so and hands the case to a person instead of bluffing.
CLEAR
Every applicable rule checked and satisfied. Logged quietly, no noise.
FLAG
A rule was breached. Your operations team is alerted with the exact rule and numbers.
NEEDS A HUMAN
A judgment call the numbers alone cannot settle. Routed to a qualified reviewer.
NO RULE COVERS THIS
A gap in the rulebook, recorded as a gap. Never quietly assumed to be fine.
SENSOR WENT QUIET
Expected data stopped arriving. Missing data is itself a finding, not an excuse.
silence is never mistaken for compliance
06 · The record
Every answer enters a tamper-evident logbook
Each verdict is written into a permanent ledger together with the reading, the exact rule applied, the AI's full reasoning, and the checker's result. Entries are chained like links: alter one word in one entry, even years later, and the chain visibly breaks. An auditor can pick any past decision and re-check it independently.
07 · The proof
Tested the hard way, results published
We run SKI against a library of deliberately tricky, human-graded scenarios — boundary values, expired rules, silent sensors — and publish every run, including the failures. The AI examiner does make mistakes; that is exactly why the architecture exists. The number that matters has never moved:
AI mistakes per test run
some, always
Real breaches silently passed as compliant
0
six published test campaigns — every AI mistake was caught by the independent checker and routed to a human, never waved through
08 · The point
Provable compliance. On your premises. On the record.
Your data never leaves the building. The AI never touches your equipment. Every answer shows its work, is double-checked by math, and is written into a logbook nobody can quietly edit. When the regulator says "prove it," you can.
Stays sovereign
runs entirely inside your boundary, air-gap capable, and proven
Shows its work
every verdict carries its reasoning, its rule, and its evidence
Survives an audit
any decision, any year, independently re-checkable