AI_Sandbox/dokumenta-semantiska-analize
MCP Server
Active
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(3.0.0): Algorithm Cards per UAPF v2.3.0 chapter 13

Browse Source 
Wrap the three opaque UAPF-IP capabilities (ai.redact@1, ai.extract@1,
event.emit@1) in Algorithm Cards under algorithms/, per UAPF v2.3.0
chapter 13. Each Card supplies intent, IO contract, ownership,
validation history, risk class, audit configuration, and (where
relevant) privacy/risk extensions. Cards are referenced from resource
targets in resources/mappings.yaml.

Changes:
- NEW algorithms/pii_redactor.card.yaml — deterministic redactor
- NEW algorithms/vdvc_semantic_extractor.card.yaml — stochastic LLM
  extractor, EU AI Act high-risk, human oversight mandatory
- NEW algorithms/completion_event_emitter.card.yaml — deterministic
  CloudEvents 1.0 emitter
- uapf.yaml + manifest.json: version 2.0.0 -> 3.0.0,
  + paths.algorithms, + algorithm_cards: true
- resources/mappings.yaml: single agent.semantic-extractor target
  split into 3 algorithm-specific targets, each w/ algorithm_card ref
- bpmn/: UNCHANGED (algorithm-card refs live on resource targets,
  not in BPMN — no extension elements required)
- Removed provides_decisions from manifest (was not in SSOT manifest
  schema; DMN decisions are self-describing via the dmn/ cornerstone)
- README rewritten with algorithm-card audit-question table
This commit is contained in:
Rihards
2026-05-20 12:34:59 +00:00
parent dd69a04355
commit 82fd21a45d
7 changed files with 372 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
uapf.yaml
View File

@@ -18,8 +18,15 @@ description: |
versioned DMN — inspectable, auditable, portable. Extraction output
validates against the VDVC v1.1 semantic-summary JSON Schema.
v3.0.0: the three opaque host capabilities (ai.redact@1,
ai.extract@1, event.emit@1) are now governed by Algorithm Cards
in algorithms/ per UAPF v2.3.0 chapter 13. Each Card supplies the
intent, IO contract, ownership, validation history, risk class,
and audit configuration for one algorithm. Cards are referenced
from resource targets in resources/mappings.yaml.
level: 4
version: "2.0.0"
version: "3.0.0"
# ── UAPF-IP integration (capability needs + profile + guardrails) ──
requires_capabilities:
@@ -27,12 +34,6 @@ requires_capabilities:
- ai.extract@1+
- event.emit@1+
# DMN decisions are evaluated by the runtime itself — no host capability.
provides_decisions:
- assess-personal-data-risk
- gdpr-processing-route
- human-validation-gate
profiles_supported:
- uapf-ip-orchestrated
@@ -53,6 +54,9 @@ paths:
cmmn: cmmn
resources: resources
metadata: metadata
algorithms: algorithms
algorithm_cards: true
exposure:
mcp: