v1.0.0: dev.uapf.semantic-document-analysis

UAPF v1.1 SSOT-conformant Level 4 process package — reusable semantic
document analysis, shareable across DMS / intake / mailroom systems.

Structure:
- uapf.yaml (kind: uapf.package, level 4) + manifest.json engine-compat
- bpmn/semantic-document-analysis.bpmn.xml — 3 service tasks invoking
  reserved UAPF-IP capabilities ai.redact@1, ai.extract@1, event.emit@1
- resources/mappings.yaml — task->target bindings with I/O contracts
- resources/schemas/vdvc-semantic-summary.schema.json — output contract
- resources/guardrails.yaml — GDPR + EU AI Act constraints
- metadata/ownership.yaml + metadata/lifecycle.yaml
- docs/, fixtures/, tests/eval-set.json

Validates clean against UAPFormat/UAPF-specification schemas.

docs/01-eu-ai-act.md

@@ -0,0 +1,14 @@
+# EU AI Act analysis
+
+**Classification:** Annex III §5(a) and §8(a) — high-risk AI system
+under Regulation 2024/1689 when used for triage in public-service or
+justice-administration contexts.
+
+**Operator obligations** (the deploying organisation, not this package):
+
+- Art. 13 transparency — output records `summarySource`, `aiConfidenceScore`, `aiModelVersion`
+- Art. 14 human oversight — `humanValidationStatus` blocks consequential action
+- Art. 9 risk management — see `resources/guardrails.yaml`
+- Art. 12 logging — host MUST log invocation with package version + model id
+
+See `resources/guardrails.yaml` for the machine-readable policy.