EU AI Act
The EU AI Act policy is in Preview and not yet generally available in azuma nori. It is not currently selectable when creating a project. The page below describes the intended analysis scope; it will move into the active policy set once the framework ships. See Policy Stability.
The EU Artificial Intelligence Act (AI Act) is the European Union's horizontal regulation for artificial-intelligence systems. It takes a risk-based approach, classifying AI systems by risk level (from prohibited practices through high-risk systems to limited- and minimal-risk uses) and attaching obligations accordingly — including risk management, data governance, technical documentation, transparency, human oversight, and robustness and cybersecurity for high-risk systems.
Focus Areas for Nori Analysis
When azuma nori evaluates a codebase against the AI Act, the sub-agents concentrate on the technical, code-visible obligations relevant to AI-enabled products, for example:
- Robustness & Cybersecurity: secure handling of models, inputs, and outputs, and defenses appropriate to AI components.
- Data Governance: how training, validation, and input data are handled, protected, and kept free of secrets or sensitive material in code.
- Transparency & Logging: presence of logging and traceability that supports the record- keeping expected of higher-risk systems.
- Human Oversight Hooks: code paths that enable oversight, intervention, or override where applicable.
Providing Manual Evidence
Much of the AI Act is governance and process oriented — risk classification, conformity assessment, technical documentation, and post-market monitoring — which source-code analysis alone cannot demonstrate. For these requirements, attach your supporting documentation (risk assessments, data-governance policies, technical documentation) via the Evidence tab in the Standalone Client, and nori will synthesize it with the code findings.