coreason-auditor 0.3.0

coreason-auditor

coreason-auditor

Regulatory Compliance, AI-BOM Generation, & Audit Trail Reporting for the CoReason Ecosystem.

---

"If it isn't documented in a PDF, it didn't happen. Turn logs into Law."

coreason-auditor is the automated reporting engine for the CoReason ecosystem. It bridges the gap between "Technical Logging" (JSON streams) and "Regulatory Submission" (Human-readable documents) by generating cryptographically signed Audit Packages.

Features

Based on the Product Requirements:

• Traceability Engine: Maps Requirements $\to$ Tests $\to$ Results (RTM). Fails generation if critical requirements are uncovered.
• AI-BOM Generator: Creates Software Bill of Materials (CycloneDX Standard) for models, data lineage, and dependencies.
• Session Replayer: Forensic tool that reconstructs user sessions, displaying hidden "Thought Chains" and "Tool Calls" alongside user input.
• 21 CFR Part 11 Signer: Applies digital signatures to exported reports for immutability and authenticity.
• Deviation Reporting: Prioritizes failures and interventions (Exception-First Reporting).
• Service C Microservice: Asynchronous REST API for high-volume audit generation (FastAPI + Uvicorn).

Installation

pip install coreason-auditor

Usage

Please refer to the Usage Guide for detailed instructions on both CLI Mode and Server Mode.

Quick Start (Server)

# Start the API server
uvicorn coreason_auditor.server:app --host 0.0.0.0 --port 8000

Quick Start (CLI)

python -m coreason_auditor.main \
  --agent-config agent.yaml \
  --assay-report assay_report.json \
  --bom-input bom_input.json \
  --output report.pdf \
  --agent-version 1.0.0

License

Copyright (c) 2025 CoReason, Inc. Licensed under the Prosperity Public License 3.0. See LICENSE for details.