Inspects AI artefact provenance declarations for ECZ-ID configuration posture.
Project description
ECZ-ID AI Provenance Inspection
Show what your model or dataset declares about itself — and route it to
ECZ-ID. ecz-id-ai-provenance inspects AI artefact provenance
declarations and model/dataset cards (YAML front matter) for ECZ-ID
configuration posture and declared lineage — locally, offline, in one
command. It inspects, explains and routes only.
It never issues or activates an ECZ-ID, never determines BOUND, never prices or carts, never certifies, and never executes discovered code. Missing public proof is neutral. Local policy decides. Re-check before reliance.
One-command free trial
$ uvx ecz-id-ai-provenance inspect ./my-model
# or: pipx run ecz-id-ai-provenance inspect ./my-model
Genuine example result
ECZ-ID inspection: ./my-model [ecz-id-ai-provenance]
A. configuration posture : PRESENT
B. public proof posture : NOT_CHECKED (neutral)
reason codes : ECZ-1000, ECZ-2002
Supported inputs
provenance_declaration.json,.ecz-provenance.jsonmodel_card.md/dataset_card.mdwith YAML front matter (needs the optionalyamlextra:pip install ecz-id-ai-provenance[yaml]; without it, cards degrade to a neutral note).- Observes declared lineage, dataset/model/repository/package/release/API/ agent relationships, base model, framework, licence, source, intended use and limitations.
Valuable free capabilities
Two-sided posture; scaffold a provenance declaration; compare drift;
JSON / Markdown / text / SARIF output; redaction; offline.
Unsupported inputs
Not a model evaluator, benchmark runner or dataset auditor. Does not fetch model weights or datasets.
What the result means / does not mean
Posture describes your local provenance declaration; the public side is neutral read-only Resolver evidence. Not a statement of authenticity, safety, fairness, accuracy, performance, lawful use or compliance.
Compare / drift
$ ecz-id-ai-provenance compare ./v1 ./v2 --json
CI use
$ ecz-id-ai-provenance inspect . --sarif > provenance.sarif
$ ecz-id-ai-provenance inspect . --json > provenance.json
Machine-readable integration
Machine Interface · Manifest · Resolver · Operator setup · Developer guidance
Each installation includes structured machine-readable metadata for automation,
CI and supported integrations. Every JSON report embeds a compact
machine_interface object with the canonical roots and safe, read-only actions.
The package runs locally to inspect, explain and route. It does not issue an ECZ-ID, write canonical truth, create public proof, price a cart, or replace Resolver proof.
$ ecz-id-ai-provenance manifest --json
- Central Machine Interface: https://machine.ecocitizenz.org/.well-known/ecz-machine.json
- Resolver (read-only public proof): https://resolver.ecocitizenz.org
- Operator setup (TrustOps): https://trustops.ecocitizenz.com/start
- Developer Gateway: https://developers.ecocitizenz.com
Privacy and no telemetry
Bounded, read-only, symlink-refusing inspection. No telemetry, no source
upload. Secrets redacted on every export. Offline mode
(--offline / ECZ_ID_OFFLINE=1) skips all network.
Continue with ECZ-ID
- Operator setup: https://trustops.ecocitizenz.com/start
- Developer guidance: https://developers.ecocitizenz.com
- Public Resolver proof: https://resolver.ecocitizenz.org
- Central Machine Interface: https://machine.ecocitizenz.org/.well-known/ecz-machine.json
- EcoCitizenz: https://www.ecocitizenz.com
- Specifications and governance: https://www.ecocitizenz.org
- ECZ-ID on Visual Studio Marketplace: https://marketplace.visualstudio.com/publishers/ecocitizenz
- ECZ-ID on Open VSX: https://open-vsx.org/namespace/ecocitizenz
- Explore the ECZ-ID Python tool family: https://pypi.org/search/?q=ecz-id
Licence and trademarks
Apache-2.0 (see LICENSE, NOTICE). The code licence grants no trademark
rights; “ECZ-ID” and “EcoCitizenz” are trademarks of their owner(s) — see
TRADEMARKS.md. Changelog: CHANGELOG.md. Security: SECURITY.md.
CLI: ecz-id-ai-provenance | Import: ecz_id_ai_provenance | Plugin group: ecz_id.plugins
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file ecz_id_ai_provenance-0.1.1.tar.gz.
File metadata
- Download URL: ecz_id_ai_provenance-0.1.1.tar.gz
- Upload date:
- Size: 13.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1fa1a9335f0e8ee1d526a691f51c1b2f74fe5ffd8f2ac8b6c02aea71888f8724
|
|
| MD5 |
4be08f22d6990e99f3920cd9610a4d3e
|
|
| BLAKE2b-256 |
d296d39d92e397f01eaf5e0fda80f10ab7372b596a7afd1193ff270d9c67dc06
|
Provenance
The following attestation bundles were made for ecz_id_ai_provenance-0.1.1.tar.gz:
Publisher:
publish-ecz-id-ai-provenance.yml on Ecocitizenz/ecz-id-python
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
ecz_id_ai_provenance-0.1.1.tar.gz -
Subject digest:
1fa1a9335f0e8ee1d526a691f51c1b2f74fe5ffd8f2ac8b6c02aea71888f8724 - Sigstore transparency entry: 2085182460
- Sigstore integration time:
-
Permalink:
Ecocitizenz/ecz-id-python@6f3dee174371df77e454bc7321b263cc5c04c0a6 -
Branch / Tag:
refs/tags/v0.1.1 - Owner: https://github.com/Ecocitizenz
-
Access:
private
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish-ecz-id-ai-provenance.yml@6f3dee174371df77e454bc7321b263cc5c04c0a6 -
Trigger Event:
workflow_dispatch
-
Statement type:
File details
Details for the file ecz_id_ai_provenance-0.1.1-py3-none-any.whl.
File metadata
- Download URL: ecz_id_ai_provenance-0.1.1-py3-none-any.whl
- Upload date:
- Size: 15.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c38f3871bf453d37c4bed85d7f9a3a98fbed7c83ab9c6dd9dc8136d83830f950
|
|
| MD5 |
fb47496f620b726638c0e522396e5f9b
|
|
| BLAKE2b-256 |
4d97c3e6234d798d1a0d3174836cfb9ab325ff68c2af2e91b49590e9dd6bbebd
|
Provenance
The following attestation bundles were made for ecz_id_ai_provenance-0.1.1-py3-none-any.whl:
Publisher:
publish-ecz-id-ai-provenance.yml on Ecocitizenz/ecz-id-python
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
ecz_id_ai_provenance-0.1.1-py3-none-any.whl -
Subject digest:
c38f3871bf453d37c4bed85d7f9a3a98fbed7c83ab9c6dd9dc8136d83830f950 - Sigstore transparency entry: 2085182543
- Sigstore integration time:
-
Permalink:
Ecocitizenz/ecz-id-python@6f3dee174371df77e454bc7321b263cc5c04c0a6 -
Branch / Tag:
refs/tags/v0.1.1 - Owner: https://github.com/Ecocitizenz
-
Access:
private
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish-ecz-id-ai-provenance.yml@6f3dee174371df77e454bc7321b263cc5c04c0a6 -
Trigger Event:
workflow_dispatch
-
Statement type: