Governance Overview

Every AI hiring decision your platform makes — what passed, what needs your review, and your live compliance status.

Today's Hiring
Decisions
📊
--
--
Blocked / Flagged
% of all decisions
🛑
--
--
Awaiting
Human Review
👤
--
LIVE  --
Risk Scores
lower is better
⚠️
Fabrication --/100
--
Bias --/100
--
Governance
Alignment
🏆
--%
Alignment signal · not a legal assessment
⚠️
Decisions Awaiting Your Review Compliance
Loading review statistics...
⚠️
All Pending Reviews Loading...
Human review queue · SLA monitored · EU AI Act Art. 14 · auto-refreshing
#
Audit Ledger IMMUTABLE · HASH-CHAINED
-- entries · Merkle root verified Loading... · Article 12 + 22
Seq Time Initiator Decision Cluster Codes Triggered Excerpt Hash
EU AI Act Coverage
Regulation (EU) 2024/1689 · your organisation's live status
🛡️
Review Thresholds
Control when the system blocks a request outright vs. sends it to your review queue
Auto-block — request is rejected immediately
e.g. requests that could harm a candidate
e.g. age, race, or gender-based filtering
Send for review — goes to your review queue
Borderline requests you want to review before they proceed
Borderline requests you want to review before they proceed
📄
Compliance Reports
Generate audit-ready exports for regulators, auditors, and internal review
🏛️
Regulator Pack NEW
One-click EU AI Act deployer evidence dossier: ledger integrity proof, HITL oversight stats, training register, incident log, config change history — with a tamper-evident SHA-256 manifest. Hand it to the regulator as-is.
📅
Monthly PDF
A formatted summary of every governance decision, risk score, and EU AI Act article coverage for the calendar month.
🛡️
SOC 2 Bundle
Evidence package for SOC 2 auditors: immutable audit chain proof, access controls, and retention policy attestation.
📊
Audit Ledger CSV
Raw export of up to 1,000 recent ledger entries with codes, risk metrics, and hashes for spreadsheet analysis.
🧪
Prompt Sandbox
Test any prompt through the live cluster engine · single-stage regex matching · ~1-3ms
📂
Batch Scan — Resumes & Prompt Lists
Upload .txt / .csv (one entry per line) or .pdf resumes (one per file) · scanned through the governance engine · PII masked before processing · not logged to the ledger
Document class: Default is the stricter hiring-document mode. Choose candidate-document for résumés.
📂
Drop files here, or click to upload
.txt / .csv (one prompt per line) · .pdf résumés (one per file) · up to 250 entries
Regression Suite
12 canonical test cases · validated against live verification API
📚
CF Code Library
Loading compliance codes library...
-- of -- shown
🏢
Active Tenants
Loading tenants info...
TenantPlanDomainCalls (30d)KeysStatusLast ActiveActions
📋
Audit Leads
Loading…
NameEmailCompanyRoleTrackScoreSubmittedReport
🚀
Client Onboarding Answers
Loading…
Company Status Mode Workflows BYOK Provider Connection First Audit Started Completed
Loading…
💚
System Health
All services operational · last checked just now
ALL SYSTEMS GO
API Server
Operational
Loading...
PostgreSQL
Operational
Loading...
Redis Cache
Operational
Loading...
Regex Engine
Operational
Loading...
Cluster Resolver
Operational
Loading...
HITL LLM Analysis
On-Demand Only
Loading...
Audit Chain
Verified
Loading...
Cron Jobs
All Running
Loading...
GCS / Storage
Operational
Loading...
Recent Alerts
Make it Better
Report leakages, false positives, wrong codes, or missing rules
🚫
False Positive
Engine blocked a safe, legitimate prompt
⚠️
False Negative
Engine missed a harmful or non-compliant prompt
🏷️
Wrong Code
A CF code was incorrectly assigned to the prompt
🔍
Missing Rule
A governance rule you expected doesn't exist yet
Your Submitted Feedback
ID Type Severity Status Summary Reporter Submitted
Loading…
Feedback Inbox
All client-reported issues across all tenants · review and triage
Loading…
All Feedback
ID Type Severity Status Summary Reporter Action Date
Loading…
🤖
Auto-Approve Learning Loop
Every reviewer decision trains the platform. Patterns activate automatically once confidence is sufficient.
Total Patterns
Active (auto-approving)
In Training
Deactivated
How it works: Each reviewer approval or rejection is recorded against the cluster fingerprint (SHA-256 of the sorted cluster list). A pattern activates only when it hits ≥10 approvals with <10% rejection rate from at least 2 different reviewers — future items with that exact cluster combination then bypass the review queue automatically. High-severity categories (prohibited practices, prompt injection, judge-unreviewed items) can never auto-approve. Patterns expire after 90 days without a fresh approval, are capped at 50 auto-approvals/day (excess goes to human review), and 5% of auto-approvals are routed back as labelled sample audits. A single rejection — including a failed sample audit — immediately deactivates an active pattern. Every auto-approval is still logged to the audit ledger.
Clusters Approvals Rejections Reviewers Threshold Progress Status Last Triggered Action
Loading patterns…
📧
Daily Governance Email Reports
Sweep runs at 06:17 UTC daily — sends a corpus + live-traffic digest via SendGrid
SENDGRID_API_KEY
GitHub Actions secret — authorises SendGrid to send emails
REPORT_EMAIL
Where daily reports are sent ·
FROM_EMAIL
SendGrid verified sender ·
Checking configuration…
Sweep Schedule
06:17 UTC daily (auto from master)
🔁 Also fires on every push to staging (governance changes)
🖐 Or trigger manually any time below
What the email covers
📊 Corpus check — FP / FN regressions
🔍 Live traffic check — last 26h of real prompts re-verified
🧠 Daily brain update — engine learning digest
▶ View Daily Sweep runs 🧠 View Brain Update runs 🔑 SendGrid settings
📈 Last 24h verify calls on this tenant: · sweep targets
Loading pending tracker…
⛓️

Audit chain — sweep & external anchor

Active sweep over every tenant's audit hash chain · daily commits to the public repo as external tamper evidence (EU AI Act Art 12)
Anchors recorded
Externally committed
Awaiting commit
Broken chains
⚖️
How it works: on boot, on demand, and once a day via GitHub Actions, every tenant's audit hash chain is scanned end-to-end. A break fires two webhooks (audit.chain_broken to the customer, platform.chain_broken to the platform) and writes a chain_break_detected event to the superadmin ledger. Each tenant's current chain head is snapshotted into chain_anchors, and the daily workflow commits the snapshot to chain-anchors/YYYY-MM-DD.json on the public repo — git's append-only commit history is the external timestamp. A DB-level rewrite of audit_ledger that doesn't also forge the public git history is detectable.
Taken at Tenant Head id Head hash Total rows Chain Source External commit
Loading…
Keyboard Shortcuts
Go to Overviewg o
Go to Review Queueg r
Go to Audit Ledgerg a
Go to Complianceg c
Focus audit search/
Show this help?
Close panel / modalEsc