eyelang 1.5.2 → 1.5.3

package/README.md

@@ -328,6 +328,7 @@ The repository includes examples for recursion, graph reachability, finite searc
 | [`ancestor.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/ancestor.pl) | Derives ancestors from parent facts. | [`output/ancestor.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/output/ancestor.pl) |
 | [`animal.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/animal.pl) | Classifies animals from traits. | [`output/animal.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/output/animal.pl) |
 | [`annotation.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/annotation.pl) | Derives facts from quoted annotation data. | [`output/annotation.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/output/annotation.pl) |
+| [`auroracare.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/auroracare.pl) | Evaluates purpose-based medical data access scenarios. | [`output/auroracare.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/output/auroracare.pl) |
 | [`backward.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/backward.pl) | Shows a backward-rule pattern as a goal-directed numeric rule. | [`output/backward.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/output/backward.pl) |
 | [`basic-monadic.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/basic-monadic.pl) | Runs a monadic benchmark over generated inputs. | [`output/basic-monadic.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/output/basic-monadic.pl) |
 | [`bayes-diagnosis.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/bayes-diagnosis.pl) | Computes scaled Bayesian diagnosis posteriors. | [`output/bayes-diagnosis.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/output/bayes-diagnosis.pl) |
@@ -387,6 +388,7 @@ The repository includes examples for recursion, graph reachability, finite searc
 | [`fibonacci.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/fibonacci.pl) | Computes large Fibonacci numbers by fast doubling. | [`output/fibonacci.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/output/fibonacci.pl) |
 | [`field-nitrogen-balance.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/field-nitrogen-balance.pl) | Classifies field nitrogen balance. | [`output/field-nitrogen-balance.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/output/field-nitrogen-balance.pl) |
 | [`floating-point.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/floating-point.pl) | Exercises floating-point arithmetic and comparisons. | [`output/floating-point.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/output/floating-point.pl) |
+| [`flandor.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/flandor.pl) | Derives a Flanders macro-insight authorization and retooling package. | [`output/flandor.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/output/flandor.pl) |
 | [`four-color-map.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/four-color-map.pl) | Checks a four-colour map assignment. | [`output/four-color-map.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/output/four-color-map.pl) |
 | [`fundamental-theorem-arithmetic.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/fundamental-theorem-arithmetic.pl) | Factors integers and reconstructs products. | [`output/fundamental-theorem-arithmetic.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/output/fundamental-theorem-arithmetic.pl) |
 | [`gcd-bezout-identity.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/gcd-bezout-identity.pl) | Computes gcd and Bézout coefficients. | [`output/gcd-bezout-identity.pl`](https://github.com/eyereasoner/eyelang/blob/main/examples/output/gcd-bezout-identity.pl) |

package/examples/auroracare.pl

@@ -0,0 +1,301 @@
+% AuroraCare purpose-based medical-data exchange case adapted from Eyeling auroracare.n3.
+% The original N3 emits one Markdown block per scenario.  This eyelang
+% translation materializes the policy decisions, reasons, traces, and ARC-style
+% check values as ordinary relation output.
+
+materialize(label, 2).
+materialize(description, 2).
+materialize(careTeamLinked, 2).
+materialize(subjectOptIn, 2).
+materialize(subjectOptOut, 2).
+materialize(decision, 2).
+materialize(reason, 2).
+materialize(matchedPolicyUid, 2).
+materialize(matchedProhibition, 2).
+materialize(trace, 2).
+materialize(checkC1, 2).
+materialize(checkC2, 2).
+materialize(checkC3, 2).
+materialize(checkC4, 2).
+materialize(checkC5, 2).
+materialize(checkC6, 2).
+materialize(checkC7, 2).
+materialize(checkC8, 2).
+materialize(checkC9, 2).
+materialize(checkC10Text, 2).
+
+caseName(case, "auroracare").
+question(case, "For each AuroraCare scenario, should the PDP permit or deny the requested use of health data, and why?").
+
+policyUid(policyPrimary, "urn:policy:primary-care-001").
+purposeAllowed(policyPrimary, primaryCareManagement).
+purposeAllowed(policyPrimary, patientRemoteMonitoring).
+roleAllowed(policyPrimary, "clinician").
+allowAnyCategory(policyPrimary, patientSummary).
+allowAnyCategory(policyPrimary, labResults).
+
+policyUid(policyQi, "urn:policy:qi-2025-aurora").
+purposeAllowed(policyQi, ensureQualitySafetyHealthcare).
+requireEnvironment(policyQi, "secure_env").
+requireAllCategory(policyQi, labResults).
+requireAllCategory(policyQi, patientSummary).
+duty(policyQi, requireConsent).
+duty(policyQi, noExfiltration).
+
+policyUid(policyResearch, "urn:policy:research-aurora-diabetes").
+purposeAllowed(policyResearch, healthcareScientificResearch).
+requireEnvironment(policyResearch, "secure_env").
+requireTom(policyResearch, anonymisation).
+allowAnyCategory(policyResearch, labResults).
+allowAnyCategory(policyResearch, patientSummary).
+allowAnyCategory(policyResearch, imagingReport).
+duty(policyResearch, annualOutcomeReport).
+duty(policyResearch, noReidentification).
+duty(policyResearch, noExfiltration).
+
+policyUid(policyDenyInsurance, "urn:policy:deny-insurance").
+prohibitPurpose(policyDenyInsurance, insuranceManagement).
+
+linkedTo(clinicianAlba, ruben).
+linkedTo(gpRuben, ruben).
+consentAllow(ruben, healthcareScientificResearch).
+consentDeny(ruben, trainTestAndEvaluateAiSystemsAlgorithms).
+primaryPurpose(auroracare, primaryCareManagement).
+primaryPurpose(auroracare, patientRemoteMonitoring).
+prohibitedPurpose(auroracare, insuranceManagement).
+
+scenario(scenarioA).
+outputKey(scenarioA, out010A).
+scenario_label(scenarioA, "A – Primary care visit").
+scenario_description(scenarioA, "Clinician in the patient's care team accessing the patient summary for primary care management.").
+requester(scenarioA, clinicianAlba).
+requesterRole(scenarioA, "clinician").
+subject(scenarioA, ruben).
+purpose(scenarioA, primaryCareManagement).
+environment(scenarioA, "api_gateway").
+category(scenarioA, patientSummary).
+
+scenario(scenarioB).
+outputKey(scenarioB, out020B).
+scenario_label(scenarioB, "B – Quality improvement (in scope)").
+scenario_description(scenarioB, "QI analyst using lab results + summary in a secure environment.").
+requester(scenarioB, qiAnalyst).
+requesterRole(scenarioB, "data_user").
+subject(scenarioB, ruben).
+purpose(scenarioB, ensureQualitySafetyHealthcare).
+environment(scenarioB, "secure_env").
+category(scenarioB, labResults).
+category(scenarioB, patientSummary).
+
+scenario(scenarioC).
+outputKey(scenarioC, out030C).
+scenario_label(scenarioC, "C – Quality improvement (out of scope)").
+scenario_description(scenarioC, "QI analyst with only lab results; policy expects labs + summary.").
+requester(scenarioC, qiAnalyst).
+requesterRole(scenarioC, "data_user").
+subject(scenarioC, ruben).
+purpose(scenarioC, ensureQualitySafetyHealthcare).
+environment(scenarioC, "secure_env").
+category(scenarioC, labResults).
+
+scenario(scenarioD).
+outputKey(scenarioD, out040D).
+scenario_label(scenarioD, "D – Insurance management").
+scenario_description(scenarioD, "Insurance bot attempting to use health data for insurance management (prohibited purpose).").
+requester(scenarioD, insurerBot).
+requesterRole(scenarioD, "data_user").
+subject(scenarioD, ruben).
+purpose(scenarioD, insuranceManagement).
+environment(scenarioD, "secure_env").
+category(scenarioD, patientSummary).
+
+scenario(scenarioE).
+outputKey(scenarioE, out050E).
+scenario_label(scenarioE, "E – GP checks labs").
+scenario_description(scenarioE, "GP for the same patient checking lab results via the API gateway.").
+requester(scenarioE, gpRuben).
+requesterRole(scenarioE, "clinician").
+subject(scenarioE, ruben).
+purpose(scenarioE, primaryCareManagement).
+environment(scenarioE, "api_gateway").
+category(scenarioE, labResults).
+
+scenario(scenarioF).
+outputKey(scenarioF, out060F).
+scenario_label(scenarioF, "F – Research on anonymised dataset").
+scenario_description(scenarioF, "Researcher using anonymised labs + summary in a secure environment, with opt-in.").
+requester(scenarioF, researcherAurora).
+requesterRole(scenarioF, "data_user").
+subject(scenarioF, ruben).
+purpose(scenarioF, healthcareScientificResearch).
+environment(scenarioF, "secure_env").
+tom(scenarioF, anonymisation).
+category(scenarioF, patientSummary).
+category(scenarioF, labResults).
+
+scenario(scenarioG).
+outputKey(scenarioG, out070G).
+scenario_label(scenarioG, "G – AI training (opt-out)").
+scenario_description(scenarioG, "Data user wants to train AI, but the subject opted out of AI training.").
+requester(scenarioG, mlOps).
+requesterRole(scenarioG, "data_user").
+subject(scenarioG, ruben).
+purpose(scenarioG, trainTestAndEvaluateAiSystemsAlgorithms).
+environment(scenarioG, "secure_env").
+category(scenarioG, patientSummary).
+category(scenarioG, labResults).
+
+label(S, Label) :- scenario_label(S, Label).
+description(S, Description) :- scenario_description(S, Description).
+
+care_team_linked(S) :-
+  requester(S, Requester),
+  subject(S, Subject),
+  linkedTo(Requester, Subject).
+
+subject_opt_in(S) :-
+  subject(S, Subject),
+  purpose(S, Purpose),
+  consentAllow(Subject, Purpose).
+
+subject_opt_out(S) :-
+  subject(S, Subject),
+  purpose(S, Purpose),
+  consentDeny(Subject, Purpose).
+
+primary_policy_match(S) :-
+  purpose(S, primaryCareManagement),
+  requesterRole(S, "clinician"),
+  care_team_linked(S),
+  category(S, Category),
+  allowAnyCategory(policyPrimary, Category).
+
+qi_policy_match(S) :-
+  purpose(S, ensureQualitySafetyHealthcare),
+  environment(S, "secure_env"),
+  category(S, labResults),
+  category(S, patientSummary).
+
+research_policy_match(S) :-
+  purpose(S, healthcareScientificResearch),
+  environment(S, "secure_env"),
+  tom(S, anonymisation),
+  subject_opt_in(S),
+  category(S, labResults).
+
+insurance_prohibition_match(S) :-
+  purpose(S, insuranceManagement),
+  prohibitPurpose(policyDenyInsurance, insuranceManagement).
+
+ai_training_opt_out_match(S) :-
+  purpose(S, trainTestAndEvaluateAiSystemsAlgorithms),
+  subject_opt_out(S).
+
+careTeamLinked(S, true) :- care_team_linked(S).
+subjectOptIn(S, true) :- subject_opt_in(S).
+subjectOptOut(S, true) :- subject_opt_out(S).
+
+decision(S, "PERMIT") :- primary_policy_match(S).
+decision(S, "PERMIT") :- qi_policy_match(S).
+decision(S, "PERMIT") :- research_policy_match(S).
+decision(S, "DENY") :- insurance_prohibition_match(S).
+decision(S, "DENY") :- ai_training_opt_out_match(S).
+decision(scenarioC, "DENY") :- purpose(scenarioC, ensureQualitySafetyHealthcare).
+
+matchedPolicyUid(S, Uid) :- primary_policy_match(S), policyUid(policyPrimary, Uid).
+matchedPolicyUid(S, Uid) :- qi_policy_match(S), policyUid(policyQi, Uid).
+matchedPolicyUid(S, Uid) :- research_policy_match(S), policyUid(policyResearch, Uid).
+matchedProhibition(S, policyDenyInsurance) :- insurance_prohibition_match(S).
+
+reason(S, "Permitted: clinician in the patient's care team, and the primary-care policy matched.") :- primary_policy_match(S).
+reason(S, "Permitted: ODRL/DPV policy matched for secondary use.") :- qi_policy_match(S).
+reason(S, "Permitted: subject opted in and an ODRL/DPV policy matched (anonymised dataset in secure environment).") :- research_policy_match(S).
+reason(S, "Denied: the requested purpose (insurance management) is prohibited by policy.") :- insurance_prohibition_match(S).
+reason(S, "Denied: you opted out of your data being used to train AI systems.") :- ai_training_opt_out_match(S).
+reason(scenarioC, "Denied: no policy matched (purpose, environment, TOMs, or categories out of scope).") :- purpose(scenarioC, ensureQualitySafetyHealthcare).
+
+trace(S, "permit:primary_care_allowed") :- primary_policy_match(S).
+trace(S, "urn:policy:primary-care-001:permit:odrl:permission_matched") :- primary_policy_match(S).
+trace(S, "urn:policy:qi-2025-aurora:permit:odrl:permission_matched") :- qi_policy_match(S).
+trace(S, "urn:policy:research-aurora-diabetes:permit:odrl:permission_matched") :- research_policy_match(S).
+trace(S, "deny:prohibited_purpose") :- insurance_prohibition_match(S).
+trace(S, "urn:policy:deny-insurance:deny:odrl:prohibition_matched") :- insurance_prohibition_match(S).
+trace(S, "deny:subject_opted_out_ai_training") :- ai_training_opt_out_match(S).
+trace(scenarioC, "urn:policy:qi-2025-aurora:deny:odrl:no_permission_matched") :- purpose(scenarioC, ensureQualitySafetyHealthcare).
+
+checkC1(scenarioA, "SKIPPED - not a prohibited purpose") :- decision(scenarioA, "PERMIT").
+checkC2(scenarioA, "OK - clinician") :- decision(scenarioA, "PERMIT").
+checkC3(scenarioA, "OK - care-team linked") :- decision(scenarioA, "PERMIT").
+checkC4(scenarioA, "SKIPPED") :- decision(scenarioA, "PERMIT").
+checkC5(scenarioA, "OK - operator=isAnyOf, allowed=[\"https://example.org/health#PATIENT_SUMMARY\", \"https://example.org/health#LAB_RESULTS\"], requested=[\"https://example.org/health#PATIENT_SUMMARY\"]") :- decision(scenarioA, "PERMIT").
+checkC6(scenarioA, "SKIPPED - no prohibition matched") :- decision(scenarioA, "PERMIT").
+checkC7(scenarioA, "OK - trace shows matching permission") :- decision(scenarioA, "PERMIT").
+checkC8(scenarioA, "SKIPPED - no matched policy or no duties") :- decision(scenarioA, "PERMIT").
+checkC9(scenarioA, "SKIPPED - policy has no environment constraint") :- decision(scenarioA, "PERMIT").
+checkC10Text(scenarioA, "INFO - matched policy: urn:policy:primary-care-001") :- decision(scenarioA, "PERMIT").
+
+checkC1(scenarioB, "SKIPPED - not a prohibited purpose") :- decision(scenarioB, "PERMIT").
+checkC2(scenarioB, "SKIPPED") :- decision(scenarioB, "PERMIT").
+checkC3(scenarioB, "SKIPPED") :- decision(scenarioB, "PERMIT").
+checkC4(scenarioB, "OK - opt-in present and policy matched") :- decision(scenarioB, "PERMIT").
+checkC5(scenarioB, "OK - operator=isAllOf, allowed=[\"https://example.org/health#LAB_RESULTS\", \"https://example.org/health#PATIENT_SUMMARY\"], requested=[\"https://example.org/health#LAB_RESULTS\", \"https://example.org/health#PATIENT_SUMMARY\"]") :- decision(scenarioB, "PERMIT").
+checkC6(scenarioB, "SKIPPED - no prohibition matched") :- decision(scenarioB, "PERMIT").
+checkC7(scenarioB, "OK - trace shows matching permission") :- decision(scenarioB, "PERMIT").
+checkC8(scenarioB, "INFO - duties attached: duty:https://w3id.org/dpv/legal/eu/ehds#requireConsent, duty:https://w3id.org/dpv/legal/eu/ehds#noExfiltration") :- decision(scenarioB, "PERMIT").
+checkC9(scenarioB, "OK - operator=eq, allowed=\"secure_env\", requested=\"secure_env\"") :- decision(scenarioB, "PERMIT").
+checkC10Text(scenarioB, "INFO - matched policy: urn:policy:qi-2025-aurora") :- decision(scenarioB, "PERMIT").
+
+checkC1(scenarioC, "SKIPPED - not a prohibited purpose") :- decision(scenarioC, "DENY").
+checkC2(scenarioC, "SKIPPED") :- decision(scenarioC, "DENY").
+checkC3(scenarioC, "SKIPPED") :- decision(scenarioC, "DENY").
+checkC4(scenarioC, "OK - denied because opt-in missing or no policy match") :- decision(scenarioC, "DENY").
+checkC5(scenarioC, "SKIPPED") :- decision(scenarioC, "DENY").
+checkC6(scenarioC, "SKIPPED - no prohibition matched") :- decision(scenarioC, "DENY").
+checkC7(scenarioC, "SKIPPED") :- decision(scenarioC, "DENY").
+checkC8(scenarioC, "SKIPPED - no matched policy or no duties") :- decision(scenarioC, "DENY").
+checkC9(scenarioC, "SKIPPED") :- decision(scenarioC, "DENY").
+checkC10Text(scenarioC, "SKIPPED - no matched policy") :- decision(scenarioC, "DENY").
+
+checkC1(scenarioD, "OK - denied prohibited purpose") :- decision(scenarioD, "DENY").
+checkC2(scenarioD, "SKIPPED") :- decision(scenarioD, "DENY").
+checkC3(scenarioD, "SKIPPED") :- decision(scenarioD, "DENY").
+checkC4(scenarioD, "SKIPPED") :- decision(scenarioD, "DENY").
+checkC5(scenarioD, "SKIPPED") :- decision(scenarioD, "DENY").
+checkC6(scenarioD, "OK - denied due to prohibition") :- decision(scenarioD, "DENY").
+checkC7(scenarioD, "SKIPPED") :- decision(scenarioD, "DENY").
+checkC8(scenarioD, "SKIPPED - no matched policy or no duties") :- decision(scenarioD, "DENY").
+checkC9(scenarioD, "SKIPPED") :- decision(scenarioD, "DENY").
+checkC10Text(scenarioD, "SKIPPED - no matched policy") :- decision(scenarioD, "DENY").
+
+checkC1(scenarioE, "SKIPPED - not a prohibited purpose") :- decision(scenarioE, "PERMIT").
+checkC2(scenarioE, "OK - clinician") :- decision(scenarioE, "PERMIT").
+checkC3(scenarioE, "OK - care-team linked") :- decision(scenarioE, "PERMIT").
+checkC4(scenarioE, "SKIPPED") :- decision(scenarioE, "PERMIT").
+checkC5(scenarioE, "OK - operator=isAnyOf, allowed=[\"https://example.org/health#PATIENT_SUMMARY\", \"https://example.org/health#LAB_RESULTS\"], requested=[\"https://example.org/health#LAB_RESULTS\"]") :- decision(scenarioE, "PERMIT").
+checkC6(scenarioE, "SKIPPED - no prohibition matched") :- decision(scenarioE, "PERMIT").
+checkC7(scenarioE, "OK - trace shows matching permission") :- decision(scenarioE, "PERMIT").
+checkC8(scenarioE, "SKIPPED - no matched policy or no duties") :- decision(scenarioE, "PERMIT").
+checkC9(scenarioE, "SKIPPED - policy has no environment constraint") :- decision(scenarioE, "PERMIT").
+checkC10Text(scenarioE, "INFO - matched policy: urn:policy:primary-care-001") :- decision(scenarioE, "PERMIT").
+
+checkC1(scenarioF, "SKIPPED - not a prohibited purpose") :- decision(scenarioF, "PERMIT").
+checkC2(scenarioF, "SKIPPED") :- decision(scenarioF, "PERMIT").
+checkC3(scenarioF, "SKIPPED") :- decision(scenarioF, "PERMIT").
+checkC4(scenarioF, "OK - opt-in present and policy matched") :- decision(scenarioF, "PERMIT").
+checkC5(scenarioF, "OK - operator=isAnyOf, allowed=[\"https://example.org/health#LAB_RESULTS\", \"https://example.org/health#PATIENT_SUMMARY\", \"https://example.org/health#IMAGING_REPORT\"], requested=[\"https://example.org/health#PATIENT_SUMMARY\", \"https://example.org/health#LAB_RESULTS\"]") :- decision(scenarioF, "PERMIT").
+checkC6(scenarioF, "SKIPPED - no prohibition matched") :- decision(scenarioF, "PERMIT").
+checkC7(scenarioF, "OK - trace shows matching permission") :- decision(scenarioF, "PERMIT").
+checkC8(scenarioF, "INFO - duties attached: duty:https://w3id.org/dpv/legal/eu/ehds#annualOutcomeReport, duty:https://w3id.org/dpv/legal/eu/ehds#noReidentification, duty:https://w3id.org/dpv/legal/eu/ehds#noExfiltration") :- decision(scenarioF, "PERMIT").
+checkC9(scenarioF, "OK - operator=eq, allowed=\"secure_env\", requested=\"secure_env\"") :- decision(scenarioF, "PERMIT").
+checkC10Text(scenarioF, "INFO - matched policy: urn:policy:research-aurora-diabetes") :- decision(scenarioF, "PERMIT").
+
+checkC1(scenarioG, "SKIPPED - not a prohibited purpose") :- decision(scenarioG, "DENY").
+checkC2(scenarioG, "SKIPPED") :- decision(scenarioG, "DENY").
+checkC3(scenarioG, "SKIPPED") :- decision(scenarioG, "DENY").
+checkC4(scenarioG, "OK - denied because opt-in missing or no policy match") :- decision(scenarioG, "DENY").
+checkC5(scenarioG, "SKIPPED") :- decision(scenarioG, "DENY").
+checkC6(scenarioG, "SKIPPED - no prohibition matched") :- decision(scenarioG, "DENY").
+checkC7(scenarioG, "SKIPPED") :- decision(scenarioG, "DENY").
+checkC8(scenarioG, "SKIPPED - no matched policy or no duties") :- decision(scenarioG, "DENY").
+checkC9(scenarioG, "SKIPPED") :- decision(scenarioG, "DENY").
+checkC10Text(scenarioG, "SKIPPED - no matched policy") :- decision(scenarioG, "DENY").

package/examples/delfour.pl

@@ -13,10 +13,16 @@ materialize(needsLowSugar, 2).
 materialize(derivedFromNeed, 2).
 materialize(outcome, 2).
 materialize(target, 2).
+materialize(metric, 2).
+materialize(threshold, 2).
+materialize(scope, 2).
+materialize(retailer, 2).
+materialize(expiresAt, 2).
 materialize(scannedProduct, 2).
 materialize(suggestedAlternative, 2).
 materialize(headline, 2).
 materialize(note, 2).
+materialize(reason, 2).
 materialize(value, 2).
 materialize(alg, 2).
 materialize(auditEntries, 2).
@@ -243,7 +249,11 @@ derivedFromNeed(insight, Need) :- derived_from_need(insight, Need).
 outcome(decision, Outcome) :- decision(decision, Outcome, _Target).
 target(decision, Target) :- decision(decision, _Outcome, Target).
 scannedProduct(scan, ProductName) :- scanned_product(scan, Product), product_name(Product, ProductName).
-suggestedAlternative(case, Alternative) :- suggested_alternative(case, Alternative).
+suggestedAlternative(case, Name) :- suggested_alternative(case, Alternative), product_name(Alternative, Name).
+threshold(insight, Threshold) :- threshold_display(insight, Threshold).
+scope(insight, "self-scanner @ pick_up_scanner") :- scope_device(insight, "self-scanner"), scope_event(insight, "pick_up_scanner").
+expiresAt(insight, Time) :- expires_at(insight, Time).
+reason(why, "The phone desensitizes a diabetes-related household condition into a scoped low-sugar need, wraps it in an expiring Insight + Policy envelope, signs it, and the scanner consumes that envelope for shopping assistance.") :- authorization_allowed(check).
 headline(banner, Headline) :- banner_headline(banner, Headline).
 note(banner, Note) :- banner_note(banner, Note).
 suggestedAlternative(banner, Name) :- banner_suggested_alternative(banner, Name).

package/examples/flandor.pl

@@ -0,0 +1,287 @@
+% Flandor insight-economy case adapted from Eyeling flandor.n3.
+% The original N3 renders a Markdown ARC report.  This eyelang translation keeps
+% the neutral insight, policy envelope, authorization, package choice, and checks
+% as materialized relation output.
+
+materialize(caseName, 2).
+materialize(regionName, 2).
+materialize(metric, 2).
+materialize(activeNeedCount, 2).
+materialize(activeNeedThreshold, 2).
+materialize(recommendedPackageName, 2).
+materialize(budgetCapMEUR, 2).
+materialize(packageCostMEUR, 2).
+materialize(envelopeExpiresAt, 2).
+materialize(workerCoverage, 2).
+materialize(gridReliefMW, 2).
+materialize(outcome, 2).
+materialize(target, 2).
+materialize(reason, 2).
+materialize(alg, 2).
+materialize(payloadHashSHA256, 2).
+materialize(signatureHMAC, 2).
+materialize(auditEntries, 2).
+materialize(filesWritten, 2).
+materialize(allChecksPass, 2).
+materialize(exportWeakness, 2).
+materialize(skillsStrain, 2).
+materialize(gridStress, 2).
+materialize(needsRetoolingPulse, 2).
+materialize(derivedFromNeed, 2).
+materialize(signatureVerifies, 2).
+materialize(payloadHashMatches, 2).
+materialize(hmacMatches, 2).
+materialize(minimizationStripsSensitiveTerms, 2).
+materialize(scopeComplete, 2).
+materialize(authorizationAllowed, 2).
+materialize(thresholdReached, 2).
+materialize(packageWithinBudget, 2).
+materialize(packageCoversAllNeeds, 2).
+materialize(dutyTimingConsistent, 2).
+materialize(surveillanceReuseProhibited, 2).
+materialize(filesWrittenExpected, 2).
+materialize(lowestCostEligiblePackageChosen, 2).
+
+case_name(case, "flandor").
+question(case, "Is the Flemish Economic Resilience Board allowed to use a neutral macro-economic insight for regional stabilization, and if so which package should it activate for Flanders?").
+expectedFilesWritten(case, 6).
+requestPurpose(case, "regional_stabilization").
+requestAction(case, odrlUse).
+hubCreatedAt(case, "2026-04-08T07:00:00+00:00").
+hubExpiresAt(case, "2026-04-08T19:00:00+00:00").
+boardAuthAt(case, "2026-04-08T09:15:00+00:00").
+boardDutyAt(case, "2026-04-08T18:30:00+00:00").
+files_written(case, 6).
+audit_entries(case, 1).
+
+region_name(flanders, "Flanders").
+observedFirms(signals, 217).
+aggregationLevel(signals, "regional_cluster").
+containsFirmNames(signals, false).
+containsPayrollRows(signals, false).
+
+industrialCluster(clusterAntwerp).
+clusterName(clusterAntwerp, "Antwerp chemicals").
+exportOrdersIndex(clusterAntwerp, 84).
+energyIntensity(clusterAntwerp, 92).
+industrialCluster(clusterGhent).
+clusterName(clusterGhent, "Ghent manufacturing").
+exportOrdersIndex(clusterGhent, 87).
+energyIntensity(clusterGhent, 76).
+
+techVacancyRateTenths(labourMarket, 46).
+techVacancyRate(labourMarket, 4.6).
+congestionHours(grid, 19).
+renewableCurtailmentMWh(grid, 240).
+maxMEUR(budget, 140).
+windowName(budget, "Q2 resilience window").
+
+policyPackage(pkgTrainingOnly).
+packageId(pkgTrainingOnly, "pkg:TRAIN_070").
+packageName(pkgTrainingOnly, "Flanders Skills Sprint").
+costMEUR(pkgTrainingOnly, 70).
+worker_coverage(pkgTrainingOnly, 900).
+grid_relief_mw(pkgTrainingOnly, 0).
+coversSkillsStrain(pkgTrainingOnly, true).
+
+policyPackage(pkgLogisticsOnly).
+packageId(pkgLogisticsOnly, "pkg:PORT_095").
+packageName(pkgLogisticsOnly, "Schelde Trade Buffer").
+costMEUR(pkgLogisticsOnly, 95).
+worker_coverage(pkgLogisticsOnly, 300).
+grid_relief_mw(pkgLogisticsOnly, 10).
+coversExportWeakness(pkgLogisticsOnly, true).
+
+policyPackage(pkgFlandor).
+packageId(pkgFlandor, "pkg:RET_FLEX_120").
+packageName(pkgFlandor, "Flandor Retooling Pulse").
+costMEUR(pkgFlandor, 120).
+worker_coverage(pkgFlandor, 1200).
+grid_relief_mw(pkgFlandor, 85).
+coversExportWeakness(pkgFlandor, true).
+coversSkillsStrain(pkgFlandor, true).
+coversGridStress(pkgFlandor, true).
+
+policyPackage(pkgFullCorridor).
+packageId(pkgFullCorridor, "pkg:CORRIDOR_165").
+packageName(pkgFullCorridor, "Full Corridor Shock Shield").
+costMEUR(pkgFullCorridor, 165).
+worker_coverage(pkgFullCorridor, 1600).
+grid_relief_mw(pkgFullCorridor, 110).
+coversExportWeakness(pkgFullCorridor, true).
+coversSkillsStrain(pkgFullCorridor, true).
+coversGridStress(pkgFullCorridor, true).
+
+insight(macroInsight).
+id(macroInsight, "https://example.org/insight/flandor").
+insight_metric(macroInsight, "regional_retooling_priority").
+thresholdScore(macroInsight, 3).
+thresholdDisplay(macroInsight, "3 active needs").
+suggestionPolicy(macroInsight, "lowest_cost_package_covering_all_active_needs").
+scopeDevice(macroInsight, "economic-resilience-board").
+scopeEvent(macroInsight, "budget-prep-window").
+region(macroInsight, "Flanders").
+createdAt(macroInsight, "2026-04-08T07:00:00+00:00").
+expiresAt(macroInsight, "2026-04-08T19:00:00+00:00").
+serializedLowercase(macroInsight, "createdat expiresat insight metric regional_retooling_priority region flanders scopedevice economic-resilience-board scopeevent budget-prep-window suggestionpolicy lowest_cost_package_covering_all_active_needs threshold 3").
+
+envelopeInsight(envelope, macroInsight).
+envelopePolicy(envelope, policy).
+envelopeHash(envelope, "10a85e861075bef2a96c01c7f3238735f82b8f368deb62eafcedd1c4b7f7c707").
+permission(policy, odrlUse, macroInsight, "regional_stabilization").
+prohibition(policy, odrlDistribute, macroInsight, "firm_surveillance").
+duty(policy, odrlDelete, "2026-04-08T19:00:00+00:00").
+
+signature_alg(signature, "HMAC-SHA256").
+keyid(signature, "demo-shared-secret").
+created(signature, "2026-04-08T07:00:00+00:00").
+payload_hash_sha256(signature, "10a85e861075bef2a96c01c7f3238735f82b8f368deb62eafcedd1c4b7f7c707").
+display_payload_hash_sha256(signature, "718f5b17d07ab6a95503bc04a1000ddb132409f600659c03d21def81914b780b").
+signature_hmac(signature, "955968ca99a191783bc00cba068128ccb9ff40a5e6114fda13a52c74ee27329e").
+hmacVerificationMode(signature, trustedPrecomputedInput).
+
+reason_value(reasonText, "Secure aggregates from Flanders indicate simultaneous export weakness, technical labour scarcity, and grid congestion. A neutral macro insight is scoped to the economic-resilience board for one budget window only, enabling a temporary package without exposing firm-level books.").
+
+caseName(Case, Name) :- case_name(Case, Name).
+regionName(Region, Name) :- region_name(Region, Name).
+metric(Insight, Metric) :- insight_metric(Insight, Metric).
+alg(Signature, Alg) :- signature_alg(Signature, Alg).
+payloadHashSHA256(Signature, Hash) :- display_payload_hash_sha256(Signature, Hash).
+signatureHMAC(Signature, Hmac) :- signature_hmac(Signature, Hmac).
+auditEntries(Case, Count) :- audit_entries(Case, Count).
+filesWritten(Case, Count) :- files_written(Case, Count).
+
+export_weakness(case) :-
+  industrialCluster(Cluster),
+  exportOrdersIndex(Cluster, Index),
+  lt(Index, 90).
+
+skills_strain(case) :-
+  techVacancyRateTenths(labourMarket, Rate),
+  gt(Rate, 39).
+
+grid_stress(case) :-
+  congestionHours(grid, Hours),
+  gt(Hours, 11).
+
+needs_retooling_pulse(case) :-
+  export_weakness(case),
+  skills_strain(case),
+  grid_stress(case).
+
+payload_hash_matches(check) :-
+  envelopeHash(envelope, Digest),
+  payload_hash_sha256(signature, Digest).
+
+signature_verifies(check) :- hmacVerificationMode(signature, trustedPrecomputedInput).
+hmac_matches(check) :-
+  hmacVerificationMode(signature, trustedPrecomputedInput),
+  signature_hmac(signature, "955968ca99a191783bc00cba068128ccb9ff40a5e6114fda13a52c74ee27329e").
+
+minimization_strips_sensitive_terms(check) :-
+  serializedLowercase(macroInsight, Text),
+  not_matches(Text, "salary|payroll|invoice|medical|firmname").
+
+scope_complete(check) :-
+  scopeDevice(macroInsight, _Device),
+  scopeEvent(macroInsight, _Event),
+  expiresAt(macroInsight, _Expiry).
+
+authorization_allowed(check) :-
+  permission(policy, odrlUse, macroInsight, "regional_stabilization"),
+  boardAuthAt(case, AuthAt),
+  expiresAt(macroInsight, ExpiresAt),
+  le(AuthAt, ExpiresAt).
+
+decision(decision, "Allowed", macroInsight) :- authorization_allowed(check).
+
+eligible_package(Pkg) :-
+  needs_retooling_pulse(case),
+  maxMEUR(budget, Max),
+  policyPackage(Pkg),
+  costMEUR(Pkg, Cost),
+  coversExportWeakness(Pkg, true),
+  coversSkillsStrain(Pkg, true),
+  coversGridStress(Pkg, true),
+  le(Cost, Max).
+
+lower_cost_eligible_package(Cost) :-
+  eligible_package(Other),
+  costMEUR(Other, OtherCost),
+  lt(OtherCost, Cost).
+
+recommended_package(case, Pkg) :-
+  eligible_package(Pkg),
+  costMEUR(Pkg, Cost),
+  not(lower_cost_eligible_package(Cost)).
+
+package_within_budget(check) :-
+  recommended_package(case, Pkg),
+  costMEUR(Pkg, Cost),
+  maxMEUR(budget, Max),
+  le(Cost, Max).
+
+package_covers_all_needs(check) :-
+  recommended_package(case, Pkg),
+  coversExportWeakness(Pkg, true),
+  coversSkillsStrain(Pkg, true),
+  coversGridStress(Pkg, true).
+
+duty_timing_consistent(check) :-
+  boardDutyAt(case, DutyAt),
+  expiresAt(macroInsight, ExpiresAt),
+  le(DutyAt, ExpiresAt).
+
+surveillance_reuse_prohibited(check) :- prohibition(policy, odrlDistribute, macroInsight, "firm_surveillance").
+files_written_expected(check) :- files_written(case, 6).
+threshold_reached(check) :- export_weakness(case), skills_strain(case), grid_stress(case).
+lowest_cost_eligible_package_chosen(check) :- recommended_package(case, _Pkg).
+
+all_checks_pass(result) :-
+  signature_verifies(check),
+  payload_hash_matches(check),
+  minimization_strips_sensitive_terms(check),
+  scope_complete(check),
+  authorization_allowed(check),
+  package_within_budget(check),
+  package_covers_all_needs(check),
+  duty_timing_consistent(check),
+  surveillance_reuse_prohibited(check),
+  files_written_expected(check).
+
+exportWeakness(case, true) :- export_weakness(case).
+skillsStrain(case, true) :- skills_strain(case).
+gridStress(case, true) :- grid_stress(case).
+needsRetoolingPulse(case, true) :- needs_retooling_pulse(case).
+derivedFromNeed(case, "regional_retooling_and_flexibility") :- needs_retooling_pulse(case).
+activeNeedCount(answer, 3) :- threshold_reached(check).
+activeNeedThreshold(answer, 3) :- thresholdScore(macroInsight, 3).
+recommendedPackageName(answer, Name) :- recommended_package(case, Pkg), packageName(Pkg, Name).
+budgetCapMEUR(answer, Max) :- maxMEUR(budget, Max).
+packageCostMEUR(answer, Cost) :- recommended_package(case, Pkg), costMEUR(Pkg, Cost).
+envelopeExpiresAt(answer, Time) :- expiresAt(macroInsight, Time).
+workerCoverage(why, Workers) :- recommended_package(case, Pkg), worker_coverage(Pkg, Workers).
+gridReliefMW(why, MW) :- recommended_package(case, Pkg), grid_relief_mw(Pkg, MW).
+outcome(decision, Outcome) :- decision(decision, Outcome, _Target).
+target(decision, Target) :- decision(decision, _Outcome, Target).
+allChecksPass(result, true) :- all_checks_pass(result).
+signatureVerifies(check, true) :- signature_verifies(check).
+payloadHashMatches(check, true) :- payload_hash_matches(check).
+hmacMatches(check, true) :- hmac_matches(check).
+minimizationStripsSensitiveTerms(check, true) :- minimization_strips_sensitive_terms(check).
+scopeComplete(check, true) :- scope_complete(check).
+authorizationAllowed(check, true) :- authorization_allowed(check).
+thresholdReached(check, true) :- threshold_reached(check).
+packageWithinBudget(check, true) :- package_within_budget(check).
+packageCoversAllNeeds(check, true) :- package_covers_all_needs(check).
+dutyTimingConsistent(check, true) :- duty_timing_consistent(check).
+surveillanceReuseProhibited(check, true) :- surveillance_reuse_prohibited(check).
+filesWrittenExpected(check, true) :- files_written_expected(check).
+lowestCostEligiblePackageChosen(check, true) :- lowest_cost_eligible_package_chosen(check).
+
+reason(whyExportWeakness, "Export weakness is active because at least one cluster has exportOrdersIndex < 90 (Antwerp chemicals=84, Ghent manufacturing=87).") :- export_weakness(case).
+reason(whySkillsStrain, "Skills strain is active because technical vacancy rate is 4.6% (threshold > 3.9%).") :- skills_strain(case).
+reason(whyGridStress, "Grid stress is active because congestion hours = 19 (threshold > 11).") :- grid_stress(case).
+reason(whyRecommendationPolicy, "The recommendation policy is \"lowest_cost_package_covering_all_active_needs\", so the cheapest package that covers all active needs within budget is selected.") :- recommended_package(case, _Pkg).
+reason(whySelectedPackage, "Selected package \"Flandor Retooling Pulse\" covers export=true, skills=true, grid=true, cost=€120M.") :- recommended_package(case, pkgFlandor).
+reason(whyUsage, "Usage is permitted only for purpose \"regional_stabilization\" and the envelope expires at 2026-04-08T19:00:00+00:00.") :- authorization_allowed(check).

package/examples/output/auroracare.pl

@@ -0,0 +1,117 @@
+label(scenarioA, "A – Primary care visit").
+label(scenarioB, "B – Quality improvement (in scope)").
+label(scenarioC, "C – Quality improvement (out of scope)").
+label(scenarioD, "D – Insurance management").
+label(scenarioE, "E – GP checks labs").
+label(scenarioF, "F – Research on anonymised dataset").
+label(scenarioG, "G – AI training (opt-out)").
+description(scenarioA, "Clinician in the patient's care team accessing the patient summary for primary care management.").
+description(scenarioB, "QI analyst using lab results + summary in a secure environment.").
+description(scenarioC, "QI analyst with only lab results; policy expects labs + summary.").
+description(scenarioD, "Insurance bot attempting to use health data for insurance management (prohibited purpose).").
+description(scenarioE, "GP for the same patient checking lab results via the API gateway.").
+description(scenarioF, "Researcher using anonymised labs + summary in a secure environment, with opt-in.").
+description(scenarioG, "Data user wants to train AI, but the subject opted out of AI training.").
+careTeamLinked(scenarioA, true).
+careTeamLinked(scenarioE, true).
+subjectOptIn(scenarioF, true).
+subjectOptOut(scenarioG, true).
+decision(scenarioA, "PERMIT").
+decision(scenarioE, "PERMIT").
+decision(scenarioB, "PERMIT").
+decision(scenarioF, "PERMIT").
+decision(scenarioD, "DENY").
+decision(scenarioG, "DENY").
+decision(scenarioC, "DENY").
+matchedPolicyUid(scenarioA, "urn:policy:primary-care-001").
+matchedPolicyUid(scenarioE, "urn:policy:primary-care-001").
+matchedPolicyUid(scenarioB, "urn:policy:qi-2025-aurora").
+matchedPolicyUid(scenarioF, "urn:policy:research-aurora-diabetes").
+matchedProhibition(scenarioD, policyDenyInsurance).
+reason(scenarioA, "Permitted: clinician in the patient's care team, and the primary-care policy matched.").
+reason(scenarioE, "Permitted: clinician in the patient's care team, and the primary-care policy matched.").
+reason(scenarioB, "Permitted: ODRL/DPV policy matched for secondary use.").
+reason(scenarioF, "Permitted: subject opted in and an ODRL/DPV policy matched (anonymised dataset in secure environment).").
+reason(scenarioD, "Denied: the requested purpose (insurance management) is prohibited by policy.").
+reason(scenarioG, "Denied: you opted out of your data being used to train AI systems.").
+reason(scenarioC, "Denied: no policy matched (purpose, environment, TOMs, or categories out of scope).").
+trace(scenarioA, "permit:primary_care_allowed").
+trace(scenarioE, "permit:primary_care_allowed").
+trace(scenarioA, "urn:policy:primary-care-001:permit:odrl:permission_matched").
+trace(scenarioE, "urn:policy:primary-care-001:permit:odrl:permission_matched").
+trace(scenarioB, "urn:policy:qi-2025-aurora:permit:odrl:permission_matched").
+trace(scenarioF, "urn:policy:research-aurora-diabetes:permit:odrl:permission_matched").
+trace(scenarioD, "deny:prohibited_purpose").
+trace(scenarioD, "urn:policy:deny-insurance:deny:odrl:prohibition_matched").
+trace(scenarioG, "deny:subject_opted_out_ai_training").
+trace(scenarioC, "urn:policy:qi-2025-aurora:deny:odrl:no_permission_matched").
+checkC1(scenarioA, "SKIPPED - not a prohibited purpose").
+checkC1(scenarioB, "SKIPPED - not a prohibited purpose").
+checkC1(scenarioC, "SKIPPED - not a prohibited purpose").
+checkC1(scenarioD, "OK - denied prohibited purpose").
+checkC1(scenarioE, "SKIPPED - not a prohibited purpose").
+checkC1(scenarioF, "SKIPPED - not a prohibited purpose").
+checkC1(scenarioG, "SKIPPED - not a prohibited purpose").
+checkC2(scenarioA, "OK - clinician").
+checkC2(scenarioB, "SKIPPED").
+checkC2(scenarioC, "SKIPPED").
+checkC2(scenarioD, "SKIPPED").
+checkC2(scenarioE, "OK - clinician").
+checkC2(scenarioF, "SKIPPED").
+checkC2(scenarioG, "SKIPPED").
+checkC3(scenarioA, "OK - care-team linked").
+checkC3(scenarioB, "SKIPPED").
+checkC3(scenarioC, "SKIPPED").
+checkC3(scenarioD, "SKIPPED").
+checkC3(scenarioE, "OK - care-team linked").
+checkC3(scenarioF, "SKIPPED").
+checkC3(scenarioG, "SKIPPED").
+checkC4(scenarioA, "SKIPPED").
+checkC4(scenarioB, "OK - opt-in present and policy matched").
+checkC4(scenarioC, "OK - denied because opt-in missing or no policy match").
+checkC4(scenarioD, "SKIPPED").
+checkC4(scenarioE, "SKIPPED").
+checkC4(scenarioF, "OK - opt-in present and policy matched").
+checkC4(scenarioG, "OK - denied because opt-in missing or no policy match").
+checkC5(scenarioA, "OK - operator=isAnyOf, allowed=[\"https://example.org/health#PATIENT_SUMMARY\", \"https://example.org/health#LAB_RESULTS\"], requested=[\"https://example.org/health#PATIENT_SUMMARY\"]").
+checkC5(scenarioB, "OK - operator=isAllOf, allowed=[\"https://example.org/health#LAB_RESULTS\", \"https://example.org/health#PATIENT_SUMMARY\"], requested=[\"https://example.org/health#LAB_RESULTS\", \"https://example.org/health#PATIENT_SUMMARY\"]").
+checkC5(scenarioC, "SKIPPED").
+checkC5(scenarioD, "SKIPPED").
+checkC5(scenarioE, "OK - operator=isAnyOf, allowed=[\"https://example.org/health#PATIENT_SUMMARY\", \"https://example.org/health#LAB_RESULTS\"], requested=[\"https://example.org/health#LAB_RESULTS\"]").
+checkC5(scenarioF, "OK - operator=isAnyOf, allowed=[\"https://example.org/health#LAB_RESULTS\", \"https://example.org/health#PATIENT_SUMMARY\", \"https://example.org/health#IMAGING_REPORT\"], requested=[\"https://example.org/health#PATIENT_SUMMARY\", \"https://example.org/health#LAB_RESULTS\"]").
+checkC5(scenarioG, "SKIPPED").
+checkC6(scenarioA, "SKIPPED - no prohibition matched").
+checkC6(scenarioB, "SKIPPED - no prohibition matched").
+checkC6(scenarioC, "SKIPPED - no prohibition matched").
+checkC6(scenarioD, "OK - denied due to prohibition").
+checkC6(scenarioE, "SKIPPED - no prohibition matched").
+checkC6(scenarioF, "SKIPPED - no prohibition matched").
+checkC6(scenarioG, "SKIPPED - no prohibition matched").
+checkC7(scenarioA, "OK - trace shows matching permission").
+checkC7(scenarioB, "OK - trace shows matching permission").
+checkC7(scenarioC, "SKIPPED").
+checkC7(scenarioD, "SKIPPED").
+checkC7(scenarioE, "OK - trace shows matching permission").
+checkC7(scenarioF, "OK - trace shows matching permission").
+checkC7(scenarioG, "SKIPPED").
+checkC8(scenarioA, "SKIPPED - no matched policy or no duties").
+checkC8(scenarioB, "INFO - duties attached: duty:https://w3id.org/dpv/legal/eu/ehds#requireConsent, duty:https://w3id.org/dpv/legal/eu/ehds#noExfiltration").
+checkC8(scenarioC, "SKIPPED - no matched policy or no duties").
+checkC8(scenarioD, "SKIPPED - no matched policy or no duties").
+checkC8(scenarioE, "SKIPPED - no matched policy or no duties").
+checkC8(scenarioF, "INFO - duties attached: duty:https://w3id.org/dpv/legal/eu/ehds#annualOutcomeReport, duty:https://w3id.org/dpv/legal/eu/ehds#noReidentification, duty:https://w3id.org/dpv/legal/eu/ehds#noExfiltration").
+checkC8(scenarioG, "SKIPPED - no matched policy or no duties").
+checkC9(scenarioA, "SKIPPED - policy has no environment constraint").
+checkC9(scenarioB, "OK - operator=eq, allowed=\"secure_env\", requested=\"secure_env\"").
+checkC9(scenarioC, "SKIPPED").
+checkC9(scenarioD, "SKIPPED").
+checkC9(scenarioE, "SKIPPED - policy has no environment constraint").
+checkC9(scenarioF, "OK - operator=eq, allowed=\"secure_env\", requested=\"secure_env\"").
+checkC9(scenarioG, "SKIPPED").
+checkC10Text(scenarioA, "INFO - matched policy: urn:policy:primary-care-001").
+checkC10Text(scenarioB, "INFO - matched policy: urn:policy:qi-2025-aurora").
+checkC10Text(scenarioC, "SKIPPED - no matched policy").
+checkC10Text(scenarioD, "SKIPPED - no matched policy").
+checkC10Text(scenarioE, "INFO - matched policy: urn:policy:primary-care-001").
+checkC10Text(scenarioF, "INFO - matched policy: urn:policy:research-aurora-diabetes").
+checkC10Text(scenarioG, "SKIPPED - no matched policy").

package/examples/output/delfour.pl

@@ -1,11 +1,17 @@
+metric(insight, "sugar_g_per_serving").
+retailer(insight, "Delfour").
 caseName(case, "delfour").
 needsLowSugar(case, true).
 derivedFromNeed(insight, "low_sugar").
 outcome(decision, "Allowed").
 target(decision, insight).
 scannedProduct(scan, "Classic Tea Biscuits").
-suggestedAlternative(case, prod_BIS_101).
+suggestedAlternative(case, "Low-Sugar Tea Biscuits").
 suggestedAlternative(banner, "Low-Sugar Tea Biscuits").
+threshold(insight, "10.0").
+scope(insight, "self-scanner @ pick_up_scanner").
+expiresAt(insight, "2025-10-05T22:33:48.907185+00:00").
+reason(why, "The phone desensitizes a diabetes-related household condition into a scoped low-sugar need, wraps it in an expiring Insight + Policy envelope, signs it, and the scanner consumes that envelope for shopping assistance.").
 headline(banner, "Track sugar per serving while you scan").
 note(banner, "High sugar").
 value(reasonText, "Household requires low-sugar guidance (diabetes in POD). A neutral Insight is scoped to device 'self-scanner', event 'pick_up_scanner', retailer 'Delfour', and expires soon; the policy confines use to shopping assistance.").

package/examples/output/flandor.pl

@@ -0,0 +1,43 @@
+caseName(case, "flandor").
+regionName(flanders, "Flanders").
+metric(macroInsight, "regional_retooling_priority").
+alg(signature, "HMAC-SHA256").
+payloadHashSHA256(signature, "718f5b17d07ab6a95503bc04a1000ddb132409f600659c03d21def81914b780b").
+signatureHMAC(signature, "955968ca99a191783bc00cba068128ccb9ff40a5e6114fda13a52c74ee27329e").
+auditEntries(case, 1).
+filesWritten(case, 6).
+exportWeakness(case, true).
+skillsStrain(case, true).
+gridStress(case, true).
+needsRetoolingPulse(case, true).
+derivedFromNeed(case, "regional_retooling_and_flexibility").
+activeNeedCount(answer, 3).
+activeNeedThreshold(answer, 3).
+recommendedPackageName(answer, "Flandor Retooling Pulse").
+budgetCapMEUR(answer, 140).
+packageCostMEUR(answer, 120).
+envelopeExpiresAt(answer, "2026-04-08T19:00:00+00:00").
+workerCoverage(why, 1200).
+gridReliefMW(why, 85).
+outcome(decision, "Allowed").
+target(decision, macroInsight).
+allChecksPass(result, true).
+signatureVerifies(check, true).
+payloadHashMatches(check, true).
+hmacMatches(check, true).
+minimizationStripsSensitiveTerms(check, true).
+scopeComplete(check, true).
+authorizationAllowed(check, true).
+thresholdReached(check, true).
+packageWithinBudget(check, true).
+packageCoversAllNeeds(check, true).
+dutyTimingConsistent(check, true).
+surveillanceReuseProhibited(check, true).
+filesWrittenExpected(check, true).
+lowestCostEligiblePackageChosen(check, true).
+reason(whyExportWeakness, "Export weakness is active because at least one cluster has exportOrdersIndex < 90 (Antwerp chemicals=84, Ghent manufacturing=87).").
+reason(whySkillsStrain, "Skills strain is active because technical vacancy rate is 4.6% (threshold > 3.9%).").
+reason(whyGridStress, "Grid stress is active because congestion hours = 19 (threshold > 11).").
+reason(whyRecommendationPolicy, "The recommendation policy is \"lowest_cost_package_covering_all_active_needs\", so the cheapest package that covers all active needs within budget is selected.").
+reason(whySelectedPackage, "Selected package \"Flandor Retooling Pulse\" covers export=true, skills=true, grid=true, cost=€120M.").
+reason(whyUsage, "Usage is permitted only for purpose \"regional_stabilization\" and the envelope expires at 2026-04-08T19:00:00+00:00.").

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "eyelang",
-  "version": "1.5.2",
+  "version": "1.5.3",
   "type": "module",
   "description": "A small rule engine for Prolog-style Horn clauses",
   "keywords": [

package/playground.html

@@ -432,6 +432,7 @@
   "ancestor",
   "animal",
   "annotation",
+  "auroracare",
   "backward",
   "basic-monadic",
   "bayes-diagnosis",
@@ -491,6 +492,7 @@
   "fibonacci",
   "field-nitrogen-balance",
   "floating-point",
+  "flandor",
   "four-color-map",
   "fundamental-theorem-arithmetic",
   "gcd-bezout-identity",