eyeling 1.12.14 → 1.13.0

package/HANDBOOK.md

@@ -761,6 +761,8 @@ A predicate is treated as builtin if:
 
 Super restricted mode exists to let you treat all other predicates as ordinary facts/rules without any built-in evaluation.
 
+**Note on `log:query`:** Eyeling also recognizes a special _top-level_ directive of the form `{...} log:query {...}.` to **select which results to print**. This is **not** a builtin predicate (it is not evaluated as part of goal solving); it is handled by the parser/CLI/output layer. See §11.3.5 below and Chapter 13 for details.
+
 ### 11.2 Built-ins return multiple solutions
 
 Every builtin returns a list of substitution _deltas_.
@@ -1353,6 +1355,47 @@ As _builtins_, `log:implies` and `log:impliedBy` let you **inspect the currently
 
 Each enumerated rule is standardized apart (fresh variable names) before unification so you can safely query over it.
 
+### Top-level directive: `log:query` (output selection)
+
+**Shape (top level only):**
+
+```n3
+{ ...premise... } log:query { ...conclusion... }.
+```
+
+`log:query` is best understood as an **output projection**, not as a rule and not as a normal builtin:
+
+- Eyeling still computes the saturated forward closure (facts + rules, including backward-rule proofs where needed).
+- It then proves the **premise formula** as a goal (as if it were fed to `log:includes` in the global scope).
+- For every solution, it instantiates the **conclusion formula** and collects the resulting triples.
+- The final output is the **set of unique ground triples** from those instantiated conclusions.
+
+This is “forward-rule-like” in spirit (premise ⇒ conclusion), but the instantiated conclusion triples are **not added back into the fact store**; they are just what Eyeling prints.
+
+**Important details:**
+
+- Only **top-level** `{...} log:query {...}.` directives are recognized. Inside quoted formulas (or inside rule bodies/heads) it is just an ordinary triple.
+- Query-mode output depends on the saturated closure, so it cannot be streamed; `--stream` has no effect when any `log:query` directives are present.
+- If you want _logical_ querying inside a rule/proof, use `log:includes` (and optionally `log:conclusion`) instead.
+
+**Example (project a result set):**
+
+```n3
+@prefix : <urn:ex:>.
+@prefix log: <http://www.w3.org/2000/10/swap/log#>.
+
+{ :a :p ?x } => { :a :q ?x }.
+:a :p :b.
+
+{ :a :q ?x } log:query { :result :x ?x }.
+```
+
+Output (only):
+
+```n3
+:result :x :b .
+```
+
 ### Scoped proof inside formulas: `log:includes` and friends
 
 #### `log:includes`
@@ -1809,6 +1852,14 @@ See also: [Chapter 14 — Entry points: CLI, bundle exports, and npm API](#ch14)
 
 By default, Eyeling prints **newly derived forward facts** (the heads of fired `=>` rules), serialized as N3. It does **not** reprint your input facts.
 
+If the input contains one or more **top-level** `log:query` directives:
+
+```n3
+{ ...premise... } log:query { ...conclusion... }.
+```
+
+Eyeling still computes the saturated forward closure, but it prints only the **unique instantiated conclusion triples** of those `log:query` directives (instead of all newly derived facts). This is useful when you want a forward-rule-like projection of results.
+
 For proof/explanation output and output modes, see:
 
 - [Chapter 13 — Printing, proofs, and the user-facing output](#ch13)
@@ -1835,6 +1886,8 @@ Options:
   -v, --version                Print version and exit.
 ```
 
+Note: when `log:query` directives are present, Eyeling cannot stream output (the selected results depend on the saturated closure), so `--stream` has no effect in that mode.
+
 See also:
 
 - [Chapter 13 — Printing, proofs, and the user-facing output](#ch13)
@@ -2031,7 +2084,7 @@ If you don’t want “stop the world”, derive a `:Violation` fact instead, an
 The most robust way to keep LLM-generated logic plausible is to make it live under tests:
 
 - Keep tiny **fixtures** (facts) alongside the rules.
-- Run Eyeling to produce the **derived closure** (Eyeling can emit only newly derived forward facts, and can optionally include compact proof comments).
+- Run Eyeling to produce the **derived closure** (Eyeling emits only newly derived forward facts by default, can optionally include compact proof comments, and can also use `log:query` directives to project a specific result set).
 - Compare against an expected output (“golden file”) in CI.
 
 This turns rule edits into a normal change-management loop: diffs are explicit, reviewable, and reproducible.

package/README.md

@@ -4,7 +4,8 @@ A compact [Notation3 (N3)](https://notation3.org/) reasoner in **JavaScript**.
 
 - Single self-contained bundle (`eyeling.js`), no external runtime deps
 - Forward (`=>`) + backward (`<=`) chaining over Horn-style rules
-- Outputs only **newly derived** forward facts (optionally with compact proof comments)
+- Outputs only **newly derived** forward facts by default (optionally with compact proof comments)
+- If the input contains one or more top-level `{ ... } log:query { ... }.` directives, the output becomes the **unique instantiated conclusion triples** of those queries (a forward-rule-like projection)
 - Works in Node.js and fully client-side (browser/worker)
 
 ## Links
@@ -45,6 +46,16 @@ See all options:
 npx eyeling --help
 ```
 
+### log:query output selection
+
+If your input contains one or more **top-level** directives of the form:
+
+```n3
+{ ?x a :Human. } log:query { ?x a :Mortal. }.
+```
+
+Eyeling will still compute the saturated forward closure, but it will **print only** the **unique instantiated conclusion triples** of those `log:query` directives (instead of printing all newly derived forward facts).
+
 ### JavaScript API
 
 CommonJS:
@@ -79,6 +90,9 @@ const { closureN3 } = eyeling.reasonStream(input, {
   proof: false,
   onDerived: ({ triple }) => console.log(triple),
 });
+
+// With log:query directives present, closureN3 contains the query-selected triples.
+// The return value also includes `queryMode`, `queryTriples`, and `queryDerived`.
 ```
 
 > Note: the npm `reason()` helper shells out to the bundled `eyeling.js` CLI for simplicity and robustness.

package/examples/annotation.n3

@@ -1,8 +1,8 @@
 @prefix : <http://example.com/> .
+@prefix log: <http://www.w3.org/2000/10/swap/log#> .
 @prefix xsd: <http://www.w3.org/2001/XMLSchema#> .
-@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
 
 :a :name "Alice" .
-:t rdf:reifies { :a :name "Alice" . } .
+:t log:nameOf { :a :name "Alice" . } .
 :t :statedBy :bob .
 :t :recorded "2021-07-07"^^xsd:date .

package/examples/context-association.n3

@@ -1,15 +1,15 @@
-@prefix rdfg: <http://www.w3.org/2009/rdfg#> .
 @prefix : <http://example.org/#> .
 @prefix foaf: <http://xmlns.com/foaf/0.1/> .
 @prefix sec: <https://w3id.org/security#> .
 @prefix skolem: <https://eyereasoner.github.io/.well-known/genid/5649fff4-464d-5969-88ed-956a6b5f0d90#> .
+@prefix log: <http://www.w3.org/2000/10/swap/log#> .
 @prefix xsd: <http://www.w3.org/2001/XMLSchema#> .
 
-skolem:g0 rdfg:isGraph {
+skolem:g0 log:nameOf {
   :Bob foaf:name "Bob" .
 } .
 
-skolem:g1 rdfg:isGraph {
+skolem:g1 log:nameOf {
   skolem:g0 sec:proof _:dataSignature .
   _:signature1 a sec:DataIntegrityProof .
   _:signature1 sec:cryptosuite "ecdsa-rdfc-2019" .
@@ -22,7 +22,7 @@ skolem:g1 rdfg:isGraph {
   _:signature1 sec:validUntil "2025-04-03T00:00:00.000Z"^^xsd:dateTime .
 } .
 
-_:g3 rdfg:isGraph {
+_:g3 log:nameOf {
   skolem:g1 sec:proof _:signature2 .
   _:signature2 a sec:DataIntegrityProof .
   _:signature2 sec:cryptosuite "ecdsa-rdfc-2019" .

package/examples/odrl-dpv-risk-ranked.n3

@@ -0,0 +1,479 @@
+# ===========================================================================================
+# ODRL + DPV risk assessment with ranked, explainable output.
+#
+# What this file does
+# - Models an agreement as an ODRL policy (odrl:Policy) containing permissions,
+#   prohibitions, duties, and constraints. ODRL is expressive enough to encode the
+#   normative “may/must/must-not” structure of TOS clauses as RDF.
+# - Links each ODRL rule to a clause resource (:Clause) to keep human-readable text
+#   while preserving machine-readable structure for reasoning.
+# - Uses N3 rules with log:includes / log:notIncludes to detect missing safeguards
+#   (e.g., missing notice constraints, missing inform duties, missing consent constraints).
+# - Generates DPV risks (dpv:Risk) and classifies them using DPV-RISK concepts:
+#   risk:hasRiskSource, dpv:hasConsequence, dpv:hasImpact, dpv:hasSeverity, dpv:hasRiskLevel.
+# - Produces mitigations as dpv:RiskMitigationMeasure resources and attaches them
+#   to risks with dpv:isMitigatedByMeasure.
+# - Computes a numeric score for each risk and prints a ranked, explainable report.
+#
+# Ranking / output
+# - Output strings are emitted as log:outputString triples.
+# - When running with Eyeling “strings” mode (-r), strings are printed in deterministic
+#   order based on their subject key. The program encodes ranking via an “inverse score”
+#   key (e.g., 1000 - score) so higher-risk items appear first.
+#
+# References
+# - N3 spec:          https://w3c.github.io/N3/spec/
+# - Eyeling builtins: https://eyereasoner.github.io/eyeling/HANDBOOK#ch11
+# - ODRL vocab:       https://www.w3.org/TR/odrl-vocab/
+# - DPV risk module:  https://w3c.github.io/dpv/2.0/dpv/modules/risk.html
+# - DPV-RISK:         https://w3id.org/dpv/risk
+# ===========================================================================================
+
+@prefix :      <https://example.org/odrl-dpv-risk-ranked#> .
+@prefix odrl:  <http://www.w3.org/ns/odrl/2/> .
+@prefix dpv:   <https://w3id.org/dpv#> .
+@prefix risk:  <https://w3id.org/dpv/risk#> .
+@prefix dct:   <http://purl.org/dc/terms/> .
+@prefix xsd:   <http://www.w3.org/2001/XMLSchema#> .
+@prefix log:   <http://www.w3.org/2000/10/swap/log#> .
+@prefix math:  <http://www.w3.org/2000/10/swap/math#> .
+@prefix string:<http://www.w3.org/2000/10/swap/string#> .
+@prefix tosl:  <https://example.org/tosl-profile#> .
+
+# ---------------------------
+# 1) Consumer profile (needs)
+# ---------------------------
+
+:ConsumerExample a :ConsumerProfile ;
+  dct:title "Example consumer profile" ;
+  :hasNeed :Need_DataCannotBeRemoved,
+           :Need_ChangeOnlyWithPriorNotice,
+           :Need_NoSharingWithoutConsent,
+           :Need_DataPortability .
+
+:Need_DataCannotBeRemoved a :Need ;
+  :importance "20"^^xsd:integer ;
+  dct:description "Provider must not remove the consumer account/data." .
+
+:Need_ChangeOnlyWithPriorNotice a :Need ;
+  :importance "15"^^xsd:integer ;
+  :minNoticeDays "14"^^xsd:integer ;
+  dct:description "Agreement may change only with prior notice (>= 14 days)." .
+
+:Need_NoSharingWithoutConsent a :Need ;
+  :importance "12"^^xsd:integer ;
+  dct:description "No data sharing without explicit consent." .
+
+:Need_DataPortability a :Need ;
+  :importance "10"^^xsd:integer ;
+  dct:description "Consumer must be able to export their data." .
+
+# ------------------------------------------
+# 2) Agreement (ODRL policy graph + clauses)
+# ------------------------------------------
+
+:Agreement1 a :Agreement ;
+  dct:title "Example Agreement" ;
+  :policyGraph {
+    :Policy1 a odrl:Policy ;
+      odrl:permission :PermDeleteAccount,
+                      :PermChangeTerms,
+                      :PermShareData ;
+      odrl:prohibition :ProhibitExportData .
+
+    # Clause C1: remove account/data without safeguards
+    :PermDeleteAccount a odrl:Permission ;
+      odrl:assigner :Provider ;
+      odrl:assignee odrl:consumer ;
+      odrl:action tosl:removeAccount ;
+      odrl:target :UserAccount ;
+      :clause :ClauseC1 .
+
+    # Clause C2: change terms with noticeDays >= 3 (may be too short for the consumer)
+    :PermChangeTerms a odrl:Permission ;
+      odrl:assigner :Provider ;
+      odrl:assignee odrl:consumer ;
+      odrl:action tosl:changeTerms ;
+      odrl:target :AgreementText ;
+      odrl:duty [
+        a odrl:Duty ;
+        odrl:action odrl:inform ;
+        odrl:constraint [
+          a odrl:Constraint ;
+          odrl:leftOperand tosl:noticeDays ;
+          odrl:operator odrl:gteq ;
+          odrl:rightOperand "3"^^xsd:integer
+        ]
+      ] ;
+      :clause :ClauseC2 .
+
+    # Clause C3: share data without explicit consent safeguard
+    :PermShareData a odrl:Permission ;
+      odrl:assigner :Provider ;
+      odrl:assignee odrl:consumer ;
+      odrl:action tosl:shareData ;
+      odrl:target :UserData ;
+      :clause :ClauseC3 .
+
+    # Clause C4: prohibit export (hurts portability)
+    :ProhibitExportData a odrl:Prohibition ;
+      odrl:assigner :Provider ;
+      odrl:assignee odrl:consumer ;
+      odrl:action tosl:exportData ;
+      odrl:target :UserData ;
+      :clause :ClauseC4 .
+  } .
+
+:ClauseC1 a :Clause ; :clauseId "C1" ; :text "Provider may remove the user account (and associated data) at its discretion." .
+:ClauseC2 a :Clause ; :clauseId "C2" ; :text "Provider may change terms by informing users at least 3 days in advance." .
+:ClauseC3 a :Clause ; :clauseId "C3" ; :text "Provider may share user data with partners for business purposes." .
+:ClauseC4 a :Clause ; :clauseId "C4" ; :text "Users are not permitted to export their data." .
+
+:ProcessContext1 a dpv:Process ;
+  dct:source :Agreement1 ;
+  dct:title "Service operation under Agreement1" .
+
+# ------------------------------------------------------------------------------------
+# 3) Risk rules (ODRL -> DPV/DPV-RISK) + mitigations
+#    IMPORTANT: only match ODRL structure inside log:includes; clause text is outside.
+# ------------------------------------------------------------------------------------
+
+# R1: remove account/data WITHOUT notice constraint AND WITHOUT inform duty
+{
+  :Agreement1 :policyGraph ?G .
+  :ConsumerExample :hasNeed :Need_DataCannotBeRemoved .
+  :Need_DataCannotBeRemoved :importance ?w .
+
+  ?G log:includes {
+    :PermDeleteAccount a odrl:Permission ;
+      odrl:action tosl:removeAccount ;
+      :clause ?clause .
+  }.
+
+  ?G log:notIncludes {
+    :PermDeleteAccount odrl:constraint [
+      odrl:leftOperand tosl:noticeDays
+    ] .
+  }.
+
+  ?G log:notIncludes {
+    :PermDeleteAccount odrl:duty [
+      odrl:action odrl:inform
+    ] .
+  }.
+
+  ?clause :clauseId ?cid ; :text ?txt .
+
+  (90 ?w) math:sum ?raw .
+  ( :Agreement1 :ConsumerExample :DeleteAccountNoSafeguards ?cid ) log:skolem ?risk .
+  ( :Agreement1 :ConsumerExample :DeleteAccountNoSafeguardsSource ?cid ) log:skolem ?src .
+
+  ( "Risk: account/data removal is permitted without notice safeguards (no notice constraint and no duty to inform). Clause %s: %s"
+    ?cid ?txt ) string:format ?why .
+}
+=>
+{
+  ?src a risk:RiskSource, risk:LegalComplianceRisk ;
+    dct:source :PermDeleteAccount ;
+    dct:description "Account removal permitted without notice safeguards." .
+
+  ?risk a dpv:Risk, risk:UnwantedDataDeletion, risk:DataUnavailable, risk:DataErasureError, risk:DataLoss ;
+    dct:source :PermDeleteAccount ;
+    risk:hasRiskSource ?src ;
+    dpv:hasConsequence risk:DataLoss, risk:DataUnavailable, risk:CustomerConfidenceLoss ;
+    dpv:hasImpact risk:FinancialLoss, risk:NonMaterialDamage ;
+    :aboutClause ?clause ;
+    :scoreRaw ?raw ;
+    :violatesNeed :Need_DataCannotBeRemoved ;
+    dct:description ?why .
+
+  :ProcessContext1 dpv:hasRisk ?risk .
+
+  ( ?risk :M1 ) log:skolem ?m1 .
+  ( ?risk :M2 ) log:skolem ?m2 .
+
+  ?m1 a dpv:RiskMitigationMeasure ;
+    dct:description "Add a notice constraint (minimum noticeDays) before account removal." ;
+    dpv:mitigatesRisk ?risk ;
+    :suggestAdd {
+      :PermDeleteAccount odrl:constraint [
+        a odrl:Constraint ;
+        odrl:leftOperand tosl:noticeDays ;
+        odrl:operator odrl:gteq ;
+        odrl:rightOperand "14"^^xsd:integer
+      ] .
+    } .
+
+  ?m2 a dpv:RiskMitigationMeasure ;
+    dct:description "Add a duty to inform the consumer prior to account removal." ;
+    dpv:mitigatesRisk ?risk ;
+    :suggestAdd {
+      :PermDeleteAccount odrl:duty [
+        a odrl:Duty ;
+        odrl:action odrl:inform
+      ] .
+    } .
+
+  ?risk dpv:isMitigatedByMeasure ?m1, ?m2 .
+} .
+
+# R2: change terms noticeDays is below consumer requirement
+{
+  :Agreement1 :policyGraph ?G .
+  :ConsumerExample :hasNeed :Need_ChangeOnlyWithPriorNotice .
+  :Need_ChangeOnlyWithPriorNotice :importance ?w ; :minNoticeDays ?req .
+
+  ?G log:includes {
+    :PermChangeTerms a odrl:Permission ;
+      odrl:action tosl:changeTerms ;
+      :clause ?clause ;
+      odrl:duty [
+        odrl:action odrl:inform ;
+        odrl:constraint [
+          odrl:leftOperand tosl:noticeDays ;
+          odrl:rightOperand ?days
+        ]
+      ] .
+  }.
+
+  ?days math:lessThan ?req .
+  ?clause :clauseId ?cid ; :text ?txt .
+
+  (70 ?w) math:sum ?raw .
+  ( :Agreement1 :ConsumerExample :NoticeTooShort ?cid ) log:skolem ?risk .
+  ( :Agreement1 :ConsumerExample :NoticeTooShortSource ?cid ) log:skolem ?src .
+
+  ( "Risk: terms may change with notice (%s days) below consumer requirement (%s days). Clause %s: %s"
+    ?days ?req ?cid ?txt ) string:format ?why .
+}
+=>
+{
+  ?src a risk:RiskSource, risk:PolicyRisk ;
+    dct:source :PermChangeTerms ;
+    dct:description "Notice for changing terms is shorter than consumer requirement." .
+
+  ?risk a dpv:Risk, risk:PolicyRisk, risk:CustomerConfidenceLoss ;
+    dct:source :PermChangeTerms ;
+    risk:hasRiskSource ?src ;
+    dpv:hasConsequence risk:CustomerConfidenceLoss ;
+    dpv:hasImpact risk:NonMaterialDamage ;
+    :aboutClause ?clause ;
+    :scoreRaw ?raw ;
+    :violatesNeed :Need_ChangeOnlyWithPriorNotice ;
+    dct:description ?why .
+
+  :ProcessContext1 dpv:hasRisk ?risk .
+
+  ( ?risk :M1 ) log:skolem ?m1 .
+  ?m1 a dpv:RiskMitigationMeasure ;
+    dct:description "Increase minimum noticeDays in the inform duty to meet the consumer requirement." ;
+    dpv:mitigatesRisk ?risk ;
+    :suggestAdd {
+      :PermChangeTerms odrl:duty [
+        a odrl:Duty ;
+        odrl:action odrl:inform ;
+        odrl:constraint [
+          a odrl:Constraint ;
+          odrl:leftOperand tosl:noticeDays ;
+          odrl:operator odrl:gteq ;
+          odrl:rightOperand "14"^^xsd:integer
+        ]
+      ] .
+    } .
+
+  ?risk dpv:isMitigatedByMeasure ?m1 .
+} .
+
+# R3: share data WITHOUT explicit consent constraint
+{
+  :Agreement1 :policyGraph ?G .
+  :ConsumerExample :hasNeed :Need_NoSharingWithoutConsent .
+  :Need_NoSharingWithoutConsent :importance ?w .
+
+  ?G log:includes {
+    :PermShareData a odrl:Permission ;
+      odrl:action tosl:shareData ;
+      :clause ?clause .
+  }.
+
+  ?G log:notIncludes {
+    :PermShareData odrl:constraint [
+      odrl:leftOperand tosl:consent ;
+      odrl:operator odrl:eq ;
+      odrl:rightOperand true
+    ] .
+  }.
+
+  ?clause :clauseId ?cid ; :text ?txt .
+
+  (85 ?w) math:sum ?raw .
+  ( :Agreement1 :ConsumerExample :ShareNoConsent ?cid ) log:skolem ?risk .
+  ( :Agreement1 :ConsumerExample :ShareNoConsentSource ?cid ) log:skolem ?src .
+
+  ( "Risk: user data sharing is permitted without an explicit consent constraint. Clause %s: %s"
+    ?cid ?txt ) string:format ?why .
+}
+=>
+{
+  ?src a risk:RiskSource, risk:PolicyRisk ;
+    dct:source :PermShareData ;
+    dct:description "Data sharing permitted without explicit consent constraint." .
+
+  ?risk a dpv:Risk, risk:UnwantedDisclosureData, risk:CustomerConfidenceLoss ;
+    dct:source :PermShareData ;
+    risk:hasRiskSource ?src ;
+    dpv:hasConsequence risk:CustomerConfidenceLoss ;
+    dpv:hasImpact risk:NonMaterialDamage, risk:FinancialLoss ;
+    :aboutClause ?clause ;
+    :scoreRaw ?raw ;
+    :violatesNeed :Need_NoSharingWithoutConsent ;
+    dct:description ?why .
+
+  :ProcessContext1 dpv:hasRisk ?risk .
+
+  ( ?risk :M1 ) log:skolem ?m1 .
+  ?m1 a dpv:RiskMitigationMeasure ;
+    dct:description "Add an explicit consent constraint before data sharing." ;
+    dpv:mitigatesRisk ?risk ;
+    :suggestAdd {
+      :PermShareData odrl:constraint [
+        a odrl:Constraint ;
+        odrl:leftOperand tosl:consent ;
+        odrl:operator odrl:eq ;
+        odrl:rightOperand true
+      ] .
+    } .
+
+  ?risk dpv:isMitigatedByMeasure ?m1 .
+} .
+
+# R4: prohibit export (no portability)
+{
+  :Agreement1 :policyGraph ?G .
+  :ConsumerExample :hasNeed :Need_DataPortability .
+  :Need_DataPortability :importance ?w .
+
+  ?G log:includes {
+    :ProhibitExportData a odrl:Prohibition ;
+      odrl:action tosl:exportData ;
+      :clause ?clause .
+  }.
+
+  ?clause :clauseId ?cid ; :text ?txt .
+
+  (60 ?w) math:sum ?raw .
+  ( :Agreement1 :ConsumerExample :NoPortability ?cid ) log:skolem ?risk .
+  ( :Agreement1 :ConsumerExample :NoPortabilitySource ?cid ) log:skolem ?src .
+
+  ( "Risk: portability is restricted because exporting user data is prohibited. Clause %s: %s"
+    ?cid ?txt ) string:format ?why .
+}
+=>
+{
+  ?src a risk:RiskSource, risk:PolicyRisk ;
+    dct:source :ProhibitExportData ;
+    dct:description "Data export is prohibited, reducing portability." .
+
+  ?risk a dpv:Risk, risk:PolicyRisk, risk:CustomerConfidenceLoss ;
+    dct:source :ProhibitExportData ;
+    risk:hasRiskSource ?src ;
+    dpv:hasConsequence risk:CustomerConfidenceLoss ;
+    dpv:hasImpact risk:NonMaterialDamage ;
+    :aboutClause ?clause ;
+    :scoreRaw ?raw ;
+    :violatesNeed :Need_DataPortability ;
+    dct:description ?why .
+
+  :ProcessContext1 dpv:hasRisk ?risk .
+
+  ( ?risk :M1 ) log:skolem ?m1 .
+  ?m1 a dpv:RiskMitigationMeasure ;
+    dct:description "Add a permission allowing data export (or remove the prohibition) to support portability." ;
+    dpv:mitigatesRisk ?risk ;
+    :suggestAdd {
+      :Policy1 odrl:permission [
+        a odrl:Permission ;
+        odrl:assigner :Provider ;
+        odrl:assignee odrl:consumer ;
+        odrl:action tosl:exportData ;
+        odrl:target :UserData
+      ] .
+    } .
+
+  ?risk dpv:isMitigatedByMeasure ?m1 .
+} .
+
+# ------------------------------------------------
+# 4) Score normalization + DPV-RISK severity/level
+# ------------------------------------------------
+
+{ ?r a dpv:Risk ; :scoreRaw ?raw . ?raw math:greaterThan "100"^^xsd:integer . }
+=> { ?r :score "100"^^xsd:integer . } .
+
+{ ?r a dpv:Risk ; :scoreRaw ?raw . "100"^^xsd:integer math:notLessThan ?raw . }
+=> { ?r :score ?raw . } .
+
+{ ?r a dpv:Risk ; :score ?s . ?s math:greaterThan "79"^^xsd:integer . }
+=> { ?r dpv:hasSeverity risk:HighSeverity ; dpv:hasRiskLevel risk:HighRisk . } .
+
+{ ?r a dpv:Risk ; :score ?s . ?s math:lessThan "80"^^xsd:integer . ?s math:greaterThan "49"^^xsd:integer . }
+=> { ?r dpv:hasSeverity risk:ModerateSeverity ; dpv:hasRiskLevel risk:ModerateRisk . } .
+
+{ ?r a dpv:Risk ; :score ?s . ?s math:lessThan "50"^^xsd:integer . }
+=> { ?r dpv:hasSeverity risk:LowSeverity ; dpv:hasRiskLevel risk:LowRisk . } .
+
+# ------------------------------------------------------------------------------
+# 5) Ranked explainable output (Eyeling -r prints these in key order)
+# ------------------------------------------------------------------------------
+
+# Header
+{
+  :Agreement1 dct:title ?alabel .
+  :ConsumerExample dct:title ?plabel .
+  ( "\n=== Ranked DPV Risk Report ===\nAgreement: %s\nProfile: %s\n\n"
+    ?alabel ?plabel ) string:format ?hdr .
+}
+=>
+{
+  ( :Agreement1 :ConsumerExample 0 ) log:outputString ?hdr .
+} .
+
+# Risk lines (key includes inverse score = 1000 - score)
+{
+  ?r a dpv:Risk ;
+     :score ?score ;
+     dpv:hasRiskLevel ?lvl ;
+     dpv:hasSeverity ?sev ;
+     :aboutClause ?clause ;
+     dct:description ?why .
+  ?clause :clauseId ?cid .
+
+  ( "1000"^^xsd:integer ?score ) math:difference ?inv .
+
+  ( "score=%s (%s, %s)  clause %s\n  %s\n\n"
+    ?score ?lvl ?sev ?cid ?why ) string:format ?line .
+}
+=>
+{
+  ( :Agreement1 :ConsumerExample 1 ?inv ?r ) log:outputString ?line .
+} .
+
+# Mitigation lines (same ordering as their risk)
+{
+  ?r a dpv:Risk ;
+     :score ?score ;
+     dpv:isMitigatedByMeasure ?m ;
+     :aboutClause ?clause .
+  ?clause :clauseId ?cid .
+  ?m dct:description ?md .
+
+  ( "1000"^^xsd:integer ?score ) math:difference ?inv .
+
+  ( "  - mitigation for clause %s: %s\n"
+    ?cid ?md ) string:format ?mline .
+}
+=>
+{
+  ( :Agreement1 :ConsumerExample 2 ?inv ?r ) log:outputString ?mline .
+} .
+