capfence 0.6.2__py3-none-any.whl

capfence/__init__.py

@@ -0,0 +1,109 @@
+"""CAPFENCE — Runtime governance for AI agents.
+
+MIT licensed. Works offline. Rule-based gating with pluggable scoring.
+"""
+
+__version__ = "0.6.2"
+
+from capfence.core.gate import Gate
+from capfence.types import GateResult
+from capfence.errors import (
+    CapFenceError,
+    AgentActionBlocked,
+    ConfigurationError,
+    PolicyLoadError,
+    AuditError,
+    TaxonomyError,
+    GatewayError,
+)
+from capfence.core.fsm import FSMOutcome, FailClosedFSM
+from capfence.core.state import AgentStateStore
+from capfence.core.taxonomy import TaxonomyLoader, stripe_mapper
+from capfence.core.hash import compute_payload_hash
+from capfence.core.audit import AuditLogger
+from capfence.core.chain import verify_chain, verify_chain_from_rows, ChainEntry
+from capfence.core.keys import generate_keypair, load_keypair, ensure_keypair, sign_entry, verify_entry
+from capfence.core.scorer import BaseScorer, KeywordScorer, RegexASTScorer, AdaptiveScorer, load_scorer
+from capfence.cloud.client import CloudClient
+from capfence.check import scan_directory, scan_file, ToolFinding
+from capfence.assessment.scanner import scan_assessment, AssessmentData, ToolAssessment
+from capfence.assessment.reporter import generate_html_report
+from capfence.assessment.simulator import TraceSimulator
+from capfence.assessment.builder import TaxonomyBuilder
+from capfence.assessment.owasp import get_coverage_matrix, get_coverage_summary, generate_owasp_context
+from capfence.assessment.eu_ai_act import generate_evidence_pack, EvidencePack
+from capfence.framework.langchain import CapFenceTool
+from capfence.framework.crewai import CapFenceCrewAITool
+from capfence.framework.langgraph import CapFenceToolNode
+from capfence.framework.openai_agents import CapFenceOpenAITool
+from capfence.framework.pydanticai import CapFencePydanticTool
+from capfence.framework.llamaindex import CapFenceLlamaIndexTool
+from capfence.framework.autogen import CapFenceAutoGenTool
+from capfence.mcp.gateway import MCPGatewayServer
+from capfence.mcp.adapter import CapFenceMCPSession
+from capfence.telemetry.client import TelemetryClient
+from capfence.flow.tracer import FlowTracer, FlowEdge, TrustLevel
+from capfence.core.gate import GATE_MODE_ENFORCE, GATE_MODE_OBSERVE
+
+__all__ = [
+    "__version__",
+    "Gate",
+    "GateResult",
+    "CapFenceError",
+    "AgentActionBlocked",
+    "ConfigurationError",
+    "PolicyLoadError",
+    "AuditError",
+    "TaxonomyError",
+    "GatewayError",
+    "FSMOutcome",
+    "FailClosedFSM",
+    "AgentStateStore",
+    "TaxonomyLoader",
+    "stripe_mapper",
+    "compute_payload_hash",
+    "AuditLogger",
+    "verify_chain",
+    "verify_chain_from_rows",
+    "ChainEntry",
+    "generate_keypair",
+    "load_keypair",
+    "ensure_keypair",
+    "sign_entry",
+    "verify_entry",
+    "BaseScorer",
+    "KeywordScorer",
+    "RegexASTScorer",
+    "AdaptiveScorer",
+    "load_scorer",
+    "CloudClient",
+    "scan_directory",
+    "scan_file",
+    "ToolFinding",
+    "scan_assessment",
+    "AssessmentData",
+    "ToolAssessment",
+    "generate_html_report",
+    "TraceSimulator",
+    "TaxonomyBuilder",
+    "get_coverage_matrix",
+    "get_coverage_summary",
+    "generate_owasp_context",
+    "generate_evidence_pack",
+    "EvidencePack",
+    "CapFenceTool",
+    "CapFenceCrewAITool",
+    "CapFenceToolNode",
+    "CapFenceOpenAITool",
+    "CapFencePydanticTool",
+    "CapFenceLlamaIndexTool",
+    "CapFenceAutoGenTool",
+    "MCPGatewayServer",
+    "CapFenceMCPSession",
+    "TelemetryClient",
+    "FlowTracer",
+    "FlowEdge",
+    "TrustLevel",
+    "GATE_MODE_ENFORCE",
+    "GATE_MODE_OBSERVE",
+]

capfence/assessment/__init__.py

@@ -0,0 +1,17 @@
+"""Assessment toolkit for CapFence.
+
+Orchestrates static analysis into professional deliverables:
+- scanner.py: Enriches raw AST findings with taxonomy data
+- reporter.py: Generates HTML reports via Jinja2 templates
+- simulator.py: Replays agent traces through the gate (Month 2)
+- builder.py: Interactive taxonomy builder (Month 2)
+"""
+
+from capfence.assessment.scanner import scan_assessment, AssessmentData
+from capfence.assessment.reporter import generate_html_report
+
+__all__ = [
+    "scan_assessment",
+    "AssessmentData",
+    "generate_html_report",
+]

capfence/assessment/builder.py

@@ -0,0 +1,301 @@
+"""Interactive taxonomy builder — generates custom taxonomies from user input.
+
+Usage:
+    from capfence.assessment.builder import TaxonomyBuilder
+
+    builder = TaxonomyBuilder()
+    taxonomy = builder.interactive_build()
+    # or programmatic:
+    taxonomy = builder.build(industry="fintech", payment_methods=["stripe"], pii=True)
+"""
+
+from __future__ import annotations
+
+import json
+import logging
+from dataclasses import dataclass, field
+from pathlib import Path
+from typing import Any
+
+
+logger = logging.getLogger(__name__)
+
+
+@dataclass
+class BuilderConfig:
+    """Configuration for taxonomy builder."""
+    industry: str
+    payment_methods: list[str] = field(default_factory=list)
+    pii_access: bool = False
+    transfer_initiation: bool = False
+    has_write_tools: bool = True
+    has_delete_tools: bool = False
+    has_external_api: bool = True
+    compliance_required: list[str] = field(default_factory=list)
+
+
+class TaxonomyBuilder:
+    """Build custom taxonomies from interactive or programmatic input."""
+
+    INDUSTRY_PRESETS: dict[str, dict[str, Any]] = {
+        "fintech": {
+            "categories": ["balance_inquiry", "payment_initiation", "withdrawal",
+                          "high_value_transfer", "account_modification", "compliance_check"],
+            "payment_pack": True,
+            "compliance": ["PCI-DSS", "SOX"],
+        },
+        "healthcare": {
+            "categories": ["read_only", "write", "external_api", "delete"],
+            "payment_pack": False,
+            "compliance": ["HIPAA"],
+        },
+        "legal": {
+            "categories": ["read_only", "write", "external_api"],
+            "payment_pack": False,
+            "compliance": ["GDPR", "eDiscovery"],
+        },
+        "retail": {
+            "categories": ["read_only", "write", "payment_initiation"],
+            "payment_pack": True,
+            "compliance": ["PCI-DSS"],
+        },
+    }
+
+    def interactive_build(self) -> dict[str, Any]:
+        """Build taxonomy via CLI prompts."""
+        print("\n--- CapFence Taxonomy Builder ---\n")
+
+        industries = list(self.INDUSTRY_PRESETS.keys()) + ["custom"]
+        print("Available industries:", ", ".join(industries))
+        industry = input("> What industry? [fintech/healthcare/legal/retail/custom]: ").strip().lower()
+
+        if industry == "custom":
+            return self._build_custom()
+
+        config = self.INDUSTRY_PRESETS.get(industry, self.INDUSTRY_PRESETS["fintech"])
+
+        payment_methods: list[str] = []
+        if config["payment_pack"]:
+            pm = input("> What payment methods? [stripe/plaid/square/braintree/custom/none]: ").strip().lower()
+            if pm != "none":
+                payment_methods = [p.strip() for p in pm.split("/")]
+
+        pii = input("> Do agents access PII? [y/n]: ").strip().lower().startswith("y")
+        transfers = input("> Do agents initiate transfers? [y/n]: ").strip().lower().startswith("y") if config["payment_pack"] else False
+
+        return self.build(
+            industry=industry,
+            payment_methods=payment_methods,
+            pii_access=pii,
+            transfer_initiation=transfers,
+            compliance_required=config["compliance"],
+        )
+
+    def build(
+        self,
+        industry: str,
+        payment_methods: list[str] | None = None,
+        pii_access: bool = False,
+        transfer_initiation: bool = False,
+        has_write_tools: bool = True,
+        has_delete_tools: bool = False,
+        has_external_api: bool = True,
+        compliance_required: list[str] | None = None,
+    ) -> dict[str, Any]:
+        """Programmatically build a custom taxonomy."""
+
+        config = BuilderConfig(
+            industry=industry,
+            payment_methods=payment_methods or [],
+            pii_access=pii_access,
+            transfer_initiation=transfer_initiation,
+            has_write_tools=has_write_tools,
+            has_delete_tools=has_delete_tools,
+            has_external_api=has_external_api,
+            compliance_required=compliance_required or [],
+        )
+
+        taxonomy: dict[str, Any] = {
+            "version": "2.0",
+            "domain": industry,
+            "generated_by": "capfence_taxonomy_builder",
+            "description": f"Custom taxonomy for {industry} agents",
+            "categories": {},
+            "compliance_mapping": {},
+        }
+
+        # Base categories
+        base_cats = self._get_base_categories(config)
+        taxonomy["categories"] = base_cats
+
+        # Payment method packs
+        if config.payment_methods:
+            for method in config.payment_methods:
+                payment_cats = self._get_payment_categories(method)
+                taxonomy["categories"].update(payment_cats)
+
+        # Compliance mappings
+        if config.compliance_required:
+            taxonomy["compliance_mapping"] = self._get_compliance_map(config.compliance_required)
+
+        return taxonomy
+
+    def save(self, taxonomy: dict[str, Any], path: Path | None = None) -> Path:
+        """Save taxonomy to JSON file."""
+        if path is None:
+            domain = taxonomy.get("domain", "custom")
+            path = Path(f"custom_taxonomy_{domain}.json")
+        path.write_text(json.dumps(taxonomy, indent=2), encoding="utf-8")
+        logger.info("Saved taxonomy to %s", path)
+        return path
+
+    def _get_base_categories(self, config: BuilderConfig) -> dict[str, Any]:
+        """Get base risk categories for the configuration."""
+        cats: dict[str, Any] = {}
+
+        cats["read_only"] = {
+            "delta": 1.0,
+            "risk_keywords": ["read", "list", "get", "view", "search", "balance", "inquiry"],
+            "description": "Read-only operations",
+        }
+
+        if config.has_write_tools:
+            cats["write"] = {
+                "delta": 0.4,
+                "risk_keywords": ["write", "create", "insert", "post", "submit", "update"],
+                "description": "Data mutation operations",
+            }
+
+        if config.has_delete_tools:
+            cats["delete"] = {
+                "delta": 0.2,
+                "risk_keywords": ["delete", "remove", "drop", "destroy", "purge"],
+                "description": "Destructive operations",
+            }
+
+        if config.has_external_api:
+            cats["external_api"] = {
+                "delta": 0.3,
+                "risk_keywords": ["external", "api_call", "third_party", "webhook", "outbound"],
+                "description": "External API calls",
+            }
+
+        if config.pii_access:
+            cats["pii_access"] = {
+                "delta": 0.15,
+                "risk_keywords": ["pii", "ssn", "ssn_last4", "personal_data", "phi", "patient"],
+                "description": "Access to personally identifiable information",
+            }
+
+        if config.transfer_initiation:
+            cats["high_value_transfer"] = {
+                "delta": 0.15,
+                "risk_keywords": ["transfer", "wire", "swift", "ach", "high_value", "large_amount"],
+                "description": "Large or bulk transfers. Requires multi-factor approval.",
+            }
+
+        return cats
+
+    def _get_payment_categories(self, method: str) -> dict[str, Any]:
+        """Get payment-method-specific categories."""
+        method = method.lower()
+
+        if method == "stripe":
+            return {
+                "stripe_payment_initiation": {
+                    "delta": 0.3,
+                    "risk_keywords": ["charge", "payment_intent", "create_charge", "stripe_charge", "capture"],
+                    "description": "Stripe: Initiating customer charges",
+                },
+                "stripe_refund": {
+                    "delta": 0.4,
+                    "risk_keywords": ["refund", "create_refund", "reverse_charge", "stripe_refund"],
+                    "description": "Stripe: Reversing completed transactions",
+                },
+                "stripe_payout": {
+                    "delta": 0.2,
+                    "risk_keywords": ["payout", "create_payout", "transfer_to_bank", "stripe_payout"],
+                    "description": "Stripe: Moving funds to external bank accounts",
+                },
+            }
+        elif method == "plaid":
+            return {
+                "plaid_auth": {
+                    "delta": 0.5,
+                    "risk_keywords": ["auth", "balance", "plaid_auth", "accounts_get"],
+                    "description": "Plaid: Account authentication and balance retrieval",
+                },
+                "plaid_transfer": {
+                    "delta": 0.25,
+                    "risk_keywords": ["transfer", "transfer_create", "plaid_transfer", "payment_initiation"],
+                    "description": "Plaid: Initiating bank transfers",
+                },
+            }
+        elif method == "square":
+            return {
+                "square_payment": {
+                    "delta": 0.3,
+                    "risk_keywords": ["payment", "create_payment", "square_payment", "charge"],
+                    "description": "Square: Processing customer payments",
+                },
+            }
+        else:
+            return {
+                f"{method}_payment": {
+                    "delta": 0.3,
+                    "risk_keywords": ["payment", "charge", "transfer"],
+                    "description": f"Custom: {method} payment processing",
+                }
+            }
+
+    def _get_compliance_map(self, frameworks: list[str]) -> dict[str, Any]:
+        """Get compliance control mappings."""
+        mapping: dict[str, Any] = {}
+        for fw in frameworks:
+            fw_upper = fw.upper()
+            if fw_upper == "PCI-DSS":
+                mapping[fw] = {
+                    "3.4": "Render PAN unreadable — Hash module ensures payload integrity",
+                    "10.2": "Audit trails — AuditLogger records all gate decisions",
+                    "6.5": "Address common coding vulnerabilities — Gate prevents unauthorized tool execution",
+                }
+            elif fw_upper == "SOX":
+                mapping[fw] = {
+                    "302": "Corporate responsibility — AgentStateStore tracks all decisions",
+                    "404": "Internal controls — AuditLogger provides append-only decision log",
+                }
+            elif fw_upper == "HIPAA":
+                mapping[fw] = {
+                    "164.312(a)": "Access control — Gate enforces role-based tool access",
+                    "164.312(b)": "Audit controls — AuditLogger records all PHI access attempts",
+                }
+            else:
+                mapping[fw] = {"general": f"{fw} compliance controls mapped to gate decisions"}
+        return mapping
+
+    def _build_custom(self) -> dict[str, Any]:
+        """Build a fully custom taxonomy via prompts."""
+        print("\n--- Custom Taxonomy Builder ---")
+        cats: dict[str, Any] = {}
+        while True:
+            name = input("Category name (or empty to finish): ").strip()
+            if not name:
+                break
+            delta_str = input(f"  Delta for '{name}' (0.0-1.0, lower=more risky): ").strip()
+            delta = float(delta_str) if delta_str else 0.5
+            keywords = input("  Risk keywords (comma-separated): ").strip()
+            kw_list = [k.strip() for k in keywords.split(",") if k.strip()]
+            desc = input("  Description: ").strip()
+            cats[name] = {
+                "delta": delta,
+                "risk_keywords": kw_list,
+                "description": desc or f"Custom category: {name}",
+            }
+        return {
+            "version": "2.0-custom",
+            "domain": "custom",
+            "generated_by": "capfence_taxonomy_builder",
+            "description": "User-defined custom taxonomy",
+            "categories": cats,
+            "compliance_mapping": {},
+        }

capfence/assessment/eu_ai_act.py

@@ -0,0 +1,241 @@
+"""EU AI Act Annex IV evidence pack generator.
+
+Produces a structured evidence package for high-risk AI system
+conformity assessment under EU AI Act Article 12 and Annex IV.
+
+Usage:
+    from capfence.assessment.eu_ai_act import generate_evidence_pack
+    from capfence.assessment.scanner import scan_assessment
+
+    data = scan_assessment(Path("./src"), taxonomy_path="financial")
+    pack = generate_evidence_pack(data)
+    pack.write_html(Path("annex_iv_evidence.html"))
+"""
+
+from __future__ import annotations
+
+import json
+from dataclasses import dataclass, field
+from pathlib import Path
+from typing import Any
+
+from capfence.assessment.scanner import AssessmentData
+from capfence.assessment.owasp import get_coverage_summary
+
+
+@dataclass
+class EvidencePack:
+    """Structured EU AI Act Annex IV evidence package."""
+
+    system_name: str
+    system_version: str
+    generated_at: str
+    risk_management: dict[str, Any] = field(default_factory=dict)
+    data_governance: dict[str, Any] = field(default_factory=dict)
+    technical_documentation: dict[str, Any] = field(default_factory=dict)
+    record_keeping: dict[str, Any] = field(default_factory=dict)
+    transparency: dict[str, Any] = field(default_factory=dict)
+    human_oversight: dict[str, Any] = field(default_factory=dict)
+    accuracy_robustness: dict[str, Any] = field(default_factory=dict)
+    cybersecurity: dict[str, Any] = field(default_factory=dict)
+    owasp_coverage: dict[str, Any] = field(default_factory=dict)
+
+    def to_dict(self) -> dict[str, Any]:
+        return {
+            "system_name": self.system_name,
+            "system_version": self.system_version,
+            "generated_at": self.generated_at,
+            "annex_iv_sections": {
+                "1_risk_management": self.risk_management,
+                "2_data_governance": self.data_governance,
+                "3_technical_documentation": self.technical_documentation,
+                "4_record_keeping": self.record_keeping,
+                "5_transparency": self.transparency,
+                "6_human_oversight": self.human_oversight,
+                "7_accuracy_robustness": self.accuracy_robustness,
+                "8_cybersecurity": self.cybersecurity,
+            },
+            "owasp_agentic_coverage": self.owasp_coverage,
+        }
+
+    def _validate_output_path(self, path: Path) -> Path:
+        """Resolve and validate output path to prevent directory traversal."""
+        resolved = path.resolve()
+        # Reject paths containing parent-directory references
+        if ".." in path.parts:
+            raise ValueError(f"Output path cannot contain '..' components: {path}")
+        return resolved
+
+    def write_json(self, path: Path) -> None:
+        safe_path = self._validate_output_path(path)
+        safe_path.write_text(json.dumps(self.to_dict(), indent=2, default=str), encoding="utf-8")
+
+    def write_html(self, path: Path) -> None:
+        safe_path = self._validate_output_path(path)
+        from capfence.assessment.reporter import _get_template_dir, _risk_color, _risk_bg
+        import jinja2
+        tpl_dir = _get_template_dir()
+        env = jinja2.Environment(
+            loader=jinja2.FileSystemLoader(str(tpl_dir)),
+            autoescape=jinja2.select_autoescape(["html", "xml"]),
+        )
+        env.filters["risk_color"] = _risk_color
+        env.filters["risk_bg"] = _risk_bg
+        try:
+            template = env.get_template("report_eu_ai_act.html")
+        except jinja2.TemplateNotFound:
+            template = env.from_string(_FALLBACK_EU_TEMPLATE)
+        html = template.render(**self.to_dict())
+        safe_path.write_text(html, encoding="utf-8")
+
+
+def generate_evidence_pack(
+    data: AssessmentData,
+    system_name: str = "CapFence-Governed Agent",
+    system_version: str = "0.4.0",
+) -> EvidencePack:
+    """Generate an Annex IV evidence pack from assessment data."""
+    import datetime
+    now = datetime.datetime.now(datetime.timezone.utc).isoformat()
+
+    owasp = get_coverage_summary()
+
+    pack = EvidencePack(
+        system_name=system_name,
+        system_version=system_version,
+        generated_at=now,
+        risk_management={
+            "description": "Risk identification and analysis for AI agent tool calls.",
+            "tool_count": data.total_tools,
+            "ungated_tools": data.ungated_count,
+            "critical_ungated": data.critical_ungated,
+            "risk_score": data.risk_score,
+            "risk_label": data.risk_label,
+            "mitigation": "CapFence Gate provides deterministic fail-closed enforcement with taxonomy-based thresholds.",
+            "residual_risk": "Low — all high-risk tool calls are intercepted and scored before execution.",
+        },
+        data_governance={
+            "description": "Training data governance is outside CapFence scope. This section covers operational data.",
+            "audit_log_integrity": "Hash-chained SQLite audit log with SHA-256 linkage. Tamper-evident.",
+            "payload_handling": "Payloads are hashed (SHA-256) before storage. Raw payloads never stored in audit log.",
+            "retention_policy": "Audit logs retained per customer policy. SQLite format supports long-term archival.",
+        },
+        technical_documentation={
+            "description": "Technical documentation of the AI system and its governance layer.",
+            "architecture": "CapFence sits between the agent and its tools. Gate evaluates every call before execution.",
+            "components": [
+                "Gate (rule-based evaluator)",
+                "TaxonomyLoader (risk category configuration)",
+                "Scorer (pluggable risk scoring)",
+                "AuditLogger (append-only hash-chained log)",
+                "AgentStateStore (behavioral K/V tracking)",
+                "FailClosedFSM (deterministic state machine)",
+            ],
+            "version": system_version,
+            "source": "https://github.com/capfencelabs/capfence-python",
+        },
+        record_keeping={
+            "description": "Automatic recording of events for traceability.",
+            "audit_log_format": "SQLite with hash-chained entries.",
+            "recorded_fields": [
+                "timestamp", "agent_id", "task_context", "risk_category",
+                "decision", "risk_score", "threshold", "payload_hash", "reason", "latency_ms",
+                "prev_hash", "entry_hash", "signature",
+            ],
+            "verification_command": "capfence verify --audit-log ./audit.db",
+            "retention": "Customer-defined. SQLite supports indefinite retention.",
+        },
+        transparency={
+            "description": "Transparency information for deployers and end-users.",
+            "system_purpose": "Runtime governance layer for AI agent tool calls in regulated workloads.",
+            "capabilities": "Deterministic fail-closed enforcement, tamper-evident audit logging, behavioral scoring.",
+            "limitations": "Does not inspect LLM prompts. Does not validate tool outputs. Focused on tool-call interception.",
+            "known_risks": "Prompt injection may bypass tool-call gating if the agent is manipulated to not call tools.",
+        },
+        human_oversight={
+            "description": "Human oversight measures.",
+            "measures": [
+                "Gate decisions are logged and auditable.",
+                "CI/CD integration (--fail-on-ungated) prevents deployment of ungated high-risk tools.",
+                "Assessment reports provide human-readable risk breakdowns with remediation steps.",
+            ],
+            "intervention": "Administrators can adjust taxonomy thresholds, add risk keywords, or disable specific tools via taxonomy configuration.",
+        },
+        accuracy_robustness={
+            "description": "Accuracy, robustness, and cybersecurity.",
+            "accuracy": "Keyword and regex-based scoring is deterministic. Same payload always produces same score.",
+            "robustness": "Fail-closed design: any error or anomaly results in a block, not a pass.",
+            "cybersecurity": "OWASP Agentic Top 10 coverage matrix included. See separate cybersecurity section.",
+        },
+        cybersecurity={
+            "description": "Cybersecurity measures.",
+            "owasp_agentic_coverage": f"{owasp['coverage_percent']}% of OWASP Agentic AI Top 10 risks covered.",
+            "covered_risks": owasp["covered"],
+            "full_coverage": owasp["full"],
+            "partial_coverage": owasp["partial"],
+            "mitigations": [
+                "Excessive Agency: taxonomy-based gate blocks unauthorized tool categories.",
+                "Insecure Plugin Design: CapFenceTool wrapper enforces access controls and input scoring.",
+                "Agent Escape: command execution taxonomy with strict thresholds blocks shell escapes.",
+                "Denial of Service: velocity tracking (V metric) detects tool-call spikes.",
+                "Sensitive Information Disclosure: payload hashing prevents raw data exposure in logs.",
+            ],
+        },
+        owasp_coverage=owasp,
+    )
+    return pack
+
+
+_FALLBACK_EU_TEMPLATE = """<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>EU AI Act Annex IV Evidence Pack — {{ system_name }}</title>
+    <style>
+        body { font-family: system-ui, sans-serif; margin: 40px; background: #f8f9fa; color: #1f2937; }
+        h1 { font-size: 1.8rem; }
+        h2 { font-size: 1.3rem; margin-top: 2rem; border-bottom: 2px solid #e5e7eb; padding-bottom: 0.5rem; }
+        .meta { color: #6b7280; margin-bottom: 2rem; }
+        table { width: 100%; border-collapse: collapse; background: #fff; border-radius: 8px; overflow: hidden; }
+        th, td { padding: 0.75rem 1rem; text-align: left; border-bottom: 1px solid #e5e7eb; }
+        th { background: #f3f4f6; font-weight: 600; }
+        .badge { display: inline-block; padding: 0.25rem 0.5rem; border-radius: 9999px; font-size: 0.75rem; font-weight: 600; }
+    </style>
+</head>
+<body>
+    <h1>EU AI Act Annex IV Evidence Pack</h1>
+    <p class="meta">{{ system_name }} v{{ system_version }} &middot; Generated {{ generated_at }}</p>
+
+    {% for section_name, section in annex_iv_sections.items() %}
+    <h2>{{ section_name.replace('_', ' ').title() }}</h2>
+    <table>
+        {% for key, value in section.items() %}
+        <tr>
+            <th>{{ key.replace('_', ' ').title() }}</th>
+            <td>
+                {% if value is sequence and value is not string %}
+                    <ul>
+                    {% for item in value %}
+                        <li>{{ item }}</li>
+                    {% endfor %}
+                    </ul>
+                {% else %}
+                    {{ value }}
+                {% endif %}
+            </td>
+        </tr>
+        {% endfor %}
+    </table>
+    {% endfor %}
+
+    <h2>OWASP Agentic Coverage</h2>
+    <table>
+        <tr><th>Metric</th><th>Value</th></tr>
+        <tr><td>Coverage Percent</td><td>{{ owasp_agentic_coverage.coverage_percent }}%</td></tr>
+        <tr><td>Full Coverage</td><td>{{ owasp_agentic_coverage.full }}</td></tr>
+        <tr><td>Partial Coverage</td><td>{{ owasp_agentic_coverage.partial }}</td></tr>
+        <tr><td>Planned</td><td>{{ owasp_agentic_coverage.planned }}</td></tr>
+    </table>
+</body>
+</html>
+"""