Compliance Reports
Generate Annex IV-conformant PDF documentation in one call.
Compliance reports bundle every artifact an auditor expects — agent inventory, risk classifications, policy catalogue, traces, blockchain proofs, FRIA documents, incident history — into a single signed PDF.
Generate a report
curl https://gateway.palveron.com/api/v1/compliance/report \
-H "Authorization: Bearer pv_live_..." \
-G --data-urlencode "framework=eu_ai_act" \
-o eu-ai-act-report.pdf| Query | Default | Values |
|---|---|---|
framework | — (required) | eu_ai_act, dora, nist_ai_rmf, gdpr, hipaa, soc2, iso27001, iso42001, owasp, pdpa_sg, colorado_ai |
format | pdf | pdf, json |
as_of | now | ISO 8601 timestamp — freezes the report at that point in time (useful for audit checkpoints) |
agent_ids[] | — (all) | Limit the report to specific agents |
Contents
Each PDF section maps to a specific Annex IV obligation:
| Section | Source | Annex IV ref |
|---|---|---|
| System inventory | Project + Agent registry | §1 |
| Risk classifications | Agent risk levels + screening answers | §2 |
| Policy catalogue | Active policies with versions and enforcement actions | §3 |
| Trace statistics | Aggregates from the period covered | §4 |
| Blockchain proofs | Flare anchors with Merkle proofs | §5 |
| FRIA documents | Linked from agent records | §6 |
| Transparency disclosures | Agent-level disclosure text | §7 |
| Incident history | Reports filed via POST /compliance/incidents | §8 |
JSON format
Pass format=json to receive the raw report data. Useful for ingesting into your own audit tooling or a compliance data lake.
PDFs are generated server-side with deterministic ordering, so two reports produced for the same as_of are byte-identical. Hash them and store the hash in your evidence vault.