EU AI Act enforcement: August 2, 2026 — Full Annex IV evidence packages, automated. View on GitHub →
EU AI Act · Annex IV · August 2026

The compliance layer for production AI.

Glassbox maps your LLM's internal attention circuits to EU AI Act Annex IV requirements. One function call generates a complete, regulator-ready evidence package.

Try live demo View on GitHub
1.8K
Downloads/mo
8
Annex IV sections
<2s
Per audit
MIT
License
gb.analyze("When Mary and John went to the store…", " Mary", " John")
⚡ 1.2s
Attribution Heatmap gold = circuit heads
H0H5H11
Circuit: (9,9) · (9,6) · (10,0) · (8,10) · (8,6) + 7 secondary
A
Grade A  ·  Compliant
Faithfulness F1  ·  0.89
Art. 10Data governance & provenance
Art. 13Transparency obligations
Art. 17Quality management system
Art. 52Explainability proof (mathematical)
Annex IV8 of 8 sections complete
37× faster than ACDC  ·  r=0.009 confidence–faithfulness orthogonal  ·  GPT-2 Small benchmark
Open source · Production ready
Python 3.8+ TransformerLens EU Reg 2024/1689 HuggingFace Hub Docker ready MLflow + CI/CD
Features

Built for how compliance
actually works.

Every feature maps to a specific EU AI Act article. No guesswork. No manual documentation. No dashboards.

Circuit Analysis
Attribution patching reveals which attention heads causally drive predictions. Discovers minimal faithful circuits with mathematical rigor.
Article 9 — Risk management
Annex IV Automation
Generates all eight mandatory documentation sections automatically. System description, risk classification, bias testing — every field.
Article 11 — Documentation
Plain English Explainability
NaturalLanguageExplainer converts circuit metrics into plain English summaries with article citations. Non-technical stakeholders understand.
Article 13 — Transparency
Multi-Agent Audit
Traces causal handoffs across agent chains. Assigns liability scores per agent and generates full liability reports for multi-model deployments.
Article 9(2) — Control
Steering Vectors
Export representation engineering vectors that steer model behavior. Provides mathematical proof of controllability — what regulators actually need.
Article 9(2)(b) — Oversight
CI/CD Integration
GitHub Actions hook auto-fails CI if compliance grade drops. MLflow logs circuit metrics. Slack and Teams alerts on CircuitDiff anomalies.
Article 9 — Monitoring
How it works

Three steps to full Annex IV compliance.

From install to a regulator-ready evidence package in under five minutes.

  1. 01
    Install
    One pip command. No API keys. No cloud services. Runs entirely on CPU. Works fully offline for air-gapped environments.
  2. 02
    Analyze
    Pass any HuggingFace-compatible model. Glassbox runs attribution patching and maps attention circuits to Annex IV documentation sections.
  3. 03
    Export
    Receive a signed evidence vault ZIP, HuggingFace model card, and graded compliance report. Submit directly to auditors or notified bodies.
audit.py 
from glassbox import GlassboxV2, AnnexIVReport
from transformer_lens import HookedTransformer

# Load any HuggingFace-compatible model
model = HookedTransformer.from_pretrained("gpt2")
gb    = GlassboxV2(model)

# Run full EU AI Act Annex IV audit
result = gb.full_audit(
    prompt     = "The European AI Act requires...",
    correct    = " compliance",
    model_name = "GPT-2 small",
    deployment = "Financial Services",
)

# Build and export evidence vault
vault = result.build_annex_iv_vault()
vault.export("annex_iv_evidence.zip")

# Push model card to HuggingFace Hub
result.push_to_hub("your-org/gpt2-compliance")

Audit complete — 291ms

┌──────────────────────────────────────────────┐
│  Annex IV Evidence Package                   │
│                                              │
│  ✓  Section 1  System description            │
│  ✓  Section 2  Risk classification           │
│  ✓  Section 3  Monitoring & control          │
│  ✓  Section 4  Data & training provenance    │
│  ✓  Section 5  Bias & fairness testing       │
│  ✓  Section 6  Lifecycle management          │
│  ✓  Section 7  Explainability  (Art. 13)     │
│  ✓  Section 8  Human oversight (Art. 14)     │
│                                              │
│  Explainability Grade:  A  (F1 = 0.89)       │
│  Risk class:  High-risk  (Article 6)         │
│  Circuit F1:  0.89  — FAITHFUL               │
└──────────────────────────────────────────────┘

Exported:  annex_iv_evidence.zip  (4 files)
Model card pushed  →  HuggingFace Hub ✓
EU AI Act

Full Annex IV coverage.
Every article mapped.

Glassbox covers every section of Annex IV and the key transparency and oversight articles of EU Regulation 2024/1689. Nothing left to manual documentation.

Article 9
Risk Management System
Circuit analysis identifies and quantifies risks. Attribution patching provides causal, mathematically rigorous evidence for the risk register.
Covered
Article 10
Data & Data Governance
BiasAnalyzer and SAE feature attribution document training data provenance and bias sources per Art. 10(2)(f) and Art. 10(5).
Covered
Article 11
Technical Documentation
Full Annex IV 8-section evidence vault generated in one call. JSON + HTML output ready for submission to a notified body or regulator.
Covered
Article 13
Transparency & Explainability
NaturalLanguageExplainer produces plain English summaries with article citations. Explainability grades A–F for non-technical stakeholders.
Covered
Article 14
Human Oversight
Steering vector exports and controllability proofs provide mathematical evidence of human override capability for high-risk systems.
Covered
Article 15
Accuracy & Robustness
Faithfulness F1 score and stability_suite() provide quantitative accuracy and robustness metrics required by Art. 15(1).
Covered
Article 72
Post-Market Monitoring
CircuitDiff compares model versions mechanistically. CI/CD integration auto-flags compliance drift after any fine-tuning or model update.
Covered
Annex IV
All 8 Documentation Sections
The only open-source tool that generates the complete Annex IV package automatically. Every section, every field, regulator-ready.
Covered
Pricing

Start free. Scale when ready.

The core engine is MIT licensed and free forever. Enterprise support and custom integrations for regulated industries.

Open Source
Everything you need for EU AI Act compliance. Full source code. No restrictions.
Free
Forever. MIT License.
  • Full Annex IV documentation automation
  • Circuit analysis & attribution patching
  • Multi-agent audit & steering vectors
  • HuggingFace Hub & MLflow integration
  • Slack & Teams alerts, GitHub Actions CI gate
  • Community support via GitHub Issues
Get started free
Enterprise
Enterprise
For teams deploying high-risk AI in regulated industries — finance, healthcare, legal, HR.
Custom
Annual contract. Volume pricing.
  • Everything in Open Source
  • Priority support & SLA guarantee
  • Custom integrations & on-prem Docker deployment
  • Audit-ready packages for notified bodies
  • Dedicated compliance engineer
  • BSL 1.1 commercial license (→ Apache 2.0 in 2036)
Contact sales

August 2026 is
closer than you think.

The EU AI Act enforcement deadline is August 2, 2026. Every high-risk AI system needs complete Annex IV documentation. Start generating it today — in five minutes.

Try live demo View on GitHub
pip install glassbox-mech-interp
Live Demo

Analyze any LLM circuit right now

Paste a prompt. Get attribution scores, circuit heads, and a compliance grade — in under 3 seconds.