AegisLabs · Personal project

Verifiable AI governance for NIST AI RMF, the EU AI Act, and OWASP LLM.

An enterprise-focused AI governance intelligence system. Engineers, compliance teams, product managers, and governance specialists get accurate, verifiable answers grounded in original framework text. Every claim ships with verbatim citations. The system abstains when evidence is insufficient.

Status

Prototype, deploying soon

Domain
Enterprise AI governance intelligence
Stack
RAG · Vector search · Citation validation · Risk classification · LLM eval · Python · Next.js
Frameworks covered
NIST AI Risk Management Framework · EU AI Act · OWASP LLM Top 10

Grounded in three governance frameworks

NIST AI Risk Management FrameworkEU AI ActOWASP LLM Top 10

Core surfaces

Two purpose-built ways to use the system.

Surface · 01

Ask

Governance Q&A grounded in source text.

Plain-English questions return concise answers backed by verbatim quotes, article references, and direct source traceability. Honest abstention when evidence is insufficient.

  • Verbatim source quotes
  • Article and control references
  • Confidence-aware responses
  • Direct source traceability

Surface · 02

Assess

Structured AI risk and governance reports.

Describe a use case — model type, data sensitivity, user impact, autonomy, oversight, deployment context — and receive a full assessment.

  • Risk classification (Low / Medium / High)
  • Applicable governance controls
  • Framework-specific obligations
  • Recommended mitigation steps
  • Evidence-backed reasoning with citations

Design principles

Three rules the system holds to.

01 · Principle

Verifiability over confidence

Every answer is grounded in actual framework text rather than unsupported model assumptions. Traceability and source verification beat polished AI summaries.

02 · Principle

Citation validation pipeline

Every quoted citation is matched against the original source document word-for-word before it reaches the user.

03 · Principle

Safe failure behavior

If retrieval evidence is insufficient, the platform abstains from answering instead of fabricating information.

Technical highlights

What's under the hood.

  • Retrieval-Augmented Generation (RAG)
  • Vector search and semantic retrieval
  • Citation-grounded answer generation
  • Verification and hallucination mitigation pipeline
  • Risk classification workflows
  • Governance mapping engine
  • Evaluation and retrieval testing suite
  • End-to-end AI governance assessment workflow

Skills demonstrated

What this project shows.

  • AI Systems Architecture
  • GenAI Engineering
  • Retrieval-Augmented Generation (RAG)
  • AI Governance & Responsible AI
  • AI Risk Management
  • AI Security Concepts
  • Enterprise AI Solution Design
  • LLM Evaluation & Verification
  • Prompt Engineering
  • Full-Stack AI Product Thinking

Project vision

Trustworthy, verifiable, and transparent AI for high-stakes work.

AegisLabs is a focused enterprise AI governance platform showing how AI systems can give trustworthy guidance for compliance and governance workflows. It reflects a broader interest in enterprise-ready AI that balances innovation with traceability and responsible practice.