πŸ•ΈοΈ Ada Research Browser

README.md
Homeβ€ΊResearch Reportsβ€ΊREADME.md
← Back

Sample PDF Audit Reports

These are real PDF audit reports generated by the NeoXFortress Agent Accountability Engine (AAE) from the four demo receipts in this repository.

Each PDF is a CMMC-ready audit artifact that a C3PAO assessor or compliance officer can review to understand what an AI agent did, what data it touched, and whether it operated within policy.

Downloads

Scenario Verdict Download
RFP Intelligence Agent β€” happy path, CUI detected and contained, human approved βœ… COMPLIANT sample-01-compliant-rfp-summarization.pdf
Contract Drafting Agent β€” ITAR/CUI exfiltration to external Slack blocked ❌ NON-COMPLIANT sample-02-non-compliant-cui-blocked.pdf
DFARS Compliance Advisor β€” human reviewer rejected hallucinated output ⚠️ REVIEW REQUIRED sample-03-review-required-human-rejected.pdf
Vendor Onboarding Agent β€” receipt revoked due to key compromise πŸ”’ REVOKED sample-04-revoked-receipt.pdf

What's in Each Report

Every report contains 9 sections:

  1. Receipt Identification β€” receipt ID, agent, operator, org, verdict badge
  2. Executive Summary β€” plain-English summary for non-technical reviewers
  3. Compliance Verdict β€” framework, active controls, violated controls, risk score
  4. Execution Timeline β€” step-by-step table: type, description, status, duration
  5. CUI Flow & Data Protection β€” classification, handling action, boundary crossings
  6. Human Oversight Record β€” reviewer ID, decision, notes, timestamp
  7. Integrity Verification β€” hash chain status, HMAC signature, independent verification instructions
  8. Policy Snapshot β€” policy ID/version active at time of execution
  9. Agent Provenance β€” deployment fingerprint, operator, execution timestamps

Independent Verification

Any party can verify the underlying receipt independently:

pip install neox-verify
neox verify examples/demo-receipt.json

The PDF is derived from the receipt JSON. The receipt is the authoritative artifact.

PDF reports are generated by the NeoXFortress Agent Accountability Engine (AAE) β€” enterprise, self-hosted, CMMC-grade.
Contact neoxfortress.com/contact for licensing.