AC-6 Agent Audit — Agent Chain Docs

📋 AC-6 · Agent Audit

Compliance scoring against EU AI Act, NIST AI RMF, ISO 42001, SOC 2, and OWASP LLM Top 10

Overview

Agent Audit runs automated compliance checks against 5 major frameworks. Each audit produces a score (0–100) with detailed findings, evidence requirements, and remediation guidance.

Supported Frameworks

Framework	Controls	Focus Area
EU AI Act	48 requirements	Risk classification, transparency, human oversight
NIST AI RMF	42 subcategories	Govern, Map, Measure, Manage
ISO 42001	38 controls	AI management system certification
SOC 2 Type II	55 criteria	Security, availability, processing integrity
OWASP LLM Top 10	10 categories	Prompt injection, insecure output, supply chain

API Endpoints

Free

Method	Endpoint	Description	Auth
GET	`/v1/audit/frameworks`	List compliance frameworks	🔓 Free
GET	`/v1/audit/frameworks/:id`	Framework details	🔓 Free

Billable

Method	Endpoint	Description	Auth
POST	`/v1/audit/run`	Run a compliance audit	🔑
GET	`/v1/audit/history`	Get audit history	🔑
GET	`/v1/audit/runs/:id`	Get audit run details	🔑
POST	`/v1/audit/runs/:id/evidence`	Submit manual evidence	🔑
POST	`/v1/audit/schedules`	Create recurring audit schedule	🔑
GET	`/v1/audit/schedules`	List audit schedules	🔑
DELETE	`/v1/audit/schedules/:id`	Delete audit schedule	🔑

Quick Start

const audit = await ac.audit.run({ agentId: 'abc123', frameworks: ['eu-ai-act', 'owasp-llm'], evidence: { hasHumanOversight: true, dataRetentionDays: 30, incidentResponsePlan: true } }); // audit.scores = { 'eu-ai-act': 91, 'owasp-llm': 58 } // audit.findings = [{ severity: 'high', control: 'LLM01', ... }]