Developer Documentation

Integrate EU AI Act compliance checks into your application in under 10 minutes.

Base URL: https://sentinel-api.sentinel-moxo.workers.dev

Quickstart

Send a POST request with your manifest JSON and API key:

cURL
curl -X POST https://sentinel-api.sentinel-moxo.workers.dev \
  -H "Authorization: Bearer sntl_live_YOUR_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "app_name": "hr-cv-screener",
    "version": "2.0.0",
    "risk_category": "High",
    "declared_flags": [
      "human_oversight_enabled",
      "bias_assessment_performed",
      "conformity_assessment_completed"
    ]
  }'

Authentication

All requests require a Bearer token in the Authorization header.

HTTP
Authorization: Bearer sntl_live_YOUR_API_KEY

Missing key → 401. Rate limit exceeded (60 RPM) → 429.

Data Contract

The request body must be a valid JSON object:

JSON
{
  "app_name":       string    // required
  "version":        string    // required — "1.0.0"
  "risk_category":  string    // required — "Minimal"|"Limited"|"High"|"Unacceptable"
  "app_description":string    // optional — used by AI fallback
  "declared_flags": string[]  // optional
  "fallback_ai_verification": boolean // optional
}

Declared Flags Reference

Required flags (High-risk AI)

Flag	Article	Description
`human_oversight_enabled`	Art. 14	System allows human monitoring
`human_interrupt_capability`	Art. 14	Human can override/stop the system
`bias_assessment_performed`	Art. 10	Training data bias was assessed
`data_governance_policy_documented`	Art. 10	Data management policy documented
`user_notification_ai_interaction`	Art. 13	Users informed they interact with AI
`transparency_disclosure_provided`	Art. 13	AI capabilities/limitations disclosed
`explainability_mechanism_present`	Art. 14	Decisions can be explained
`conformity_assessment_completed`	Art. 22	Third-party conformity assessment done

Forbidden flags (Art. 5 — always blocked)

Flag	Why forbidden
`subliminal_techniques`	Manipulation below conscious awareness
`social_scoring`	Scoring citizens based on behavior
`realtime_biometric_public_space`	Live biometric ID in public areas
`emotion_recognition_workplace`	Emotion detection at work
`citizen_trustworthiness_ranking`	Evaluating citizens for state purposes

Verdict Reference

Verdict	HTTP	Meaning	Action
COMPLIANT	200	Passed all rules	✅ Ship it
COMPLIANT_VIA_AI_REVIEW	200	AI confirmed (≥90%)	✅ Ship it
NON_COMPLIANT	200	Art. 5 violation	❌ Block deploy
HUMAN_INTERVENTION_REQUIRED	200	AI confidence <90%	⚠️ Legal review

Node.js

JavaScript
const response = await fetch('https://sentinel-api.sentinel-moxo.workers.dev', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${process.env.SENTINEL_API_KEY}`,
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({
    app_name: 'my-ai-app',
    version: '1.0.0',
    risk_category: 'High',
    declared_flags: ['human_oversight_enabled']
  })
});

const { verdict } = await response.json();
if (verdict === 'NON_COMPLIANT') throw new Error('Compliance check failed');

Python

Python
import requests, os

response = requests.post(
    'https://sentinel-api.sentinel-moxo.workers.dev',
    headers={'Authorization': f"Bearer {os.environ['SENTINEL_API_KEY']}"},
    json={
        'app_name': 'my-ai-app', 'version': '1.0.0',
        'risk_category': 'High',
        'declared_flags': ['human_oversight_enabled']
    }
)
assert response.json()['verdict'] == 'COMPLIANT'

CLI (Offline)

Zero network calls — runs the EU AI Act ruleset locally via WASM:

bash
# Install once
npm install -g @radu_api/sentinel-scan

# Audit offline
sentinel-scan ./manifest.json

# CI/CD integration (exit 0 = COMPLIANT, exit 1 = NON_COMPLIANT)
sentinel-scan ./manifest.json && kubectl apply -f deployment.yaml

Ready to integrate? — Get your API key ($99/month) →