Security News
Frontier AI Is Now Critical Infrastructure
The Fable shutdown shows how quickly model access can become a business continuity risk for AI-dependent engineering teams.
By Sarah Gooding - Jun 24, 2026
🚀 Socket Launch Week Day 5:Introducing Repository Access Permissions and Custom Roles.Learn more →
@euconform/core
Advanced tools
@euconform/core
Core engine for EU AI Act compliance, risk classification, and fairness metrics.
@euconform/core
Core engine for EU AI Act compliance, risk classification, and fairness metrics.
Installation
npm install @euconform/core
# or
pnpm add @euconform/core
Features
- 🎯 Risk Classification – Implements EU AI Act Article 5 (prohibited), Article 6 + Annex III (high-risk)
- 📊 Bias Detection – CrowS-Pairs methodology (CC BY-SA 4.0) with log-probability analysis
- 📄 Report Generation – Annex IV-compliant technical documentation
- 🔒 Privacy-First – All processing happens client-side
Usage
Risk Classification
import { RiskEngine, type RiskClassification } from "@euconform/core";
const engine = new RiskEngine();
const result: RiskClassification = engine.classify({
useCase: "hiring-automation",
dataTypes: ["biometric", "personal"],
autonomyLevel: "high",
});
console.log(result.riskLevel); // "high-risk" | "limited-risk" | "minimal-risk" | "prohibited"
console.log(result.articles); // ["Article 6", "Annex III.4"]
Bias Testing (CrowS-Pairs)
import { calculateCrowsPairsBias } from "@euconform/core";
const result = await calculateCrowsPairsBias({
dataset: crowsPairsData,
engine: inferenceEngine,
onProgress: (progress) => console.log(`${progress}% complete`),
});
console.log(result.overallBias); // 0.0 - 1.0 (0 = no bias)
console.log(result.categoryResults); // Bias breakdown by category
Annex IV Report Generation
import { generateAnnexIVReport } from "@euconform/core";
const report = generateAnnexIVReport({
systemName: "My AI System",
provider: "My Company",
riskClassification: riskResult,
biasResults: biasResult,
version: "1.0.0",
});
API Reference
Risk Engine
| Method | Description |
|---|---|
classify(input) | Classify AI system risk level |
getApplicableArticles(input) | Get relevant EU AI Act articles |
generateCompliance(input) | Generate compliance checklist |
Fairness Metrics
| Function | Description |
|---|---|
calculateCrowsPairsBias() | CrowS-Pairs bias calculation |
calculateLogProbBias() | Log-probability bias measurement |
validateCrowsPairsDataset() | Validate dataset format |
Report Generation
| Function | Description |
|---|---|
generateAnnexIVReport() | Generate Annex IV documentation |
Legal Disclaimer
⚠️ Important: This package provides technical guidance only. It does not constitute legal advice and does not replace legally binding conformity assessments. Always consult qualified legal professionals for compliance decisions.
License
Dual-licensed under MIT and EUPL-1.2.
Links
FAQs
Core engine for EU AI Act compliance, risk classification, and fairness metrics.
We found that @euconform/core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 27 Apr 2026
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
The Code You Didn't Write Is Still Yours to Defend
AI agents are pulling packages into environments no scanner is watching, creating exposure before security teams can see it.
By Brad Arkin - Jun 23, 2026
Security News
GitHub Actions Checkout Now Blocks Risky pull_request_target Checkouts
GitHub Actions checkout now blocks risky pull_request_target checkouts by default to help prevent pwn request supply chain attacks.
By Sarah Gooding - Jun 20, 2026