assess_trust_principles
Audit an AI system against SOC 2 Trust Service Criteria for compliance with Security, Availability, Processing Integrity, Confidentiality, and Privacy principles. Returns per-principle status with AI-specific findings.
Instructions
Audit an AI system against the 5 SOC 2 Trust Service Criteria: Security (Common Criteria), Availability, Processing Integrity, Confidentiality, and Privacy. Returns compliance status per principle with AI-specific findings.
Args: system_description: Description of the AI system or service being assessed principles_in_scope: Which principles to assess (default all 5): ["CC", "A", "PI", "C", "P"] controls_implemented: Dict mapping criteria series to implemented controls, e.g. {"CC6": ["CC6.1", "CC6.2"]} caller: Caller identifier for rate limiting tier: Access tier (free/pro)
Behavior: This tool is read-only and stateless — it produces analysis output without modifying any external systems, databases, or files. Safe to call repeatedly with identical inputs (idempotent). Free tier: 10/day rate limit. Pro tier: unlimited. No authentication required for basic usage.
When to use: Use this tool when you need to assess, audit, or verify compliance requirements. Ideal for gap analysis, readiness checks, and generating compliance documentation.
When NOT to use: Do not use as a substitute for qualified legal counsel. This tool provides technical compliance guidance, not legal advice.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| tier | No | free | |
| caller | No | anonymous | |
| api_key | No | ||
| system_description | Yes | ||
| principles_in_scope | No | ||
| controls_implemented | No |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |