Documentation Index
Fetch the complete documentation index at: https://docs.complior.ai/llms.txt
Use this file to discover all available pages before exploring further.
Every scan produces two independent scores, each computed across multiple frameworks.
Dual scores
| Score | Source | Frameworks | Scale |
|---|
| Compliance Score | Code analysis against regulations | EU AI Act, AIUC-1, ISO 42001 | 0–100 (A–F) |
| Security Score | Attack surface analysis | OWASP LLM Top 10, MITRE ATLAS | 0–100 (A–F) |
Grade scale
| Grade | Score Range | Meaning |
|---|
| A | 90–100 | Excellent — audit-ready |
| B | 80–89 | Good — minor improvements needed |
| C | 70–79 | Acceptable — significant gaps remain |
| D | 60–69 | Poor — major compliance work needed |
| F | 0–59 | Failing — critical issues |
Critical caps
Certain categories cap the maximum achievable score:
- Prohibited practices = 0 → max overall score: 29
- Transparency = 0 → max overall score: 49
- No passport → max overall score: 69
Multi-framework scoring
Configure which frameworks to score against in .complior/config.toml:
frameworks = ["eu-ai-act", "aiuc-1", "owasp-llm", "mitre-atlas"]
["eu-ai-act"].
Info findings
Findings with severity info are excluded from scoring. They appear in scan output as recommendations (e.g., “bare LLM API call detected — consider @complior/sdk”) but do not reduce your compliance score. Only fail findings count toward scoring.
Score composition
Scores are computed in 3 layers:
| Layer | What | Example |
|---|
| Foundation metrics | Scan results, passport presence, evidence, docs, adversarial tests | passport-presence: +5, no-disclosure: -8 |
| Per-framework scores | Weighted by framework-specific rules | EU AI Act weights Art.5 highest |
| Economic indicators | Compliance debt, estimated cost, deadline risk | 45 days to deadline, €12K estimated cost |
