Home›Developers›Knowledge Graph

Knowledge Graph

Why regulators
believe the answer.

Every governance decision KoraSafe^™ makes cites the specific paragraph of law, control, or policy that fired. Your auditor gets the chain. Your engineer gets the node. Your CRO gets the defense.

See coverage Request a corpus sample

Cited

Every answer links to a paragraph

No hallucinated law

Traced

Chain from law to decision

Auditor, engineer, CRO

Graph rebuilds when law moves

Diff job watches regulators

Typed

Obligations, controls, precedent

Cross-linked by reference

Query the graph

Ask the law a typed question

Obligations, defined terms, exceptions, controls, precedent, and evidence packs all live on the same graph. Every KoraSafe^™ answer embeds the node ids it cites, so auditors and engineers can click through to the exact clause.

kg.query.graphqlnode.schema.jsondiff.log

# Ask the graph: which obligations apply to a high-risk hiring system?
query HighRiskHiring {
  obligations(
    framework: "eu-ai-act",
    annex: "III",
    system_class: "employment-hiring",
    as_of: "2026-04-18"
  ) {
    node_id          # e.g. eu-ai-act:annex-iii:1b
    text
    defined_terms    { node_id label }
    exceptions       { node_id effective_from }
    controls        { node_id family action_owner }
    precedent       { node_id regulator fine_eur ruling_date }
    evidence_packs  { id signed_at }
  }
}
# Every KoraSafe^™ answer embeds these node_ids in its response. Clickable.

How it works

From law to answered question

Four steps from a new regulation hitting the feed to a Guardian Agent citing it in production. Click to inspect each stage.

Step 01 Ingest Step 02 Normalize Step 03 Cross-link Step 04 Serve

Step 01Typed parsers, not scrapes

Regulator feeds, statute text, guidance, case law.

Daily diff job watches EUR-Lex, Federal Register, state legislature RSS, regulator PDFs, and enforcement dockets. Typed parsers extract the structure (article, paragraph, annex) rather than blind-scraping the text. Every ingest produces a signed change-log entry before the corpus is even touched.

Sources

EUR-Lex · Federal Register · states

Cadence

daily diff job

Parser

typed, versioned

Change log

signed before ingest

Step 02One schema

Obligations, defined terms, exceptions, effective dates.

Every parsed clause maps to a common schema: obligation node, defined-term edges, exception edges, effective_from and effective_until. Versioned; rolling back to yesterday is one query. Signed with an Anthropic-key so external auditors can verify the corpus lineage without a KoraSafe^™ seat.

Schema

obligation + edges

Versioning

append-only

Signing

external verify

Rollback

one query

Step 03Many-to-many

Controls to obligations, precedent to both.

Control nodes connect to the obligations they satisfy. Precedent (AEPD, CNIL, ICO, FTC, Dutch DPA enforcement actions) attaches to both the obligation text it rested on and the specific control it affected. Graph is bidirectional, so agents can reason forward (what must we do?) or backward (which rule does this control satisfy?).

Relation

many-to-many

Direction

bidirectional

Precedent

fine + ruling + industry

Owner

RACI-mapped

Step 04Cited or not answered

Every answer embeds source references agents cite.

Guardian Agents query the graph via a typed API. Every KoraSafe^™ answer embeds the source references it used; renders as a clickable citation in the UI. Hallucination flags answers where grounding drops below 0.85 or where an obligation is cited without its supporting precedent.

Query

Typed API

Citation

clickable · inline

Grounding floor

0.85 default

Flag

Hallucination

What lives inside

The knowledge your agents reason against

Law, control, policy. Click a family to see what your agents cite when they answer, and what your auditor can open in return.

Regulation

Obligations, defined terms, exceptions

obligation · edges

Each clause of a statute, regulation, or binding guidance becomes an obligation node with a stable node_id (e.g. eu-ai-act:art-14:para-4, nist-ai-rmf:govern-1.5:sub-a). Definitions and exceptions attach as typed edges so agents can reason about scope without re-parsing the original text. Every node carries effective_from, effective_until, and a link to the source PDF or official register entry.

Node type

Obligation

Edges

defined_term · exception

ID format

framework:clause:sub

Time

effective_from + until

EU AI ActGDPRNIST AI RMFISO 42001SR 11-7State laws

Control

What a company must actually do

operational action

Control nodes encode the operational action ("document training data provenance", "maintain human oversight on high-risk decisions"). A single obligation maps to many controls, and a single control often satisfies multiple obligations, so the graph is many-to-many and bidirectional. Each control carries an action_owner role (RACI-mapped) and a default evidence-pack template.

Node type

Control

Cardinality

many-to-many

Owner

RACI-mapped role

Evidence

default pack template

DocumentationMonitoringHuman oversightLoggingTestingReview

Precedent

Enforcement actions, fines, rulings

AEPD · CNIL · ICO · FTC · DPA

Every enforcement action links to the obligations it rested on, the fine amount in native currency and EUR, the ruling date, and the affected industry code. Useful when agents need to weigh interpretation, not just text; Hallucination flags answers that cite a text obligation without a supporting precedent where one exists.

Node type

Precedent

Regulator

AEPD · CNIL · ICO · FTC

Fine

native + EUR

Industry

NAICS code

BindingInterpretiveSettlementRuling

What makes it safe

Cited or not answered

Default

Grounded answers only

Every KoraSafe^™ answer embeds the node ids it used
Missing or stale nodes trigger the Hallucination
Agents fall back to Tier 1 (advise) when grounding is weak
Citations rendered inline in the web UI and SDK responses

Never

What will not happen

Policy decisions based on uncited training knowledge
Silent ingests without human review
Graph edits without a diff trail
Partial answers without a clear "unknown" marker

Change feed

What changed, and when

Apr 16

EU AI Act Annex III v1.2 ingested

Added five high-risk system categories. Eleven controls updated.

Apr 11

Colorado SB 205 section 3 revised

Effective date clarified. Policy pack regenerated automatically.

Apr 07

ISO 42001 control set refreshed

Seven new control mappings published.