PR Compliance Manifest

AI Pull Request Manifest & Risk

Every AI-generated pull request ships with a hidden markdown manifest: triggering prompt, business intent, hazard report, regulatory citations and a tamper-proof signed audit chain.

AI Risk Score

/ 100

Weighted across 3 open AI pull requests

Open vulnerabilities

2 critical · 3 high · 2 medium

-23%vs last 7d

Policy drift events

HIPAA transport policy updated 2d ago

+1vs last 7d

Median remediation

3h 12m

From flag to merge-block clear

-41mvs last 7d

#4821

Manifest attached

acme/payments-api· 8 min ago

feat(billing): add Stripe PaymentIntent webhook with AES-256 vault write

PCI-DSS 3.4

PCI-DSS 4.1

SOC 2 CC6.1

0x9a3f…b71d vibe-shield-signer/ed25519ai-agent · reviewed by m.chen

Risk

#4820

Manifest attached

acme/health-platform· 27 min ago

feat(patients): vitals ingestion endpoint for wearable sync

HIPAA §164.312(a)(2)(iv)

HIPAA §164.312(b)

0x7b12…01ef vibe-shield-signer/ed25519ai-agent

Risk

#4819

Merge blocked

acme/admin-console· 1 h ago

chore(internal): admin tool — bulk export users to CSV

GDPR Art. 32

SOC 2 CC6.7

0x4e21…aa08 vibe-shield-signer/ed25519ai-agent

Risk