Cyberency/nexcyber.eu
GitHub: Cyberency/nexcyber.eu
面向欧盟CRA、NIS2、AI法案、RED等法规的智能合规分析与知识检索平台,结合规则引擎和LLM实现合规适用性判断与自然语言问答。
Stars: 1 | Forks: 0
# NEXCYBEREU — RICE 平台
## 结构
```
6QURE NEXCYBER.EU/
├── .claude/ # Contextes Claude (dev uniquement)
│ ├── CONTEXT_REGULATORY.md
│ ├── CONTEXT_STACK.md
│ ├── CONTEXT_GOLDSTANDARD.md
│ └── CONTEXT_SECURITY.md
├── docs/specs/ # SPEC-XXX fonctionnelles
├── docs/design/ # Architecture, schémas DB
├── docs/regulatory/ # Sources réglementaires annotées
├── docs/decisions/ # Voir DECISIONS.md
├── backend/ # FastAPI Python 3.11+
│ ├── api/routes/ # Endpoints par domaine
│ ├── api/middleware/ # Auth, rate limit, logging
│ ├── core/ # rule_engine.py, applicability.py, penalty_calc.py
│ ├── rules/ # SOURCE DE VÉRITÉ — cra/ nis2/ ai_act/ red/
│ ├── rag/ # retriever.py, context_optimizer.py
│ ├── embeddings/ # Scripts offline uniquement
│ ├── models/ # Pydantic schemas
│ ├── db/migrations/ # Alembic
│ ├── config/ # Settings, model routing
│ └── prompts/ # Prompts LLM par tâche
├── frontend/ # Next.js 14 + Tailwind App Router
├── tests/
│ ├── unit/
│ ├── integration/
│ ├── gold_standard/ # 10 cas bloquants CI
│ └── security/
├── scripts/ # embed, migrate, seed
├── data/embeddings/ # Vecteurs .npy (gitignore)
├── data/raw_regulations/ # PDFs sources (gitignore)
├── CLAUDE.md # System prompt condensé
└── DECISIONS.md # Journal décisions architecture
```
## Git 远程仓库
- Gitea 本地 : http://192.168.1.146:8418/giteadmin/NEXCYBEREU.git
- GitHub 镜像: https://github.com/Cyberency/nexcyber.eu.git
## 设置
```
cd backend
python -m venv venv && venv\Scripts\activate
pip install -r requirements.txt
copy .env.example .env
alembic upgrade head
python scripts/generate_embeddings.py
uvicorn main:app --reload --port 8000
```
## 测试
```
pytest tests/ -v
pytest tests/gold_standard/ -v --tb=short
bandit -r backend/ -ll
```
## 开发规则
1. 监管逻辑 → backend/rules/ 中的 JSON,绝不要用 Python
2. 新 endpoint → 检查清单 .claude/CONTEXT_SECURITY.md
3. PR → gold standard 必须全部通过
4. LLM = 仅限自然语言问答
标签:AI法案, AV绕过, C2, EU CRA, FastAPI, NIS2指令, Python, RAG检索增强生成, RED指令, 云计算, 人工智能, 企业合规, 合规引擎, 合规自动化, 向量数据库, 安全规则引擎, 无后门, 法律科技, 用户模式Hook绕过, 监管科技, 知识管理, 网络安全, 网络安全法规, 规则引擎, 逆向工具, 隐私保护