The framework for AI compliance
that regulated industries can actually use.
SKI, Sovereign Knowledge Intelligence, was built from first principles by engineers who spent years watching AI adoption stall inside compliance functions across oil & gas, financial services, defence, and critical infrastructure. Not because of a lack of AI capability. Because of a lack of trust.
Why SKI exists
Every compliance function in every regulated industry faces the same tension: the regulatory burden grows faster than the human capacity to monitor it. AI can close that gap. But regulated industries can't deploy AI that's opaque, that phones home, or that might miss a breach without saying so.
SKI resolves this by making verifiability architectural, not a feature that can be turned off, and not a policy promise that has to be trusted. Every verdict traces to a named regulation. Every transcript is signed before it's stored. Every conclusion is independently cross-checked by a deterministic algorithm. Every deployment is proven sovereign by a CI rig that boots the full runtime with no network access.
The result is an AI compliance monitoring system that an operator can deploy with confidence, that a regulator can audit directly, and that a compliance officer can explain to a board.
Design principles
Sovereignty is architectural, not policy
SKI's zero-outbound guarantee is enforced by a CI rig that boots the full production runtime inside --network=none and verifies verdicts from inside the gap. "We promise not to call home" is not a constraint. A rig that boots and proves it doesn't is.
Every verdict must be replayable
Six hash anchors in every envelope: model weight hash, KG version hash, prompt template ID and hash, decoder seed, structured grammar hash. Any auditor with the same components can reconstruct the exact evaluation and verify its authenticity. Audit is not a claim; it's a capability.
Two independent examiners, not one
The LLM and the Symbolic Verifier reach their conclusions separately. The Symbolic Verifier is a deterministic algorithm; it cannot be charmed, confused, or hallucinated at. If they disagree, a human decides. This is the only architecture where you can trust the CLEAR verdicts as much as the FLAGs.
Human authority is preserved
SKI is a passive observer. It has no write path to operational systems. The DISCRETIONARY verdict type explicitly preserves human authority for ambiguous cases. The AI augments expert judgment; it doesn't replace it and it doesn't act on anything.
Measured, not asserted
SKI ships its own adversarial evaluation suite and publishes every run, including the failures. Accuracy numbers are never claimed without a methodology, a dataset, a run log, and the actual results. Invariants like "zero silent clears" are measured across all published runs, not asserted by marketing.
Open source by conviction
The specification (CC BY 4.0) and the implementation (Apache 2.0) are fully open. Regulated industries cannot deploy black-box compliance monitoring. Openness is not a go-to-market strategy; it's the only architecture that allows an auditor to verify what the system actually does.
The project
SKI Framework is an open-source project built by KpiFinity Inc., a technology company based in Calgary, Alberta, focused on AI-driven compliance infrastructure for the energy sector and beyond.
The framework is in active development. v3.0.3 is the current stable release. v3.1.0-beta.1 completes the eval loop, adds the air-gapped boot rig (Level 3 6/6 conformance), and publishes the EU AI Act crosswalk ahead of the 2 August 2026 applicability date.
Contributing
SKI is open source under Apache 2.0 (software) and CC BY 4.0 (specification). Contributions are welcome, especially domain expert review of Knowledge Graph content, conformance test cases, sector-specific regulatory crosswalks, and LLM backend integrations.
Start with SUPPORT.md ↗ for the contribution workflow and SECURITY.md ↗ for responsible disclosure. For sector pilot partnerships and enterprise engagements, write to hello@skiframework.org.
Sector pilots and enterprise engagements
If you are evaluating SKI for deployment in a regulated environment, we want to hear from you. Current pilot focus areas include oil and gas emissions monitoring, financial services model governance, and critical infrastructure compliance in air-gapped environments.
A pilot engagement typically looks like: a scoped regulatory domain (one regulation, one operational data type), a read-only sidecar connection to your data source or a file-based feed, a KG authored with your domain experts against your specific regulatory obligation, and a structured evaluation against your own historical data. Timeline from first call to first verdict is typically two to four weeks.
Write to hello@skiframework.org with a brief description of your sector, regulatory scope, and what you are trying to prove. We will respond within two business days.
Privacy
This website collects no personal data, sets no cookies, and runs no analytics. The only outbound connection your browser makes when loading this page is to Bunny Fonts to load the typeface. Bunny Fonts is a GDPR-compliant font delivery network that does not log IP addresses or use tracking cookies.
There is no marketing pixel, no session recording, no A/B testing framework, and no third-party script of any kind. The source of this site is public at kpifinity/ski-framework ↗.
© 2026 KpiFinity Inc., Calgary, Alberta. Specification under CC BY 4.0; software under Apache 2.0.
"SKI Framework", "Sovereign Knowledge Intelligence", and "SKI Conformant" are trademarks of KpiFinity Inc. See Trademark Policy ↗ for permitted use.
Not legal, regulatory, or compliance advice. The SKI Framework is a technical specification and implementation. Consult qualified legal and regulatory counsel for compliance obligations specific to your deployment.