`sei` CLI reference
sei is the Risk-Driven Development (RDD) CLI for high-risk AI systems. RDD is an established software-engineering term (Boehm, Fairbanks) that Venturalítica specializes for AI regulatory risk treatment (see lineage). Every subcommand operates on a git repository (flag --repo, default is the working directory .). Subcommands that write artifacts sign them with ECDSA-P256+DSSE (pluggable signer: local or Scaleway KMS, per SEI_SIGNING_BACKEND) before writing them to .sei/. There are 16 subcommands: init, run, status, verify, pubkey, compile, reconstruct, assess, soa, conformance, impact, request, approve, review, reject, and retire.
sei init
Section titled “sei init”Creates the project skeleton inside a git repository: generates the .sei/ directory and the sei.yaml manifest (with the risk section of the assurance program), if they do not already exist.
| Flag | Type | Default | Description |
|---|---|---|---|
--repo | path | . | Path to the git repository to operate on. |
What it writes
Section titled “What it writes”sei.yaml— system manifest (if it did not exist)..sei/— signed-artifact directory (if it did not exist).
Example
Section titled “Example”sei init --repo /path/to/projectsei run
Section titled “sei run”Runs the full pipeline (steps P1–P11) with drift detection: recomputes only the sections marked stale against sei.lock, anchors the result, and signs the evidence bundle.
The risk gate determines the exit code: if any blocking control fails, sei run returns exit ≠ 0 even though the evidence is still anchored and signed.
| Flag | Type | Default | Description |
|---|---|---|---|
--repo | path | . | Path to the git repository to operate on. |
What it writes
Section titled “What it writes”.sei/bundle.json— signed evidence bundle (ECDSA-P256+DSSE)..sei/bundle.json.sig— DSSE signature of the bundle.sei.lock— freshness anchor (hashes of pipeline sections).
Normative relevance
Section titled “Normative relevance”The risk gate implements the continuous monitoring requirement of EU AI Act Art. 9 and the treatment loop of ISO 23894 §6.5.
Example
Section titled “Example”sei runsei status
Section titled “sei status”Detects drift against sei.lock and evaluates the state of gate controls without recomputing. Returns exit 0 if the system is up-to-date and conformant; exit ≠ 0 on drift or failing blocking controls.
Use it as a CI/CD gate with no recomputation cost.
| Flag | Type | Default | Description |
|---|---|---|---|
--repo | path | . | Path to the git repository to operate on. |
What it returns
Section titled “What it returns”- Prints the drifted sections and failing controls.
- Exit 0 = freshness ✓ + conformance ✓; exit ≠ 0 if either fails.
Example
Section titled “Example”sei statussei verify
Section titled “sei verify”Verifies the ECDSA-P256+DSSE signature of the evidence bundle (.sei/bundle.json). Guarantees the bundle has not been altered since the last sei run.
| Flag | Type | Default | Description |
|---|---|---|---|
--repo | path | . | Path to the git repository to operate on. |
What it returns
Section titled “What it returns”- Prints
firma VÁLIDA(valid signature) and exit 0, orfirma INVÁLIDA(invalid signature) and exit ≠ 0. - Fails if the bundle or signature does not exist (indicates
sei runhas not been executed).
Example
Section titled “Example”sei verifysei pubkey
Section titled “sei pubkey”Prints the configured engine signer’s public key (ECDSA-P256, uncompressed SEC1 format, 65 bytes in hexadecimal). The customer exports it and registers it in the cloud (the connection’s signerPubkey field) so the cloud can verify their signed evidence (per-connection verification).
What it returns
Section titled “What it returns”- The public key in hexadecimal (130 characters,
04prefix) on standard output. - Honors the signer configured by
SEI_SIGNING_BACKEND(localorscaleway-kms).
Example
Section titled “Example”sei pubkey# 0477b3dc…c60sei compile
Section titled “sei compile”Compiles the assurance program (Art. 9) declared in the risk section of sei.yaml and generates the corresponding oscal.assessment_plan. This plan is the formal gate contract: it defines which controls are measured and under what conditions.
Also emits advisory warnings about the control hierarchy (prEN 18228 cl. 9.1.2): does not block compilation, but flags controls without a declared hierarchy level.
| Flag | Type | Default | Description |
|---|---|---|---|
--repo | path | . | Path to the git repository to operate on. |
What it writes
Section titled “What it writes”- The file declared in
oscal.assessment_plan(OSCAL assessment plan).
Normative relevance
Section titled “Normative relevance”EU AI Act Art. 9 (risk management system); ISO 23894 §6.4 (assessment planning).
Example
Section titled “Example”sei compilesei reconstruct
Section titled “sei reconstruct”Reconstructs the ISO 23894 risk treatment cycle per risk by replaying the git history of the evidence bundle (.sei/bundle.json). The process is deterministic and requires no language model.
For each risk, the report traverses five phases: ① identification (commit that introduced the risk into the AssuranceProgram), ② analysis (likelihood × impact → inherent level), ③ evaluation (vs. risk appetite), ④ treatment (empirical FAIL→PASS arc per commit), ⑤ residual risk (ISO cycle: CLOSED / OPEN / DISCREPANCY / ACCEPTED).
Also reports the most recent management approval (ISO 42001 §6.1.3) and the treatment priority order (ISO 42001 §6.1.2e2).
| Flag | Type | Default | Description |
|---|---|---|---|
--repo | path | . | Path to the git repository to operate on. |
--out | bool | false | If specified, writes .sei/reconstruct.json (+ .sig) in addition to printing to stdout. |
What it writes (with --out)
Section titled “What it writes (with --out)”.sei/reconstruct.json— structured signed report (ECDSA-P256+DSSE)..sei/reconstruct.json.sig— DSSE signature.
Normative relevance
Section titled “Normative relevance”ISO 23894 §6.4.2 (identification), §6.4.3 (analysis), §6.4.4 (evaluation), §6.5 (treatment and residual); ISO 42001 §6.1.2–6.1.3.
Example
Section titled “Example”sei reconstruct --outsei assess
Section titled “sei assess”Runs the KAG (Knowledge Assessment Graph) and proposes risks that are not yet declared in the AssuranceProgram (the “growth backlog” of the living register, ISO 23894 §6.4.2). Output is advisory: it does not block any gate. The human reviews the proposals, curates them, and commits them to the AssuranceProgram; the commit is the dated and attributable identification act.
sei run and sei status also emit a non-blocking advisory to stderr when the KAG detects pending risks.
| Flag | Type | Default | Description |
|---|---|---|---|
--repo | path | . | Path to the git repository to operate on. |
What it returns
Section titled “What it returns”- Lists proposed risks with their id and title, or confirms the register is up to date.
- Exit 0 always (advisory).
Normative relevance
Section titled “Normative relevance”ISO 23894 §6.4.2 (risk identification); EU AI Act Art. 9 (continuous risk management system).
Example
Section titled “Example”sei assesssei soa
Section titled “sei soa”Generates the Statement of Applicability (SoA — ISO/IEC 42001 §6.1.3 b/c/f). Crosses the ISO/IEC 42001:2023 Annex A catalog against the measures declared in the AssuranceProgram and the latest evidence bundle. Classifies each control as:
- INCLUDED — covered by at least one AssuranceProgram measure (shows implementation status: IMPLEMENTED / PARTIAL / PLANNED / NOT IMPLEMENTED).
- EXCLUDED — explicitly justified decision (§6.1.3f).
- OMITTED — no measure implementing it and no declared exclusion (gap to review).
| Flag | Type | Default | Description |
|---|---|---|---|
--repo | path | . | Path to the git repository to operate on. |
Normative relevance
Section titled “Normative relevance”ISO/IEC 42001:2023 §6.1.3 b/c/f (Statement of Applicability for the AI management system).
Example
Section titled “Example”sei soasei conformance
Section titled “sei conformance”Evaluates per-clause conformance of the signed evidence bundle against a normative standard (prEN 18228 or ISO 23894). Projects the bundle onto the standard’s clause catalog and classifies each clause as COVERED / PARTIAL / GAP, grouped by the standard’s cycle phase.
Without --standard, emits all standards declared in context.applicable_standards of sei.yaml (highest-priority standard first).
| Flag | Type | Default | Description |
|---|---|---|---|
--repo | path | . | Path to the git repository to operate on. |
--standard | string | (all applicable) | Standard id, e.g. eu/pren-18228@2026 or iso/23894@2023. Omit to emit all standards declared in applicable_standards. |
--history | bool | false | Projects conformance on each bundle iteration (evidence commits), not just the current state. |
--out | bool | false | Writes .sei/conformance/<slug>.json (+ .sig) per standard, in addition to printing. |
What it writes (with --out)
Section titled “What it writes (with --out)”.sei/conformance/<slug>.json— signed per-standard conformance report..sei/conformance/<slug>.json.sig— DSSE signature.
Normative relevance
Section titled “Normative relevance”prEN 18228 (CEN/CENELEC JTC 21, risk management EU AI Act Art. 9); ISO 23894 (AI risk management); EU AI Act Art. 9.
Example
Section titled “Example”sei conformance --standard eu/pren-18228@2026 --outsei conformance --historysei impact
Section titled “sei impact”Generates the AI system impact assessment (ISO/IEC 42001 §6.1.4): for each system declared in the AssuranceProgram, lists the intended purpose, decisions made, and affected persons; and analyses reasonably foreseeable misuse (EU AI Act Art. 9(2)(b)), crossing it against the risk register to identify misuse scenarios not addressed by any risk.
Returns exit ≠ 0 only on dangling references: an addressed_by field pointing to a non-existent risk in the register (indicates a broken AssuranceProgram). Unaddressed misuse is flagged but does not block (advisory).
| Flag | Type | Default | Description |
|---|---|---|---|
--repo | path | . | Path to the git repository to operate on. |
Normative relevance
Section titled “Normative relevance”ISO/IEC 42001:2023 §6.1.4 (AI system impact assessment); EU AI Act Art. 9(2)(b) (reasonably foreseeable misuse).
Example
Section titled “Example”sei impactsei request
Section titled “sei request”Records the approval request for the treatment plan as an empty git commit with the Sei-Approval-Requested-by: trailer. The maintainer uses this command to initiate the formal review cycle; the act is attributed and dated by git, and picked up by sei reconstruct.
The typical cycle is: sei request (maintainer) → human review → sei approve (management) or sei reject (management, with reason).
| Flag | Type | Default | Description |
|---|---|---|---|
--repo | path | . | Path to the git repository to operate on. |
--by | string | (required) | Person or role requesting approval, e.g. "Jane Roe <jane@org>". |
What it writes
Section titled “What it writes”An empty git commit with the trailer Sei-Approval-Requested-by: <--by value>.
Normative relevance
Section titled “Normative relevance”ISO/IEC 42001:2023 §6.1.3 (review and approval process for risk treatment).
Example
Section titled “Example”sei request --by "Jane Roe <jane@org>"sei approve
Section titled “sei approve”Records the management approval of the treatment plan and acceptance of the residual risk (ISO/IEC 42001 §6.1.3) as an empty git commit with the Sei-Approved-by: trailer. The act is thus attributed to a person or role, dated by git, and picked up by sei reconstruct.
If sei run is executed after the approval without a subsequent approval, sei reconstruct will mark the approval as STALE.
| Flag | Type | Default | Description |
|---|---|---|---|
--repo | path | . | Path to the git repository to operate on. |
--by | string | (required) | Person or management role approving, e.g. "Jane Roe <jane@org>". |
What it writes
Section titled “What it writes”An empty git commit with the trailer Sei-Approved-by: <--by value>.
Normative relevance
Section titled “Normative relevance”ISO/IEC 42001:2023 §6.1.3 (approval of risk treatment and acceptance of residual risk).
Example
Section titled “Example”sei approve --by "Jane Roe <jane@org>"sei review
Section titled “sei review”Records the periodic risk review (ISO/IEC 23894 §6.6) as an empty git commit with the Sei-Reviewed-by: trailer. A review committed after the approval, with no newer approval, reopens the cycle (the “under periodic review” state) until management re-approves. It covers the TIME leg of the review (the cadence is declared in risk.review_interval of sei.yaml); the “significant change” leg is already covered by the STALE approval marker.
| Flag | Type | Default | Description |
|---|---|---|---|
--repo | path | . | Path to the git repository to operate on. |
--by | string | (required) | Person or role performing the review, e.g. "Jane Roe <jane@org>". |
What it writes
Section titled “What it writes”An empty git commit with the trailer Sei-Reviewed-by: <--by value>.
Normative relevance
Section titled “Normative relevance”ISO/IEC 23894:2023 §6.6 (review and monitoring of the risk management process).
Example
Section titled “Example”sei review --by "Jane Roe <jane@org>"sei reject
Section titled “sei reject”Records the rejection of the approval as an empty git commit with the Sei-Rejected-by: trailer. The reason is mandatory (--reason). The review cycle returns to pending state: the maintainer must correct the evidence and run sei request again.
| Flag | Type | Default | Description |
|---|---|---|---|
--repo | path | . | Path to the git repository to operate on. |
--by | string | (required) | Person or management role rejecting, e.g. "Jane Roe <jane@org>". |
--reason | string | (required) | Reason for rejection, e.g. "missing bias evidence for subgroup X". |
What it writes
Section titled “What it writes”An empty git commit with the trailer Sei-Rejected-by: <--by value> and the reason in the commit body.
Normative relevance
Section titled “Normative relevance”ISO/IEC 42001:2023 §6.1.3 (risk treatment review process; traceability of rejection decisions).
Example
Section titled “Example”sei reject --by "Jane Roe <jane@org>" --reason "missing bias evidence for age subgroup"sei retire
Section titled “sei retire”Records the withdrawal of the system from the market or operation as an empty git commit with the Sei-Retired-by: trailer. The reason is optional. sei reconstruct will report the system as RETIRED from this commit onward.
| Flag | Type | Default | Description |
|---|---|---|---|
--repo | path | . | Path to the git repository to operate on. |
--by | string | (required) | Person or role retiring the system, e.g. "Jane Roe <jane@org>". |
--reason | string | (optional) | Reason for retirement, e.g. "end of operational lifecycle". |
What it writes
Section titled “What it writes”An empty git commit with the trailer Sei-Retired-by: <--by value>.
Normative relevance
Section titled “Normative relevance”EU AI Act Art. 9 (AI system lifecycle); EU AI Act Art. 61 (post-market monitoring and withdrawal).
Example
Section titled “Example”sei retire --by "Jane Roe <jane@org>" --reason "end of operational lifecycle"Annex IV is not a subcommand
Section titled “Annex IV is not a subcommand”The Annex IV (EU AI Act Art. 11) is not emitted by the engine. The engine only produces signed evidence: the bundle.json (with per-field provenance) and the .sei/* artifacts. The control plane (the cloud) assembles and renders Annex IV from the signed bundle.json and exports it to PDF (Typst). It is not an engine artifact, it is not committed, and there is no sei annex-iv command.
See The .sei/* artifacts for the artifacts the engine does emit.