23 of 23 risks. CI-gated at 85%. Every PR proves coverage.
Every BondFoundry PR runs the four-dimension eval harness and the AIGF coverage report. The build fails if coverage drops below 85% or any AIGF v2.0 risk has zero passing cases. Governance as CI.
AIGF v2.0 coverage
23 / 23 risks mapped
- Operational (AIR-OP)8
- Security (AIR-SEC)5
- Detection (AIR-DET)4
- Resilience / Recovery3
- Cross-cutting (AIR-RC)3
23 of 23 risks mapped to code + eval + audit
Every risk in the FINOS AIGF v2.0 taxonomy has a mapped mitigation in BondFoundry source, at least one passing eval case, and at least one audit row in the seed corpus that carries the framework_ref. Run `bondfoundry-finos coverage` and the matrix prints in under ten seconds.
bondfoundry-finos mapping --format markdown
bondfoundry-finos coverage --threshold 0.85
bondfoundry-finos evidence-pack --period 30d
bondfoundry-finos cross-framework --target nist-ai-rmf
bondfoundry-finos verify-chainAccuracy · Policy · Robustness · Latency
Coverage is not just "is there a test?" — it is "does the test exercise the dimension that matters for this risk?" Accuracy covers pricing and risk; policy covers adversarial prompts; robustness covers injection and jailbreak; latency covers SLO commitments.
NIST · EU AI Act · ISO 42001 · SR 11-7
Each AIGF risk and mitigation in BondFoundry carries cross-framework references to NIST AI RMF, NIST 800-53r5, EU AI Act, ISO 42001, SR 11-7, FFIEC, OWASP LLM Top-10 2025, and MAS. One adoption decision, multiple regulatory regimes satisfied.