Skip to content

Feature Request: EU AI Act compliance checks for inference pipeline #509

Description

@shotwellj

Summary

With the EU AI Act enforcement deadline on August 2, 2026, and Black Forest Labs being based in Freiburg, Germany, FLUX falls directly under the Act's jurisdiction. The inference repo could benefit from compliance-aware patterns mapped to Articles 9-15.

What this could look like

  • Art. 11 (Documentation): Model cards, system documentation, expanded docstrings (currently at 11% coverage, type hints are strong at 81%)
    • Art. 12 (Record-Keeping): Structured logging for inference calls (no logging framework currently detected)
      • Art. 14 (Human Oversight): Content filtering controls, generation rate limiting, usage tracking
        • Art. 15 (Security): Prompt injection defense for text-to-image prompts, output validation (watermarking is already present)

Context

I ran FLUX through AIR Blackbox, an open-source EU AI Act compliance scanner (Apache 2.0). FLUX scored 6/44 checks passing (14%). The type hint coverage is strong, but record-keeping patterns are the biggest gap.

You can run it yourselves:

pip install air-blackbox
air-blackbox comply --scan . --no-llm --format table --verbose

Everything runs locally, no data leaves your machine.

Why this matters

As one of the most prominent EU-based AI companies, Black Forest Labs is likely to face early scrutiny under the Act. Having compliance patterns in the open-source inference code also helps downstream developers who build on FLUX demonstrate their own compliance.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions