What's New
CALMGuard v1.3.0 transforms the hackathon MVP into a comprehensive compliance automation platform
with self-learning intelligence, GitOps integration, and cloud infrastructure generation.
Highlights
- Self-Learning Engine — Oracle fires deterministic rules from previously learned patterns.
Zero LLM latency on repeat analyses. Patterns auto-promote after 3 observations at 75%+
confidence. - 3 GitOps PR Types — DevSecOps CI pipelines, Compliance Remediation patches, and Cloud
Infrastructure Terraform scaffolds — all pushed as GitHub PRs with CALM traceability. - Programmatic Remediation — LLM agents identify compliance gaps; deterministic code applies
the fixes. Protocol upgrades (HTTP→HTTPS, JDBC→TLS) and missing controls applied without data
loss. - Cloud Infra Generator — Maps CALM nodes to AWS Terraform (VPC, ECS, RDS, IAM, Security
Groups) with full CALM-to-resource traceability. - Multi-Version CALM — Supports CALM v1.0, v1.1, v1.2 with automatic version detection and
legacy type normalization. - 7 Compliance Skill Files — SOX, PCI-DSS, NIST-CSF, FINOS-CCC, SOC2, Protocol Security,
DevSecOps Pipeline — with closed control ID reference tables to prevent LLM hallucination. - 12-Phase Product Roadmap — From hackathon prototype to enterprise compliance platform.
Proof of Impact
| Repository | |
|---|---|
| Before | [payment-gateway.calm.json](https://github.com/gjs-opsflo/payment-gateway-calm/bl |
| ob/main/payment-gateway.calm.json) | |
| After | [payment-gateway.calm.json](https://github.com/gjs-opsflo/calm-payment-gw03/blob/m |
| ain/payment-gateway.calm.json) |
CALMGuard automated remediation achieves near 100% compliance across all 5 frameworks.
Stats
- 6 AI agents with tactical callsigns (HQ, Oracle, Scout, Ranger, Arsenal, Sniper)
- 5 compliance frameworks (SOX, PCI-DSS, NIST-CSF, FINOS-CCC, SOC2)
- 111 passing tests
- 182 DCO-compliant commits
Full changelog: https://github.com/finos-labs/dtcch-2026-opsflow-llc/blob/main/CHANGELOG.md