EU AI Act compliance MCP server. Scans AI codebases, classifies risk, provides remediation guidance.
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"eu-ai-act": {
"args": [
"/path/to/mcp-eu-ai-act/server.py"
],
"command": "python3"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
If this tool helps your compliance work, a ⭐ on GitHub helps others discover it.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
uvx 'mcp' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default
### Description The Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default for HTTP-based servers. When an HTTP-based MCP server is run on localhost without authentication using `FastMCP` with streamable HTTP or SSE transport, and has not configured `TransportSecuritySettings`, a malicious website could exploit DNS rebinding to bypass same-origin policy restrictions and send requests to the local MCP server. This could allow an attacker to invoke tools or ac
MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS
A validation error in the MCP SDK can cause an unhandled exception when processing malformed requests, resulting in service unavailability (500 errors) until manually restarted. Impact may vary depending on the deployment conditions, and presence of infrastructure-level resilience measures. Thank you to Rich Harang for reporting this issue.
MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service
If a client deliberately triggers an exception after establishing a streamable HTTP session, this can lead to an uncaught ClosedResourceError on the server side, causing the server to crash and requiring a restart to restore service. Impact may vary depending on the deployment conditions, and presence of infrastructure-level resilience measures. Thank you to Rich Harang for reporting this issue.
Click any tool to inspect its schema.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in legal
87 tools for Korean law — statutes, precedents, ordinances, interpretations | MCP Server · CLI · npm
Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.
Query 750+ Swedish statutes, EU cross-references, case law, and preparatory works
956k Swiss court decisions: full-text search, citation graph, statute lookup (DE/FR/IT)
MCP Security Weekly
Get CVE alerts and security updates for io.github.ark-forge/mcp-eu-ai-act and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
One command. Zero config. Full EU AI Act + GDPR compliance report in under 10 seconds.
pip install eu-ai-act-scanner
eu-ai-act-scanner /path/to/your/project
Detects 16 AI frameworks in your codebase, maps each to binding legal articles, returns pass/fail with fix instructions. Free tier, no API key needed.
August 2, 2026 enforcement deadline. Fines up to 35M EUR or 7% global turnover.
If this tool helps your compliance work, a ⭐ on GitHub helps others discover it.
Need audit-grade proof? Certify every scan with ArkForge Trust Layer — tamper-proof, timestamped compliance evidence. 500 free proofs/month.
pip install eu-ai-act-scanner # or: pip install mcp-eu-ai-act
cd your-project/
eu-ai-act-scanner
Output:
========================================================================
EU AI Act Compliance Scanner
========================================================================
Files scanned: 42
AI frameworks detected: 2
- openai (in 3 files)
- langchain (in 1 file)
Risk category: limited
Compliance score: 4/7 (57%)
Checks:
[PASS] Transparency
[PASS] User Disclosure
[FAIL] Technical Documentation → Create docs/TECHNICAL_DOCUMENTATION.md
[FAIL] Risk Management → Create docs/RISK_MANAGEMENT.md
[FAIL] Data Governance → Create docs/DATA_GOVERNANCE.md
Or specify a path directly: eu-ai-act-scanner /path/to/your/project
Track compliance over time (free): eu-ai-act-scanner . --register you@email.com
| Free | Pro (€29/mo) | Certified (€99/mo) | |
|---|---|---|---|
| Scans per day | 5 | Unlimited | Unlimited |
| AI framework detection | ✓ (16 frameworks) | ✓ (16 frameworks) | ✓ (16 frameworks) |
| Risk category suggestion | ✓ | ✓ | ✓ |
| Compliance check | — | ✓ (content scoring 0-100) | ✓ |
| Full compliance report | — | ✓ (executive + technical) | ✓ |
| Compliance roadmap | — | ✓ (week-by-week plan) | ✓ |
| Annex IV package | — | ✓ (auditor-ready ZIP) | ✓ |
| GDPR scan | — | ✓ | ✓ |
| Combined EU AI Act + GDPR | — | ✓ (dual-compliance hotspots) | ✓ |
| Trust Layer certification | — | — | ✓ (cryptographic proof) |
| CI/CD integration | — | ✓ | ✓ |
| API key | Not required | ✓ | ✓ |
| Tools available | 2 | 10 | 10 + certification |
Free tier: no sign-up, no API key — just pip install and scan. Pro unlocks the full compliance toolkit your team needs before the August 2026 deadline.
→ Compare plans & get your API key
| Feature | Description |
|---|---|
generate_compliance_roadmap | Week-by-week action plan to reach compliance before your deadline |
generate_annex4_package | Auditor-re |