pa11y
Pa11y is your automated accessibility testing pal
Found 2113 results for compliance
Pa11y is your automated accessibility testing pal
Extracts OSS license information of the npm packages in your webpack output
Pa11y CI is a CI-centric accessibility test runner, built using Pa11y
Cloud and zero-trust agentic workflow marketplace for skills, agents, rules, MCP references, and compliance-aware architecture.
React library for Twilio Compliance Embed
Consent policy engine and API for c15t. Powers the cookie banner, consent manager, and preference center. Webhooks, audit logs, storage adapters. Self-host or use inth.com
Zero dependencies, blazing fast regex-based PII redaction with optional compliance dashboard integration. The modern fork of the abandoned 786k-download library.
This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.
A simple but powerful consent manager.
Converters for transforming security tool outputs and HDF formats
Extracts OSS license information of the npm packages in your rollup or vite output
A lightweight and accessible consent manager
License compliance checker
Model Context Protocol server for Vanta's security compliance platform
This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.
This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.
Open-source legal template filling CLI and library
Basis Theory AI React Library
One command install for the great_cto Claude Code plugin. Auto-detects your stack, picks the right archetype, bootstraps PROJECT.md.
CLI client for reporting compliance events to https://kosli.com
Security infrastructure your AI can't be — deterministic, current past your model's training cutoff, whole-repo-aware, author-independent. Security MCP for vibe coding. 453 rules, 39 tools, CLI + doctor. Prompt-level shift-left security (secure_prompt — e
GESF MCP Server - AI Compliance Assistant for GDPR, OWASP, NIST, CIS. Check compliance, generate policies, assess risks via MCP protocol.
TypeScript client for the Vaara HTTP API: EU AI Act runtime evidence for MCP tool calls. Conformal risk scoring, policy gating, hash-chained tamper-evident audit, named detectors.
AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 51 skills, 11 catalogs (519 CVEs / 193 CWEs / 805 ATT&CK + ICS / 170 ATLAS / 468 D3FEND / 8888 RFCs), 35 jurisdictions, 10-class catalog gap detector + budget gate,
SDK for the Scorechain API
AWS CDK construct library for Pipeline Builder: the Builder construct that assembles plugin specs into a CodePipeline stack, PluginLookup custom resource, pipeline/plugin domain types, and shared configuration.
Green Engineering Standard Framework - Compliance-as-Code CLI
CLI for Pipeline Builder self-service AWS CodePipeline platform with 125 reusable containerized plugins, per-org compliance enforcement, and per-organization (and team) isolation.
AWS CDK security and cost analysis CLI. Free static scans via npm — no account needed. Sign up free to add AI-powered insights.
GESF Web Dashboard - Visual compliance dashboard for teams
Audit Plugin for ObjectStack — System audit log object and audit trail
Core server-side utilities (auth middleware, response helpers, error codes, quota service, HTTP client, logging, AI provider catalog) shared by every Pipeline Builder backend service.
MetaGO Agent Harness(智能体运行时控制层套件 · 驭智层)— 智能体运行时控制层,让 Agent 从会说话升级为会干活、守规矩、会进化、可追溯、能闭环的生命体。39 技能 · 53 MCP tools · 8 公理 · Engine V2(KMWI 四层记忆 + 元进化五阶段 + 技能智能生成)· 决策锁四道关卡 · 全链路溯源。支持 7 大 AI 编程平台。MIT 开源。
A module to facilitate local OFAC searches
Express server infrastructure for Pipeline Builder: app factory, middleware (CORS, Helmet, rate limiting, idempotency, ETag), request context, route wrappers, health-check helpers, and SSE support.
AI Agent Governance for TypeScript — policy enforcement, scoring, compliance, and audit for AI agents
GESF Git Hooks - Pre-commit compliance enforcement
Database layer for Pipeline Builder: Drizzle ORM schemas, connection management, query builders, and the generic CrudService base class with per-organization (and team) access control.
An advanced SDK for natural person identification through document scanning, facial recognition, designed for secure and efficient user verification.
Document integrity validator for AI agents. Verifies authenticity against international standards before acting on contents. PASS/FAIL verdict in one call.
A production-ready TypeScript utility for calculating contrast ratios and validating WCAG 2.1 color accessibility requirements.
Unified vulnerability taxonomy with multi-framework compliance mappings (MITRE ATLAS, OWASP, NIST, EU AI Act, CWE)
A collection of CDKTF modules for AWS, with security and compliance in mind
TypeScript SDK for Vesant Compliance Platform - Geolocation, KYC, Risk Profiling, CipherText, and Compliance Orchestration
React components, hooks, and services for CIA triad security assessment, compliance management, and risk analysis — supporting ISO 27001, NIST 800-53, SOC 2, GDPR, HIPAA, and EU CRA frameworks
East Execution Engine API Compliance Tests - shared test suites for e3 API implementations
Catch open-source license risk before your PR ships.
Check npm dependencies' package.json for license compatibility (aka compliance check) with the current project based on spdx notation and naming conventions.
MVA (Model-View-Agent) framework for the Model Context Protocol. Structured perception packages with Presenters, cognitive guardrails, self-healing errors, action consolidation, and tRPC-style type safety — so AI agents perceive and act on your data det
Audit log plugin for Better Auth. Captures auth lifecycle events, stores structured log entries, and exposes query endpoints with PII redaction and custom storage backends.
Transaction monitoring client for the Vesant Compliance Platform
Core utilities for Vesant SDK packages — BaseClient, errors, config, circuit breaker, rate limiter
Shared AI provider registry for Pipeline Builder: lazily initialized SDK wrappers for Anthropic, OpenAI, Google, xAI, and Bedrock used by AI-assisted pipeline and plugin generation.
In-memory MVA lifecycle emulator for MCP Fusion. Runs the full pipeline (Zod Input → Middlewares → Handler → Egress Firewall) without network transport. Returns structured MvaTestResult objects — zero coupling to Jest/Vitest.
AI agent governance - audit trails, policy enforcement, ML-DSA cryptographic signatures
A comprehensive audit logging component for Convex - track user actions, API calls, and system events with built-in compliance features.
GRC (Governance, Risk, Compliance) components for Kopexa
A React payment library with BasisTheory integration
Catch every time your AI coding agent touches auth, secrets, or skips a test, then turn the correction you made into a local regression eval. Local-first, deterministic, no LLM judge.
NPM license audit and dependency compliance checker - Scan, validate, and analyze open source licenses with SPDX validation. Feature-enhanced, TypeScript-based fork of license-checker with better performance and reliability.
MCP server for the SCF Controls Platform — security compliance controls, frameworks, evidence, and risk management for AI agents
Octolens
ISO 27001 compliance workspace for Claude — controls, risks, policies, evidence, audits, and SoA in one local encrypted MCP server
Shared types and schemas for Artu Compliance packages
GESF ESLint Plugin - Real-time security and compliance rules for GESF standards
Ory Argus: the core API for building authentication, authorization, and audit into AI agent harness plugins, extensions, and custom integrations
Collection of useful platform constructs for modern applications deployed with AWS CDK
TypeScript SDK for the Artu Compliance API
Tydids (e)ID Framework
JSON schemas and multi-language type definitions for Heimdall Data Format (HDF)
Fraud detection and scoring client for the Vesant Compliance Platform
Spec-first clean-room workflow for authorized source analysis without replacement code.
Pre-payment counterparty verification for AI agents. KYC, risk screening across 386 data sources, Companies House, ACRA. PROCEED/BLOCK verdict in one call.
Official TypeScript SDK for the Verifiquemos compliance API
Acosmi TypeScript SDK:模型网关、Agent Run Gateway 与 Compliance(电子证据、时间章、报告、签署 envelope)统一客户端,支持浏览器 / Node ≥18 / Deno / Bun。
CCI/NIST/CIS/CMMC security framework mappings for HDF
Data safety classifier for AI agents. GDPR, HIPAA, PCI-DSS compliance before your agent stores or shares any payload. SAFE/ESCALATE verdict in one call.
ESLint rules for repository compliance across GitHub, GitLab, Bitbucket, Codeberg/Forgejo, AWS, Azure, Google Cloud, Docker, Vercel, Netlify, and DigitalOcean.
One-click receipt generation for Web3 transactions with tax compliance
Multi-model AI verification with adversarial critique. No AI can verify itself — so they verify each other.
ido4 core — context intelligence, task distribution, and deterministic governance for AI-hybrid software development
Zero-code runtime observability for JS/Python + AI agent debugging. Traces LangChain, CrewAI, OpenAI, Anthropic, Gemini. Eval, security, compliance, cost tracking. Free, local-first.
Ory plugin for OpenClaw: scaffolding skills, a local Ory instance, and authentication, authorization, and audit for every tool call
Nigeria Data Protection Toolkit — enterprise-grade compliance components for the Nigeria Data Protection Act (NDPA) 2023
Append-only audit + cost-tracking log for VentureKit applications
Chainlink Automated Compliance Engine (ACE) Contracts
Ory plugin for Codex: scaffolding skills, a local Ory instance, and authentication, authorization, and audit for every tool call
Enterprise security and compliance module for Wundr platform
Infrastructure as Code security and compliance evaluation tool (WASI build). Fork of fugue/regula with security patches.
Specora Platform SDK for Node.js - AI governance and policy enforcement
Client-side consent management package using the Secure API Gateway
PII cloaking and tamper-evident audit logs for LLM API calls. EU AI Act Article 12 compliance.
AGLedger™ SDK: accountability and audit infrastructure for agentic systems.
Audit-focused helpers for Autotel (force-keep + structured audit instrumentation)
n8n nodes for integrating with the Probo compliance platform API
Fail-closed Cedar policy gate + Ed25519 signed receipts for AI agent tool calls. Denies on any policy error, proves the gate is live with a startup self-test, and turns every decision into a local searchable record you own. The open gate behind Legate by
Ory plugin for OpenCode: scaffolding skills, a local Ory instance, and authentication, authorization, and audit for every tool call
Kognai sovereign orchestrator — interactive REPL (kognai) + one-shot CLI (kognai-build). Triple-supervisor + compliance review + TICKET-135 optimization profiles + TICKET-203/207 workspace integration.
n8n community node for Signatrust — generate, verify, and retrieve cryptographically signed AI Decision Receipts (Ed25519) for autonomous AI agents. Cloud and self-hosted enterprise.
Ory plugin for Claude Code: scaffolding skills, a local Ory instance, and authentication, authorization, and audit for every tool call
Enterprise AI agent governance framework. Hook-based enforcement, compliance packs (SOC 2, HIPAA, GDPR, PCI DSS, DORA, EU AI Act, ISO 27001), audit trails, multi-LLM adapter architecture (Claude production today; additional providers on roadmap).
Ory extension for Gemini CLI: scaffolding skills, a local Ory instance, and authentication, authorization, and audit for every tool call
Common utilities for STATUS compliance Node-RED packages
Collection of STATUS project components used for compliance checks
Open-source security firewall for MCP (Model Context Protocol) servers. Scan, monitor, and enforce policies on AI agent tool calls.
Grepture proxy SDK — drop-in fetch wrapper for AI API governance
Bootstrap installer for the ControlKeel native CLI - a control plane for agent-generated software delivery.
A tool for managing compliance as code in your GitHub repositories.
Pa11y is your automated accessibility testing pal
Test whether your repo AI instructions actually survive execution.
Machine-readable regulatory database mapping WCAG to EN 301 549 and national accessibility law across 17 jurisdictions, with enforcement-body lookups.
RCF CLI — Active Integrity & Protection Framework (TypeScript Edition)
Validate tax identification numbers (TIN, VAT, EIN, GST, ITIN, SSN) for 76+ countries. Regex, checksum, and online VIES/government verification. TypeScript-first with LLM tool definitions.
Screen names against the consolidated OFAC, EU, UK, and UN sanctions lists and resolve legal entities against GLEIF, fuzzy-matched offline over a local SQLite + FTS5 mirror. A screening aid, not a compliance determination.
validate compliance of a javascript module against a test suite module
bouncer — static compliance-controls checker. Verifies the controls a regulation requires actually exist in your code (UK Online Safety Act, ICO Children's Code), as deterministic rule packs. No LLM required.
TypeScript client SDK for MeshFlow — Zero Trust AI agents, HIPAA/SOX/GDPR compliance, tamper-evident audit chain, wire-level tool call enforcement
WasmAgent Compliance Engine — TaskSpec-driven verification, local repair, and evidence export for LLM agent runs.
EU AI Act Article 50 transparency compliance toolkit — scan your code, audit your site, generate the fix before August 2, 2026.
Compliance checks for apps published on proappstore.online — used by the CLI for local feedback and by CI for gating.
Bylaw ALCV runtime enforcement SDK for AI agent actions with policy-gated clearance, A-JWT authorization, and audit evidence
AWS Lambda handler for Pipeline Builder that ingests CodePipeline state-change events from EventBridge and forwards normalized payloads to the reporting service.
Observability framework for Node.js powered by a native Rust engine: declarative correlation, PII masking, per-level field control and retention enforced on every log, serialized + masked + sanitized in one native pass (transparent JS fallback). Failsafe
Audit log plugin for AdminForth with CRUD diffs, actor tracking, and activity history
CLI tool and MCP server that tests MCP servers for spec compliance
A focus trap library that pierces that shadow dom. So you can use it with native web components. Deep Focus Trap is a lightweight library written in vanilla js with only one dependency (that is tree-shakable if not in use).
Open-source HIPAA compliance scanner for healthcare code. 131 rules, 5 HIPAA categories. CLI + CI/CD + VS Code.
A2A TrustGate CLI — Safety, compliance, and governance for AI agents. Screen every action before it executes.
Certus CLI for compliance enforcement at the merge gate with 5 scanners, 18 blueprints, and signed evidence workflows.
ESLint and governance tooling package for ZinTrust.
[](https://www.npmjs.com/package/dpdp-erasure-cli)
TypeScript SDK for the AtlaSent authorization API
KYB API for Latin American legal entities. 20+ public registry sources for Peru — SUNAT, OSCE, OECE and more. Offline MPHF search, full OCDS data, updated daily.
Official DriftGard Node.js SDK — evaluate LLM interactions against your compliance policy
EvalGuard core — LLM evaluation, security testing, firewall, gateway, and monitoring engine. Runtime dep of @evalguard/sdk and @evalguard/cli.
ATHENA SDK for JavaScript and TypeScript
MCP server exposing Leo — the deterministic EU AI Act (Regulation (EU) 2024/1689) classifier — as tools for AI agents. Every answer cites the law verbatim.
MCP server for the Nozom Cybersecurity GRC Platform — exposes GRC API endpoints as Model Context Protocol tools. R-EXTSPEC: @modelcontextprotocol/sdk v1.29.0 — https://modelcontextprotocol.io/specification/latest
Bun-native full-stack framework with generative AI, fintech compliance, and real-time performance - built for Tanzanian digital economy
ido4 MCP server — context intelligence, task distribution, and governance for AI-hybrid software development in Claude Code
MVA (Model-View-Agent) framework for the Model Context Protocol. Structured perception packages with Presenters, cognitive guardrails, self-healing errors, action consolidation, and tRPC-style type safety — so AI agents perceive and act on your data deter
Audit logging and event trail for HazelJS applications
Stop AI from breaking code you told it not to touch. Enforces .cursorrules, CLAUDE.md, and AGENTS.md — not just suggests. Zero-config: npx speclock protect reads your existing AI rule files, extracts constraints, installs pre-commit hooks, and makes your
Official ACF® Model Context Protocol server — Agentic Commerce Framework governance copilot for AI assistants.
MCP server — AI governance evidence for EU AI Act, SOC 2, ISO 42001, and NIST AI RMF
Agent Evidence Protocol — runtime action evidence and run provenance types for WasmAgent
Security-hardened MCP server for NotebookLM API with compliance-ready architecture (GDPR, SOC2, CSSF controls implemented)
A React Native package for regulatory compliance.
MVA (Model-View-Agent) framework for the Model Context Protocol. Structured perception packages with Presenters, cognitive guardrails, self-healing errors, action consolidation, and tRPC-style type safety — so AI agents perceive and act on your data deter
Reference implementation of the Ironclad standard — multi-agent dev harness for Claude Code.
Pre-execution scope enforcement for AI agent workflows. Validates workflow definitions against role-based authorization scopes (SOC1, SOC2, Production Readiness) before they run, with cryptographically signed attestation tokens for audit.
This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.
MCP server for InsumerAPI — condition-based access infrastructure. Send a wallet and conditions, get a signed boolean across 37 chains. 27 tools: attestation, wallet trust profiles (49 checks across 27 chains incl. Solana, XRPL, Bitcoin, Tron, Stellar, Su
WCAG and EN 301 549 accessibility test engine that maps failures to national law and enforcement bodies across 17 jurisdictions. CLI and CI reporting.
Prove your homelab matches your intent — YAML network specs, live VLAN/VPN audits, drift detection, Omada/OPNsense import. Cross-platform CLI with MCP for AI agents.
OFAC, sanctions, PEP & KYB screening for Node.js — screen names, companies & crypto wallets against OFAC SDN, EU, UK, UN + 100+ watchlists; EU VAT (VIES) validation; EU consolidated (FSF) sanctions screen; OIG-LEIE healthcare-exclusion + fuzzy SDN matchin
Mima AI Governance SDK for TypeScript and Node.js
Privacy on the edge — drop-in AI proxy with automatic PII routing
Inline PII, credential, and regulated-data classifier for AI agent I/O. Dual-layer: deterministic regex + optional semantic Guard. Library + CLI.
n8n community node for TracePass — automate EU Digital Product Passport workflows: products, passports, EPCIS supply-chain events.
Compliance validation - security validation (secrets, headers, crypto) for regulated industries
SWT3 AI Witness SDK: cryptographic attestation for AI inference. 103 procedures, 52 namespaces, 7 languages, 18 profiles. EU AI Act, NIST AI RMF, CMMC, SR 11-7.
In-memory MVA lifecycle emulator for Vurb. Runs the full pipeline (Zod Input → Middlewares → Handler → Egress Firewall) without network transport. Returns structured MvaTestResult objects — zero coupling to Jest/Vitest.
Multi-framework policy-as-code compliance scanner for infrastructure and application code.
Apache-2.0 attestation and audit substrate for AI agent evidence chains.
Streaming PII redaction for AI applications. The hiding place for sensitive data flowing into LLMs. Secrets pack, SSE-aware streaming, audit events, drop-in middlewares for Express / fetch / OpenAI / Anthropic.
Accessibility tool for source files — scans JSX, Vue, Angular, and HTML without a running server. Exact line numbers, watch mode, CI gates, AI fix prompts. WCAG 2.1 AA, WCAG 2.2 AA, and WCAG AAA (automated rules) with optional RTL support.
AgenticMail Enterprise — cloud-hosted AI agent identity, email, auth & compliance for organizations
React SDK for MetaKYC due diligence workflows with configurable API endpoints and comprehensive step coverage
The authorization and audit layer for AI agents
🚀 Comprehensive blockchain integration suite with multi-chain cryptocurrency support, NFT marketplace, smart contracts, DeFi protocols, and enterprise-grade wallet management
Independently verify AxioRank audit receipts, agent-commerce conformance seals, agent reputation credentials, and coding-session seals offline. Merkle inclusion proofs, Ed25519 signed tree heads, delegation provenance, human-approval signatures, witness c
Lightweight SBOM/license checker with allowlist, exceptions, and upstream chains.
Compliance report generator + tamper-evident audit log for @datacules/agent-identity — SOC 2, GDPR, HIPAA reports, SHA-256 chain verification CLI
A Babel plugin thad adds configurable data-ot-ignore and className='optanon-category-C0001' to all React elements which have src attribute
Composable AI safety pipeline framework with industry compliance packs (HIPAA, SOX, GDPR, FedRAMP)
OpsContext for AI Agents — read-only fleet visibility (PM2/nginx/Docker/git/cron) + tamper-evident audit log + policy-as-code hooks. The ops + compliance layer Claude Code can't grow natively.
MCP server that lets Claude, Cursor, LangGraph, and other agents record AI decisions to a tamper-evident ledger.
MCP server for the complete 49 CFR 172.101 Hazardous Materials Table: hazmat lookup, special-provision decoding, parsing, and basic compliance checks — every field cited to a pinned eCFR revision.
Shulam SDK — compliance screening, trust scoring, and x402 payment facilitation
ESLint rules ensuring mutations are audited, audit writes are fire-and-forget, and audit metadata never carries PII.
Nice2Dev UI Enterprise - Compliance & enterprise-grade React components: DataExportCenter, AuditTrail, ContractEditor, GDPRConsent, GlobalSearch, InvoiceDesigner, AccessLog
Deterministic finish-line gates for AI coding agents. A model-independent evaluator that blocks commit/publish until your definition-of-done passes. Works in opencode, Claude Code, pre-commit and CI.
Cordova plugin for privacy-preserving age assurance using the Google Play Age Signals API (Android/Kotlin) and the Apple Declared Age Range API (iOS/Swift). Exposes a unified, Promise-based JavaScript API with TypeScript definitions.
n8n community node for Mediavox: mediaAPI (48+ endpoints — sanctions, threats, data quality, OCR, KYC), Turing AI (chat with RAG), DocumentPower (NER, semantic search), HealthPower (clinical data: RIPS, appointments, adherence, authorization), Sales Copil
African AI governance compliance — enforcement engine and sector packs for NDPA, CBN, NHA, NAICOM, KDPA, POPIA and 15+ African regulatory frameworks
TypeScript/JavaScript SDK for Lians — financial-grade AI memory with bitemporal model, SEC 17a-4 audit chain, and GDPR crypto-shred
Official TypeScript/JavaScript SDK for PyAI — speech-to-text (Hear), text-to-speech (Speak), realtime voice agents (Omni), and call compliance (Trace).
Czech & EU due diligence in one call — company facts, insolvency (ISIR), EU+OFAC sanctions, VAT reliability, risk scoring (0-100), and statutory chain. EU coverage via GLEIF/LEI. Official state registries only, no Cribis/Bisnode reselling.
Generate HTML with license text from NPM/Yarn dependencies
TrustLint is a local compliance validation tool for your development workflow. Instantly check your code for compliance issues, integrate with CI/CD, and stay ahead of regulatory risks.
Official TypeScript SDK for the Fola form-filling API — auto-fill USCIS, EOIR immigration court, DOL ETA/PERM, and US district court PDFs from typed JSON. 72 forms ship typed; pay-per-fill via API key.
Attesto TypeScript SDK - log verifiable AI events to Attesto with production-safe defaults.
Dependency license scanner across npm, Cargo, Go, Python, Ruby, PHP, Java, Dart, and C/C++ with commercial risk reporting
Official TypeScript SDK for the COHESION Judgment Independence Score API. Real-time oversight scoring for AI-assisted human decisions, per EU AI Act Article 14, Colorado SB 205, and NYC Local Law 144.
SOTA AI agent security SDK. F1 1.000 on BIPIA/HackAPrompt/MCPTox/Multilingual benchmarks. 400+ exports, 100+ modules. Zero dependencies, runs locally.
EU AI Act compliance: scan, attest, document — from your IDE. Source-available, MCP-native, AI-assisted.
EU AI Act Article 50 cryptographic transparency receipts, anchored to Bitcoin. The TypeScript SDK with the Stripe-style attach() pattern.
A bundler-agnostic plugin to generate third-party license notices for bundled packages. Supports webpack 5, Rspack, and Vite.
Get list of licenses for third-party packages using in Next.js.
Audit trail module for tracking and querying system events
Official AgeKey SDK for age verification integration
Sanctions screening for KYC/AML — check Czech companies and individuals against EU Financial Sanctions (FSF) and US OFAC SDN lists. Per-entity and per-statutory-member checks. Official consolidated lists, updated from source.
Governance receipts for AI agents — automated compliance scoring against EU AI Act Art. 12, Colorado AI Act (SB 24-205), and NIST AI RMF. 60-second scan, free local check included, more accurate with every run.
Governance for AI agents: a deny-by-default policy layer for Claude Code and agent/skill builds. Every tool call is authorized, contained, and audited. Apache-2.0.
A lightweight, security-first logging utility with automatic data redaction for Node.js applications - the first logging library with built-in PII protection.
Access EPA environmental data — facility compliance (ECHO), toxic releases (TRI), Superfund sites, drinking water systems, and real-time air quality (AirNow) via MCP. STDIO or Streamable HTTP.
Dawnguard MCP Server - Cloud security insights and guardrail guidance for Azure and AWS architectures
CLI tool to check End-of-Life (EOL) status of code, infrastructure, containers, and AI models. Supports Docker, Terraform, AWS, Serverless, and more.
ILAL Protocol CLI — compliant swaps and credential management for Uniswap v4
Government/compliance roles - conservative, by-the-book formatting
Open-source toolkit to pass Google CASA Tier 2 security assessments without consulting-firm costs.
This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.
Interactive and scriptable CLI that generates a correct LICENSE file from the full SPDX catalog, syncs the chosen license into your package.json/composer.json, stamps source-file headers, and verifies everything stays in sync in CI.
Structured comparison of HDF evaluation results — tracks what changed, why, and by how much
A Strapi plugin that audits content blocks for compliance with category requirements. Specifically checks for blocks that don't have the 'kennisartikel' category assigned, helping maintain content standards across products.
gate — one ship/no-ship verdict from aiglare, bouncer, tieline & repoctx. The unified merge gate for the nugehs toolchain: run four deterministic checks, get one normalized verdict.
Zentity smart contracts, ABIs, deployments, and typed helpers
Terminal-based developer chat assistant. Permanent hard fork of gsd-pi with LangFlow flow triggers, a flow builder, and optional gateway routing for compliance environments.
GDPR-compliant cookie consent management for React with script blocking and Google Consent Mode V2
Deterministic governance contract infrastructure for immutable schema continuity, typed admissibility semantics, cross-runtime compatibility, and independently verifiable governance interfaces.
Automatically add standardized git trailers to AI-assisted commits for compliance, audit trails, and attribution
Language-agnostic linter for repository structure, file existence, filename conventions, and file content rules. This package downloads and wraps the platform-matched native alint binary.
n8n community node for Scorechain Risk Scoring API — analyse crypto addresses and transactions on 20+ blockchains
NoData Guard — continuous security scanner. Runs locally, reports only metadata. Your data never leaves your machine.
React SDK for MetaKYC due diligence workflows with configurable API endpoints and comprehensive step coverage
AWS CDK: A Real-Time S3 Protector
Driftgard CLI — governance-as-code for AI compliance
Verified UK sanctions screening for AI agents — official FCDO UK Sanctions List, not guesses.
Manifesto Governance - decorator runtime for legitimacy, approval, and governed execution
SAGE - Open-source governance runtime harness for agentic coding systems. Intercepts, evaluates, and audits developer prompts before code is written, and performs code security scans/fixes after AI code generation.
MergeGuide MCP server — AI-assisted code governance for Claude Code, Cursor & Copilot. Injects your security & compliance policy at generation time so AI writes compliant code by default.
Open-source GDPR, WCAG 2.2 & security compliance scanner. The ESLint of web compliance.
The SCADABLE setup wizard. Detects your framework and wires your always-current legal documents (privacy policy, terms of use) into any app, live from SCADABLE.
Open-source legal template filling CLI and library
MCP server exposing regulated-industry AI compliance knowledge (EU AI Act · APRA CPS 230/234 · NIST AI RMF · ISO 42001 · AU AI Safety Standard · SLSA · SSDF · OWASP LLM Top 10) as tools, resources, and prompts. Apache 2.0 (code) + CC BY 4.0 (dataset). By
Argentine Boletín Oficial as a structured firehose for AI agents on the Vercel AI SDK. Search, filter by sección, match by CUIT or keyword, and turn the daily JSON dump into typed records. The 'Vercel for legal monitoring' missing from the AR ecosystem.
Official TypeScript SDK for Recalled — audit logs as a service for your product.
The only agent execution layer that enforces governance before consequences land. x402-native paid execution, financial control plane, immutable receipts, output verification, agent reputation, and memory continuity.
AI claim verification CLI. Paste what an AI told you — Faultline extracts every claim, verifies against live sources, scores the risk, and generates audit evidence. Provider-agnostic: Gemini, OpenAI, Claude, Perplexity.
React SDK for MetaKYC due diligence workflows with configurable API endpoints and comprehensive step coverage
Deterministic governance infrastructure for immutable policy lineage, governed admissibility evaluation, replay-safe execution semantics, and independently verifiable policy enforcement.
Static scanner for EU AI Act Article 9 & 12 compliance gaps in Terraform and CloudFormation - checks AWS Bedrock guardrails, logging, retention, and traceability against EU AI Act, NIST AI RMF, and ISO/IEC 42001
Governance receipts for AI agents — financial analysis with forecasting, audit prep, and regulatory checks (SOX, GAAP, IFRS, AML), every output signed and receipted for EU AI Act, Colorado AI Act (SB 24-205), and NIST AI RMF audit trails.
Official TypeScript SDK for Agent Action Firewall - AI agent security platform
Production-grade NestJS encryption module for PII protection with AES-256-GCM and KMS
Heuristic release checks and smoke tests for Roblox projects via MCP
AxonFlow SDK - Add invisible AI governance to your applications in 3 lines of code
MCP bridge to LogicNodes: 8 deterministic on-chain service tools plus agent-marketplace discovery, payable per call in USDC via x402 on Base.
Runtime governance layer for generative AI agents. Works with any MCP-compatible client — Claude, GPT, Gemini, Cursor, or custom frameworks. MAI classification, forensic audit trails, human-in-the-loop gates, EU AI Act compliance, NIST/SOC 2/CMMC mapping.