JSPM

Found 2113 results for compliance

@sheplu/aws-safe-modules

A collection of CDKTF modules for AWS, with security and compliance in mind

  • v0.2.4
  • 34.86
  • Published

vesant-sdk

TypeScript SDK for Vesant Compliance Platform - Geolocation, KYC, Risk Profiling, CipherText, and Compliance Orchestration

  • v1.6.6
  • 34.81
  • Published

cia-compliance-manager

React components, hooks, and services for CIA triad security assessment, compliance management, and risk analysis — supporting ISO 27001, NIST 800-53, SOC 2, GDPR, HIPAA, and EU CRA frameworks

  • v1.1.104
  • 34.78
  • Published

@elaraai/e3-api-tests

East Execution Engine API Compliance Tests - shared test suites for e3 API implementations

  • v1.0.30
  • 34.76
  • Published

ohrisk

Catch open-source license risk before your PR ships.

  • v1.1.1
  • 34.69
  • Published

license-compatibility-checker

Check npm dependencies' package.json for license compatibility (aka compliance check) with the current project based on spdx notation and naming conventions.

  • v0.3.5
  • 34.64
  • Published

@vesant-sdk/transaction

Transaction monitoring client for the Vesant Compliance Platform

  • v0.1.0
  • 34.51
  • Published

@pipeline-builder/ai-core

Shared AI provider registry for Pipeline Builder: lazily initialized SDK wrappers for Anthropic, OpenAI, Google, xAI, and Bedrock used by AI-assisted pipeline and plugin generation.

  • v3.4.82
  • 34.44
  • Published

@asqav/sdk

AI agent governance - audit trails, policy enforcement, ML-DSA cryptographic signatures

  • v0.8.0
  • 34.12
  • Published

@mcpfusion/testing

In-memory MVA lifecycle emulator for MCP Fusion. Runs the full pipeline (Zod Input → Middlewares → Handler → Egress Firewall) without network transport. Returns structured MvaTestResult objects — zero coupling to Jest/Vitest.

  • v4.3.1
  • 34.11
  • Published

@seontechnologies/seon-id-verification

An advanced SDK for natural person identification through document scanning, facial recognition, designed for secure and efficient user verification.

    • v2.1.0
    • 34.10
    • Published

    convex-audit-log

    A comprehensive audit logging component for Convex - track user actions, API calls, and system events with built-in compliance features.

    • v0.2.0
    • 34.05
    • Published

    @basis-theory-ai/react

    A React payment library with BasisTheory integration

      • v1.0.1-beta.7
      • 34.03
      • Published

      @kopexa/grc

      GRC (Governance, Risk, Compliance) components for Kopexa

      • v18.3.2
      • 34.01
      • Published

      license-checker-evergreen

      NPM license audit and dependency compliance checker - Scan, validate, and analyze open source licenses with SPDX validation. Feature-enhanced, TypeScript-based fork of license-checker with better performance and reliability.

      • v6.3.1
      • 33.62
      • Published

      mcp-server-scf

      MCP server for the SCF Controls Platform — security compliance controls, frameworks, evidence, and risk management for AI agents

      • v1.6.3
      • 33.55
      • Published

      @mcpfusion/core

      MVA (Model-View-Agent) framework for the Model Context Protocol. Structured perception packages with Presenters, cognitive guardrails, self-healing errors, action consolidation, and tRPC-style type safety — so AI agents perceive and act on your data det

      • v4.3.1
      • 33.45
      • Published

      better-auth-audit-logs

      Audit log plugin for Better Auth. Captures auth lifecycle events, stores structured log entries, and exposes query endpoints with PII redaction and custom storage backends.

      • v0.3.0
      • 33.43
      • Published

      iso27001-mcp

      ISO 27001 compliance workspace for Claude — controls, risks, policies, evidence, audits, and SoA in one local encrypted MCP server

      • v0.9.73
      • 33.37
      • Published

      @ory/argus

      Ory Argus: the core API for building authentication, authorization, and audit into AI agent harness plugins, extensions, and custom integrations

      • v0.11.1
      • 33.31
      • Published

      @vesant-sdk/core

      Core utilities for Vesant SDK packages — BaseClient, errors, config, circuit breaker, rate limiter

      • v0.1.0
      • 33.28
      • Published

      @mitre/hdf-schema

      JSON schemas and multi-language type definitions for Heimdall Data Format (HDF)

      • v3.3.2
      • 33.06
      • Published

      @vesant-sdk/fraud

      Fraud detection and scoring client for the Vesant Compliance Platform

      • v0.1.0
      • 32.94
      • Published

      clean-room-skill

      Spec-first clean-room workflow for authorized source analysis without replacement code.

      • v0.6.5
      • 32.88
      • Published

      bizfile-mcp

      Pre-payment counterparty verification for AI agents. KYC, risk screening across 386 data sources, Companies House, ACRA. PROCEED/BLOCK verdict in one call.

      • v4.10.53
      • 32.82
      • Published

      @verifiquemos/sdk

      Official TypeScript SDK for the Verifiquemos compliance API

      • v0.16.1
      • 32.76
      • Published

      @acosmi/sdk-ts

      Acosmi TypeScript SDK:模型网关、Agent Run Gateway 与 Compliance(电子证据、时间章、报告、签署 envelope)统一客户端,支持浏览器 / Node ≥18 / Deno / Bun。

      • v2.10.0
      • 32.70
      • Published

      @mitre/hdf-mappings

      CCI/NIST/CIS/CMMC security framework mappings for HDF

      • v3.3.2
      • 32.69
      • Published

      data-compliance-mcp

      Data safety classifier for AI agents. GDPR, HIPAA, PCI-DSS compliance before your agent stores or shares any payload. SAFE/ESCALATE verdict in one call.

      • v1.0.31
      • 32.66
      • Published

      eslint-plugin-repo

      ESLint rules for repository compliance across GitHub, GitLab, Bitbucket, Codeberg/Forgejo, AWS, Azure, Google Cloud, Docker, Vercel, Netlify, and DigitalOcean.

      • v1.0.9
      • 32.66
      • Published

      @pieverse/receipt

      One-click receipt generation for Web3 transactions with tax compliance

      • v0.1.1
      • 32.55
      • Published

      treetrace

      Catch every time your AI coding agent touches auth, secrets, or skips a test, then turn the correction you made into a local regression eval. Local-first, deterministic, no LLM judge.

      • v0.10.4
      • 32.48
      • Published

      pot-cli

      Multi-model AI verification with adversarial critique. No AI can verify itself — so they verify each other.

      • v0.8.8
      • 32.26
      • Published

      @artu-ai/shared

      Shared types and schemas for Artu Compliance packages

      • v0.17.0
      • 32.24
      • Published

      @ido4/core

      ido4 core — context intelligence, task distribution, and deterministic governance for AI-hybrid software development

      • v0.13.1
      • 32.23
      • Published

      trickle-cli

      Zero-code runtime observability for JS/Python + AI agent debugging. Traces LangChain, CrewAI, OpenAI, Anthropic, Gemini. Eval, security, compliance, cost tracking. Free, local-first.

        • v0.1.229
        • 32.18
        • Published

        @ory/openclaw

        Ory plugin for OpenClaw: scaffolding skills, a local Ory instance, and authentication, authorization, and audit for every tool call

        • v0.11.1
        • 32.15
        • Published

        @kikoda/cdk-constructs

        Collection of useful platform constructs for modern applications deployed with AWS CDK

        • v0.6.5
        • 32.14
        • Published

        @tantainnovative/ndpr-toolkit

        Nigeria Data Protection Toolkit — enterprise-grade compliance components for the Nigeria Data Protection Act (NDPA) 2023

        • v5.7.4
        • 32.09
        • Published

        @chainlink/ace

        Chainlink Automated Compliance Engine (ACE) Contracts

        • v1.1.1
        • 32.08
        • Published

        @ory/codex

        Ory plugin for Codex: scaffolding skills, a local Ory instance, and authentication, authorization, and audit for every tool call

        • v0.11.1
        • 32.03
        • Published

        @wundr.io/security

        Enterprise security and compliance module for Wundr platform

        • v1.0.39
        • 31.99
        • Published

        regula-wasi

        Infrastructure as Code security and compliance evaluation tool (WASI build). Fork of fugue/regula with security patches.

        • v3.2.5
        • 31.98
        • Published

        @specora/sdk

        Specora Platform SDK for Node.js - AI governance and policy enforcement

        • v0.8.0
        • 31.93
        • Published

        @ogcio/consent

        Client-side consent management package using the Secure API Gateway

        • v1.5.0
        • 31.82
        • Published

        cloakllm

        PII cloaking and tamper-evident audit logs for LLM API calls. EU AI Act Article 12 compliance.

        • v0.12.0
        • 31.76
        • Published

        @agledger/sdk

        AGLedger™ SDK: accountability and audit infrastructure for agentic systems.

        • v1.2.0
        • 31.75
        • Published

        @probo/n8n-nodes-probo

        n8n nodes for integrating with the Probo compliance platform API

        • v0.200.0
        • 31.66
        • Published

        protect-mcp

        Fail-closed Cedar policy gate + Ed25519 signed receipts for AI agent tool calls. Denies on any policy error, proves the gate is live with a startup self-test, and turns every decision into a local searchable record you own. The open gate behind Legate by

        • v0.9.7
        • 31.56
        • Published

        @ory/opencode

        Ory plugin for OpenCode: scaffolding skills, a local Ory instance, and authentication, authorization, and audit for every tool call

        • v0.11.1
        • 31.54
        • Published

        @kognai/build

        Kognai sovereign orchestrator — interactive REPL (kognai) + one-shot CLI (kognai-build). Triple-supervisor + compliance review + TICKET-135 optimization profiles + TICKET-203/207 workspace integration.

        • v0.7.10
        • 31.49
        • Published

        n8n-nodes-signatrust

        n8n community node for Signatrust — generate, verify, and retrieve cryptographically signed AI Decision Receipts (Ed25519) for autonomous AI agents. Cloud and self-hosted enterprise.

        • v0.3.4
        • 31.47
        • Published

        @connexum/ai-governance

        Enterprise AI agent governance framework. Hook-based enforcement, compliance packs (SOC 2, HIPAA, GDPR, PCI DSS, DORA, EU AI Act, ISO 27001), audit trails, multi-LLM adapter architecture (Claude production today; additional providers on roadmap).

        • v1.0.0-beta.30
        • 31.39
        • Published

        @ory/gemini-cli

        Ory extension for Gemini CLI: scaffolding skills, a local Ory instance, and authentication, authorization, and audit for every tool call

        • v0.11.1
        • 31.21
        • Published

        @grepture/sdk

        Grepture proxy SDK — drop-in fetch wrapper for AI API governance

        • v0.1.8
        • 31.10
        • Published

        @gtprojects/mcpguard

        Open-source security firewall for MCP (Model Context Protocol) servers. Scan, monitor, and enforce policies on AI agent tool calls.

        • v0.2.1
        • 31.10
        • Published

        @aryaminus/controlkeel

        Bootstrap installer for the ControlKeel native CLI - a control plane for agent-generated software delivery.

        • v0.3.62
        • 31.06
        • Published

        @venturekit-pro/audit

        Append-only audit + cost-tracking log for VentureKit applications

        • v0.0.5
        • 30.99
        • Published

        lula2

        A tool for managing compliance as code in your GitHub repositories.

        • v0.9.5
        • 30.98
        • Published

        pa11y-unlimited

        Pa11y is your automated accessibility testing pal

        • v9.6.1
        • 30.94
        • Published

        ruleprobe-ai

        Test whether your repo AI instructions actually survive execution.

        • v2.12.0
        • 30.87
        • Published

        @holmdigital/standards

        Machine-readable regulatory database mapping WCAG to EN 301 549 and national accessibility law across 17 jurisdictions, with enforcement-body lookups.

        • v2.10.0
        • 30.82
        • Published

        corporate-taxid-checker-js

        Validate tax identification numbers (TIN, VAT, EIN, GST, ITIN, SSN) for 76+ countries. Regex, checksum, and online VIES/government verification. TypeScript-first with LLM tool definitions.

        • v2.1.0
        • 30.76
        • Published

        rcf-protocol

        RCF CLI — Active Integrity & Protection Framework (TypeScript Edition)

        • v2.1.7
        • 30.76
        • Published

        @cyanheads/sanctions-screening-mcp-server

        Screen names against the consolidated OFAC, EU, UK, and UN sanctions lists and resolve legal entities against GLEIF, fuzzy-matched offline over a local SQLite + FTS5 mirror. A screening aid, not a compliance determination.

        • v0.1.7
        • 30.73
        • Published

        compliance

        validate compliance of a javascript module against a test suite module

        • v0.2.2
        • 30.64
        • Published

        autotel-audit

        Audit-focused helpers for Autotel (force-keep + structured audit instrumentation)

        • v0.4.2
        • 30.61
        • Published

        @nugehs/bouncer

        bouncer — static compliance-controls checker. Verifies the controls a regulation requires actually exist in your code (UK Online Safety Act, ICO Children's Code), as deterministic rule packs. No LLM required.

        • v0.2.0
        • 30.54
        • Published

        meshflow-sdk

        TypeScript client SDK for MeshFlow — Zero Trust AI agents, HIPAA/SOX/GDPR compliance, tamper-evident audit chain, wire-level tool call enforcement

        • v1.14.0
        • 30.46
        • Published

        @wasmagent/compliance

        WasmAgent Compliance Engine — TaskSpec-driven verification, local repair, and evidence export for LLM agent runs.

        • v1.8.0
        • 30.46
        • Published

        article50

        EU AI Act Article 50 transparency compliance toolkit — scan your code, audit your site, generate the fix before August 2, 2026.

          • v0.9.0
          • 30.43
          • Published

          @proappstore/compliance

          Compliance checks for apps published on proappstore.online — used by the CLI for local feedback and by CI for gating.

          • v0.2.6
          • 30.34
          • Published

          @ory/claude-code

          Ory plugin for Claude Code: scaffolding skills, a local Ory instance, and authentication, authorization, and audit for every tool call

          • v0.11.1
          • 30.33
          • Published

          bylaw-ts

          Bylaw ALCV runtime enforcement SDK for AI agent actions with policy-gated clearance, A-JWT authorization, and audit evidence

          • v0.6.8
          • 30.23
          • Published

          @pipeline-builder/pipeline-events

          AWS Lambda handler for Pipeline Builder that ingests CodePipeline state-change events from EventBridge and forwards normalized payloads to the reporting service.

          • v3.4.70
          • 30.23
          • Published

          syntropylog

          Observability framework for Node.js powered by a native Rust engine: declarative correlation, PII masking, per-level field control and retention enforced on every log, serialized + masked + sanitized in one native pass (transparent JS fallback). Failsafe

          • v1.2.0
          • 30.18
          • Published

          @yawlabs/mcp-compliance

          CLI tool and MCP server that tests MCP servers for spec compliance

          • v0.16.3
          • 30.12
          • Published

          @adminforth/audit-log

          Audit log plugin for AdminForth with CRUD diffs, actor tracking, and activity history

          • v1.9.30
          • 30.12
          • Published

          deep-focus-trap

          A focus trap library that pierces that shadow dom. So you can use it with native web components. Deep Focus Trap is a lightweight library written in vanilla js with only one dependency (that is tree-shakable if not in use).

          • v0.0.3
          • 30.04
          • Published

          verification-layer

          Open-source HIPAA compliance scanner for healthcare code. 131 rules, 5 HIPAA categories. CLI + CI/CD + VS Code.

          • v0.27.1
          • 29.91
          • Published

          @tar_9897/certus-ai

          Certus CLI for compliance enforcement at the merge gate with 5 scanners, 18 blueprints, and signed evidence workflows.

          • v2.2.4
          • 29.87
          • Published

          a2a-trustgate

          A2A TrustGate CLI — Safety, compliance, and governance for AI agents. Screen every action before it executes.

          • v1.5.1
          • 29.87
          • Published

          @zintrust/governance

          ESLint and governance tooling package for ZinTrust.

            • v2.9.0
            • 29.64
            • Published

            dpdp-erasure-cli

            [![npm version](https://img.shields.io/npm/v/dpdp-erasure-cli?color=14b8a6&style=flat-square)](https://www.npmjs.com/package/dpdp-erasure-cli)

            • v1.1.2
            • 29.61
            • Published

            @atlasent/sdk

            TypeScript SDK for the AtlaSent authorization API

            • v2.16.0
            • 29.58
            • Published

            @evalguard/core

            EvalGuard core — LLM evaluation, security testing, firewall, gateway, and monitoring engine. Runtime dep of @evalguard/sdk and @evalguard/cli.

            • v1.4.0
            • 29.55
            • Published

            athena-trust-sdk

            ATHENA SDK for JavaScript and TypeScript

            • v1.2.1
            • 29.54
            • Published

            @africode/core

            Bun-native full-stack framework with generative AI, fintech compliance, and real-time performance - built for Tanzanian digital economy

            • v5.0.8
            • 29.54
            • Published

            @nozomtechs/grc-mcp

            MCP server for the Nozom Cybersecurity GRC Platform — exposes GRC API endpoints as Model Context Protocol tools. R-EXTSPEC: @modelcontextprotocol/sdk v1.29.0 — https://modelcontextprotocol.io/specification/latest

            • v0.3.3
            • 29.54
            • Published

            @ido4/mcp

            ido4 MCP server — context intelligence, task distribution, and governance for AI-hybrid software development in Claude Code

            • v0.13.1
            • 29.41
            • Published

            @vinkius-core/mcp-fusion

            MVA (Model-View-Agent) framework for the Model Context Protocol. Structured perception packages with Presenters, cognitive guardrails, self-healing errors, action consolidation, and tRPC-style type safety — so AI agents perceive and act on your data deter

            • v3.1.31
            • 29.41
            • Published

            @hazeljs/audit

            Audit logging and event trail for HazelJS applications

            • v1.0.5
            • 29.38
            • Published

            acf-mcp

            Official ACF® Model Context Protocol server — Agentic Commerce Framework governance copilot for AI assistants.

            • v1.1.0
            • 29.30
            • Published

            speclock

            Stop AI from breaking code you told it not to touch. Enforces .cursorrules, CLAUDE.md, and AGENTS.md — not just suggests. Zero-config: npx speclock protect reads your existing AI rule files, extracts constraints, installs pre-commit hooks, and makes your

            • v5.7.0
            • 29.29
            • Published

            @wasmagent/aep

            Agent Evidence Protocol — runtime action evidence and run provenance types for WasmAgent

            • v1.8.0
            • 29.25
            • Published

            @pan-sec/notebooklm-mcp

            Security-hardened MCP server for NotebookLM API with compliance-ready architecture (GDPR, SOC2, CSSF controls implemented)

            • v2026.4.1
            • 29.11
            • Published

            cladding

            Reference implementation of the Ironclad standard — multi-agent dev harness for Claude Code.

            • v0.8.2
            • 29.00
            • Published

            @scopebound/n8n-nodes-scopebound

            Pre-execution scope enforcement for AI agent workflows. Validates workflow definitions against role-based authorization scopes (SOC1, SOC2, Production Readiness) before they run, with cryptographically signed attestation tokens for audit.

            • v0.1.0-preview.9
            • 28.99
            • Published

            @vurb/core

            MVA (Model-View-Agent) framework for the Model Context Protocol. Structured perception packages with Presenters, cognitive guardrails, self-healing errors, action consolidation, and tRPC-style type safety — so AI agents perceive and act on your data deter

            • v3.19.6
            • 28.98
            • Published

            @pulumi/google-compliance-policies

            This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.

            • v0.1.6
            • 28.98
            • Published

            @holmdigital/engine

            WCAG and EN 301 549 accessibility test engine that maps failures to national law and enforcement bodies across 17 jurisdictions. CLI and CI reporting.

            • v2.12.0
            • 28.92
            • Published

            nyx-audit-cli

            Prove your homelab matches your intent — YAML network specs, live VLAN/VPN audits, drift detection, Omada/OPNsense import. Cross-platform CLI with MCP for AI agents.

            • v0.2.8
            • 28.87
            • Published

            ofac-sanctions-screening

            OFAC, sanctions, PEP & KYB screening for Node.js — screen names, companies & crypto wallets against OFAC SDN, EU, UK, UN + 100+ watchlists; EU VAT (VIES) validation; EU consolidated (FSF) sanctions screen; OIG-LEIE healthcare-exclusion + fuzzy SDN matchin

            • v0.6.0
            • 28.83
            • Published

            @mima-ai/governance

            Mima AI Governance SDK for TypeScript and Node.js

            • v0.1.6
            • 28.77
            • Published

            @privedge/sdk

            Privacy on the edge — drop-in AI proxy with automatic PII routing

              • v0.4.1
              • 28.75
              • Published

              @opena2a/aicomply

              Inline PII, credential, and regulated-data classifier for AI agent I/O. Dual-layer: deterministic regex + optional semantic Guard. Library + CLI.

              • v2.2.2
              • 28.71
              • Published

              n8n-nodes-tracepass

              n8n community node for TracePass — automate EU Digital Product Passport workflows: products, passports, EPCIS supply-chain events.

              • v1.2.0
              • 28.70
              • Published

              @tenova/swt3-ai

              SWT3 AI Witness SDK: cryptographic attestation for AI inference. 103 procedures, 52 namespaces, 7 languages, 18 profiles. EU AI Act, NIST AI RMF, CMMC, SR 11-7.

              • v0.5.9
              • 28.66
              • Published

              @vurb/testing

              In-memory MVA lifecycle emulator for Vurb. Runs the full pipeline (Zod Input → Middlewares → Handler → Egress Firewall) without network transport. Returns structured MvaTestResult objects — zero coupling to Jest/Vitest.

              • v3.19.6
              • 28.61
              • Published

              @prodcycle/prodcycle

              Multi-framework policy-as-code compliance scanner for infrastructure and application code.

              • v0.6.17
              • 28.57
              • Published

              @attestplane/attestplane

              Apache-2.0 attestation and audit substrate for AI agent evidence chains.

              • v1.10.0
              • 28.56
              • Published

              @carrerahaus/latinfo

              KYB API for Latin American legal entities. 20+ public registry sources for Peru — SUNAT, OSCE, OECE and more. Offline MPHF search, full OCDS data, updated daily.

              • v0.21.4
              • 28.56
              • Published

              @driftgard/node

              Official DriftGard Node.js SDK — evaluate LLM interactions against your compliance policy

              • v1.27.0
              • 28.55
              • Published

              @raeven-co/sether

              Streaming PII redaction for AI applications. The hiding place for sensitive data flowing into LLMs. Secrets pack, SSE-aware streaming, audit events, drop-in middlewares for Express / fetch / OpenAI / Anthropic.

              • v0.5.7
              • 28.54
              • Published

              sovereign-ai-act-mcp

              MCP server exposing Leo — the deterministic EU AI Act (Regulation (EU) 2024/1689) classifier — as tools for AI agents. Every answer cites the law verbatim.

              • v1.3.0
              • 28.53
              • Published

              @vpdev2/metakyc

              React SDK for MetaKYC due diligence workflows with configurable API endpoints and comprehensive step coverage

              • v1.0.157
              • 28.38
              • Published

              aira-sdk

              The authorization and audit layer for AI agents

              • v3.7.0
              • 28.33
              • Published

              @prathammahajan/blockchain-integration

              🚀 Comprehensive blockchain integration suite with multi-chain cryptocurrency support, NFT marketplace, smart contracts, DeFi protocols, and enterprise-grade wallet management

              • v1.0.1
              • 28.31
              • Published

              @mima-ai/governance-mcp

              MCP server — AI governance evidence for EU AI Act, SOC 2, ISO 42001, and NIST AI RMF

              • v0.1.13
              • 28.28
              • Published

              periapsis

              Lightweight SBOM/license checker with allowlist, exceptions, and upstream chains.

              • v2.0.3
              • 28.26
              • Published

              @datacules/agent-identity-compliance

              Compliance report generator + tamper-evident audit log for @datacules/agent-identity — SOC 2, GDPR, HIPAA reports, SHA-256 chain verification CLI

              • v0.13.0
              • 28.22
              • Published

              babel-plugin-ot-ignore

              A Babel plugin thad adds configurable data-ot-ignore and className='optanon-category-C0001' to all React elements which have src attribute

              • v0.1.9
              • 28.14
              • Published

              substrai-guardrailgraph

              Composable AI safety pipeline framework with industry compliance packs (HIPAA, SOX, GDPR, FedRAMP)

              • v1.3.0
              • 28.12
              • Published

              @compr/opscontext-mcp

              OpsContext for AI Agents — read-only fleet visibility (PM2/nginx/Docker/git/cron) + tamper-evident audit log + policy-as-code hooks. The ops + compliance layer Claude Code can't grow natively.

              • v2.1.3
              • 28.11
              • Published

              audit-ledger-mcp

              MCP server that lets Claude, Cursor, LangGraph, and other agents record AI decisions to a tamper-evident ledger.

              • v0.3.3
              • 28.07
              • Published

              @shulam/sdk

              Shulam SDK — compliance screening, trust scoring, and x402 payment facilitation

              • v0.1.0
              • 28.03
              • Published

              @nice2dev/ui-enterprise

              Nice2Dev UI Enterprise - Compliance & enterprise-grade React components: DataExportCenter, AuditTrail, ContractEditor, GDPRConsent, GlobalSearch, InvoiceDesigner, AccessLog

              • v1.0.29
              • 27.98
              • Published

              @reneza/skillgate

              Deterministic finish-line gates for AI coding agents. A model-independent evaluator that blocks commit/publish until your definition-of-done passes. Works in opencode, Claude Code, pre-commit and CI.

              • v0.5.0
              • 27.95
              • Published

              @crowdhub/cordova-plugin-age-verification

              Cordova plugin for privacy-preserving age assurance using the Google Play Age Signals API (Android/Kotlin) and the Apple Declared Age Range API (iOS/Swift). Exposes a unified, Promise-based JavaScript API with TypeScript definitions.

              • v0.0.5
              • 27.91
              • Published

              n8n-nodes-mediavox

              n8n community node for Mediavox: mediaAPI (48+ endpoints — sanctions, threats, data quality, OCR, KYC), Turing AI (chat with RAG), DocumentPower (NER, semantic search), HealthPower (clinical data: RIPS, appointments, adherence, authorization), Sales Copil

              • v1.7.2
              • 27.87
              • Published

              @comply54/core

              African AI governance compliance — enforcement engine and sector packs for NDPA, CBN, NHA, NAICOM, KDPA, POPIA and 15+ African regulatory frameworks

                • v0.4.0
                • 27.81
                • Published

                @lians-ai/lians

                TypeScript/JavaScript SDK for Lians — financial-grade AI memory with bitemporal model, SEC 17a-4 audit chain, and GDPR crypto-shred

                • v0.4.0
                • 27.78
                • Published

                @pyai/sdk

                Official TypeScript/JavaScript SDK for PyAI — speech-to-text (Hear), text-to-speech (Speak), realtime voice agents (Omni), and call compliance (Trace).

                • v0.2.1
                • 27.76
                • Published

                html-license-gen

                Generate HTML with license text from NPM/Yarn dependencies

                • v1.1.1
                • 27.75
                • Published

                @czagents/dd

                Czech & EU due diligence in one call — company facts, insolvency (ISIR), EU+OFAC sanctions, VAT reliability, risk scoring (0-100), and statutory chain. EU coverage via GLEIF/LEI. Official state registries only, no Cribis/Bisnode reselling.

                • v0.3.6
                • 27.75
                • Published

                @attesto/sdk

                Attesto TypeScript SDK - log verifiable AI events to Attesto with production-safe defaults.

                • v0.4.0
                • 27.62
                • Published

                trustlint

                TrustLint is a local compliance validation tool for your development workflow. Instantly check your code for compliance issues, integrate with CI/CD, and stay ahead of regulatory risks.

                • v1.0.9
                • 27.61
                • Published

                @lunanoir/dep-lens

                Dependency license scanner across npm, Cargo, Go, Python, Ruby, PHP, Java, Dart, and C/C++ with commercial risk reporting

                • v2.0.0
                • 27.60
                • Published

                allycat

                Accessibility tool for source files — scans JSX, Vue, Angular, and HTML without a running server. Exact line numbers, watch mode, CI gates, AI fix prompts. WCAG 2.1 AA, WCAG 2.2 AA, and WCAG AAA (automated rules) with optional RTL support.

                • v1.8.0
                • 27.46
                • Published

                @cohesionauth/sdk

                Official TypeScript SDK for the COHESION Judgment Independence Score API. Real-time oversight scoring for AI-assisted human decisions, per EU AI Act Article 14, Colorado SB 205, and NYC Local Law 144.

                • v1.3.2
                • 27.44
                • Published

                @agenticmail/enterprise

                AgenticMail Enterprise — cloud-hosted AI agent identity, email, auth & compliance for organizations

                • v0.5.615
                • 27.42
                • Published

                agentshield-sdk

                SOTA AI agent security SDK. F1 1.000 on BIPIA/HackAPrompt/MCPTox/Multilingual benchmarks. 400+ exports, 100+ modules. Zero dependencies, runs locally.

                • v14.2.2
                • 27.34
                • Published

                @axiorank/audit-verify

                Independently verify AxioRank audit receipts, agent-commerce conformance seals, agent reputation credentials, and coding-session seals offline. Merkle inclusion proofs, Ed25519 signed tree heads, delegation provenance, human-approval signatures, witness c

                • v0.6.0
                • 27.33
                • Published

                compliancelint

                EU AI Act compliance: scan, attest, document — from your IDE. Source-available, MCP-native, AI-assisted.

                • v1.1.4
                • 27.27
                • Published

                @ledgerproof/sdk

                EU AI Act Article 50 cryptographic transparency receipts, anchored to Bitcoin. The TypeScript SDK with the Stripe-style attach() pattern.

                • v1.1.4
                • 27.25
                • Published

                license-checker-plugin

                A bundler-agnostic plugin to generate third-party license notices for bundled packages. Supports webpack 5, Rspack, and Vite.

                • v2.0.1
                • 27.24
                • Published

                next-license-list

                Get list of licenses for third-party packages using in Next.js.

                • v1.0.1
                • 27.15
                • Published

                mcp-server-insumer

                MCP server for InsumerAPI — condition-based access infrastructure. Send a wallet and conditions, get a signed boolean across 37 chains. 27 tools: attestation, wallet trust profiles (49 checks across 27 chains incl. Solana, XRPL, Bitcoin, Tron, Stellar, Su

                • v1.11.0
                • 27.11
                • Published

                @czagents/sanctions

                Sanctions screening for KYC/AML — check Czech companies and individuals against EU Financial Sanctions (FSF) and US OFAC SDN lists. Per-entity and per-statutory-member checks. Official consolidated lists, updated from source.

                • v0.1.5
                • 27.10
                • Published

                hazmat-cfr-mcp

                MCP server for the complete 49 CFR 172.101 Hazardous Materials Table: hazmat lookup, special-provision decoding, parsing, and basic compliance checks — every field cited to a pinned eCFR revision.

                • v0.3.0
                • 27.09
                • Published

                dingdawg-compliance

                Governance receipts for AI agents — automated compliance scoring against EU AI Act Art. 12, Colorado AI Act (SB 24-205), and NIST AI RMF. 60-second scan, free local check included, more accurate with every run.

                • v2.0.13
                • 27.08
                • Published

                project-starfish

                Governance for AI agents: a deny-by-default policy layer for Claude Code and agent/skill builds. Every tool call is authorized, contained, and audited. Apache-2.0.

                • v0.11.1
                • 27.01
                • Published

                @wgtechlabs/log-engine

                A lightweight, security-first logging utility with automatic data redaction for Node.js applications - the first logging library with built-in PII protection.

                • v2.3.1
                • 26.97
                • Published

                @cyanheads/epa-mcp-server

                Access EPA environmental data — facility compliance (ECHO), toxic releases (TRI), Superfund sites, drinking water systems, and real-time air quality (AirNow) via MCP. STDIO or Streamable HTTP.

                • v0.2.0
                • 26.94
                • Published

                @dawnguard/mcp

                Dawnguard MCP Server - Cloud security insights and guardrail guidance for Azure and AWS architectures

                • v1.0.7
                • 26.90
                • Published

                @ilalv3/cli

                ILAL Protocol CLI — compliant swaps and credential management for Uniswap v4

                • v0.2.20
                • 26.81
                • Published

                license-wizard

                Interactive and scriptable CLI that generates a correct LICENSE file from the full SPDX catalog, syncs the chosen license into your package.json/composer.json, stamps source-file headers, and verifies everything stays in sync in CI.

                • v1.1.0
                • 26.71
                • Published

                @folaform/forms-sdk

                Official TypeScript SDK for the Fola form-filling API — auto-fill USCIS, EOIR immigration court, DOL ETA/PERM, and US district court PDFs from typed JSON. 72 forms ship typed; pay-per-fill via API key.

                • v0.15.0
                • 26.68
                • Published

                @mitre/hdf-diff

                Structured comparison of HDF evaluation results — tracks what changed, why, and by how much

                • v3.3.2
                • 26.66
                • Published

                @frameless/content-compliance-checker

                A Strapi plugin that audits content blocks for compliance with category requirements. Specifically checks for blocks that don't have the 'kennisartikel' category assigned, helping maintain content standards across products.

                • v1.0.3
                • 26.64
                • Published

                @nugehs/gate

                gate — one ship/no-ship verdict from aiglare, bouncer, tieline & repoctx. The unified merge gate for the nugehs toolchain: run four deterministic checks, get one normalized verdict.

                • v0.3.0
                • 26.62
                • Published

                @zentity/contracts

                Zentity smart contracts, ABIs, deployments, and typed helpers

                • v0.7.0
                • 26.61
                • Published

                @cmetech/otto

                Terminal-based developer chat assistant. Permanent hard fork of gsd-pi with LangFlow flow triggers, a flow builder, and optional gateway routing for compliance environments.

                • v1.3.4
                • 26.55
                • Published

                @meui-creative/cookies

                GDPR-compliant cookie consent management for React with script blocking and Google Consent Mode V2

                • v7.0.3
                • 26.48
                • Published

                @asamarts/alint

                Language-agnostic linter for repository structure, file existence, filename conventions, and file content rules. This package downloads and wraps the platform-matched native alint binary.

                • v0.13.0
                • 26.44
                • Published

                opencode-git-trailers

                Automatically add standardized git trailers to AI-assisted commits for compliance, audit trails, and attribution

                • v0.5.0
                • 26.43
                • Published

                n8n-nodes-scorechain

                n8n community node for Scorechain Risk Scoring API — analyse crypto addresses and transactions on 20+ blockchains

                • v1.0.3
                • 26.42
                • Published

                @nodatachat/guard

                NoData Guard — continuous security scanner. Runs locally, reports only metadata. Your data never leaves your machine.

                • v4.3.2
                • 26.42
                • Published

                @vpdev2/metakyc-sdk

                React SDK for MetaKYC due diligence workflows with configurable API endpoints and comprehensive step coverage

                • v1.1.3
                • 26.39
                • Published

                @driftgard/cli

                Driftgard CLI — governance-as-code for AI compliance

                  • v1.8.1
                  • 26.32
                  • Published

                  sanctionwise

                  Verified UK sanctions screening for AI agents — official FCDO UK Sanctions List, not guesses.

                  • v0.1.2
                  • 26.29
                  • Published

                  @manifesto-ai/governance

                  Manifesto Governance - decorator runtime for legitimacy, approval, and governed execution

                  • v5.1.1
                  • 26.28
                  • Published

                  sage-governance

                  SAGE - Open-source governance runtime harness for agentic coding systems. Intercepts, evaluates, and audits developer prompts before code is written, and performs code security scans/fixes after AI code generation.

                  • v1.0.4
                  • 26.27
                  • Published

                  @mergeguide/mcp-server

                  MergeGuide MCP server — AI-assisted code governance for Claude Code, Cursor & Copilot. Injects your security & compliance policy at generation time so AI writes compliant code by default.

                  • v2.2.1
                  • 26.27
                  • Published

                  complytest

                  Open-source GDPR, WCAG 2.2 & security compliance scanner. The ESLint of web compliance.

                  • v1.2.0
                  • 26.26
                  • Published

                  @scadable/wizard

                  The SCADABLE setup wizard. Detects your framework and wires your always-current legal documents (privacy policy, terms of use) into any app, live from SCADABLE.

                  • v0.2.0
                  • 26.25
                  • Published

                  @hellouchit/mcp-regulated-ai-compliance

                  MCP server exposing regulated-industry AI compliance knowledge (EU AI Act · APRA CPS 230/234 · NIST AI RMF · ISO 42001 · AU AI Safety Standard · SLSA · SSDF · OWASP LLM Top 10) as tools, resources, and prompts. Apache 2.0 (code) + CC BY 4.0 (dataset). By

                  • v0.2.3
                  • 26.21
                  • Published

                  @openage-agekey/sdk

                  Official AgeKey SDK for age verification integration

                  • v1.5.0
                  • 26.17
                  • Published

                  @recalled/sdk

                  Official TypeScript SDK for Recalled — audit logs as a service for your product.

                  • v0.2.0
                  • 26.15
                  • Published

                  attestify-os

                  The only agent execution layer that enforces governance before consequences land. x402-native paid execution, financial control plane, immutable receipts, output verification, agent reputation, and memory continuity.

                  • v0.1.5
                  • 26.15
                  • Published

                  @parmanasystems/governance

                  Deterministic governance infrastructure for immutable policy lineage, governed admissibility evaluation, replay-safe execution semantics, and independently verifiable policy enforcement.

                  • v1.98.56
                  • 25.98
                  • Published

                  dingdawg-finance-agent

                  Governance receipts for AI agents — financial analysis with forecasting, audit prep, and regulatory checks (SOX, GAAP, IFRS, AML), every output signed and receipted for EU AI Act, Colorado AI Act (SB 24-205), and NIST AI RMF audit trails.

                  • v2.0.11
                  • 25.94
                  • Published

                  eol-check

                  CLI tool to check End-of-Life (EOL) status of code, infrastructure, containers, and AI models. Supports Docker, Terraform, AWS, Serverless, and more.

                  • v1.6.1
                  • 25.93
                  • Published

                  @agent-action-firewall/sdk

                  Official TypeScript SDK for Agent Action Firewall - AI agent security platform

                  • v1.0.0
                  • 25.91
                  • Published

                  casa-ready

                  Open-source toolkit to pass Google CASA Tier 2 security assessments without consulting-firm costs.

                  • v0.5.3
                  • 25.84
                  • Published

                  @ankkho/nestjs-cipher

                  Production-grade NestJS encryption module for PII protection with AES-256-GCM and KMS

                  • v1.1.1
                  • 25.84
                  • Published

                  @pulumi/kubernetes-compliance-policies

                  This repository contains a growing set of Compliance Policies to validate your infrastructure using Pulumi's Crossguard Policy-as-Code framework.

                  • v0.1.5
                  • 25.80
                  • Published

                  @logicnodez/mcp-bridge

                  MCP bridge to LogicNodes: 8 deterministic on-chain service tools plus agent-marketplace discovery, payable per call in USDC via x402 on Base.

                  • v1.0.5
                  • 25.77
                  • Published

                  roblox-shipcheck

                  Heuristic release checks and smoke tests for Roblox projects via MCP

                  • v0.2.0
                  • 25.75
                  • Published

                  gia-mcp-server

                  Runtime governance layer for generative AI agents. Works with any MCP-compatible client — Claude, GPT, Gemini, Cursor, or custom frameworks. MAI classification, forensic audit trails, human-in-the-loop gates, EU AI Act compliance, NIST/SOC 2/CMMC mapping.

                  • v0.4.1
                  • 25.69
                  • Published

                  @ar-agents/constancia

                  ARCA (ex-AFIP) Constancia de Inscripción: the official, legally-citable fiscal document, including the PDF artifact, as a typed tool for AI agents on the Vercel AI SDK. Browser-backed: drives the public web form (no Clave Fiscal) behind a stable adapter c

                  • v0.2.5
                  • 25.66
                  • Published

                  @parmanasystems/audit-db

                  Deterministic audit persistence infrastructure for immutable governance lineage, replay-safe execution history, provenance continuity, and independently verifiable governance evidence storage.

                  • v1.98.56
                  • 25.65
                  • Published

                  @manifesto-ai/lineage

                  Manifesto Lineage - decorator runtime for seal-aware continuity, history, and restore

                  • v5.1.1
                  • 25.63
                  • Published

                  bigdatacorp-client

                  BigDataCorp API client for Node.js and browsers

                  • v1.0.0
                  • 25.59
                  • Published

                  @parmanasystems/contracts

                  Deterministic governance contract infrastructure for immutable schema continuity, typed admissibility semantics, cross-runtime compatibility, and independently verifiable governance interfaces.

                  • v1.98.56
                  • 25.55
                  • Published

                  @origoid/mcp-server

                  Official OrigoID Model Context Protocol server. Exposes every OrigoID API endpoint as an MCP tool — works with Claude Code/Desktop, Cursor, Windsurf, ChatGPT Desktop, Codex CLI, Gemini, and any MCP-compatible client.

                  • v0.5.1
                  • 25.52
                  • Published

                  react-native-store-age-signals-native-modules

                  A React Native Native Module (Legacy Architecture) that provides access to store-level age signals, including Android Play Age Range and iOS Declared Age, to assist with state-level age verification compliance (e.g., Texas).

                  • v0.3.1
                  • 25.48
                  • Published

                  myinvois-mcp

                  MCP server for Malaysian LHDN e-invoicing (MyInvois) compliance rules — scope, field rules, invoice validation, and change-diffs. Thin client over the public API; no database needed.

                  • v0.1.1
                  • 25.46
                  • Published

                  @wipcomputer/wip-license-hook

                  License rug-pull detection and dependency license compliance for open source projects

                    • v1.9.69
                    • 25.43
                    • Published

                    @g8r-security/agent-shield-sdk

                    TypeScript client for G8R Agent Shield — wrap LLM and agent calls with policy enforcement, local-first redaction, and audit logging.

                    • v0.2.0
                    • 25.41
                    • Published

                    forma-sdk

                    FormaAI SDK for Node.js — AI agent governance. Capture · Approve · Kill · Prove · Redact

                    • v3.3.0
                    • 25.40
                    • Published

                    edgar-ts

                    TypeScript SEC EDGAR client for filing discovery and contract exhibit acquisition. SEC-compliant rate limiting, retry, and deterministic normalization.

                    • v0.4.0
                    • 25.40
                    • Published

                    @freegamestore/compliance

                    Compliance checks for games published on freegamestore.online — used by the CLI for local feedback and by CI for gating.

                    • v0.8.3
                    • 25.38
                    • Published

                    @occasiolabs/occasio

                    Occasio — cryptographically verifiable behavioral attestation for AI coding agents. Tool-call interception + policy enforcement + tamper-evident audit chain + Sigstore-signed in-toto attestations + windowed EDR detection. Same engine for Claude Code and M

                    • v0.12.1
                    • 25.36
                    • Published

                    @parmanasystems/verifier

                    Independent deterministic verification infrastructure for replay-safe governance execution, runtime provenance continuity, cryptographic attestations, release lineage validation, and portable trust reconstruction.

                    • v1.98.56
                    • 25.34
                    • Published

                    @ar-agents/boletin-oficial

                    Argentine Boletín Oficial as a structured firehose for AI agents on the Vercel AI SDK. Search, filter by sección, match by CUIT or keyword, and turn the daily JSON dump into typed records. The 'Vercel for legal monitoring' missing from the AR ecosystem.

                    • v0.2.4
                    • 25.33
                    • Published

                    deptic-scan

                    CLI scanner for DEPTIC.io — scan local projects for vulnerabilities and NTIA compliance

                      • v1.0.7
                      • 25.33
                      • Published

                      compliancemaxx

                      Multi-framework compliance orchestrator (OSS-license, OWASP ASVS, ISO 27001, SOC 2, GDPR) for repo and CI/CD.

                      • v2.0.2
                      • 25.32
                      • Published

                      @kodalabs-io/eqo

                      RGAA v4.1.2 accessibility compliance analyzer for NextJS projects

                      • v1.0.0
                      • 25.30
                      • Published

                      @nxtg/faultline

                      AI claim verification CLI. Paste what an AI told you — Faultline extracts every claim, verifies against live sources, scores the risk, and generates audit evidence. Provider-agnostic: Gemini, OpenAI, Claude, Perplexity.

                      • v0.9.0
                      • 25.25
                      • Published

                      veragent

                      Vendor-neutral control plane client for AI agents — capture and govern agent activity. Node/TypeScript SDK.

                      • v0.5.1
                      • 25.21
                      • Published

                      pi-must-have-extension

                      RFC 2119 keyword normalizer extension for the Pi coding agent.

                      • v0.5.0
                      • 25.13
                      • Published

                      @asseteragmbh/metakyc

                      React SDK for MetaKYC due diligence workflows with configurable API endpoints and comprehensive step coverage

                      • v1.0.160
                      • 25.12
                      • Published

                      trueno-aws-rules

                      Pure, dependency-free catalog of AWS cost, security & governance rules. Feed it discovered resources, get findings back.

                        • v0.3.1
                        • 25.10
                        • Published

                        keel-sdk

                        Drop-in replacements for OpenAI, Anthropic, Google, xAI, and Meta SDKs with built-in AI governance. One-line import change adds permit-first policy enforcement, budget controls, audit trails, and usage reporting to every AI call.

                        • v0.2.4
                        • 25.10
                        • Published

                        dpp-lint

                        Linter and risk screener for EU Digital Product Passports. Validates battery passport payloads against DIN DKE SPEC 99100 and screens raw material origins against open due-diligence risk data. By Pangea Intelligence.

                        • v0.4.0
                        • 25.09
                        • Published

                        whetstone-mcp

                        MCP server for U.S. public-records data: business registration (KYB) across 25 states, new business filings, federal watchlist screening (OFAC/BIS/State Dept), and federal awards (USAspending). Powered by the Whetstone actors on Apify.

                        • v0.1.2
                        • 25.08
                        • Published

                        trustops-agent

                        Policy-enforced AI agent runtime for TrustOps. Ed25519-signed audit logs and PreToolUse policy hooks for Claude Code.

                        • v0.2.6
                        • 25.06
                        • Published

                        infrarails

                        Static scanner for EU AI Act Article 9 & 12 compliance gaps in Terraform and CloudFormation - checks AWS Bedrock guardrails, logging, retention, and traceability against EU AI Act, NIST AI RMF, and ISO/IEC 42001

                        • v0.4.0
                        • 25.06
                        • Published

                        @piqrypt/mcp-server

                        Cryptographic audit trail for AI agents — sign, chain-verify and export every decision. GDPR / HIPAA / EU AI Act ready. Free & open source.

                        • v1.5.12
                        • 25.03
                        • Published

                        @parmanasystems/core

                        Deterministic governance infrastructure for enforceable decisions requiring independently verifiable trust.

                        • v1.98.56
                        • 24.97
                        • Published

                        dingdawg-code-review

                        Governance receipts for AI agents — AI code review for security, quality, and performance that learns your team's patterns, with every review signed and receipted for EU AI Act, Colorado AI Act (SB 24-205), and NIST AI RMF audit trails.

                        • v2.0.10
                        • 24.90
                        • Published

                        @mximz/argus

                        Zero-dependency architecture compliance enforcer for Next.js monorepos. Flags violations, suggests fixes, detects patterns, and tracks trend over time.

                        • v1.1.0
                        • 24.89
                        • Published

                        @axonflow/sdk

                        AxonFlow SDK - Add invisible AI governance to your applications in 3 lines of code

                        • v8.5.0
                        • 24.89
                        • Published

                        @parmanasystems/bundle

                        Deterministic governance bundle infrastructure for portable admissibility artifacts, canonical manifest continuity, cryptographic signature validation, and independently verifiable governance distribution.

                        • v1.98.56
                        • 24.88
                        • Published

                        licheck

                        Scan node_modules and report licenses for all installed packages — zero dependencies.

                        • v0.1.0
                        • 24.85
                        • Published

                        @axonflow/openclaw

                        Connects to AxonFlow (SaaS or self-hosted) for policy enforcement, PII scanning, approval gates, and audit trails in OpenClaw agents

                        • v2.6.7
                        • 24.79
                        • Published

                        @francosimon/vlayer

                        Open-source HIPAA compliance scanner for healthcare code — CLI for verification-layer.

                        • v0.25.2
                        • 24.78
                        • Published

                        correctover

                        CCS v1.0 - Conformance Protocol for Agentic Runtime Systems

                        • v2.0.2
                        • 24.74
                        • Published

                        @panguard-ai/migrator-community

                        Sigma / YARA → ATR YAML converter (community edition). Open-source detection rule migration for AI agent security.

                        • v0.1.7
                        • 24.73
                        • Published

                        @worktango/license-scanner

                        Tool to scan for licenses in our dependencies, and report on any that are not allow-listed.

                        • v0.1.1
                        • 24.72
                        • Published