npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@hellouchit/mcp-regulated-ai-compliance

v0.2.3

Published

MCP server exposing regulated-industry AI compliance knowledge (EU AI Act · APRA CPS 230/234 · NIST AI RMF · ISO 42001 · AU AI Safety Standard · SLSA · SSDF · OWASP LLM Top 10) as tools, resources, and prompts. Apache 2.0 (code) + CC BY 4.0 (dataset). By

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

uchituchit

Keywords

mcpmodel-context-protocolai-complianceeu-ai-actapranist-ai-rmfiso-42001au-ai-safetyslsassdfowasp-llmclaudeclaude-desktopcursorregulated-industriescompliance

Readme

mcp-regulated-ai-compliance

A Model Context Protocol server exposing the regulated-industry AI compliance knowledge from hellouchit.com as tools, resources, and prompts callable from any MCP-compatible AI client — Claude Desktop, Cursor, Zed, Windsurf, OpenAI ChatGPT, Continue, Cline, and ~40 other clients.

Free + open-source (Apache 2.0, dataset CC BY 4.0). Built by Uchit Vyas.

Disclaimer: This is a personal, open-source, non-commercial project. Views are my own. It is not affiliated with, endorsed by, or representative of my employer.

Why this exists

The OpenAI GPT Store hosts the EU AI Act and AU AI Safety Standard coaches as ChatGPT-only assets. The Claude Project equivalents are private to each user's Claude Pro account (no public sharing). Neither reaches the practitioners who work primarily inside Cursor, Zed, Continue, Cline, or the Claude API directly.

An MCP server is the only Claude-side asset that is genuinely shareable + multi-client. It surfaces the same dataset, anti-patterns, decision trees, and classification logic — but as tools any AI agent in any compatible client can call. One published server → 40+ client surfaces → the practitioner who never opens ChatGPT or claude.ai still ends up citing your work.

What's in this folder

mcp-regulated-ai-compliance/
├── README.md                          ← you are here
├── scope/                             ← the design docs (read FIRST)
│   ├── 00-product-brief.md            What this is + who it's for
│   ├── 01-architecture.md             System design + transport choices
│   ├── 02-tools-spec.md               The 10 tools the server exposes
│   ├── 03-resources-spec.md           The resources + prompts
│   ├── 04-distribution-strategy.md    Where to list + how to get installs
│   └── 05-build-roadmap.md            v0.1 → v1.0 in 4 phases
├── src/
│   ├── index.ts                       ← MCP server entry point (working stub)
│   ├── tools/                         ← one file per tool
│   │   └── lookup-control.ts          ← FULLY IMPLEMENTED as reference
│   ├── resources/                     ← one file per resource type
│   ├── prompts/                       ← pre-built prompt templates
│   ├── data/                          ← embedded knowledge (dataset, anti-patterns, playbooks)
│   │   ├── dataset.json               ← 56 controls × 28 regulations × 261 tools
│   │   ├── dataset.csv                ← same data, CSV format
│   │   ├── anti-patterns.md           ← 15 named failure modes
│   │   └── playbooks/                 ← 90-day playbooks
│   └── lib/
├── docs/
│   └── install/                       ← per-client install guides
├── examples/                          ← sample conversations / use-cases
├── tests/
├── package.json                       ← npm config (working)
├── tsconfig.json                      ← TypeScript config
├── LICENSE                            ← Apache 2.0 (code) + CC BY 4.0 (dataset)
├── .gitignore
└── .github/workflows/                 ← CI: build + publish to npm

Status — v0.2.1 shipped 2026-05-29

v0.2.1 = data-source abstraction so the same codebase runs on Node (stdio, node:http) AND on Cloudflare Workers / Deno Deploy / Vercel Edge. See worker/ for the Cloudflare scaffold.

CI npm version npm downloads License: Apache 2.0 Provenance MCP Registry Glama MCP score smithery badge

| Phase | Status | |---|---| | Phase 0 — Scope + skeleton | ✅ done | | Phase 1 — Working server + reference tool | ✅ done | | Phase 2 — 6 core tools | ✅ done | | Phase 3 — 4 resource providers + 5 prompts | ✅ done | | Phase 4 — npm publish + directory submissions | ✅ done | | Phase 5 — HTTP transport + 4 playbooks + parser | ✅ done (v0.2.0) |

v0.2.0 ships with

  • Streamable HTTP transportnpx mcp-regulated-ai-compliance-http boots a Node HTTP server on port 3000 (configurable) at /mcp. Unlocks Smithery, ChatGPT MCP directory, browser-based clients, and any platform that prefers HTTP over stdio. Stateless by default; set MCP_STATEFUL=true for per-session UUIDs.
  • All 4 playbooks fully structured — markdown parser extracts 12-week / 12-gate / phase / anti-pattern / source-URL data:
    • eu-ai-act-12-weeks — Piloting → Articles 9-15 ready by 2 Aug 2026
    • cisa-attestation-90-days — Federal contractor SSDF + Common Form 3201-NEW
    • cloud-cost-aware-to-controlled — FinOps Aware → Controlled (AWS / Azure / GCP)
    • vault-theatre-to-workload-identity — Long-lived creds → OIDC federation
  • 6 toolslookup_control · get_anti_pattern · crosswalk · walk_playbook · classify_use_case · list_regulations
  • 4 resource providers (56 URIs) — full dataset (+ by-regulation + by-category), 15 anti-patterns (bundled + per-slug), 4 playbooks, the 20-entry crosswalk matrix
  • 5 promptseu-ai-act-classify · au-ai-safety-walkthrough · crosswalk-frameworks · playbook-week · anti-pattern-diagnostic
  • Embedded knowledge — 56 controls × 28 regulations × 261 tools, 15 named anti-patterns, 4 × 12-week playbooks, 20 crosswalks
  • CI + tests — GitHub Actions on Node 22 + 24, 24/24 unit tests, automated npm publish --provenance on version tag (sigstore-anchored)

Where you can find it

| Channel | Status | |---|---| | npm | ✅ @hellouchit/[email protected] | | Official MCP Registry | ✅ io.github.uchit/[email protected] (latest) | | Glama | ✅ verified | | mcp.so | ⏳ awaiting review | | PulseMCP | ⏳ auto-pulls from Official Registry (~24h) | | awesome-mcp-servers (Security) | ⏳ PR #7084 | | Hosted endpoint | ✅ https://mcp.hellouchit.com/mcp (Cloudflare Worker · stateless) | | Smithery | ✅ smithery.ai/server/@uchit86/regulated-ai-compliance |

See scope/05-build-roadmap.md for the v0.2+ roadmap.

Quick install

For Claude Desktop:

# In your Claude Desktop config file (~/Library/Application Support/Claude/claude_desktop_config.json):
{
  "mcpServers": {
    "regulated-ai-compliance": {
      "command": "npx",
      "args": ["-y", "@hellouchit/mcp-regulated-ai-compliance"]
    }
  }
}

Then restart Claude Desktop → you'll see new tools available: lookup_control, classify_use_case, get_anti_pattern, etc.

Regulation slugs (use these exact values in tool arguments)

eu_ai_act · cps234 · cps230 · soci · ai_safety_au · privacy_au · e8 · irap · dora · nis2 · gdpr · circia · hipaa · fda_samd · cisa_ssa · ssdf · ai_rmf · sp80053 · iso42001 · iso27001 · slsa · owasp_llm · atlas · bcbs239 · pci · iec62443 · iso13485 · iec62304

Local development

npm install
npm run build
npm run dev          # runs server in dev mode (stdio transport)
npm test             # runs the test suite

See scope/01-architecture.md for the dev-loop details.

License

Code: Apache 2.0. Patent grant included. Dataset (regulations × controls × tooling, anti-patterns, playbooks, crosswalks): CC BY 4.0 — attribution to hellouchit.com required.

This is a personal, non-commercial project shared for the community. Contributions and issues are welcome on GitHub.