npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

complianceguard-mcp

v1.0.0

Published

**Privacy and compliance checks, built into your workflow.**

Downloads

113

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

craftpipecraftpipe

Keywords

Readme

ComplianceGuard MCP

Privacy and compliance checks, built into your workflow.

npm License: MIT TypeScript Node.js MCP Tests

Scan local codebases for PII handling issues, data flow problems, cookie consent violations, and privacy readiness gaps — all from within your AI assistant.

Disclaimer: ComplianceGuard provides automated pattern detection. Not a substitute for qualified legal counsel.

Quick Start

npx complianceguard-mcp

Claude Desktop config

Add to your claude_desktop_config.json:

{
  "mcpServers": {
    "complianceguard": {
      "command": "npx",
      "args": ["-y", "complianceguard-mcp"]
    }
  }
}

Then ask Claude:

"Scan my project at /path/to/my-app for PII issues" "Run a cookie audit on /path/to/my-frontend" "What's my privacy score for /path/to/my-app?"

Tools

Free Tools (7 tools — available now)

| Tool | Description | |:-----|:------------| | scan_pii | Scan codebase for PII field patterns and classify by category (email, phone, address, dob, etc.) | | scan_data_flow | Trace PII fields from collection through storage to external transmission | | cookie_audit | Detect cookie usage and consent-before-set violations (GDPR Art. 7) | | privacy_score | Overall privacy readiness score (0-100) with breakdown and suggestions | | retention_check | Find PII stored without TTL, soft-delete, or retention policy | | consent_check | Scan for consent management patterns in forms and signups | | dependency_audit | Flag dependencies with data-sharing concerns (mixpanel, hotjar, sentry, etc.) |

Pro Tools (6 tools — requires PRO_LICENSE)

| Tool | Description | |:-----|:------------| | gdpr_checklist | Per-article GDPR compliance checklist (Art. 5-35) with evidence and actions | | generate_ropa | Records of Processing Activities (ROPA) template pre-filled from scan results | | generate_dpia | Data Protection Impact Assessment (DPIA) with risk likelihood/impact and mitigations | | diff_scan | Privacy posture diff between two git refs — detects new PII, new cookies, removed controls | | policy_generate | Privacy policy and cookie policy drafts with company name and website URL | | multi_repo_scan | Unified privacy inventory across multiple GitHub repositories |

Free vs Pro

| Feature | Free | Pro | |:--------|:----:|:---:| | PII scanning (12 categories) | Yes | Yes | | Data flow tracing | Yes | Yes | | Cookie audit + consent checks | Yes | Yes | | Privacy score (0-100) | Yes | Yes | | Retention analysis | Yes | Yes | | Consent form analysis | Yes | Yes | | Dependency audit | Yes | Yes | | GDPR article checklist | - | Yes | | ROPA generation | - | Yes | | DPIA generation | - | Yes | | Git diff scanning | - | Yes | | Policy generation | - | Yes | | Multi-repo scanning | - | Yes |

To enable Pro tools, set PRO_LICENSE=your-license-key in your environment.

How it works

ComplianceGuard reads your local codebase using filesystem access only. No code is sent to any external service. All scanning is regex-based pattern matching.

PII categories detected: email, phone, address, IP address, SSN, date of birth, name, location, device ID, financial, health, biometric

Cookie patterns detected: document.cookie =, res.cookie(, cookies.set(, setCookie(, .setCookie(

Data flow tracing: Follows PII fields from API inputs through database operations to external SDK calls (SendGrid, Stripe, analytics, etc.)

Architecture

  • Runtime: Node.js 18+, TypeScript
  • Protocol: Model Context Protocol (MCP) via stdio
  • Storage: SQLite audit log at ~/.complianceguard/audit.db (90-day retention)
  • File discovery: fast-glob
  • No external API calls — all scanning is local

License

MIT — see LICENSE

Built by Craftpipe — privacy tooling for developers.