positronia
v0.1.1
Published
POSITRONIA CLI — run EU-sovereign GDPR + AI Act compliance audits of third-party SaaS from your terminal (EuTrustedIA API v1 client).
Maintainers
Readme
positronia
EU-sovereign GDPR + AI Act compliance audits of third-party SaaS, from your terminal.
positronia is the official CLI for the EuTrustedIA public API v1 (POSITRONIA audit engine). Point it at a SaaS you use or plan to adopt — it returns a private, sealed compliance report (GDPR + AI Act), scored deterministically, with a cryptographically chained audit trail.
- Runs against your EuTrustedIA plan (same quotas as the web app and MCP server — one counter).
- Reports are private to your account. Nothing is published.
- The report is generated server-side on EU-sovereign infrastructure; LLM-aided recommendations carry the mandatory AI Act Article 50 marking.
Install
npx positronia --help # no install
npm i -g positronia # or pnpm add -g / bun add -gRequires Node ≥ 18.17.
Authentication
Create an API key at app.eutrustedia.eu/api-keys (any active plan), then:
export ETIA_API_KEY=etia_...The key is read from the environment only — it is never accepted as a CLI argument (shell history and process lists leak).
Usage
# Audit a SaaS (counts against your plan quota; cache-first per domain)
positronia audit https://some-saas.example \
--use-case "CRM storing customer emails" \
--position "data controller" \
--sensitivity professional
# List your audits
positronia list
# Full detail of one audit / dump the markdown report
positronia get <id>
positronia get <id> --md > report.mdOutput is a human table on an interactive terminal and JSON when piped (or with --json) — script- and agent-friendly by default.
| Flag | Description |
|---|---|
| --use-case <text> | How you use this SaaS (required for audit) |
| --position <text> | Your role towards the data (required for audit) |
| --sensitivity <l> | public · professional · rgpd_art9 · oiv (default professional) |
| --regions <list> | Comma-separated inference regions (declarative) |
| --force | Re-audit a domain you already audited |
| --md | (get) dump the raw markdown report |
| --json | Force JSON output |
Exit codes
0 success · 1 API/network error (the code field is printed, e.g. QUOTA_EXCEEDED, RATE_LIMITED) · 2 usage or configuration error.
Zero runtime dependencies
This CLI uses only Node built-ins (fetch, util.parseArgs). It is a thin wrapper over the documented public API — no database access, no telemetry, nothing phones home except the API calls you ask for.
Related surfaces
- REST API v1 —
https://app.eutrustedia.eu/api/v1/…(OpenAPI) - MCP server —
claude mcp add --transport http positronia https://app.eutrustedia.eu/api/mcp --header "Authorization: Bearer etia_…"
Made in the EU 🇪🇺 by PiaXel — the compliance scanner that never sees your source code.
