Skip to main content
Complete schema reference for the 13 MCP tools exposed by complior mcp. Compatible with Claude Code, Cursor, Windsurf, OpenCode, Codex, Devin, and aider.
Source of truth: engine/core/src/mcp/tools.ts (Zod schemas) + engine/core/src/mcp/handlers.ts (handler logic).
The toolset is organized into three groups:
  • Core (7) — scan, fix, status, explain, search_tool, classify, report (since v1.0.0)
  • Builder (3) — passport_init, doc_generate, redteam (since v1.1.0)
  • Analytics (3) — evidence_verify, drift_detect, obligations_status (since v1.1.0)

complior_scan

Scan a project for EU AI Act compliance. Returns score, violations, and top findings.

Input

Output

Example agent usage

You: Check the compliance of this project. Agent calls complior_scan with { path: "." } → returns score 75/100 with 12 findings.

complior_fix

Auto-fix a specific compliance violation. Returns diff preview and score delta.

Input

Output

Example agent usage

You: Fix the bare LLM call. Agent calls complior_fix with { checkId: "l4-bare-llm" } → wraps with SDK, returns +5 score impact.

complior_status

Get current compliance score and category breakdown from the last scan.

Input

No parameters.

Output

If no scan results exist, returns { message: "No scan results yet. Run complior_scan first." }.

complior_explain

Explain an EU AI Act article or obligation in plain language with code implications.

Input

Output

Plain-text explanation with:
  • Article title and risk level
  • What it requires
  • Penalty for non-compliance
  • Code implications (what to add / change in your project)
  • Related obligations

Example agent usage

You: Explain Article 50. Agent calls complior_explain with { article: "Art. 50" } → returns transparency requirements + disclosure SDK example.

complior_search_tool

Search the AI tool catalog for compliance information about a specific tool.

Input

Output


complior_classify

Classify the risk level of an AI system based on its description and domain.

Input

Output


complior_report

Generate a compliance report in JSON or Markdown format.

Input

Output

  • format: "markdown" — Markdown report with score, findings table, top issues, action plan
  • format: "json" — Structured JSON with full report data (compatible with complior report --json)
Requires a prior scan. Returns "No scan results. Run complior_scan first." otherwise.

complior_passport_init

New in v1.1.0 (Builder group). Generate Mode 1 Auto Agent Passport(s) by AST-scanning the project.
Each passport is ed25519-signed and includes 36 fields covering identity, capabilities, autonomy, permissions, oversight, and lifecycle.

Input

Output

Returns isError: true with "No agents found" when AST scan finds no agent configurations or SDK usage.

Example agent usage

You: Generate a passport for our chatbot. Agent calls complior_passport_init with {} → returns 1 passport with 85% completeness, saved to .complior/agents/.

complior_doc_generate

New in v1.1.0 (Builder group). Generate one of 14 EU AI Act compliance documents from an existing passport.
Supported document types (one of): ai-literacy, art5-screening, technical-documentation, incident-report, declaration-of-conformity, monitoring-policy, fria, worker-notification, risk-management, data-governance, qms, instructions-for-use, gpai-transparency, gpai-systemic-risk.

Input

Output

Returns isError: true with "Passport \"<name>\" not found" if the passport doesn’t exist.

Example agent usage

You: Make a FRIA for our support bot. Agent calls complior_doc_generate with { docType: "fria", passportName: "support-bot" } → returns markdown with prefilled fields and a list of manual fields the user still needs to complete.

complior_redteam

New in v1.1.0 (Builder group). Run 300+ adversarial security probes (OWASP LLM Top 10, MITRE ATLAS) against an AI endpoint.
Long-running operation — typically 30s–5min depending on concurrency and target latency. MCP clients should use a timeout of at least 5 minutes (e.g. requestTimeout: 300000).

Input

Output

When threshold is set and the score falls below it, returns isError: true plus thresholdFailed: true and the failing threshold value.

Example agent usage

You: Red-team our chatbot endpoint with a minimum score of 80. Agent calls complior_redteam with { target: "https://...", threshold: 80 } → if score 75, returns isError with thresholdFailed: true.

complior_evidence_verify

New in v1.1.0 (Analytics group). Verify integrity of the evidence chain (SHA-256 + ed25519).
Used for audit preparation — every scan and fix appends to the chain, so the chain is the cryptographic proof of compliance history.

Input

Output

When the chain is tampered, valid: false with a brokenAt index and human-readable issues:
Returns isError: true with "Evidence chain not found or unreadable" if the store cannot be read.

complior_drift_detect

New in v1.1.0 (Analytics group). Compare the latest scan against the previous one and report compliance drift.

Input

Output

Severity classification: When no previous scan exists, returns severity: "none" with hasDrift: false and a message field.

complior_obligations_status

New in v1.1.0 (Analytics group). Per-obligation coverage breakdown across all 108 EU AI Act obligations.

Input

Output

Example agent usage

You: Show me high-risk obligations that aren’t covered yet. Agent calls complior_obligations_status with { riskLevel: "high", coverage: "uncovered" } → returns the gap list ranked by severity.

Common patterns

Scan → fix loop (Core)

Onboarding a new AI system (Builder)

Continuous compliance (Analytics)


Roadmap

Current set: 13 tools (Core 7 + Builder 3 + Analytics 3). Future additions (post-v1.1.0):
  • Guard tools (V2-M03, after Guard MVP G-M01) — complior_guard_check, complior_guard_pii, complior_guard_bias
  • SaaS Dashboard tools (V2-M07, after cloud deploy) — fleet view, sync status
See GitHub Discussions for proposals.