quick_scan
Classify an AI system's risk under the EU AI Act and receive top compliance obligations instantly from a single description.
Instructions
One-sentence AI system description -> instant EU AI Act risk classification and top obligations. No API key required.
Behavior: This tool is read-only and stateless — it produces analysis output without modifying any external systems, databases, or files. Safe to call repeatedly with identical inputs (idempotent). Free tier: 10/day rate limit. Pro tier: unlimited. No authentication required for basic usage.
When to use: Use this tool when you need to assess, audit, or verify compliance requirements. Ideal for gap analysis, readiness checks, and generating compliance documentation.
When NOT to use: Do not use as a substitute for qualified legal counsel. This tool provides technical compliance guidance, not legal advice. Behavioral Transparency: - Side Effects: This tool is read-only and produces no side effects. It does not modify any external state, databases, or files. All output is computed in-memory and returned directly to the caller. - Authentication: No authentication required for basic usage. Pro/Enterprise tiers require a valid MEOK API key passed via the MEOK_API_KEY environment variable. - Rate Limits: Free tier: 10 calls/day. Pro tier: unlimited. Rate limit headers are included in responses (X-RateLimit-Remaining, X-RateLimit-Reset). - Error Handling: Returns structured error objects with 'error' key on failure. Never raises unhandled exceptions. Invalid inputs return descriptive validation errors. - Idempotency: Fully idempotent — calling with the same inputs always produces the same output. Safe to retry on timeout or transient failure. - Data Privacy: No input data is stored, logged, or transmitted to external services. All processing happens locally within the MCP server process.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| description | Yes |
Implementation Reference
- server.py:445-563 (handler)The quick_scan tool function that executes the core logic: takes a one-sentence AI system description, checks against prohibited practices (Article 5), high-risk areas (Annex III), and limited-risk triggers, then returns risk classification, matched areas, top obligations, deadline, and penalty range. Includes rate limiting, idempotency, and no side effects.
def quick_scan(description: str) -> dict: """One-sentence AI system description -> instant EU AI Act risk classification and top obligations. No API key required. Behavior: This tool is read-only and stateless — it produces analysis output without modifying any external systems, databases, or files. Safe to call repeatedly with identical inputs (idempotent). Free tier: 10/day rate limit. Pro tier: unlimited. No authentication required for basic usage. When to use: Use this tool when you need to assess, audit, or verify compliance requirements. Ideal for gap analysis, readiness checks, and generating compliance documentation. When NOT to use: Do not use as a substitute for qualified legal counsel. This tool provides technical compliance guidance, not legal advice. Behavioral Transparency: - Side Effects: This tool is read-only and produces no side effects. It does not modify any external state, databases, or files. All output is computed in-memory and returned directly to the caller. - Authentication: No authentication required for basic usage. Pro/Enterprise tiers require a valid MEOK API key passed via the MEOK_API_KEY environment variable. - Rate Limits: Free tier: 10 calls/day. Pro tier: unlimited. Rate limit headers are included in responses (X-RateLimit-Remaining, X-RateLimit-Reset). - Error Handling: Returns structured error objects with 'error' key on failure. Never raises unhandled exceptions. Invalid inputs return descriptive validation errors. - Idempotency: Fully idempotent — calling with the same inputs always produces the same output. Safe to retry on timeout or transient failure. - Data Privacy: No input data is stored, logged, or transmitted to external services. All processing happens locally within the MCP server process. """ limit_err = _check_rate_limit("quick_scan_anonymous") if limit_err: return {"error": "rate_limited", "message": limit_err} risk_level = "minimal" matched_areas = [] top_obligations = [] penalty_range = "None for minimal risk systems" deadline = "No mandatory deadline for minimal risk" # Check prohibited (Article 5) for practice in PROHIBITED_PRACTICES: matches = _match_keywords(description, practice["keywords"]) if matches: matched_areas.append(f"{practice['article']}: {practice['description']}") if matched_areas: risk_level = "prohibited" top_obligations = [ "CEASE deployment immediately — system is banned under Article 5", "Seek legal counsel on whether any narrow exceptions apply", "Report to national supervisory authority if already deployed", ] penalty_range = "Up to EUR 35,000,000 or 7% of global annual turnover" deadline = "2 February 2025 (ALREADY IN EFFECT)" return { "risk_level": risk_level, "matched_areas": matched_areas, "top_3_obligations": top_obligations, "deadline": deadline, "penalty_range": penalty_range, "regulation": "Regulation (EU) 2024/1689", "next_step": "Use classify_ai_risk for detailed analysis or check_compliance for full audit", "meok_labs": "https://meok.ai", } # Check high-risk (Annex III) for area in ANNEX_III_HIGH_RISK: matches = _match_keywords(description, area["keywords"]) if matches: matched_areas.append(f"Annex III Area {area['area']}: {area['title']}") if matched_areas: risk_level = "high-risk" top_obligations = [ "Establish risk management system (Article 9) and data governance (Article 10)", "Create Annex IV technical documentation and implement logging (Articles 11-12)", "Ensure human oversight, transparency, and accuracy testing (Articles 13-15)", ] penalty_range = "Up to EUR 15,000,000 or 3% of global annual turnover" deadline = "2 August 2026" else: # Check limited risk limited_keywords = [ "chatbot", "chat bot", "conversational ai", "virtual assistant", "deepfake", "synthetic media", "generated image", "generated video", "generated text", "generative ai", "foundation model", "large language model", "llm", ] limited_matches = _match_keywords(description, limited_keywords) if limited_matches: risk_level = "limited-risk" matched_areas = [f"Transparency trigger: {kw}" for kw in limited_matches] top_obligations = [ "Inform users they are interacting with AI (Article 50)", "Label AI-generated content as artificially generated (Article 50)", "GPAI providers: comply with Articles 51-56 (if applicable)", ] penalty_range = "Up to EUR 15,000,000 or 3% of global annual turnover" deadline = "2 August 2025 (GPAI rules)" else: top_obligations = [ "No mandatory obligations — voluntary codes of conduct encouraged (Article 95)", "Monitor EU AI Office for delegated acts that may reclassify your system", "Consider voluntary adoption of high-risk requirements for trust", ] return { "risk_level": risk_level, "matched_areas": matched_areas, "top_3_obligations": top_obligations, "deadline": deadline, "penalty_range": penalty_range, "regulation": "Regulation (EU) 2024/1689", "next_step": "Use classify_ai_risk for detailed analysis or check_compliance for full audit", "meok_labs": "https://meok.ai", } - server.py:444-446 (registration)Registration decorator @mcp.tool() that registers quick_scan as an MCP tool on the FastMCP server.
@mcp.tool() def quick_scan(description: str) -> dict: """One-sentence AI system description -> instant EU AI Act risk classification and top obligations. No API key required. - server.py:435-438 (helper)Helper function _match_keywords used by quick_scan to perform case-insensitive keyword matching against the description text.
def _match_keywords(text: str, keywords: list[str]) -> list[str]: """Return matched keywords found in text (case-insensitive).""" text_lower = text.lower() return [kw for kw in keywords if kw.lower() in text_lower] - server.py:445-477 (schema)Input schema: takes a single 'description' parameter (string). Output schema: returns a dict with risk_level, matched_areas, top_3_obligations, deadline, penalty_range, regulation, next_step, meok_labs keys.
def quick_scan(description: str) -> dict: """One-sentence AI system description -> instant EU AI Act risk classification and top obligations. No API key required. Behavior: This tool is read-only and stateless — it produces analysis output without modifying any external systems, databases, or files. Safe to call repeatedly with identical inputs (idempotent). Free tier: 10/day rate limit. Pro tier: unlimited. No authentication required for basic usage. When to use: Use this tool when you need to assess, audit, or verify compliance requirements. Ideal for gap analysis, readiness checks, and generating compliance documentation. When NOT to use: Do not use as a substitute for qualified legal counsel. This tool provides technical compliance guidance, not legal advice. Behavioral Transparency: - Side Effects: This tool is read-only and produces no side effects. It does not modify any external state, databases, or files. All output is computed in-memory and returned directly to the caller. - Authentication: No authentication required for basic usage. Pro/Enterprise tiers require a valid MEOK API key passed via the MEOK_API_KEY environment variable. - Rate Limits: Free tier: 10 calls/day. Pro tier: unlimited. Rate limit headers are included in responses (X-RateLimit-Remaining, X-RateLimit-Reset). - Error Handling: Returns structured error objects with 'error' key on failure. Never raises unhandled exceptions. Invalid inputs return descriptive validation errors. - Idempotency: Fully idempotent — calling with the same inputs always produces the same output. Safe to retry on timeout or transient failure. - Data Privacy: No input data is stored, logged, or transmitted to external services. All processing happens locally within the MCP server process. """