Skip to main content
Glama
CSOAI-ORG

MEOK Fria Generator MCP

by CSOAI-ORG
OverviewSchemaRelated ServersScoreDiscussions
Python
Remote

is_fria_required

Assess whether a Fundamental Rights Impact Assessment (FRIA) is mandatory under EU AI Act Article 27, based on organisation type, public law status, and service context.

Instructions

Determine if a FRIA is mandatory under EU AI Act Article 27 for this deployment.

Args: organisation_type: One of public-authority / private-operator / SaaS-vendor / individual. is_public_law_body: True if the organisation is a body governed by Member State or EU public law. provides_public_service: True if the organisation provides services in a public-service context (recruitment for public sector, education, healthcare, social services, etc.). annex_iii_categories: List of Annex III high-risk categories the system falls under. E.g., ["employment-and-workforce", "education-and-vocational-training", "credit-scoring"].

Returns: Decision + rationale + Article 27 reference.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
organisation_typeYes
is_public_law_bodyNo
provides_public_serviceNo
annex_iii_categoriesNo

Output Schema

TableJSON Schema
NameRequiredDescriptionDefault

No arguments

Implementation Reference

  • meok_fria_generator/server.py:124-184 (handler)
    The `is_fria_required` tool function (decorated with @mcp.tool()). It determines if a FRIA is mandatory under EU AI Act Article 27 by evaluating organisation type, public-law body status, public-service provision, and Annex III high-risk categories. Returns a decision with rationale, regulatory basis, deadline, and review obligation.
    @mcp.tool()
def is_fria_required(
    organisation_type: str,
    is_public_law_body: bool = False,
    provides_public_service: bool = False,
    annex_iii_categories: list[str] | None = None,
) -> dict[str, Any]:
    """Determine if a FRIA is mandatory under EU AI Act Article 27 for this deployment.

    Args:
        organisation_type: One of public-authority / private-operator / SaaS-vendor / individual.
        is_public_law_body: True if the organisation is a body governed by Member State or EU public law.
        provides_public_service: True if the organisation provides services in a public-service context
            (recruitment for public sector, education, healthcare, social services, etc.).
        annex_iii_categories: List of Annex III high-risk categories the system falls under.
            E.g., ["employment-and-workforce", "education-and-vocational-training", "credit-scoring"].

    Returns:
        Decision + rationale + Article 27 reference.
    """
    annex_iii_categories = annex_iii_categories or []

    # Specifically mandatory categories per Article 27(1)
    always_mandatory = {"credit-scoring", "life-insurance-pricing", "health-insurance-pricing"}
    has_always_mandatory = bool(set(annex_iii_categories) & always_mandatory)

    is_mandatory = False
    rationale = []

    if is_public_law_body:
        is_mandatory = True
        rationale.append("Public-law body — Article 27(1) mandates FRIA for all bodies governed by public law")
    if provides_public_service:
        is_mandatory = True
        rationale.append(
            "Provides public service — Article 27(1) extends FRIA obligation to private operators "
            "providing public services"
        )
    if has_always_mandatory:
        is_mandatory = True
        cats = sorted(set(annex_iii_categories) & always_mandatory)
        rationale.append(
            f"Always-mandatory category triggered: {cats} — Article 27(1) requires FRIA "
            f"regardless of organisation type for credit/insurance pricing"
        )

    if not is_mandatory and annex_iii_categories:
        rationale.append(
            "Not strictly mandatory under Art. 27, but Annex III high-risk system — STRONGLY "
            "RECOMMENDED to conduct a FRIA-equivalent assessment as best practice"
        )

    return {
        "fria_mandatory": is_mandatory,
        "rationale": rationale,
        "annex_iii_categories": annex_iii_categories,
        "regulatory_basis": "EU AI Act Reg (EU) 2024/1689 Article 27",
        "deadline": "FRIA must be completed BEFORE first deployment of the high-risk AI system",
        "review_obligation": "Article 27(2) — update FRIA when deployer's processes, risks, or "
        "circumstances change materially",
    }
  • meok_fria_generator/server.py:124-124 (registration)
    Tool registration via the @mcp.tool() decorator on the `is_fria_required` function. The FastMCP instance `mcp` is created on line 25 and the decorator registers the function as an MCP tool.
    @mcp.tool()
  • meok_fria_generator/server.py:94-101 (helper)
    FRIA_MANDATORY_TRIGGERS constant used as reference data for when FRIA is mandatory per Article 27(1). This helper data informs the logic of is_fria_required.
    # When FRIA is mandatory (per Article 27(1))
FRIA_MANDATORY_TRIGGERS = [
    "Body governed by public law (Member State or EU institution)",
    "Private operator providing public services (e.g., recruitment for public-sector roles, education, healthcare)",
    "Deploying a high-risk AI system listed in Annex III",
    "Specifically: credit scoring (Annex III §5(b))",
    "Specifically: life/health insurance pricing (Annex III §5(c))",
]
  • meok_fria_generator/server.py:131-143 (schema)
    Docstring and type hints for is_fria_required serving as input/output schema. Parameters: organisation_type (str), is_public_law_body (bool), provides_public_service (bool), annex_iii_categories (list[str] | None). Returns dict[str, Any] with decision + rationale.
    """Determine if a FRIA is mandatory under EU AI Act Article 27 for this deployment.

Args:
    organisation_type: One of public-authority / private-operator / SaaS-vendor / individual.
    is_public_law_body: True if the organisation is a body governed by Member State or EU public law.
    provides_public_service: True if the organisation provides services in a public-service context
        (recruitment for public sector, education, healthcare, social services, etc.).
    annex_iii_categories: List of Annex III high-risk categories the system falls under.
        E.g., ["employment-and-workforce", "education-and-vocational-training", "credit-scoring"].

Returns:
    Decision + rationale + Article 27 reference.
"""

Tool Definition Quality

A4.5/5.0
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full burden. It transparently states the return value: 'Decision + rationale + Article 27 reference.' No side effects or destructive behavior are implied, which is appropriate for a determination tool.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is well-structured with 'Args' and 'Returns' sections. It is concise but provides necessary detail. Minor improvement could be more brevity in the parameter descriptions.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's simplicity and presence of an output schema, the description covers all required aspects: purpose, parameter meanings, and return value. It is complete and leaves no gaps.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters5/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 0%, so the description must explain all parameters. It does so thoroughly: organisation_type lists options, is_public_law_body and provides_public_service are explained, and annex_iii_categories gives examples. This adds significant value.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: 'Determine if a FRIA is mandatory under EU AI Act Article 27 for this deployment.' This specific verb+resource combination distinguishes it from sibling tools like generate_fria_template.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides clear context for when to use the tool: to check the mandatory requirement for a FRIA. It does not explicitly state when not to use it or mention alternatives, but the use case is well-defined.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/CSOAI-ORG/meok-fria-generator-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server