Skip to main content
Glama

AI Act Sentinel πŸ›‘οΈ

MCP server for EU AI Act compliance analysis β€” classify any AI system or workflow against Regulation (EU) 2024/1689, updated with AI Omnibus 2026.

Python License EU AI Act MCP Last Updated

Pass a PDF project document or plain text description β€” get back a structured English compliance report: risk level, violated articles, operator obligations, and remediation steps.


Why AI Act Sentinel?

The EU AI Act (Reg. EU 2024/1689) is the world's first comprehensive AI regulation. With the main deadline on 2 August 2026 and fines up to €35 million or 7% of worldwide turnover, understanding your compliance position is not optional.

Existing tools either:

  • Cover only ~30% of the Act (outdated repos from late 2024)

  • Require expensive legal consultations for every new workflow

  • Provide no automated pipeline integration

AI Act Sentinel runs locally as an MCP server, integrates directly with Claude Code, and fires automatically every time you build or modify an AI system.


Related MCP server: ai-economy-infrastructure

Features

  • πŸ”΄ Prohibited practice detection β€” all 10 Art. 5 cases including AI Omnibus 2026 (NCII + CSAM)

  • 🟠 High-risk classification β€” all 8 Annex III categories + Annex I safety components

  • 🟑 Transparency obligations β€” all 5 Art. 50 rules (chatbot disclosure, C2PA watermarking, deepfake labeling)

  • πŸ”΅ GPAI model detection β€” Chapter V obligations + systemic risk threshold (10²⁡ FLOPs)

  • πŸ“„ PDF project analysis β€” extract text from any project document and run full compliance check

  • πŸ‘€ Role-aware reports β€” obligations differ by role (provider, deployer, importer, distributor…)

  • πŸ”— Ansvar integration β€” optional live article lookup via Ansvar Systems EU Compliance MCP gateway

  • πŸ‡¬πŸ‡§ English reports β€” structured output in English with article citations and remediation steps


Risk Levels

Level

Trigger

Max Penalty

πŸ”΄ PROHIBITED

Art. 5 violation

€35M or 7% worldwide turnover

🟠 HIGH_RISK

Annex III or Annex I safety component

€15M or 3% worldwide turnover

🟑 LIMITED_RISK

Art. 50 transparency obligations only

€15M or 3% worldwide turnover

πŸ”΅ GPAI

General Purpose AI model (Chapter V)

€15M or 3% worldwide turnover

🟒 MINIMAL_RISK

No mandatory obligations

β€”

βšͺ OUT_OF_SCOPE

Military / personal / pre-commercial R&D

β€”


Coverage

Chapter

Articles

Status

Ch. II β€” Prohibited Practices

Art. 5 (10 cases incl. Omnibus 2026)

βœ… Complete

Ch. III β€” High-Risk Systems

Art. 6, Annex III (8 categories)

βœ… Complete

Ch. IV β€” Transparency

Art. 50 (5 rules)

βœ… Complete

Ch. V β€” GPAI Models

Art. 51-55, systemic risk

βœ… Complete

Ch. XI-XIII β€” Sanctions

Art. 99-101

βœ… Complete

Roles & Obligations

6 operator roles

βœ… Complete

Implementation Timeline

2024-2031

βœ… Complete


MCP Tools

Tool

Description

analyze_pdf

Analyze a PDF project document β€” full compliance pipeline

classify_text

Classify any text description against the Act

generate_report

Generate full compliance report

lookup_article

Fetch article text from Ansvar gateway

search_act

Full-text search across EU AI Act

get_obligations

Get obligations by operator role


Installation

Prerequisites

pip install pymupdf

Add to Claude Code (MCP config)

Add to ~/.mcp.json or ~/Orchestrator/.mcp.json:

{
  "mcpServers": {
    "ai-act-sentinel": {
      "command": "python3",
      "args": ["/path/to/ai-act-sentinel/server.py"]
    }
  }
}

Restart Claude Code. The 6 tools will be available in your session.


Usage

Analyze a PDF project

analyze_pdf(pdf_path="/path/to/your/project.pdf")

Classify a text description

classify_text(
  description="AI recruitment system with automated CV filtering and candidate ranking",
  generate_full_report=True
)

Quick Python test

cd ai-act-sentinel
python3 -c "
from tools.classifier import classify
from tools.reporter import generate_report

desc = 'AI system for creditworthiness assessment of individuals for bank mortgages'
result = classify(desc)
print(generate_report(result, source='test'))
"

Sample output

======================================================================
AI ACT SENTINEL β€” COMPLIANCE REPORT
Analysis date: 2026-06-18
Source: test
======================================================================

RISK LEVEL: 🟠 HIGH RISK (Annex III / Art. 6)

DESCRIPTION: The AI system falls under high-risk categories.
Full Chapter III requirements are mandatory.

SUMMARY: System matches 1 Annex III high-risk category.

MAXIMUM PENALTY: €15,000,000 or 3% of worldwide annual turnover

POTENTIALLY VIOLATED ARTICLES:
  β€’ Annex III(5)

ISSUES DETECTED:
  1. 5. Essential Public & Private Services (Annex III(5))
     Keywords matched: creditworthiness, individuals, bank mortgages

APPLICABLE OBLIGATIONS:
  βœ“ Art. 9 β€” Risk management system
  βœ“ Art. 10 β€” Data governance
  βœ“ Art. 11 β€” Technical documentation
  βœ“ Art. 43 β€” Conformity assessment
  βœ“ Art. 49 β€” EU database registration
  ...

RECOMMENDATIONS:
  1. Implement a risk management system (Art. 9)
  2. Prepare complete technical documentation (Art. 11)
  3. Carry out conformity assessment (Art. 43)
  4. Register in EU database (Art. 49) before deployment

Project Structure

ai-act-sentinel/
β”œβ”€β”€ server.py                    # MCP server β€” JSON-RPC 2.0 over stdio
β”œβ”€β”€ knowledge/
β”‚   β”œβ”€β”€ prohibited.py            # Art. 5 β€” 10 prohibited practices
β”‚   β”œβ”€β”€ annex_iii.py             # Annex III β€” 8 high-risk categories
β”‚   β”œβ”€β”€ transparency.py          # Art. 50 β€” 5 transparency rules
β”‚   β”œβ”€β”€ gpai.py                  # Chapter V β€” GPAI + systemic risk
β”‚   β”œβ”€β”€ roles.py                 # 6 operator roles + obligations matrix
β”‚   └── sanctions.py             # Art. 99-101 sanction tiers
β”œβ”€β”€ tools/
β”‚   β”œβ”€β”€ classifier.py            # 6-question decision tree (Q1β†’Q6)
β”‚   β”œβ”€β”€ reporter.py              # English report generator
β”‚   β”œβ”€β”€ pdf_analyzer.py          # PDF text extraction (PyMuPDF)
β”‚   └── ansvar.py                # HTTP client β†’ gateway.ansvar.eu/mcp
└── requirements.txt

Classification Decision Tree

Q1: In scope? (not military / personal / pre-commercial)
Q2: Art. 5 prohibited practice? β†’ PROHIBITED (stop)
Q3: Annex III use case? β†’ HIGH_RISK (or exception if only procedural + no profiling)
Q4: Annex I safety component? β†’ HIGH_RISK Art. 6(1)
Q5: Art. 50 trigger? (chatbot / synthetic content / emotion / deepfake) β†’ LIMITED_RISK
Q6: GPAI model? β†’ Chapter V obligations (+ Art. 55 if >10²⁡ FLOPs)
β†’ else: MINIMAL_RISK

Key Deadlines

Date

What enters into force

βœ… 2 Feb 2025

Art. 5 prohibited practices + AI literacy (Art. 4)

βœ… 2 Aug 2025

GPAI obligations (Ch. V) + governance + sanctions

⚠️ 2 Aug 2026

Everything else: high-risk, Art. 50, deployer obligations, EU DB registration

2 Aug 2027

Art. 6(1) Annex I products + pre-2025 GPAI compliance

7 May 2026

AI Omnibus: NCII/CSAM prohibitions, SME relief, EU sandboxes


External Data Layer

For live article lookups, AI Act Sentinel integrates with Ansvar Systems EU Compliance MCP:

  • 126 AI Act articles, 68 definitions, 181 recitals

  • Updated daily from EUR-Lex

  • 50 free queries/day at https://gateway.ansvar.eu/mcp

  • Graceful fallback to local knowledge if gateway is unavailable


Auto-Trigger Integration

When used with Claude Code and the provided CLAUDE.md configuration, AI Act Sentinel fires automatically:

  • Every time you create or modify an N8N / Make workflow

  • Every time you build an AI-powered application

  • Every time you describe a system that processes personal data with ML

  • When you pass a PDF project document for review

Behavior by risk level:

  • PROHIBITED β†’ Claude stops and refuses to deploy

  • HIGH_RISK β†’ Report shown, user confirmation required before deploy

  • LIMITED_RISK β†’ Art. 50 disclosures added to system design automatically


Privacy

AI Act Sentinel is designed to be private by default:

  • πŸ–₯️ Runs entirely on your machine β€” it's a local MCP server. Your project documents and descriptions never leave your computer for processing.

  • πŸ”‘ No API keys required β€” the classifier and report generator need no credentials and read no environment secrets.

  • 🚫 No data collection, no telemetry β€” nothing is logged to or sent to the author or any analytics service.

  • πŸ”— One optional external call β€” only the lookup_article / search_act tools may contact the public Ansvar Systems gateway (gateway.ansvar.eu) for live article text. Only the article ID or query you request is sent, from your machine. If the gateway is unavailable, it falls back to the bundled local knowledge base β€” so the tool works fully offline too.


Disclaimer

AI Act Sentinel is an automated compliance screening tool for informational purposes only. It does not constitute legal advice. For deployment decisions involving high-risk AI systems, consult a qualified legal professional specializing in EU AI regulation.

Regulatory basis: Regulation (EU) 2024/1689 (EU AI Act) as amended by AI Omnibus (May 2026). Last knowledge update: June 2026.


License

MIT β€” see LICENSE


Built with ❀️ for the EU AI compliance ecosystem.

A
license - permissive license
-
quality - not tested
B
maintenance

Maintenance

–Maintainers
–Response time
–Release cycle
–Releases (12mo)
Commit activity

Resources

Unclaimed servers have limited discoverability.

Looking for Admin?

If you are the server author, to access and configure the admin panel.

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/PierpyRenda/ai-act-sentinel'

If you have feedback or need assistance with the MCP directory API, please join our Discord server