APAC Compliance MCP

get_compliance_check

Check compliance for a selected APAC country by retrieving data protection framework, regulator, risks, and spam law information.

Instructions

Country-specific compliance: data protection framework, regulator, risks, spam law.

Input Schema

TableJSON Schema

Name	Required	Description	Default
`country`	Yes

Implementation Reference

src/main.ts:158-167 (schema)

The COMPLIANCE_CHECKS data store containing compliance data for 8 APAC countries — the backing data that the tool reads from.

const COMPLIANCE_CHECKS: Record<string, any> = {
  japan: { framework: "Personal Information Protection Act (APPI) — recently strengthened. Cross-border transfer requires explicit consent.", regulator: "PPC (Personal Information Protection Commission)", risks: "Fines + reputational damage in name-and-shame culture", spam_law: "Specified Commercial Transactions Act + Anti-Spam Law" },
  singapore: { framework: "PDPA + Spam Control Act + Do Not Call (DNC) Registry", regulator: "PDPC", risks: "Fines up to S$1M + 3% turnover for serious breaches", spam_law: "Strict opt-in for SG numbers" },
  korea: { framework: "Personal Information Protection Act (PIPA)", regulator: "PIPC + KCC", risks: "High fines, name-and-shame, criminal liability for directors", spam_law: "K-ISMS + IT Network Act" },
  india: { framework: "DPDP Act 2023 + state-level laws", regulator: "Data Protection Board of India (forming)", risks: "Up to ₹250 crore fines for serious breaches", spam_law: "TRAI DLT registration for SMS/voice" },
  australia: { framework: "Privacy Act 1988 + Australian Privacy Principles", regulator: "OAIC", risks: "Up to A$50M / 30% turnover for serious breaches (post-2022 reforms)", spam_law: "Spam Act 2003 — strict consent + identification" },
  hongkong: { framework: "Personal Data Privacy Ordinance (PDPO)", regulator: "PCPD", risks: "Fines + criminal liability", spam_law: "Unsolicited Electronic Messages Ordinance — strict identification rules" },
  taiwan: { framework: "Personal Data Protection Act (PDPA Taiwan version)", regulator: "MoJ + sector regulators", risks: "Fines + criminal liability for serious cases", spam_law: "Telecommunications Act + UEM rules" },
  indonesia: { framework: "PDP Law 2022 + ITE Law", regulator: "KOMINFO + future PDP Authority", risks: "Up to 2% global turnover fines + criminal", spam_law: "ITE Law + telco regulations" }
};

src/main.ts:178-178 (registration)

Tool registration: 'get_compliance_check' is listed with its name, description, and inputSchema requiring a 'country' param.

{ name: "get_compliance_check", description: "Country-specific compliance: data protection framework, regulator, risks, spam law.", inputSchema: { type: "object", properties: { country: { type: "string", enum: Object.keys(COMPLIANCE_CHECKS) } }, required: ["country"] } },

src/main.ts:192-192 (handler)

Tool handler: case 'get_compliance_check' in the CallToolRequestSchema switch — looks up country in COMPLIANCE_CHECKS, returns JSON with disclaimer.

case "get_compliance_check": { const d = COMPLIANCE_CHECKS[country]; if (!d) throw new Error(`Unknown: ${country}`); return { content: [{ type: "text", text: JSON.stringify({ module: "APAC Compliance Check", country, disclaimer: "General guidance, not legal advice.", ...d }, null, 2) }] }; }

Tool Definition Quality

B3.1/5.0

Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden for behavioral disclosure. It describes what data is returned (compliance info), implying a read-only operation. However, it does not explicitly state that it is safe, has no side effects, or requires any authentication. For a simple retrieval tool with one parameter, the description is minimally adequate but lacks explicit safety assurances.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single concise sentence that covers the tool's purpose without any unnecessary words. It is front-loaded with the key function ('Country-specific compliance') and lists the output components efficiently. This is a model of conciseness.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's simplicity (one parameter, no output schema), the description provides the essential information: it returns compliance data. However, it does not mention the response structure, pagination, or how to interpret the data. For a tool with siblings, missing this context reduces completeness. It is adequate but not comprehensive.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters2/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema has one parameter ('country') with an enum list but no description. Schema description coverage is 0%, so the description should compensate by explaining the parameter. It does not mention the parameter at all, leaving the agent to infer its meaning from context. The enum values are clear, but the description adds no semantic value beyond the schema.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool provides country-specific compliance data including data protection framework, regulator, risks, and spam law. This distinguishes it from sibling tools like get_etiquette_guide or get_country_brief, which cover different aspects. The verb is implicit from the tool name ('get'), and the resource is clear. A more explicit verb could boost clarity further.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

No guidance is provided on when to use this tool versus alternatives like get_country_brief or get_full_apac_pack. The description does not mention use cases, prerequisites, or exclusions. This omission makes it harder for an agent to decide between siblings.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/closermethod/apac-compliance-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server