GIA MCP Server

assess_risk_tier

Read-onlyIdempotent

Maps an AI system description to EU AI Act risk tiers (Unacceptable, High, Limited, Minimal) and provides MAI governance recommendations.

Instructions

Assess the risk tier of an AI system using rule-based mapping to EU AI Act categories (Unacceptable, High, Limited, Minimal). Returns tier and MAI governance recommendations. Classification is heuristic, not a legal determination.

Input Schema

TableJSON Schema

Name	Required	Description
`system_description`	Yes	Description of the AI system or operation
`domain`	Yes	Industry domain
`affects_individuals`	Yes	Whether the system makes decisions affecting individuals
`autonomous_decisions`	Yes	Whether the system makes autonomous decisions

Implementation Reference

src/mcp/tools/assess-risk-tier.ts:16-92 (handler)

The main handler function 'registerAssessRiskTierTool' that registers the 'assess_risk_tier' tool with an MCP server. Takes system_description, domain, affects_individuals, and autonomous_decisions as inputs; applies rule-based classification to determine EU AI Act risk tier (HIGH/LIMITED/MINIMAL), checks for PII, and returns risk tier, MAI recommendation, and governance requirements.

export function registerAssessRiskTierTool(server: McpServer, engine: GovernanceEngine): void {
  server.tool(
    'assess_risk_tier',
    'Assess the risk tier of an AI system using rule-based mapping to EU AI Act categories (Unacceptable, High, Limited, Minimal). Returns tier and MAI governance recommendations. Classification is heuristic, not a legal determination.',
    {
      system_description: z.string().max(MAX_INPUT_LENGTH).describe('Description of the AI system or operation'),
      domain: z.string().describe('Industry domain'),
      affects_individuals: z.boolean().describe('Whether the system makes decisions affecting individuals'),
      autonomous_decisions: z.boolean().describe('Whether the system makes autonomous decisions'),
    },
    { title: 'Assess Risk Tier', readOnlyHint: true, idempotentHint: true, destructiveHint: false, openWorldHint: false },
    async (input) => {
      const desc = sanitize(input.system_description);
      const hasPii = detectPii(desc);

      // EU AI Act Annex III — domains classified HIGH risk regardless of caller flags.
      // "Administration of social benefits" and similar individual-outcome domains are
      // HIGH risk even when the caller omits affects_individuals: true.
      const HIGH_STAKES_DOMAINS = ['va-claims', 'va_claims', 'veterans', 'healthcare', 'legal', 'financial', 'justice', 'employment', 'education', 'social-benefits', 'immigration'];
      const domainStr = input.domain.toLowerCase();
      const descStr = desc.toLowerCase();
      const domainIsHighStakes = HIGH_STAKES_DOMAINS.some(d =>
        domainStr.includes(d) || descStr.includes(d.replace('-', ' '))
      );

      // Treat autonomous decisions in high-stakes domains as affecting individuals —
      // the caller flag is advisory; domain context is authoritative.
      const effectiveAffectsIndividuals = input.affects_individuals || (input.autonomous_decisions && domainIsHighStakes);

      // Risk tier assessment logic (delegatable to CORE in future)
      let tier: string;
      let maiRecommendation: string;

      if (effectiveAffectsIndividuals && input.autonomous_decisions) {
        tier = 'HIGH';
        maiRecommendation = 'All agent actions should be MANDATORY classification. Human-in-the-loop required.';
      } else if (effectiveAffectsIndividuals) {
        tier = 'HIGH';
        maiRecommendation = 'Decision points should be MANDATORY. Processing can be ADVISORY.';
      } else if (input.autonomous_decisions) {
        tier = 'LIMITED';
        maiRecommendation = 'Outputs should be ADVISORY. Internal processing can be INFORMATIONAL.';
      } else {
        tier = 'MINIMAL';
        maiRecommendation = 'Standard governance applies. INFORMATIONAL for processing, ADVISORY for outputs.';
      }

      if (hasPii) {
        tier = 'HIGH';
        maiRecommendation = 'PII detected. Elevate all operations to MANDATORY minimum. Apply SOVEREIGN data handling.';
      }

      // Tool accountability tracking
      engine.telemetryService.emitToolCall('assess_risk_tier', `risk-${Date.now().toString(36)}`, 'INFORMATIONAL', true);

      return {
        content: [{ type: 'text' as const, text: JSON.stringify({
          riskTier: tier,
          domain: input.domain,
          piiDetected: hasPii,
          affectsIndividuals: input.affects_individuals,
          effectiveAffectsIndividuals,
          domainElevated: domainIsHighStakes && !input.affects_individuals && input.autonomous_decisions,
          autonomousDecisions: input.autonomous_decisions,
          maiRecommendation,
          governanceRequirements: {
            auditRequired: true,
            gateRequired: tier === 'HIGH',
            scoringRequired: true,
            thresholdMonitoring: true,
            humanOversight: tier === 'HIGH' ? 'MANDATORY' : 'ADVISORY',
          },
        }, null, 2) }],
      };
    }
  );
}

src/mcp/tools/assess-risk-tier.ts:21-25 (schema)

Zod schema for input validation: system_description (string, max 50k chars), domain (string), affects_individuals (boolean), autonomous_decisions (boolean).

  system_description: z.string().max(MAX_INPUT_LENGTH).describe('Description of the AI system or operation'),
  domain: z.string().describe('Industry domain'),
  affects_individuals: z.boolean().describe('Whether the system makes decisions affecting individuals'),
  autonomous_decisions: z.boolean().describe('Whether the system makes autonomous decisions'),
},

src/mcp/server.ts:95-95 (registration)
Tool registration entry in the TOOL_REGISTRY array, mapping 'assess_risk_tier' to 'public' visibility tier and the registerAssessRiskTierTool function.
```
{ tier: 'public', register: registerAssessRiskTierTool, description: 'assess_risk_tier' },
```

src/shared/utils.ts:15-21 (helper)

Helper function 'sanitize' used by the handler to strip HTML/script tags from input text.

export function sanitize(input: string): string {
  return input
    .replace(/<script[\s\S]*?<\/script>/gi, '')
    .replace(/<[^>]*>/g, '')
    .replace(/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]/g, '')
    .trim();
}

src/shared/utils.ts:23-30 (helper)

Helper function 'detectPii' used by the handler to check for PII patterns (SSNs, dates) in the input description.

export function detectPii(text: string): boolean {
  const patterns = [
    /\b\d{3}-\d{2}-\d{4}\b/,
    /\b\d{2}\/\d{2}\/\d{4}\b/,
    /\b\d{4}-\d{2}-\d{2}\b/,
  ];
  return patterns.some(p => p.test(text));
}

Tool Definition Quality

A3.8/5.0

Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations already indicate readOnlyHint=true, destructiveHint=false, and idempotentHint=true, so safety profile is clear. The description adds valuable context: the classification is heuristic, not a legal determination, and it returns governance recommendations. This goes beyond annotations by disclosing limitations and additional outputs.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is three sentences long, each providing essential information: purpose, categories, return value, and a caveat. It is front-loaded with the core action and wastes no words. Every sentence earns its place.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the absence of an output schema, the description adequately explains what is returned (tier and recommendations) and lists the categories. With 100% schema coverage for inputs, the description covers the essential aspects. However, it could briefly mention how the heuristic works (e.g., based on flags like autonomous_decisions) to be fully complete.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema covers all parameters with descriptions (100% coverage), so the baseline is 3. The description does not add per-parameter details beyond what the schema provides. It offers high-level context but does not enhance the semantic meaning of individual parameters.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's function: assessing risk tier using rule-based mapping to EU AI Act categories, listing the possible categories (Unacceptable, High, Limited, Minimal). It also specifies the return value (tier and MAI governance recommendations). This is specific and distinct from sibling tools like 'classify_decision' or 'score_governance', which focus on different classification tasks.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description does not provide explicit guidance on when to use this tool versus alternatives. It implies context (EU AI Act classification) but does not state when it is appropriate or when to avoid it (e.g., if a legal determination is needed). No alternatives are mentioned.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/knowledgepa3/gia-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server