Skip to main content
Glama
deenesjakoruzh
CSOAI-ORG

CRA Compliance MCP

by CSOAI-ORG
OverviewSchemaRelated ServersScoreDiscussions
Python
Remote

cra-compliance-mcp MCP server MCP Registry PyPI

cra-compliance-mcp MCP server

PyPI Downloads GitHub stars License: MIT

CRA Compliance MCP

Automate EU Cyber Resilience Act (Regulation 2024/2847) compliance for products with digital elements.

Manufacturers · Importers · Distributors · Open-source stewards

Full applicability: 11 December 2027. Penalties: up to EUR 15M or 2.5% of global turnover.

MEOK AI Labs

Install · Tools · Pricing

Why This Exists

The CRA applies to every product with digital elements sold in the EU — software, IoT devices, industrial controllers, SaaS platforms. Manufacturers must ensure security by design, handle vulnerabilities within 24 hours, and maintain technical documentation for 10 years. Open-source projects used commercially have a new "open-source steward" category with lighter obligations.

This MCP classifies your product against CRA categories, assesses essential security requirements, checks vulnerability handling processes, and generates the conformity documentation.

Install

pip install cra-compliance-mcp

Tools

Tool

CRA Reference

What it does

classify_product

Art 6-8

Product category classification (default/important/critical)

assess_security_requirements

Annex I

Essential cybersecurity requirements check

check_vulnerability_handling

Art 14

24-hour vulnerability disclosure readiness

generate_documentation

Annex VII

Technical documentation generator

assess_supply_chain

Art 13

Software bill of materials + dependency audit

check_open_source_obligations

Art 25

Open-source steward obligations

run_full_audit

All

Complete CRA readiness assessment

sign_attestation

HMAC-SHA256 signed compliance certificate

Key Dates

Milestone

Date

Entry into force

10 December 2024

Vulnerability reporting obligations

11 September 2026

Full applicability

11 December 2027

Pricing

Tier

Price

What you get

Free

£0

10 calls/day

Pro

£199/mo

Unlimited + HMAC-signed attestations

Enterprise

£1,499/mo

Multi-tenant + co-branded reports

Subscribe to Pro · Enterprise

Attestation API

POST https://meok-attestation-api.vercel.app/sign
GET  https://meok-attestation-api.vercel.app/verify/{cert_id}

Also see: CRA Annex IV Classifier MCP for detailed Annex IV essential requirements.

Links

License

MIT

This server cannot be installed

A
license - permissive license
-
quality - not tested
B
maintenance

How are these scores calculated?

Maintenance

Maintainers
Response time
Release cycle
1Releases (12mo)

Resources

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/CSOAI-ORG/cra-compliance-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server