Labsco
airblackbox logo

AIR Blackbox

โ˜… 1

from airblackbox

EU AI Act compliance scanner for Python AI agents โ€” 10 tools for scanning, analysis, and remediation

๐Ÿ”ฅ๐Ÿ”ฅ๐Ÿ”ฅโœ“ VerifiedFreeQuick setup

AIR Blackbox MCP Server

AIR Blackbox MCP demo

EU AI Act compliance scanning for Claude Desktop, Claude Code, Cursor, and any MCP-compatible client.

Unlike other compliance scanners that only report problems, AIR Blackbox also remediates - generating working code fixes, trust layer integrations, GDPR compliance checks, bias analysis, and full compliance reports. Under the hood, the scanning feeds into air-trust, a cryptographic audit chain (HMAC-SHA256) with Ed25519 signed handoffs that ensures compliance data integrity.

14 Tools (10 base + 4 SDK-powered)

TierToolWhat it doesRequires SDK
Scanningscan_codeScan Python code string for all 6 EU AI Act articlesNo
Scanningscan_fileRead and scan a single Python fileNo
Scanningscan_projectRecursively scan all .py files in a directoryNo
Analysisanalyze_with_modelDeep analysis via local fine-tuned model (Ollama)No
Analysischeck_injectionDetect prompt injection attacks (15 patterns)No
Analysisclassify_riskClassify tools by EU AI Act risk levelNo
Remediationadd_trust_layerGenerate trust layer integration codeNo
Remediationsuggest_fixGet article-specific fix recommendationsNo
Documentationexplain_articleTechnical explanation of EU AI Act articlesNo
Documentationgenerate_compliance_reportFull markdown compliance reportNo
GDPRscan_gdprGDPR-specific compliance scanYes
Biasscan_biasBias and fairness analysisYes
Validationvalidate_actionValidate agent actions before execution (Article 14)Yes
Historycompliance_historyView past scans, trends, and compliance scoresYes

Supported Frameworks

LangChain, CrewAI, AutoGen, OpenAI, Haystack, LlamaIndex, Semantic Kernel, Google ADK, Claude Agent SDK, and generic RAG pipelines.

SDK Features (Optional)

The full air-blackbox SDK unlocks 4 additional tools:

  1. GDPR Scanning (scan_gdpr)

    • Personal data handling without consent
    • Data retention and erasure policies
    • Cross-border transfer safeguards
    • Data processing agreements
  2. Bias Analysis (scan_bias)

    • Disparate impact risk detection
    • Protected attribute handling
    • Training data bias indicators
    • Fairness metric awareness
  3. Action Validation (validate_action)

    • Pre-execution approval gates (Article 14)
    • ConsentGate policy enforcement
    • Risk-based action filtering
    • Audit trail generation
  4. Compliance History (compliance_history)

    • Track past scan results
    • Analyze compliance trends
    • Export audit trails
    • Monitor improvement over time

Optional: Deep Analysis with Ollama

For AI-powered analysis beyond regex patterns:

# Install Ollama
brew install ollama

# Pull the fine-tuned compliance model
ollama pull air-compliance-v2

# The analyze_with_model tool will automatically use it

What Makes This Different

Other MCP compliance tools only scan. AIR Blackbox:

  1. Scans + Remediates - finds issues across 6 EU AI Act articles AND generates working code fixes
  2. Analyzes deeply - regex patterns + AI-powered model analysis + prompt injection detection (15 patterns)
  3. Validates before execution - pre-approval gates and risk classification for agent actions (Article 14)
  4. Tracks compliance - GDPR checks, bias analysis, full reports, and historical trend monitoring (SDK)

Architecture

The server uses a smart fallback pattern:

  1. Try SDK first - If air-blackbox>=1.6.0 is installed, use the full compliance engine
  2. Fall back gracefully - If SDK isn't installed, use the lightweight built-in scanner
  3. No breaking changes - Works with just pip install air-blackbox-mcp (basic mode)
  4. Opt-in superpower - Install [full] to unlock advanced features

This means the MCP server works standalone, but gets dramatically more powerful when the SDK is present.

Part of AIR Blackbox

This MCP server is part of the AIR Blackbox ecosystem:

  • air-trust on PyPI - the cryptographic audit chain that backs compliance scanning
  • air-blackbox on PyPI - the full compliance SDK and CLI scanner
  • airblackbox.ai - the project homepage and docs