AIR Blackbox
EU AI Act compliance scanner for Python AI agents — 10 tools for scanning, analysis, and remediation
AIR Blackbox MCP Server
EU AI Act compliance scanning for Claude Desktop, Claude Code, Cursor, and any MCP-compatible client.
Unlike other compliance scanners that only report problems, AIR Blackbox also remediates — generating working code fixes, trust layer integrations, GDPR compliance checks, bias analysis, and full compliance reports. Under the hood, the scanning feeds into air-trust, a cryptographic audit chain (HMAC-SHA256) with Ed25519 signed handoffs that ensures compliance data integrity.
14 Tools (10 base + 4 SDK-powered)
| Tier | Tool | What it does | Requires SDK |
|---|---|---|---|
| Scanning | scan_code | Scan Python code string for all 6 EU AI Act articles | No |
| Scanning | scan_file | Read and scan a single Python file | No |
| Scanning | scan_project | Recursively scan all .py files in a directory | No |
| Analysis | analyze_with_model | Deep analysis via local fine-tuned model (Ollama) | No |
| Analysis | check_injection | Detect prompt injection attacks (15 patterns) | No |
| Analysis | classify_risk | Classify tools by EU AI Act risk level | No |
| Remediation | add_trust_layer | Generate trust layer integration code | No |
| Remediation | suggest_fix | Get article-specific fix recommendations | No |
| Documentation | explain_article | Technical explanation of EU AI Act articles | No |
| Documentation | generate_compliance_report | Full markdown compliance report | No |
| GDPR | scan_gdpr | GDPR-specific compliance scan | Yes |
| Bias | scan_bias | Bias and fairness analysis | Yes |
| Validation | validate_action | Validate agent actions before execution (Article 14) | Yes |
| History | compliance_history | View past scans, trends, and compliance scores | Yes |
Supported Frameworks
LangChain, CrewAI, AutoGen, OpenAI, Haystack, LlamaIndex, Semantic Kernel, Google ADK, Claude Agent SDK, and generic RAG pipelines.
Installation
Basic (10 tools, no SDK features)
pip install air-blackbox-mcp
Works standalone with just the lightweight built-in scanner.
Full (14 tools with GDPR, bias, validation, and history)
pip install air-blackbox-mcp[full]
Installs the full air-blackbox SDK (v1.6.3+) for advanced compliance features.
Claude Desktop Setup
Edit ~/Library/Application Support/Claude/claude_desktop_config.json:
{
"mcpServers": {
"air-blackbox": {
"command": "python3",
"args": ["-m", "air_blackbox_mcp"]
}
}
}
Restart Claude Desktop. The 14 tools will appear automatically.
Claude Code / Cursor Setup
Add to .cursor/mcp.json in your project:
{
"mcpServers": {
"air-blackbox": {
"command": "python3",
"args": ["-m", "air_blackbox_mcp"]
}
}
}
Or add to .claude/mcp.json for Claude Code.
Usage Examples
In Claude Desktop, Claude Code, or Cursor, just ask:
- "Scan this code for EU AI Act compliance"
- "Add a trust layer to this LangChain agent"
- "Check this text for prompt injection"
- "What does Article 12 require?"
- "Generate a compliance report for ~/myproject"
- "Classify the risk level of
send_email" - "Scan this code for GDPR issues" (requires full SDK)
- "Check for bias in this AI model code" (requires full SDK)
- "Can my agent call this shell function?" (requires full SDK)
- "Show me my compliance trends" (requires full SDK)
SDK Features (Optional)
The full air-blackbox SDK unlocks 4 additional tools:
-
GDPR Scanning (
scan_gdpr)- Personal data handling without consent
- Data retention and erasure policies
- Cross-border transfer safeguards
- Data processing agreements
-
Bias Analysis (
scan_bias)- Disparate impact risk detection
- Protected attribute handling
- Training data bias indicators
- Fairness metric awareness
-
Action Validation (
validate_action)- Pre-execution approval gates (Article 14)
- ConsentGate policy enforcement
- Risk-based action filtering
- Audit trail generation
-
Compliance History (
compliance_history)- Track past scan results
- Analyze compliance trends
- Export audit trails
- Monitor improvement over time
Optional: Deep Analysis with Ollama
For AI-powered analysis beyond regex patterns:
# Install Ollama
brew install ollama
# Pull the fine-tuned compliance model
ollama pull air-compliance-v2
# The analyze_with_model tool will automatically use it
What Makes This Different
Other MCP compliance tools only scan. AIR Blackbox:
- Scans + Remediates — finds issues across 6 EU AI Act articles AND generates working code fixes
- Analyzes deeply — regex patterns + AI-powered model analysis + prompt injection detection (15 patterns)
- Validates before execution — pre-approval gates and risk classification for agent actions (Article 14)
- Tracks compliance — GDPR checks, bias analysis, full reports, and historical trend monitoring (SDK)
Architecture
The server uses a smart fallback pattern:
- Try SDK first — If
air-blackbox>=1.6.0is installed, use the full compliance engine - Fall back gracefully — If SDK isn't installed, use the lightweight built-in scanner
- No breaking changes — Works with just
pip install air-blackbox-mcp(basic mode) - Opt-in superpower — Install
[full]to unlock advanced features
This means the MCP server works standalone, but gets dramatically more powerful when the SDK is present.
Part of AIR Blackbox
This MCP server is part of the AIR Blackbox ecosystem:
- air-trust on PyPI — the cryptographic audit chain that backs compliance scanning
- air-blackbox on PyPI — the full compliance SDK and CLI scanner
- airblackbox.ai — the project homepage and docs
Links
관련 서버
Alpha Vantage MCP Server
스폰서Access financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more
Coding Prompt Engineer MCP Server
Rewrites coding prompts for optimal results with AI IDEs like Cursor AI, powered by Claude by Anthropic.
mcp-agent-kit
a complete and intuitive SDK for building MCP Servers, MCP Agents, and LLM integrations (OpenAI, Claude, Gemini) with minimal effort. It abstracts all the complexity of the MCP protocol, provides an intelligent agent with automatic model routing, and includes a universal client for external APIs all through a single, simple, and powerful interface. Perfect for chatbots, enterprise automation, internal system integrations, and rapid development of MCP-based ecosystems.
Rails MCP Server
An MCP server for Rails projects, allowing LLMs to interact with your application.
Swift MCP Server - JavaScript Version
Answers Swift and SwiftUI questions based on the '100 Days of SwiftUI' course using a local SQLite database.
Inistate
AI teammates with audit trails
MCP Low-Level Server Streamable HTTP
A low-level MCP server implementation with streamable HTTP support, configured via environment variables.
T-IA Connect
A Model Context Protocol (MCP) bridge to programmatically control Siemens TIA Portal (PLC, blocks, tags, and HMI).
Lustre MCP
Premium Flutter UI components for AI coding agents — 46 widgets, 3 themes, design tokens that make Claude Code and Cursor produce beautiful Flutter apps instead of generic Material defaults.
Armis Security Scanner
AI-powered security scanning. Scans code, files, and git diffs for vulnerabilities in real-time using the Armis scanning API.
Tripwire
Context injection for AI agents via MCP. Define path-based policies in YAML — when an agent reads a matching file, relevant knowledge is auto-injected. Prevents mistakes before they happen. Works with Claude Code, Cursor, and any MCP client.