Kuro AI Agent MCP Server

AI agent tools: translation (95+ langs), crypto research, compliance, summarization.

app-store-preflight-compliance

Pre-submission compliance scanner workflow for Apple App Store apps. Use when reviewing iOS, macOS, tvOS, watchOS, or visionOS projects (Swift, Objective-C, React Native, Expo) for App Store rejection risks, submission readiness, privacy compliance, or guideline violations.

Accessibility review agents for Claude Code, GitHub Copilot, and Claude Desktop. Eleven specialists that enforce WCAG 2.2 AA compliance so AI coding tools stop generating inaccessible code.

GIA Governance Intelligence Automation

AI governance engine — decision controls, compliance, audit chains, knowledge packs.

product-architect

Complete product development system with 31 specialized agents and 23 frameworks. Use when user asks to build a product, write a PRD, create a roadmap, plan an MVP, design an app, do a security audit, create a financial model, plan hiring, launch a product, set up operations, prepare for IPO, or write a compliance policy. Also triggers on help me plan, product strategy, go-to-market, fundraising, pitch deck, unit economics, competitive analysis, user personas, sprint planning, SOP, checklist for, or how do I start a company. Do NOT use for general knowledge questions, coding tutorials, or creative writing unrelated to product development.

Io.Github.Cyberweasel777/Botindex Mcp Server

DeFi signal intelligence + agent discovery. Funding arb, whale alerts, Zora, compliance.

accessibility-compliance

Implement WCAG 2.2 compliant interfaces with mobile accessibility, inclusive design patterns, and assistive technology support. Use when auditing accessibility, implementing ARIA patterns, building for screen readers, or ensuring inclusive user experiences.

GDPR Shift-Left Compliance

GDPR compliance MCP server - article lookup, DPIA, ROPA, DSR, IaC analysis, Bicep templates.

adopt

Brownfield onboarding — audits existing project artifacts for template format compliance (not just existence), classifies gaps by impact, and produces a numbered migration plan. Run this when joining an in-progress project or upgrading from an older template version. Distinct from /project-stage-detect (which checks what exists) — this checks whether what exists will actually work with the template's skills.

Io.Github.Ansvar Systems/Us Regulations Mcp

US compliance: HIPAA, CCPA, SOX, GLBA, FERPA, COPPA, FDA, EPA, FFIEC, NYDFS + 4 state privacy laws

CCPA/CPRA Compliance Advisor

You are an expert on California's comprehensive privacy laws: - **CCPA**: California Consumer Privacy Act (Cal. Civ. Code §1798.100 et seq.), effective January 1, 2020 - **CPRA**: California Privacy Rights Act (Proposition 24), effective January 1, 2023 — significantly amends and expands CCPA, cr

every-style-editor-2

Reviews and edits text content to conform to Every's editorial style guide. Use when written content needs style compliance checks for headlines, punctuation, voice, and formatting.

accessibility

Audit and improve web accessibility following WCAG 2.1 guidelines. Use when asked to "improve accessibility", "a11y audit", "WCAG compliance", "screen reader support", "keyboard navigation", or "make accessible".

BDD Test Runner & Compliance Validator

Executes GIVEN-WHEN-THEN tests with compliance validation and coverage analysis.

SpineFrame

Governance runtime for AI agents with signed provenance, compliance audits, and OSINT.

TheArtOfService Compliance Intelligence

Query 692+ compliance frameworks, 13,700+ controls, and 280K+ cross-framework mappings.

backpack-code-review-checklist

Comprehensive code review checklist for Backpack design system components. Use when: (1) Reviewing PRs for new or modified Backpack components, (2) Validating component compliance with Constitution and design system rules, (3) Checking if component follows Backpack conventions before merge, (4) Identifying violations in API design, token usage, accessibility, or documentation. Covers Constitution principles (I-XIII), decisions/ guidelines, API encapsulation rules, private token restrictions, design approval workflow, icon alignment helpers, hover mixin usage, token semantic correctness, and snapshot currency. Essential for maintaining Backpack quality standards and catching non-obvious violations like className props in new components, wrong icon alignment wrapper, raw :hover instead of bpk-hover mixin, or cross-component private token usage.

EU Audit Trail

Tamper-evident audit trail MCP server for EU AI Act & GDPR compliance.

12-factor-apps

Perform 12-Factor App compliance analysis on any codebase. Use when evaluating application architecture, auditing SaaS applications, or reviewing cloud-native applications against the original 12-Factor methodology.

opquast-digital-quality

Apply the Opquast Digital Quality Framework (245 rules, 14 categories) when building, reviewing, or auditing websites and web applications. Use for web development quality assurance, accessibility compliance, security hardening, privacy implementation, e-commerce best practices, and holistic digital quality checks.

Tork Governance

AI agent governance for MCP: PII detection, policy enforcement, compliance, and kill switch.

Io.Github.Oscal Compass/Compliance Trestle Mcp

An MCP server that provides tools to author OSCAL security compliance documentation

android-design-guidelines

Material Design 3 and Android platform guidelines. Use when building Android apps with Jetpack Compose or XML layouts, implementing Material You, navigation, or accessibility. Triggers on tasks involving Android UI, Compose components, dynamic color, or Material Design compliance.

License Compliance

Scan npm dependencies for license compliance issues. Catch GPL contamination.

changeset-validation

Validate changesets in openai-agents-js using LLM judgment against git diffs (including uncommitted local changes). Use when packages/ or .changeset/ are modified, or when verifying PR changeset compliance and bump level.

hipaa-compliance

Technical safeguards and architectural patterns for building HIPAA-compliant software on AWS. Use when building healthcare SaaS, handling PHI (Protected Health Information), designing patient data systems, implementing healthcare APIs, setting up HIPAA-eligible AWS infrastructure, reviewing code for PHI exposure, designing audit logging, or when the user mentions patients, medical records, EHR/EMR, health data, HL7, FHIR, or covered entities. Essential for founders and developers building in healthcare or digital health space.

claude-code-skillforge

Generates highly optimized Agent Skills for both native Claude Code and the Antigravity system, according to official best practices and the "Progressive Disclosure" strategy. Use when the user wants to build a new skill, turn a workflow into a skill, upgrade an existing skill to latest best practices, audit a skill for compliance, or structure agent instructions for either ecosystem.

Threat Modeling Skill v3.1.0 (20260313a)

AI-native automated software risk analysis skill. LLM-driven, Code-First approach for comprehensive security risk assessment, threat modeling, security testing, penetration testing, and compliance checking.

app-store-review

Evaluates code against Apple's App Store Review Guidelines. Use this skill when reviewing iOS, macOS, tvOS, watchOS, or visionOS app code (Swift, Objective-C, React Native, or Expo) to identify potential App Store rejection issues before submission. Triggers on tasks involving app review preparation, compliance checking, or App Store submission readiness.

Ybe Check

Ybe Check – security and compliance orchestrator for AI-generated repositories.

a11y-playwright-testing

Accessibility testing for web applications using Playwright (@playwright/test) with TypeScript and axe-core. Use when asked to write, run, or debug automated accessibility checks, keyboard navigation tests, focus management, ARIA/semantic validations, screen reader compatibility, or WCAG 2.1 Level AA compliance testing. Covers axe-core integration, POUR principles (perceivable, operable, understandable, robust), color contrast, form labels, landmarks, and accessible names.

do-code-review

Reviews code changes in azure-ai-ml package for quality, Azure SDK compliance, and best practices. Use when reviewing code, checking pull requests, or when user asks to review changes or check code quality in azure-ai-ml.

HIPAA Agent

HIPAA compliance AI agent — scan, grade, SRA, and generate compliance docs.

agent-bom

Security scanner for AI infrastructure — blast radius mapping, AI BOM, runtime proxy, compliance

Io.Github.Brano80/Veridion Nexus

Veridion Nexus MCP server - GDPR Art. 44-49 runtime compliance for AI agents

brand-guidelines

Universal brand guideline engine for producing, reviewing, and suggesting brand-compliant marketing materials for ANY company. Use this skill whenever a task involves brand identity, visual consistency, marketing collateral, or corporate design standards. Triggers include: brand guidelines, brand book, visual identity, corporate identity, brand compliance, brand review, brand audit, marketing materials, social media copy, poster design, banner design, PPT template, presentation template, company brochure, brand colors, typography guidelines, tone of voice, brand voice, logo usage, brand assets, style guide, design system, marketing collateral, campaign materials, brand consistency check. Also trigger when a user mentions producing materials like posters, banners, social posts, company introductions, pitch decks, brochures, flyers, email templates, or video storyboards and wants them to follow a specific brand look-and-feel. Even if the user doesn't say "brand guideline" explicitly, use this skill when any visual or verbal consistency with a company identity is implied.

Pretorin Compliance

Access Pretorin compliance systems, controls, evidence, and narratives from your AI tools.

adaptive-layout

Adaptive layout for iPad and universal apps: NavigationSplitView, size classes, horizontalSizeClass, presentations, HIG compliance. Use when building iPad-optimized layouts, supporting multiple screen sizes, or adapting UI for iPhone+iPad. Triggers: iPad, universal, NavigationSplitView, horizontalSizeClass, size class, adaptive.

a11y-audit

Accessibility audit skill for scanning, fixing, and verifying WCAG 2.2 Level A and AA compliance across React, Next.js, Vue, Angular, Svelte, and plain HTML codebases. Use when auditing accessibility, fixing a11y violations, checking color contrast, generating compliance reports, or integrating accessibility checks into CI/CD pipelines.

terrashark

Prevent Terraform/OpenTofu hallucinations by diagnosing and fixing failure modes: identity churn, secret exposure, blast-radius mistakes, CI drift, and compliance gate gaps. Use when generating, reviewing, refactoring, or migrating IaC and when building delivery/testing pipelines.

Io.Github.S2TConsulting/Accelerators

36 tools for AWS infrastructure, security compliance, AI workflows, and ACI governance.

accessibility-per-component

Run an accessibility audit on a specific design system component. Trigger when someone says: accessibility check, a11y audit, WCAG compliance, is this accessible, check accessibility, does this meet WCAG, screen reader support, keyboard navigation check, or anything about auditing the accessibility of a specific component.

Io.Github.Silversurfer562/Memdocs

Git-native project memory for AI assistants with enterprise-grade audit compliance

frontend-accessibility-best-practices

Accessibility (a11y) best practices for React components. Use when creating UI components, forms, interactive elements, or reviewing code for accessibility compliance.

Agent Observability

Agent observability: structured logging, cost tracking, and compliance audit trails

grc-knowledge

Senior GRC analyst expertise across 15 compliance frameworks — NIST 800-53, FedRAMP, FISMA, CMMC, SOC 2, ISO 27001, PCI DSS, HIPAA, CIS Controls, COBIT, CSA CCM, GDPR, SLSA, OSCAL. Control lookups, cross-framework mapping, document review, audit prep, and operational compliance workflows.

Io.Github.Company Gibraltar/Company Gibraltar

Gibraltar company tools: corporate tax, compliance deadlines, and PDF form generation.

DataBR — API de Dados Públicos Brasileiros

Brazilian public data API for AI agents. BCB, IBGE, CVM, B3, compliance. x402 payments on Base.

Quality Assurance & Validation

Validates outputs, gates, and workflow compliance

account-deletion

Generates an Apple-compliant account deletion flow with multi-step confirmation UI, optional data export, configurable grace period, Keychain cleanup, and server-side deletion request. Use when user needs account deletion, right-to-delete, or Apple App Review compliance for account removal.