Open-Source AI Compliance Platform

AI compliance built into your workflow

AI regulation is global, accelerating, and enforceable. Complior scans your AI products, finds every compliance gap, and generates the fixes.

$ npx compliorScan your project in 30 seconds. No signup.
Copied!
AGPLv3 — free forever
688 compliance tests
Works fully offline
EU AI Act + global regs
2025 — 2027

AI is being regulated worldwide.Compliance is no longer optional.

The EU AI Act is already enforceable. China, Brazil, Canada, and the UK are following. If you build, deploy, or use AI — regulation already applies to you.

Scroll to see what's at stake
Open-Source · Zero Dependencies · Offline

Scan. Test. Fix. Monitor.

01
Code
Static analysis — 5 layers, 45 packages, 33 rules
scan
02
AI System
Dynamic testing — 688 tests, bias, hallucination, security
eval
03
Runtime
Production middleware — PII, disclosure, content marking
sdk
04
Continuous
Background monitoring — 200ms rescan, drift alerts, evidence
daemon

No account required. Cloud optional — expands capabilities.

Keep scrolling
5
complior scan

Layers of static analysis — in under 5 seconds

Files, docs, dependencies, AST, and optional LLM deep analysis. Detects 45 prohibited packages (Art. 5), 33 pattern rules across 8 categories. Cross-layer verification. Deep scan with Semgrep, Bandit, ModelScan.

Score 0-100Auto-fixOffline
688
complior eval

Tests: deterministic, LLM-judge, and security probes

168 deterministic checks, 212 LLM-judged evaluations, 300+ security probes covering OWASP LLM Top 10. Bias detection, hallucination measurement, prohibited content. Conformity Score + Security Score — both feed into Agent Passport.

OWASPMITRE ATLASAgent Passport
14
@complior/sdk

Production hooks wrapping every LLM call

PII sanitization (50+ types, GDPR Art. 9), AI disclosure injection (Art. 50), content marking (Art. 50(2)), prohibited content filter (138 patterns), rate limiting, budget control, permission gates, MCP Proxy for agent tool calls.

OpenAIAnthropicGoogleVercel AI
200ms
complior daemon

File watcher rescans on every code change

Drift detection alerts when compliance score drops. Cryptographic evidence chain (ed25519) for every action. Agent Passport auto-updates on every scan and eval. Full audit trail ready for regulators — 24/7.

Drift alertsed25519Agent Passport24/7
0→✓
From zero to audit-ready

One binary. 108 obligations. 688 tests. 14 documents. 18 auto-fixes. Cryptographic evidence. Free forever.

$ complior scan →
Research

Data reports that prove the problem

Real scans, real numbers. Download the data.

Complior.ai
2026
State of AI Compliance
50 products scanned · Public data · 42 pages
78%
Non-compliant
23
Avg. score
6%
Have metadata
Compliance by Article
Art. 50
14%
Art. 4
31%
Art. 52
22%
FRIA
8%
C2PA
6%
Top Scorers
Llama 3 (Meta)
72
Mistral Large
68
Claude 3.5
54
GPT-4o
41
Gemini Ultra
29
complior.ai/reportsPage 12 of 42
Flagship Report · PDF · 42 pages

We scanned 50 AI products. 78% failed.

Each product gets a compliance scorecard — score, gaps, and actionable recommendations mapped to EU AI Act articles.

92% of AI images have no C2PA content marking
67% don't mention AI in their privacy policy
100% of voice synthesis tools fail Art. 50.4
Most AI products are one audit away from a €35M fine.
Download the full report

Free executive summary. Full report delivered to your inbox.

Two Products

One engine, two interfaces

Drag the slider to explore both products.

Free & Open SourceTUI Coding Assistant
Score
72/100
Art. 4 AI Literacy — trained
Art. 50 Disclosure — present
Art. 26 Logging — partial
Art. 14 Human oversight
FRIA report — generated
Art. 52 Marking — active
Tools (3)
GPT-4oGPAI · Art.4,50
Whisper APIMinimal
Custom classifierHigh · Art.6
framework Next.js 14
sdk Vercel AI SDK
jurisdiction EU AI Act
mode comply
AI Chat
you › is my classifier high-risk?
ai › Yes. Art. 6 Annex III §5 — creditworthiness. You need: conformity assessment, FRIA, human oversight, logging per Art. 12.
you › generate the FRIA
ai › Done → /docs/fria-classifier.pdf
you › add logging middleware
ai › Patching app/api/classify/route.ts... Added complianceLog() with Art.12 reference.
Diff Preview
app/api/classify/route.ts
const result = await model.predict(input)
+ const logged = await complianceLog(result, {
+ article: 'Art.12',
+ timestamp: Date.now(),
+ userId: session.user.id
+ })
return NextResponse.json(result)
components/AIBanner.tsx
+ export function AIDisclosure() {
+ return <Banner text="AI-generated"
+ article="Art.50" />
+ }
middleware.ts
+ export const complianceGate = async (req) => {
+ await auditLog(req, { scope: 'Art.14' })
+ }
Tab panels ↑↓ nav / chat a apply d diff q quit
● comply mode
DashboardAI ToolsMembersReportsLiteracy
SK

Welcome back, Sarah

17 Feb 2026
Compliance Score
64%
↑ 8% this month
AI Tools
12
3 need action
Team Trained
45%
18/40 completed
Max Penalty
€15M
1 prohibited tool
Risk Distribution
12
Tools
Prohibited 1
High Risk 3
GPAI 3
Minimal 5
AI Tools
ToolRiskStatus
ChatGPT
OpenAI		GPAIDone
HireVue
HireVue Inc		High2/12
Copilot
Microsoft		GPAIDone
Notion AI
Notion Labs		MinimalPending
Requires Attention
Prohibited tool must be decommissioned
3 high-risk tools need FRIA
22 employees not yet trained
Art. 26 deadline — 166 days
Compliance Breakdown
AI Literacy
45%
Transparency
80%
Oversight
60%
Documentation
30%
Risk Assessment
67%
Capabilities

What you get

Auto-Detection

Scans codebase, SaaS stack, and browser extensions to find every AI system.

Risk Classification

AI + rules engine classifies risk per EU AI Act. Cites specific articles.

Document Generator

FRIA, policies, transparency notices — one-click audit-ready export.

AI-Powered Coding

Write code, review diffs, auto-fix compliance. Four agent modes.

AI Literacy Training

Art. 4 mandatory courses per role. Certificates with tracking.

Live Dashboard

Real-time score, deadlines, and team activity across all projects.

complior scan — my-saas-app/
scan output
$ complior scan
Scanning project: my-saas-app/
Found package.json → analyzing dependencies
Found .env → checking API keys
Found 3 AI integrations:
1. openai → GPT-4o via Vercel AI SDK
2. @google/generative-ai → Gemini Flash
3. replicate → SDXL image generation
Detected browser extensions: Grammarly AI, Notion AI
SaaS scan: Slack AI, Figma AI, Linear AI
⚠ Total: 8 AI systems found (3 in code, 2 browser, 3 SaaS)
Run complior classify to assess risk
scan complete8 systems · 3 in code · 2 browser · 3 SaaS
complior classify — 8 tools
risk classification
$ complior classify
GPT-4o via Vercel AI SDK
Risk: GPAI · Art. 4, 50, 52 apply
Deployer obligations: disclosure, logging, literacy
SDXL via Replicate
Risk: GPAI + Art.50 · Content marking required
Generated images must be labeled as AI-generated
Custom HR Screener internal model
Risk: HIGH · Art. 6, Annex III §4(a)
Requires: FRIA, conformity assessment, Art.14 oversight
Classification complete. 3/8 need action.
complior generate fria — HR Screener
document preview
📄 Fundamental Rights Impact Assessment
SystemHR Screening Classifier v2.1
Risk LevelHigh Risk — Art. 6, Annex III
DeployerAcme Corp (EU entity)
PurposeEmployment screening, CV parsing
Affected Persons~2,400 applicants/year
Bias AssessmentGender, age, ethnicity — monitored
Human OversightHR Manager reviews all decisions
Data RetentionLogs kept 6 months per Art. 26(6)
Export FormatPDF, 14 pages, audit-ready
Generated✓ Feb 17, 2026 — 4.2 seconds
complior chat — comply mode
ai agent
you › add Art.50 disclosure to our image generation endpoint
ai › I'll add C2PA metadata injection and a visible disclosure banner. Patching 2 files:
app/api/generate/route.ts
+ import { injectC2PA } from '@complior/c2pa'
+ const tagged = await injectC2PA(image, {
+ model: 'sdxl-1.0',
+ article: 'Art.50(2)',
+ generator: 'Acme Corp'
+ })
components/ImageResult.tsx
+ <AIDisclosure type="image" article="Art.50" />
ai › Done. Score updated: 42 → 71. Run complior verify to confirm.
complior literacy — Acme Corp
training status
📚 AI Literacy Training Status
OrganizationAcme Corp — 40 employees
Completion18/40 (45%)
Engineering (12)10/12 complete
Marketing (8)4/8 complete
HR (6)2/6 complete
Management (8)1/8 complete
Finance (6)1/6 complete
Course Duration25 min per role
CertificateAuto-issued, verifiable
DeadlinePassed — Feb 2, 2025
complior dashboard — live
organization overview
📊 Organization Compliance Overview
Overall Score64/100
AI Tools Registered12 (3 need action)
Prohibited Tools1 — requires decommission
High Risk (FRIA needed)3 tools
Team Trained (Art.4)45% (18/40)
Transparency (Art.50)80%
Documentation30%
Max Penalty Exposure€15M (Art. 99)
Next DeadlineAug 2, 2026 — Art. 6 enforcement
Last Updated2 minutes ago
Coverage

Multi-jurisdiction AI regulation

🇪🇺 EU AI Act
Transparency + GPAI
Active
🇺🇸 Colorado SB 205
High-risk AI
Coming Soon
🇺🇸 Texas TRAIGA
Transparency
Coming Soon
🇺🇸 California AB 2885
AI transparency
Coming Soon
🇰🇷 South Korea AI Act
High-impact AI
Coming Soon
🇬🇧 UK · Japan · Canada · Brazil
National governance
Roadmap
ISO 42001 · NIST AI RMF
Standards
Roadmap

View all jurisdictions →

Try It Now

Scan any website or AI model

Free passive scan — no registration. Full report in 30 seconds.

Level 1 passive crawl is free. Full testing requires an account.

Open Data

Databases anyone can use

2,000+
Community · JSON · Open

AI Tool Directory

Every AI tool classified with risk level, applicable articles, and compliance metadata.

Explore tools →
450+
Structured · Parseable · Free

Regulation Database

EU AI Act fully structured: every article, recital, annex. Human-readable and machine-parseable.

Browse regulations →
v1.0
Open Source · GitHub · RFC

Compliance Metadata Spec

Open standard for AI compliance metadata. Community-driven, designed for tool interoperability.

View on GitHub →

Common questions

Is this really free

The CLI and core engine are AGPLv3-licensed and free forever. The web platform (coming soon) will have a free tier with paid team features.

We just use ChatGPT — do we need this

Yes. EU AI Act has specific obligations for anyone using AI tools. If your team uses ChatGPT, Copilot, or Midjourney — you have legal obligations under Articles 4, 26, and 27.

We're a US company. Why EU compliance

If you serve EU customers, hire EU employees, or your AI affects EU residents — the AI Act applies extraterritorially. Plus, US states are passing their own AI laws.

Which LLM providers are supported

Any provider: OpenAI, Anthropic, Google, Mistral, Ollama (local), or any OpenRouter-compatible endpoint. Bring your own API key.

Can generated docs be used for audits

Yes. All documents follow EU AI Act requirements with proper article references. Export as PDF for auditors.

Does it work offline

Scanner and classification engine work fully offline. AI-powered features require an API connection to your chosen LLM provider.

Free Tools

Test compliance in 2 minutes.
No signup.

Three tools to check your obligations, estimate penalties, and classify your first AI system — all free, all instant.

Quick Check
Does the EU AI Act apply to you? 5 questions, instant answer.
2 min
Penalty Calculator
Enter revenue, see maximum fine under Art. 99.
Calculator
Free Classification
Classify 1 AI tool: risk level, articles, obligations.
Free plan

Art. 4 and Art. 50 deadlines have passed. Are you compliant?

One command. 688 tests. 14 auto-generated documents. Cryptographic evidence for auditors.

$ npx complior
Copied!
Star on GitHub