cra-compliance-mcp 1.2.6

EU Cyber Resilience Act (Regulation 2024/2847) compliance for AI agents. Product classification, Annex I audit, SBOM generation, conformity assessment roadmap, vulnerability reporting readiness. For manufacturers of products with digital elements. By MEOK AI Labs.

Cra Compliance MCP

Buy Starter — £29/mo

Signed attestations + unlimited audits + email support. 👉 Subscribe at meok.ai — instant HMAC signing key + Stripe-managed billing.

Free tier remains MIT-licensed and zero-config. Upgrade only when you need signed compliance artefacts for audit.

MCP server for cra compliance mcp operations

Quick Install

Client	Install
Claude Desktop
Cursor
VS Code
Windsurf
Docker	docker run -p 8000:8000 cra-compliance-mcp
pip	pip install cra-compliance-mcp

Overview

Cra Compliance MCP provides AI-powered tools via the Model Context Protocol (MCP).

Tools

Tool	Description
classify_product	Classify a product with digital elements (PDE) into its CRA class (default/I/II/
audit_annex_i	Audit Annex I essential cybersecurity requirements (both Part 1 product properti
sbom_skeleton	Generate a minimal CycloneDX-style SBOM skeleton required for CRA Article 13.
vulnerability_reporting_readiness	Check readiness for the Sep 2026 mandatory reporting of exploited vulnerabilitie
conformity_assessment_roadmap	Produce a conformity assessment roadmap for CE marking your product under CRA.
enforcement_status	Current CRA enforcement timeline + key deadlines.
sign_cra_attestation	Generate a cryptographically signed CRA (Cyber Resilience Act) compliance attest

Installation

pip install meok-cra-compliance-mcp

Usage with Claude Desktop

Add to your Claude Desktop MCP config (claude_desktop_config.json):

{
  "mcpServers": {
    "cra-compliance-mcp": {
      "command": "python",
      "args": ["-m", "meok_cra_compliance_mcp.server"]
    }
  }
}

Usage with FastMCP

from mcp.server.fastmcp import FastMCP

# This server exposes 7 tool(s) via MCP
# See server.py for full implementation

License

MIT © MEOK AI Labs

<script type="application/ld+json"> { "@context": "https://schema.org", "@type": "FAQPage", "mainEntity": [ { "@type": "Question", "name": "Is this MCP server free to use?", "acceptedAnswer": { "@type": "Answer", "text": "Yes. The free tier gives you 10 calls per day with no API key required. Pro tier is £79/mo for unlimited calls plus cryptographically signed attestations your auditor can verify independently." } }, { "@type": "Question", "name": "How does the signed attestation work?", "acceptedAnswer": { "@type": "Answer", "text": "Every Pro tier audit produces a HMAC-SHA256 signed certificate with a unique ID and a public verify URL. Your auditor pastes the cert into https://meok-attestation-api.vercel.app/verify and gets an independent valid/invalid response. No contact with MEOK required." } }, { "@type": "Question", "name": "Which MCP clients does this work with?", "acceptedAnswer": { "@type": "Answer", "text": "All standard MCP clients: Claude Desktop, Claude Code, Cursor, VS Code with MCP extension, Windsurf, Cline, and any custom MCP-compatible agent. Install via npx meok-setup or pip install for the underlying Python package." } }, { "@type": "Question", "name": "Can I install all MEOK governance MCPs at once?", "acceptedAnswer": { "@type": "Answer", "text": "Yes. Run npx meok-setup --pack governance to install all 10 governance MCPs and write the configs for Claude Desktop, Cursor, or Windsurf in one command." } }, { "@type": "Question", "name": "Is the regulation text authoritative?", "acceptedAnswer": { "@type": "Answer", "text": "Yes. MEOK syncs daily from the EUR-Lex Cellar SPARQL endpoint, the canonical EU regulation publication system. The text is verbatim with no LLM summarization. Every quote is auditor-defensible and includes the exact article number plus relevance score." } } ] } </script>