dora-compliance-mcp 1.2.6

DORA (EU Digital Operational Resilience Act) compliance for AI agents. 5-pillar audit, incident classification, Article 28 Register of Information, TLPT readiness. Regulation (EU) 2022/2554. By MEOK AI Labs.

Dora Compliance MCP

MCP server for dora compliance mcp operations

Quick Install

Client	Install
Claude Desktop
Cursor
VS Code
Windsurf
Docker	docker run -p 8000:8000 dora-compliance-mcp
pip	pip install dora-compliance-mcp

Overview

Dora Compliance MCP provides AI-powered tools via the Model Context Protocol (MCP).

Tools

Tool	Description
classify_entity	Classify a financial entity's DORA applicability + which entity type it is.
list_pillars	List all 5 DORA pillars with article ranges and key obligations.
audit_pillar	Audit a specific DORA pillar (1-5) against your entity's current controls.
audit_all_pillars	Run audits across all 5 DORA pillars and return an executive summary.
classify_incident	Classify an ICT incident against DORA major-incident thresholds per Commission D
register_of_information_template	Return the Article 28.3 Register of Information template structure. Financial en
tlpt_readiness	Assess Threat-Led Penetration Testing (Article 26) readiness. Returns whether th
get_dora_certificate	Generate a cryptographically signed DORA compliance attestation (Pro/Enterprise)
enforcement_status	Current DORA enforcement status + key upcoming deadlines for financial entities.

Installation

pip install meok-dora-compliance-mcp

Usage with Claude Desktop

Add to your Claude Desktop MCP config (claude_desktop_config.json):

{
  "mcpServers": {
    "dora-compliance-mcp": {
      "command": "python",
      "args": ["-m", "meok_dora_compliance_mcp.server"]
    }
  }
}

Usage with FastMCP

from mcp.server.fastmcp import FastMCP

# This server exposes 9 tool(s) via MCP
# See server.py for full implementation

License

MIT © MEOK AI Labs

<script type="application/ld+json"> { "@context": "https://schema.org", "@type": "FAQPage", "mainEntity": [ { "@type": "Question", "name": "Is this MCP server free to use?", "acceptedAnswer": { "@type": "Answer", "text": "Yes. The free tier gives you 10 calls per day with no API key required. Pro tier is £79/mo for unlimited calls plus cryptographically signed attestations your auditor can verify independently." } }, { "@type": "Question", "name": "How does the signed attestation work?", "acceptedAnswer": { "@type": "Answer", "text": "Every Pro tier audit produces a HMAC-SHA256 signed certificate with a unique ID and a public verify URL. Your auditor pastes the cert into https://meok-attestation-api.vercel.app/verify and gets an independent valid/invalid response. No contact with MEOK required." } }, { "@type": "Question", "name": "Which MCP clients does this work with?", "acceptedAnswer": { "@type": "Answer", "text": "All standard MCP clients: Claude Desktop, Claude Code, Cursor, VS Code with MCP extension, Windsurf, Cline, and any custom MCP-compatible agent. Install via npx meok-setup or pip install for the underlying Python package." } }, { "@type": "Question", "name": "Can I install all MEOK governance MCPs at once?", "acceptedAnswer": { "@type": "Answer", "text": "Yes. Run npx meok-setup --pack governance to install all 10 governance MCPs and write the configs for Claude Desktop, Cursor, or Windsurf in one command." } }, { "@type": "Question", "name": "Is the regulation text authoritative?", "acceptedAnswer": { "@type": "Answer", "text": "Yes. MEOK syncs daily from the EUR-Lex Cellar SPARQL endpoint, the canonical EU regulation publication system. The text is verbatim with no LLM summarization. Every quote is auditor-defensible and includes the exact article number plus relevance score." } } ] } </script>