PCI DSS payment card industry compliance tools for AI agents. Capabilities: assess 12 requirements, cardholder data flow, network segmentation, vulnerability scans, SAQ generation. Built by MEOK AI Labs.
Project description
PCI DSS 4.0 MCP
Payment card compliance assessment across all 12 PCI DSS 4.0 requirements with cardholder data flow analysis and SAQ generation.
Install · Tools · Pricing · Attestation API
Why This Exists
PCI DSS 4.0 took effect March 2024 with 64 new requirements, many of which become mandatory by March 2025. Any organisation that stores, processes, or transmits cardholder data must comply, and AI systems that touch payment flows (fraud detection, transaction scoring, customer authentication) bring new scoping challenges.
The 4.0 revision introduces targeted risk analysis, customised approach validation, and stricter requirements for scripts, headers, and client-side protections. Most QSA-led assessments cost $50-200K. This MCP assesses compliance across all 12 requirements, analyses cardholder data flows, validates network segmentation, checks vulnerability scanning posture, and generates the appropriate Self-Assessment Questionnaire.
Install
pip install pci-dss-mcp
Tools
| Tool | PCI DSS Reference | What it does |
|---|---|---|
assess_pci_compliance |
Req 1-12 | Full assessment against all 12 PCI DSS 4.0 requirements |
check_cardholder_data |
Req 3, 4 | Cardholder data flow analysis and storage assessment |
network_segmentation_check |
Req 1 | Validate network segmentation and firewall controls |
vulnerability_scan_check |
Req 5, 6, 11 | ASV scan compliance and vulnerability management posture |
generate_saq |
SAQ A-D | Generate the appropriate Self-Assessment Questionnaire |
Example
Prompt: "Assess PCI DSS 4.0 compliance for our e-commerce platform.
We use Stripe for payment processing but store the last 4 digits of card
numbers in our database for order history. We run an AI fraud detection
model that sees full transaction metadata."
Result: Assessment across all 12 requirements with findings: stored card
digits need Req 3 encryption validation, AI fraud model scoping under
Req 12.5.2 targeted risk analysis, client-side JavaScript needs Req 6.4.3
integrity controls. SAQ D-Merchant generated with gap remediation plan.
Pricing
| Tier | Price | What you get |
|---|---|---|
| Free | £0 | 10 calls/day — compliance assessment + SAQ generation |
| Pro | £199/mo | Unlimited + HMAC-signed attestations + verify URLs |
| Enterprise | £1,499/mo | Multi-tenant + co-branded reports + webhooks |
Attestation API
Every Pro/Enterprise audit produces a cryptographically signed certificate:
POST https://meok-attestation-api.vercel.app/sign
GET https://meok-attestation-api.vercel.app/verify/{cert_id}
Zero-dep verifier: pip install meok-attestation-verify
Links
- Website: meok.ai
- All MCP servers: meok.ai/labs/mcp/servers
- Enterprise support: nicholas@csoai.org
License
MIT
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file pci_dss_mcp-1.0.1.tar.gz.
File metadata
- Download URL: pci_dss_mcp-1.0.1.tar.gz
- Upload date:
- Size: 7.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.15
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e5c1c2f92cafcf2f1a576b7f45cf6fd34ff1448c4ff8af1fad1e43451a762ca5
|
|
| MD5 |
df6ba647b659821909e913e119a192fe
|
|
| BLAKE2b-256 |
4a390a74173b48f1c2bd0bac40e9b64c028e08cd02cc90a6ee8c0639a556fe8a
|
File details
Details for the file pci_dss_mcp-1.0.1-py3-none-any.whl.
File metadata
- Download URL: pci_dss_mcp-1.0.1-py3-none-any.whl
- Upload date:
- Size: 9.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.15
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
29e02c273fe8a8f8757b19f2adc6f5bc80f69777cbbc3884ab584973906cbc6b
|
|
| MD5 |
f4ea5758eb23cb303dfa93fda2fc0e1c
|
|
| BLAKE2b-256 |
9e707511f31f7b5ef5f122b86df9f5e836defbe7d7c2e651dec300dfb2e15f84
|
