Benjamin_Boenisch/breakpilot-compliance
1
1
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity

feat(cra): standalone CRA finding->Annex I risk mapper + MCP interface

Browse Source 
Deterministic mapper (no DB/LLM): repo-scanner findings -> the CRA Annex I
essential requirement(s) they violate -> risk level -> remediation measures +
coverage. Reuses the existing Annex I spine (cra_annex_i_data). The MCP server
(compliance/mcp/server.py, stdio) is the thin transport the external scanner
queries; all logic lives in the fully-tested mapper. Works standalone (no
project/FMEA required). No DB migrations.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
2026-06-13 20:22:34 +02:00
parent 3489eaf8b0
commit a73b996381
5 changed files with 387 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend-compliance/requirements.txt
+3
View File
@@ -53,3 +53,6 @@ cryptography>=42.0.0
pillow>=12.1.1
python-docx==1.2.0
pytesseract>=0.3.13
# MCP server (CRA cyber risk-assessment interface queried by the repo-scanner). MIT.
mcp>=1.2.0