Open-Source EU AI Act Compliance Scanning for CI/CD

We built a CLI tool that scans your codebase for EU AI Act compliance risks. npx @systima/comply scan analyses your repository to detect AI framework usage, traces how AI outputs flow through the program, and flags patterns that may trigger regulatory obligations. It runs in CI and posts findings on pull requests (no API keys required). Under the hood it performs AST-based import detection using the TypeScript Compiler API and web-tree-sitter WASM across 37+ AI frameworks. It then traces AI return values through assignments and destructuring to identify four patterns: conditional branching on AI output persistence of AI output to a database rendering AI output in a UI without disclosure sending AI output to downstream APIs Findings are severity-adjusted by system domain. You declare what your system does (customer support, credit scoring, legal research, etc) and the scanner adjusts accordingly. Example: a chatbot routing tool using AI output in an if statement produces an informationa

Open-Source EU AI Act Compliance Scanning for CI/CD

Related Articles

We Autoscaled to 100 Pods — Then Ran Out of IP Addresses

Pints meet prop bets: Polymarket’s “Situation Room” pop-up bar in DC

The Silent Shift in Software Engineering Nobody Is Talking About

I Built a Clamp() Generator — No More Media Queries for Typography

What Category Theory Teaches Us About DataFrames

Related Articles

News
We Autoscaled to 100 Pods — Then Ran Out of IP Addresses
Medium Programming • 2d ago

News
Pints meet prop bets: Polymarket’s “Situation Room” pop-up bar in DC
Ars Technica • 2d ago

News
The Silent Shift in Software Engineering Nobody Is Talking About
Medium Programming • 2d ago

News
I Built a Clamp() Generator — No More Media Queries for Typography
Medium Programming • 2d ago

News
What Category Theory Teaches Us About DataFrames
Lobsters • 2d ago