RegulatorySignals
Back to Dashboard

MCP Server

v0.1

Use Regulatory Signals directly inside Claude Desktop, Cursor, or any MCP-compatible AI client. Audit GitHub repositories and run security checks without leaving your workflow.

Install

No global install needed — Claude Desktop and Cursor run the server automatically via npx each time you start a session. Just add the config below.

bash
npx -y @regulatorysignals/mcp

Claude Desktop Setup

Open the config file at:

~/Library/Application Support/Claude/claude_desktop_config.json(macOS)

Merge the following into the mcpServers object. If the key already exists, add regulatory-signals alongside your existing entries.

json
{
  "mcpServers": {
    "regulatory-signals": {
      "command": "npx",
      "args": ["-y", "@regulatorysignals/mcp"],
      "env": {
        "REGULATORY_SIGNALS_API_KEY": "rskey_live_xxxxxxxxxxxx"
      }
    }
  }
}

Replace rskey_live_xxxxxxxxxxxx with your API key. Restart Claude Desktop after saving.

Cursor Setup

Open the config file at:

~/.cursor/mcp.json

Add the same block as Claude Desktop:

json
{
  "mcpServers": {
    "regulatory-signals": {
      "command": "npx",
      "args": ["-y", "@regulatorysignals/mcp"],
      "env": {
        "REGULATORY_SIGNALS_API_KEY": "rskey_live_xxxxxxxxxxxx"
      }
    }
  }
}

Reload the Cursor window after saving (Cmd+Shift+P Developer: Reload Window).

Tool Reference

The server exposes two tools. Use check_repository for instant CI-style gates and audit_repository when you need a full compliance report.

check_repositoryaudit_repository
Speed~5 seconds30–120 seconds
AI-poweredNoYes
Quota consumedNoYes (1 credit)
Best forCI/CD pre-merge gates, quick checksFull compliance audit, security report
OutputPass/fail checklist (rate limiting, unchecked responses, webhook silent-success, button→route gaps, RLS, Stripe webhook)Score /100, architecture summary, security issues with fixes, dependency risks, test coverage, EU AI Act compliance

Get your API key

Generate an API key from the dashboard and paste it into your MCP config. Keys are scoped to your account and can be revoked at any time.

The MCP server runs locally on your machine and calls the Regulatory Signals API on your behalf. All API usage is subject to the Privacy Policy and Terms of Service. Audit credits are deducted from your plan quota for each audit_repository call.