Open-Source Tool Scans Code for EU AI Act Compliance

Systima AI has released an open-source CLI tool designed to scan codebases for potential compliance risks related to the EU AI Act. The tool, accessible via `npx @systima/comply scan`, analyzes repositories to detect the usage of AI frameworks and traces how AI outputs flow through the program. It flags patterns that may trigger regulatory obligations, such as conditional branching based on AI output, persistence of AI output in databases, rendering AI output in UIs without proper disclosure, and sending AI output to downstream APIs. The tool leverages AST-based import detection using the TypeScript Compiler API and web-tree-sitter WASM across a wide range of AI frameworks (37+). A key feature is its domain-based severity adjustment, where the criticality of findings is determined by the declared system domain (e.g., customer support, credit scoring). The tool is available as an npm package, a GitHub Action, and a TypeScript API, and it can generate PDF reports and template compliance documentation. This initiative addresses a critical need for developers to proactively identify and mitigate compliance risks associated with the EU AI Act, promoting responsible AI development and reducing the burden of manual compliance reviews. The tool's open-source nature fosters community collaboration and continuous improvement, potentially establishing it as a valuable resource for developers navigating the complexities of AI regulations.

_Context: This intelligence report was compiled by the DailyAIWire Strategy Engine. Verified for Art. 50 Compliance._