servers / com-bidda-bidda-compliance
com.bidda/bidda-compliance MCP server
communitystreamable_httpremotedestructive capablehealthy
9,762 source-verified compliance nodes (EU AI Act, GDPR, HIPAA, DORA, NIST, MITRE). 14 MCP tools.
01Tools · 19
| Tool | Risk | Side effects | Approval |
|---|---|---|---|
| get_jurisdiction_bundle Return all compliance nodes that apply in a specific jurisdiction (EU, US, UK, Australia, Singapore, India, Canada, China, South Africa, Japan, Brazil and others). Use when an agent enters a new market and needs the full regulatory surface for that geography. | unknown | unknown | unknown |
| get_mitre_mapping The MITRE Rosetta Stone. Given a MITRE technique ID across 5 frameworks (ATT&CK Enterprise, ATT&CK Mobile, ATT&CK ICS, D3FEND, ATLAS), return the Bidda node for that technique plus its mapped compliance obligations: NIST 800-53 controls, ISO 27001 Annex A clauses, PCI DSS requirements, NIS2 articles, HIPAA Security Rule, DORA articles, NERC CIP, IEC 62443. The bridge between how SOC teams think (technique IDs) and how compliance teams think (control families). Free. | unknown | unknown | unknown |
| check_action_compliance Pre-flight regulatory check. Agent describes an intended action in natural language ("process EU resident biometric data", "transfer health records to a third-party AI vendor", "deploy autonomous trading model in Singapore") and receives a ranked list of regulations that may apply, plus a risk indicator (LOW/MODERATE/HIGH). The primary tool for runtime compliance gating in autonomous agent workflows. | write | true | unknown |
| browse_topics Browse the registry by cross-cutting compliance TOPIC (for example data breach notification, AI transparency, AML and KYC). Returns each topic with how many rules carry it and across how many pillars and jurisdictions. Topics sit on top of the 39 pillars without replacing them. Free, no key required. Pass a topic string to drill into one. | read | false | unknown |
| compare_jurisdictions Compare how different jurisdictions address a compliance topic, side by side, including where their numeric thresholds differ (for example a breach-notification deadline of 72 hours versus 30 days). It surfaces the real rules and numbers and does not rank which jurisdiction is stricter. Requires an active Bidda subscription: pass your key as api_key. | unknown | unknown | unknown |
| create_attestation Create a signed, time-stamped record of which Bidda rules a person or AI agent relied on for a decision. Returns a record ID and a public verify URL so anyone can later confirm the record has not been changed. Useful for agents that must keep an audit trail of what they checked. Requires an active Bidda subscription: pass api_key. | write | true | unknown |
| point_in_time Get a signed record of which committed version of a rule was authoritative at a specific past date, anchored to the public history chain. Useful when an agent must show what a rule said at the moment it acted. Requires an active Bidda subscription: pass api_key. | read | false | unknown |
| watch_changes Subscribe to regulatory change alerts: watch specific rules and/or whole pillars and get notified by email or webhook when their primary source changes. Requires an active Bidda subscription: pass api_key. | read | false | unknown |
| open_run Open a run ledger: a signed, tamper-evident log of what an agent does across a whole task or conversation (for example a support-bot chat). Returns a run_id. Record one entry per turn with record_run_entry, then seal_run to get a single signed Run Receipt. Requires an active Bidda subscription: pass api_key. | write | true | unknown |
| record_run_entry Append one entry to an open run: which Bidda rules the agent consulted, what it decided, and the end user's input (as text via note, or privately as input_hash). Each entry is hash-chained to the previous one. Requires an active Bidda subscription: pass api_key. | write | true | unknown |
| seal_run Seal an open run into one signed Run Receipt covering every entry, with a public verify URL. Idempotent: sealing an already-sealed run returns the same receipt. Requires an active Bidda subscription: pass api_key. | write | true | unknown |
| get_run Fetch a run and its entries. The owner can read an open or sealed run (pass api_key); a sealed run is also publicly readable by id and reports whether its signature is valid. | write | true | unknown |
| drift_check Check whether the compliance rules an agent has cached in its own memory are still current. Submit the node_id and the integrity hash you stored when you last grounded on each rule; get back, per rule, whether it is fresh, has drifted (content changed), or was withdrawn (instrument repealed) - so the agent re-grounds before acting on stale law. Included with every API tier; the per-call batch size scales with your plan. Pass api_key. | read | false | unknown |
| list_pillars List all compliance pillars in the Bidda Sovereign Intelligence registry with node counts. Use this first to discover available compliance domains before searching. Bidda has 10,040 cryptographically-verified nodes across 39 pillars, including a MITRE layer spanning 6 frameworks (ATT&CK Enterprise/Mobile/ICS, D3FEND, ATLAS, CAPEC) plus Banking, AI Governance, Cybersecurity, Healthcare, Legal, ESG and more. | read | false | unknown |
| search_nodes Search Bidda compliance nodes by keyword. Returns matching node summaries including a one-sentence BLUF (Bottom Line Up Front): the exact compliance obligation in plain language. Every node traces to a primary legal source (no hallucination). Examples: "Basel III capital", "GDPR data breach", "AML transaction monitoring", "SOC 2 Type II". | read | false | unknown |
| get_node Get a specific compliance node by its ID. Returns the node summary: title, compliance pillar, version, last updated, and BLUF. The full node (machine-executable deterministic workflow, actionable schema, primary legal citations, dependency chain) is available at bidda.com. | read | false | unknown |
| get_dependency_chain Walk the prerequisite chain for a compliance node. Given one node, returns its full dependency tree (the prior obligations an agent must satisfy before this one applies). Use this to plan a complete compliance posture: unlocking one node usually requires understanding 3-8 upstream nodes. Defaults to depth 2; max 4. | unknown | unknown | unknown |
| get_crosswalk Return the cross-framework mapping dimensions for a node: which other regulations, standards, or jurisdictions this rule maps to (e.g. GDPR Article 17 → CCPA right-to-delete → POPIA Section 24). Discovery returns the available dimensions; full mapping values are vault-gated. | destructive | true | true |
| get_latest_changes List the most recently updated compliance nodes: the regulatory change feed. Use to monitor incoming amendments, new guidance, or freshly added rules. Filter by pillar to focus on a domain. Agents should call this on a schedule to keep compliance posture current. | write | true | unknown |
02Install & source
https://bidda.com/mcp
remote_url- homepagehttps://bidda.com/mcp
03Access granted
Manage cloud infra · writeMaps & location · destructive
The access this server can exercise, inferred from its verified tools — not a declared OAuth scope.
05Provenance & freshness
sourcesOfficial MCP Registry [p1]
last_checked2026-07-07 02:52Z
next_check2026-07-09 02:41Z
cadenceevery 48h
verifiedtools_list:passed handshake:passed metadata:failed
index_statusindex — 5 unique facts >= 5
06Badge
Add the “as seen on MCPExplorer” badge to your README.
[](https://mcpexplorer.com/servers/com-bidda-bidda-compliance)
Next step
This is one server. A loadout combines the right servers, governance, and proven plays for a whole job — assembled deliberately, not tool-dumped.
Explore loadouts →