The first open-source toolkit to scan, classify, audit, and report AI systems under EU Regulation 2024/1689
https://github.com/Yacinewhatchandcode/EU-AI-Act-Compliance/raw/main/demo_videos/PRIME_AI_30s.mp4
6 use cases recorded — Landing Page • Auto-Login • Risk Classifier • URL Scanner • 9-Requirement Audit • Knowledge Base
Prime-AI is a full-stack compliance toolkit for the EU AI Act (Regulation 2024/1689) — the world's first comprehensive AI regulation, effective August 2, 2026.
| Feature | Description |
|---|---|
| 🔍 URL Scanner | Scan any website to detect AI systems and assess compliance risk |
| ⚖️ Risk Classifier | Classify AI systems into 4 levels: Prohibited → High → Limited → Minimal |
| 📋 9-Requirement Audit | Full audit against Articles 8-15 with weighted scoring |
| 📊 Compliance Reports | Generate reports with remediation roadmaps |
| 📚 Knowledge Base | Complete regulatory database — 8 prohibited, 8 high-risk, 9 requirements |
| 🤖 Multi-Platform | Web PWA + Telegram + Slack + WhatsApp + Discord |
# Clone
git clone https://github.com/Yacinewhatchandcode/EU-AI-Act-Compliance.git
cd EU-AI-Act-Compliance
# Install (optional — stdlib only, zero mandatory deps)
pip install -r requirements.txt # only if you want AI-powered analysis
# Run
python eu_ai_act_server.py
# Open → http://localhost:8080That's it. Zero config required. Auto-login in dev mode. No database. No API keys needed.
| # | Use Case | Video | Duration |
|---|---|---|---|
| 1 | Marketing Landing Page | uc1_landing.mp4 |
~20s |
| 2 | Zero-Click Auto Login | uc2_auto_login.mp4 |
~11s |
| 3 | AI Risk Classifier | uc3_classifier.mp4 |
~14s |
| 4 | URL Compliance Scanner | uc4_scanner.mp4 |
~14s |
| 5 | 9-Requirement Audit | uc5_audit.mp4 |
~14s |
| 6 | Knowledge Base Browse | uc6_kb.mp4 |
~12s |
All demos recorded autonomously using Playwright. See
record_demo.py.
┌─────────────────────────────────────────────────────┐
│ Client Layer (PWA / Bots) │
│ Web App · Telegram · Slack · WhatsApp · Discord │
└──────────────────────┬──────────────────────────────┘
│ HTTP / WebSocket
┌──────────────────────┴──────────────────────────────┐
│ eu_ai_act_server.py (API) │
│ JWT Auth · REST API · Static Files │
└──────────────────────┬──────────────────────────────┘
│
┌──────────────────────┴──────────────────────────────┐
│ eu_ai_act.py (Core Engine) │
│ Classifier · Auditor · Scanner · Reporter │
│ Regulatory DB · Risk Matrix · Remediation │
└─────────────────────────────────────────────────────┘
EU-AI-Act-Compliance/
├── eu_ai_act_server.py # HTTP API server + JWT auth
├── eu_ai_act.py # Core compliance engine
├── bot_engine.py # Shared bot command brain
├── web/ # PWA frontend
│ ├── index.html # Main app (Material Design 3)
│ ├── landing.html # Marketing landing page
│ ├── login.html # Auth page (auto-login capable)
│ ├── app.js # Client-side logic
│ ├── style.css # Premium dark theme
│ └── manifest.json # PWA manifest
├── compliance/ # GDPR & EU AI Act compliance docs
├── deploy/ # Docker + VPS deployment configs
├── demo_videos/ # 6 use case recordings + promo
│ ├── PRIME_AI_30s.mp4 # 30s fast marketing video
│ └── PRIME_AI_PROMO.mp4 # 90s full walkthrough
├── telegram_bot.py # Telegram integration
├── slack_bot.py # Slack integration
├── discord_bot.py # Discord integration
└── whatsapp_bot.py # WhatsApp integration
All endpoints require Authorization: Bearer <token> (auto-generated in dev mode).
| Method | Endpoint | Body | Description |
|---|---|---|---|
GET |
/api/auth/dev |
— | Get dev JWT token |
GET |
/api/auth/status |
— | Verify authentication |
POST |
/api/classify |
{ "description": "..." } |
Classify AI risk level |
POST |
/api/audit |
{ "name": "...", "scores": [...] } |
Run 9-requirement audit |
GET |
/api/scan?url=... |
— | Scan URL for compliance |
POST |
/api/report |
{ "audit_id": "..." } |
Generate report |
POST |
/api/roadmap |
{ "classification": "..." } |
Compliance roadmap |
GET |
/api/stats |
— | Regulatory statistics |
GET |
/api/search?q=... |
— | Search regulation |
GET |
/api/knowledge |
— | Full regulatory database |
| Level | Color | Examples | Obligation |
|---|---|---|---|
| 🔴 Prohibited | Red | Social scoring, subliminal manipulation | Banned |
| 🟠 High-Risk | Orange | CV screening, credit scoring, biometrics | Full compliance (Art. 8-15) |
| 🟡 Limited | Yellow | Chatbots, emotion recognition | Transparency obligations |
| 🟢 Minimal | Green | Spam filters, video games | Voluntary codes |
| # | Requirement | Article |
|---|---|---|
| R1 | Risk Management System | Art. 9 |
| R2 | Data Governance | Art. 10 |
| R3 | Technical Documentation | Art. 11 |
| R4 | Record-Keeping | Art. 12 |
| R5 | Transparency | Art. 13 |
| R6 | Human Oversight | Art. 14 |
| R7 | Accuracy & Robustness | Art. 15 |
| R8 | Cybersecurity | Art. 15 |
| R9 | Quality Management | Art. 17 |
| Violation | Fine |
|---|---|
| Prohibited AI | €35M or 7% global revenue |
| High-risk non-compliance | €15M or 3% global revenue |
| False information | €7.5M or 1% global revenue |
# Telegram
export TELEGRAM_BOT_TOKEN="your-token"
python telegram_bot.py
# Slack
export SLACK_BOT_TOKEN="xoxb-your-token"
python slack_bot.py
# Discord
export DISCORD_BOT_TOKEN="your-token"
python discord_bot.py
# All at once
python start_all_bots.py| Layer | Technology |
|---|---|
| Backend | Python 3.10+ (stdlib only — zero mandatory deps) |
| Frontend | Vanilla HTML/CSS/JS, Material Design 3, PWA |
| Auth | JWT (HMAC-SHA256), Google OAuth 2.0 (optional) |
| AI Engine | DeepSeek V3 via OpenRouter (optional) |
| Deployment | Docker, Nginx, Let's Encrypt |
| Bots | Telegram, Slack, WhatsApp Cloud, Discord APIs |
- Core classification engine (4 risk levels)
- URL scanner with AI detection
- 9-requirement audit (Articles 8-15)
- Compliance report generator
- Compliance roadmap builder
- Knowledge base (complete regulation)
- PWA with Material Design 3
- JWT authentication (zero-config dev mode)
- Multi-platform bots (Telegram, Slack, Discord, WhatsApp)
- Marketing landing page
- Automated demo video recording
- Google OAuth production setup
- PDF/DOCX report export
- Multi-language support (EN/FR/DE/ES/IT)
- Enterprise admin dashboard
- Webhook notifications
- CI/CD pipeline
See deploy/README.md for Docker + VPS deployment.
# Quick Docker deploy
docker compose -f deploy/docker-compose.yml up -d
# With HTTPS
./deploy/enable_https.sh your-domain.comYacine Benhamou — AI Builder & EU Tech Compliance
MIT License — See LICENSE for details.
Made with 🇪🇺 in Europe
The first open-source compliance toolkit for the world's first AI regulation
⭐ Star this repo ·
🐛 Report Bug ·
💡 Request Feature