AI Compliance in 60 Seconds — From Your Terminal
The Colorado AI Act takes effect in 92 days. The EU AI Act high-risk deadline is 16 months out. Most companies building with AI have no idea where they stand. We built a way to find out in the time it takes to brew a cup of coffee.
92 Days. That Is Not a Lot of Time.
Colorado SB24-205 goes live on February 1, 2026. It is the first US state law that directly regulates how companies develop and deploy “high-risk AI systems.” If your product makes decisions about employment, lending, housing, insurance, education, or healthcare using AI — Colorado says you need documented impact assessments, risk management practices, and disclosure obligations. Starting February.
The EU AI Act's high-risk obligations follow in August 2026, with penalties up to €35 million or 7% of global revenue. SOC 2 auditors are already asking about AI governance controls. GDPR regulators are issuing new guidance on automated decision-making quarterly.
The compliance landscape for AI moved from “eventually” to “now” while most teams were heads-down shipping features.
The Current Options Are Not Great
We talked to over 40 engineering teams about how they handle AI compliance. The answers were remarkably consistent:
- “We hired a consultant.” — $10K to $50K. Took 6 to 12 weeks. Delivered a PDF nobody read. Outdated by the time it arrived.
- “We assigned it to legal.” — Legal does not know what a transformer is. Engineering does not know what Article 6(1)(f) means. Everyone is frustrated.
- “We are ignoring it.” — Bold strategy. Ask the companies that ignored GDPR how that worked out.
- “We built something internal.” — Now you maintain a compliance tool AND your actual product. Congrats on your new side project.
The gap is clear: developers need compliance information that is fast, accurate, affordable, and speaks their language. Not a 90-page legal brief. Not a $40K engagement. Not a dashboard they have to remember to log into.
Introducing @dingdawg/compliance
One command. Free compliance score. Full governed reports from $199.
npx @dingdawg/complianceNo signup. No API key. No dashboard. Just answers.
We built @dingdawg/compliance because compliance should be a developer tool, not a consulting engagement. It runs where you already work — your terminal, Claude Code, Cursor — and gives you a compliance score in under 60 seconds.
The free tier gives you your score, your risk level, and your top 3 findings. No account required. No credit card. No sales call. If you need the full report with framework-specific gap analysis, remediation guidance, and signed certificates — that starts at $199.
How It Works
Three steps. The first one is free.
Install or run directly
# Add to Claude Code as an MCP server
claude mcp add dingdawg-compliance npx @dingdawg/compliance
# Or just run it
npx @dingdawg/compliance
Run a free quick check
# Get your compliance score instantly
quick_check
# Response:
{
"score": 67/100,
"risk_level": "HIGH",
"top_findings": [
"No documented AI impact assessment",
"Missing human oversight mechanism for automated decisions",
"No data governance policy for training data"
],
"frameworks_applicable": ["EU AI Act", "Colorado SB24-205", "GDPR"]
}
Generate a full report
# Generate a governed compliance report
generate_report --tier starter --frameworks "eu_ai_act,colorado_ai_act"
# Output:
Report ID: rpt_3f8a2c...
Status: COMPLETE
PDF: https://dingdawg.com/reports/rpt_3f8a2c.pdf
Governance receipt: https://dingdawg.com/gov/rx_9d1e...
What the Report Covers
Every report is generated under auditable governance controls. You get a governance receipt URL proving every step was capability-checked, policy-evaluated, and logged. No other compliance tool does this.
EU AI Act
Risk classification, Annex III mapping, conformity assessment readiness, documentation gaps
Colorado SB24-205
High-risk AI system assessment, impact assessment requirements, disclosure obligations, developer duties
SOC 2
AI-specific trust services criteria, automated decision-making controls, data governance alignment
GDPR
Article 22 automated decision-making, data protection impact assessment, transparency requirements
ISO 42001
AI management system alignment, risk treatment plans, performance monitoring
NIST AI RMF
Map, Measure, Manage, Govern functions assessment, risk profile generation
Built for How Developers Actually Work
We are developers. We built this for ourselves first. Here is what that means in practice:
- 01No signup for your first check. Run
npx @dingdawg/complianceand callquick_check. That is it. Score in seconds. - 02No dashboard to babysit. It is a CLI tool. It runs in your terminal, in Claude Code, in Cursor. Wherever you write code.
- 03MCP-native. Works as a Model Context Protocol server. Your AI coding assistant can call compliance checks directly during development.
- 04Governed, not just generated. Every report comes with a governance receipt — cryptographic proof that the generation process was audited at every step.
- 05Plain language findings. “You need a documented human oversight mechanism for your credit scoring model” — not “see Article 14(1)(a) of Regulation (EU) 2024/1689.”
Pricing
One-time purchase per report. No subscriptions. No per-seat fees. Pay when you need a report, not every month.
| Tier | Price | Frameworks | Validity |
|---|---|---|---|
| Starter | $199 | EU AI Act + Colorado AI Act | 30 days |
| Standard | $499 | + Full audit trail | 90 days |
| Pro | $999 | + SOC 2 + GDPR + ECDSA-signed certificate | 90 days |
| Enterprise | $1,499 | + ISO 42001 + NIST AI RMF + Shadow audit | 90 days |
Compare that to $10,000–$50,000 for a traditional compliance consulting engagement that takes 6–12 weeks. A Starter report pays for itself the moment it identifies your first unaddressed regulatory gap.
Who Should Run This Today
- Startups building with AI — You are probably high-risk under Colorado and did not know it
- CTOs preparing for EU AI Act — August 2026 is closer than your next funding round
- Teams going through SOC 2 — Auditors are asking about AI governance. Have answers ready.
- Anyone using AI for decisions about people — If your AI touches hiring, lending, insurance, or healthcare, you are in scope
DingDawg provides automated AI compliance assessment tools. Reports are informational and do not constitute legal advice. Consult qualified legal counsel for your specific regulatory obligations.
Try It Right Now
Free compliance score. No signup. No credit card. 60 seconds.