fizzgig__gdpr_checker
cross-references your privacy policy against the live dependency tree.
the AI adds @vercel/analytics + posthog + sentry + clerk to the package.json. each is a sub-processor under GDPR. your privacy policy mentions none of them by name. the policy was written six months ago, the deps drifted, you haven't noticed.
13 checks across policy structure (privacy / terms / data-rights routes present), structural compliance (cookie banner presence, withdrawal mechanism, granular consent), and the killer feature: cross-references npm dependencies against the privacy-policy text to name specific undisclosed sub-processors.
keep the policy actually current with the stack. the AI ships dependencies; this checks they're disclosed.
caught a policy that would have leaked every user's comments. shipped a fix in 4 minutes.
first tool i installed. it's the one that pays for itself.
works great. one false positive on a join table — easy to ignore.
{
"fizzgig": {
"url": "https://mcp.fizzgig.ai",
"tools": ["gdpr_checker"]
}
}