skip to content
fizzgig
sign in
// product
code auditdetect what shippedbrand and reachsoonlift qualityperfect memorysoondecision graph
// build better
sourdough startersproject kicks-off in 1 prompt
// resources
pricingdocsblogabout
sign inrequest access →
audit suite/compliance/regulatory_compliance
newcompliancev0.3.0pro · $0.002/call

fizzgig__regulatory_compliance

industry-aware regulatory check — auto-detects relevant regulators from your code + claims.

// ai does this over time

you ship a product into a regulated space — property, finance, AI, children, health — and the AI has no idea. it'll happily call your bot a 'chatbot' on a children's site, include FCA-touching financial-promotion language without the required statement, or take a card number straight into your server because PCI DSS isn't in its head.

// the tool does

industry-aware audit. auto-detects relevant verticals from dependencies + hostnames + claims_text + PII fields. Property (CPR 2008 puffery, NTSEAT material info, Trading Standards complaints route), finance (FCA financial promotion approval), AI (EU AI Act disclosure for chatbots), children (ICO Children's Code / COPPA), payments (PCI DSS raw card detection), health (GDPR Art 9 / HIPAA). Detects the AI ecosystem (LangChain, LlamaIndex, Replicate, Cohere, Mistral, Perplexity, Groq, Ollama, vector DBs, Vercel AI SDK) plus claim words (chatbot, copilot, RAG, computer vision, automated decision) and richer health vocabulary (telehealth, FHIR/HL7, prescriptions, clinical terms + health PII).

// so you can

ship into a regulated vertical knowing the AI didn't blunder into a regulator's gaze. the rules are there whether you read them or not.

● new● v0.3.0● pro
// input schema
schema · application/json
{
"type": "object"
"required": [
"project"
]
"properties": {
"project": {
"type": "string"
"description": "the project slug or path"
}
"strict": {
"type": "boolean"
"default": false
"description": "fail on warnings, not just errors"
}
}
}
// output schema
schema · application/json
{
"type": "object"
"properties": {
"ok": {
"type": "boolean"
}
"findings": {
"type": "array"
"items": {
"type": "object"
"properties": {
"severity": {
"enum": [
"info"
"warn"
"high"
"critical"
]
}
"message": {
"type": "string"
}
"fix": {
"type": "string"
}
}
}
}
}
}
// example call from cursor
~/myapp — example output
→ fizzgig__regulatory_compliance(project="myapp")
{
"ok": false,
"findings": [
{ "severity": "high",
"message": "policy uses user_id without auth.uid()",
"fix": "USING (auth.uid() = user_id)" }
],
"scanned": 3, "duration_ms": 142
}
// reviews
@maya.codes★★★★★
2 days ago

caught a policy that would have leaked every user's comments. shipped a fix in 4 minutes.

@solo_at_3am★★★★★
1 week ago

first tool i installed. it's the one that pays for itself.

@vibebuilder★★★★☆
2 weeks ago

works great. one false positive on a join table — easy to ignore.

// primary action
add to your editor
paste this into your mcp config.
.cursor/mcp.json
{
  "fizzgig": {
    "url": "https://mcp.fizzgig.ai",
    "tools": ["regulatory_compliance"]
  }
}
full setup guide →
// pricing
$0.002 / call
included free in pro plan.
// related tools
gdpr_checker
v0.2.0
→
cookie_monster
v0.2.1
→
data_licence_review
v0.3.0
→
fizzgig

the fluffy guardian of vibe-coded apps. growls at insecure code so you don't have to.

all systems operational

product

code auditbrand and reach (soon)perfect memory (soon)pricingdocschangelog

community

sourdough startersdiscord (soon)github (soon)x / twitter (soon)rss (soon)

company

aboutcontactterms (soon)privacy
© 2026 fizzgig labs.
v1.4.2 · 2026-05-01