Standards-aware compliance for AI assistants.
Give Claude, ChatGPT and any MCP-capable client direct, audited access to AppGenie's customer-scoped controlled standards content. Output that cites real sources, applies the right framework profile, and stays inside the boundaries your subscription tier entitles you to.
Why this exists
AI assistants are now writing requirements, test cases, release notes, evidence packs and risk records inside compliance-regulated delivery work. Most of them invent the framework wording. Some quote it badly. None of them have an auditable trail from "the assistant said this" back to "this clause in this controlled standard at this version produced that output."
Plausible-sounding compliance content is not compliance content. If you cannot point to the source, the version, and the enforcement decision behind the answer, you are not aligned to a standard. You are doing audit theatre.
The AppGenie Compliance MCP solves this by exposing AppGenie's controlled, customer-scoped compliance catalogue as a Model Context Protocol service. Your AI assistant calls the MCP for the guidance, gets back cited overlay rules, register requirements, evidence classes and an enforcement decision, and then produces the work product against that overlay.
What you get
Two tools, one purpose
query_appgenie_compliance returns the overlay for a specific delivery
question. get_appgenie_compliance_health reports service status. Both are
self-describing via MCP tools/list.
Profiles for the frameworks you work to
Baseline Commercial (free), ISO 9001, ISO 27001, AI-Controlled Delivery, NIST 800-53 Rev 5, FedRAMP, IRAP. Pick one or let the runtime select.
Output modes that match real delivery work
Cited answer, overlay-only, sources-only, checklist, artefact constraints, evidence pack outline. Free-tier and paid modes are clearly distinguished.
Cited every time
Every response includes the standards drawn on. No mystery citations. No invented clauses. No bulk export or reconstruction of controlled content.
OAuth 2.1 with DCR and CIMD
Claude and ChatGPT connect via the standard MCP authorization flow against AppGenie's WorkOS-backed AuthKit. No static client_id wrangling.
Australian-hosted
Service runs in AWS ap-southeast-2. The catalogue served is the customer-scoped AppGenie bundle. Content availability is gated by subscription tier, not hidden corpora.
Subscription tiers
| Tier | Content packs | Output modes | Monthly requests | Path |
|---|---|---|---|---|
| Trial (14 days) | Baseline plus ISO 9001, AI-Controlled Delivery, NIST and Operational Assurance | All free and paid modes | 10,000 | Self-serve signup |
| Free / Baseline | Baseline only | Cited answer, overlay-only, sources-only | 100 | Self-serve (post-trial) |
| ISO 9001 | Baseline plus ISO 9001 | All free and paid modes (checklist, artefact constraints, evidence pack) | 5,000 | Self-serve checkout via Stripe |
| Professional | Baseline plus ISO 9001, AI-Controlled Delivery, NIST and Operational Assurance | All free and paid modes | 10,000 | Self-serve checkout via Stripe |
| Enterprise | All packs including ISO 27001, FedRAMP and IRAP | All output modes including diagnostic bundle (under permission) | Unlimited | Contact sales |
Self-serve plans (ISO 9001, Professional) are checkout-driven via Stripe. Enterprise is sales-led, including ISO 27001, FedRAMP and IRAP packs. Tier resolution is automatic on first sign-in; an upgrade prompt is returned on denied requests with a direct link to the appropriate purchase path.
How customers use it
Connect once. Ask the assistant a delivery question that touches compliance. The assistant calls the MCP, receives the overlay, and produces work that traces back to the cited standards. No manual standards-hunting. No copy-paste from PDFs. No invented framework rationale on a steering deck the day before audit.
Concrete examples:
- "Draft an ISO 9001 work product acceptance checklist for the next sprint." The assistant returns a checklist that cites the relevant ISO 9001 clauses, lists the required register entries and evidence classes, and applies the AppGenie enforcement decision.
- "What evidence pack do I need for this AI delivery change to align to AI-Controlled Delivery?" The assistant returns an evidence pack outline with the required evidence classes, register entries, risk records and incident records, plus the enforcement decision.
- "Is this release ready against ISO 27001?" The assistant returns artefact constraints the work product MUST satisfy, the cited supporting standards, and a pass/block decision.
Connect from your assistant
Full setup steps for each client are in the documentation. The short version:
- Claude Desktop / claude.ai: add
https://compliance.appgenie.com.auas a connector. Claude will handle the OAuth handshake against AuthKit automatically. - ChatGPT (Apps SDK): add the same URL as an MCP server. ChatGPT completes the same OAuth flow.
- Direct HTTP: POST JSON-RPC to
https://compliance.appgenie.com.au/mcpwith an OAuth Bearer token issued by AuthKit, or a migration-period AppGenie Bearer token issued during signup.