AI / MCP

A real AI architecture, not a chatbot bolted onto the UI.

RiskReady Community Edition exposes domain MCP servers, an orchestration gateway, approval-aware mutation paths, and the tasking foundation for autonomous workflows.

Mental model

User, schedule, or event trigger
downstream
Gateway routing and agent logic
fan out
Risks
Controls
Policies
Approval queue
PostgreSQL state

254 tools across 9 MCP servers

Each domain exposes focused tools instead of hiding everything behind one generic assistant endpoint.

6-agent AI Council

Complex cross-domain questions convene 6 specialist agents (Risk Analyst, Controls Auditor, Compliance Officer, Incident Commander, Evidence Auditor, CISO Strategist) for structured deliberation.

Human-approved mutations

Write actions are proposed into an approval queue before they touch the database. This applies equally to interactive chat, scheduled runs, and autonomous workflows.

MCP Proxy for Claude Desktop

Connect Claude Desktop directly to your GRC data — bring your own AI. Remote MCP proxy with API key auth, zero AI cost to you.

Agentic gateway

The gateway coordinates routing, scheduled runs, cross-domain workflows with approval gates, and council-style analysis. Workflows pause and resume automatically around human decisions.

$0.19 per council (Haiku)

Full security posture assessment with 6 agents, 32 tool calls, 120K tokens. $0.007 per single query. 96% token reduction via tool search.

MCP surface

The community build ships nine domain-specific MCP servers.

Controls

66 tools

Controls, SoA, assessments, metrics, and scope management.

Risks

34 tools

Risk registers, scenarios, KRIs, RTS, and treatment plans.

Policies

23 tools

Documents, versions, approvals, reviews, mappings, and exceptions.

Organisation

35 tools

Profiles, committees, processes, departments, and governance data.

ITSM

40 tools

CMDB, change management, software inventory, and capacity planning.

Incidents

19 tools

Incidents, timelines, lessons learned, and related records.

Evidence

16 tools

Evidence repository, requests, linking, and analysis.

Audits

14 tools

Nonconformities, audit findings, and corrective actions.

Agent Ops

7 tools

Action status, task tracking, workflow support, and operational introspection.

Human approval model

Mutations pause for review instead of silently writing.

The approval queue is central to the community story. It keeps the AI useful without hiding state changes behind a black box. For the full technical detail, use the AI Assistant and MCP reference docs in the repo.

AI Assistant GuideMCP Server Reference
Risk register screenshot

Risk register

MCP approvals screenshot

Human approval queue