<a name="top"></a> <div align="center">

<img src="https://capsule-render.vercel.app/api?type=rect&color=0:6b46c1,100:2b6cb0&height=120&section=header&text=AICARD&fontSize=48&fontColor=ffffff&fontAlignY=58" width="100%" alt="AICARD"/>

AICARD

Auto-generated NIST AI RMF / EU AI Act Annex IV model & system cards

<img src="https://readme-typing-svg.demolab.com?font=Fira+Code&size=18&duration=3500&pause=1000&color=6B46C1&center=true&vCenter=true&width=720&lines=Autogenerated+NIST+AI+RMF++EU+AI+Act+Annex+IV+model++system+;Self-hostable+%C2%B7+MCP-native+%C2%B7+CI-ready+%C2%B7+polyglot" width="720"/>

AI Security & Governance — securing LLMs, agents, and the MCP supply chain.

</div>

pip install cognis-aicard
aicard scan .            # → prioritized findings in seconds

Contents

• Why aicard? · Features · Quick start · Example · Architecture · AI stack · How it compares · Integrations · Install anywhere · Related · Contributing

<a name="why"></a>

Why aicard?

Auto-generated NIST AI RMF / EU AI Act Annex IV model & system cards — without standing up heavyweight infrastructure.

aicard is single-purpose, scriptable, and self-hostable: point it at a target, get prioritized results in the format your workflow already speaks (table · JSON · SARIF), gate CI on it, and let agents drive it over MCP.

<div align="right"><a href="#top">↑ back to top</a></div>

<a name="features"></a>

Features

• ✅ Load Descriptor
• ✅ Evaluate
• ✅ Render Card
• ✅ Render Report Table
• ✅ Report To Dict
• ✅ Runs on Linux/macOS/Windows · Docker · devcontainer
• ✅ Ports in Python, JavaScript, Go, and Rust (ports/)

<div align="right"><a href="#top">↑ back to top</a></div>

<a name="quick-start"></a>

Quick start

pip install cognis-aicard
aicard --version
aicard scan .                       # scan current project
aicard scan . --format json         # machine-readable
aicard scan . --fail-on high        # CI gate (non-zero exit)

<div align="right"><a href="#top">↑ back to top</a></div>

<a name="example"></a>

Example

$ aicard scan .
  [HIGH    ] AIC-001  example finding             (./src/app.py)
  [MEDIUM  ] AIC-002  another signal              (./config.yaml)

  2 findings · risk score 5 · 38ms

<div align="right"><a href="#top">↑ back to top</a></div>

<a name="architecture"></a>

Architecture

flowchart LR
  A[Input: file / dir / API] --> B[Collectors]
  B --> C[Rules / Analyzers]
  C --> D[Scorer]
  D --> E{Reporters}
  E --> F[Table]
  E --> G[JSON / SARIF]
  E --> H[MCP tool -. drives .-> AI agents]

<div align="right"><a href="#top">↑ back to top</a></div>

<a name="ai-stack"></a>

Use it from any AI stack

aicard is interoperable with every popular way of using AI:

• MCP server — aicard mcp (Claude Desktop, Cursor, Cognis.Studio, uncensored-fleet)
• OpenAI-compatible / JSON — pipe aicard scan . --format json into any agent or LLM
• LangChain · CrewAI · AutoGen · LlamaIndex — wrap the CLI/JSON as a tool in one line
• CI / scripts — exit codes + SARIF for non-AI pipelines

<div align="right"><a href="#top">↑ back to top</a></div>

<a name="how-it-compares"></a>

How it compares

	Cognis aicard	typical tools
Self-hostable, no account	✅	varies
Single command, zero config	✅	⚠️
JSON + SARIF for CI	✅	varies
MCP-native (AI agents)	✅	❌
Polyglot ports (JS/Go/Rust)	✅	❌
Open license	✅ COCL	varies
<div align="right"><a href="#top">↑ back to top</a></div>

<a name="integrations"></a>

Integrations

Pipes into your stack: SARIF for code-scanning, JSON for anything, an MCP server (aicard mcp) for AI agents, and a webhook forwarder for SIEM/Slack/Jira. See docs/INTEGRATIONS.md.

<div align="right"><a href="#top">↑ back to top</a></div>

<a name="install-anywhere"></a>

Install — every way, every platform

pip install "git+https://github.com/cognis-digital/aicard.git"    # pip (works today)
pipx install "git+https://github.com/cognis-digital/aicard.git"   # isolated CLI
uv tool install "git+https://github.com/cognis-digital/aicard.git" # uv
pip install cognis-aicard                                          # PyPI (when published)
docker run --rm ghcr.io/cognis-digital/aicard:latest --help        # Docker
brew install cognis-digital/tap/aicard                             # Homebrew tap
curl -fsSL https://raw.githubusercontent.com/cognis-digital/aicard/main/install.sh | sh

Linux	macOS	Windows	Docker	Cloud
scripts/setup-linux.sh	scripts/setup-macos.sh	scripts/setup-windows.ps1	docker run ghcr.io/cognis-digital/aicard	DEPLOY.md (AWS/Azure/GCP/k8s)

<div align="right"><a href="#top">↑ back to top</a></div>

<a name="related"></a>

Related Cognis tools

• aegis — AI Agent Permission & Access Auditor — surfaces the lethal trifecta of credentials + injection + reach
• promptmirror — Prompt-injection & indirect-injection scanner for any LLM context input
• ledgermind — Local LLM cost & token forensics proxy with anomaly detection
• adversa — LLM red-team harness — OWASP LLM Top 10 + MITRE ATLAS attack packs
• guardpost — Runtime agent firewall — PII redaction, rate limits, policy enforcement
• hallumark — LLM hallucination & grounding auditor for RAG systems

Explore the suite → 🗂️ all 170+ tools · ⭐ awesome-cognis · 🔗 cognis-sources · 🤖 uncensored-fleet · 🧠 hermes

<div align="right"><a href="#top">↑ back to top</a></div>

<a name="contributing"></a>

Contributing

PRs, new rules, and demo scenarios are welcome under the collaboration-pull model — see CONTRIBUTING.md and SECURITY.md.

⭐ If aicard saved you time, star it — it genuinely helps others find it.

License

Source-available under the Cognis Open Collaboration License (COCL) v1.0 — free for personal, internal-evaluation, research, and educational use; commercial / production use requires a license (licensing@cognis.digital). See LICENSE.

---

<div align="center">_{<b><a href="https://cognis.digital">Cognis Digital</a></b> · one of 170+ tools in the <a href="https://github.com/cognis-digital/cognis-neural-suite">Cognis Neural Suite</a> · <i>Making Tomorrow Better Today</i>}</div>