AI governance engine — decision controls, compliance, audit chains, knowledge packs.
Enterprise AI governance through the Model Context Protocol.
GIA is a production governance engine that gives AI agents enforceable decision controls, compliance scoring, immutable audit chains, and human-in-the-loop gates. Built for organizations operating under NIST, FedRAMP, CMMC, EU AI Act, and SOC 2 requirements.
29 MCP tools. One integration point. Works with Claude Desktop, Claude Code, OpenAI Agent Builder, and any MCP-compatible client.
npx gia-mcp-serverOr install globally:
npm install -g gia-mcp-server
gia-mcp-serverThe server connects to the hosted GIA engine at https://gia.aceadvising.com. Configure your API key:
GIA_API_KEY=your-key npx gia-mcp-serverAdd to your claude_desktop_config.json:
{
"mcpServers": {
"gia-governance": {
"command": "npx",
"args": ["-y", "gia-mcp-server"],
"env": {
"GIA_API_KEY": "your-key"
}
}
}
}claude mcp add gia-governance -- npx -y gia-mcp-serverPoint to the Streamable HTTP endpoint:
https://gia.aceadvising.com/mcp
npx -y @smithery/cli install @knowledgepa3/gia-mcp-server --client claude
| Tool | Description |
|---|---|
classify_decision | Classify agent decisions as Mandatory, Advisory, or Informational |
approve_gate | Human-in-the-loop approval for Mandatory gates |
evaluate_threshold | Compute escalation health (Storey Threshold) |
score_governance | Weighted governance scoring (Integrity, Accuracy, Compliance) |
| Tool | Description |
|---|---|
audit_pipeline | Query the hash-chained forensic audit ledger |
verify_ledger | Verify SHA-256 chain integrity from genesis |
map_compliance | Map controls to NIST AI RMF, EU AI Act, ISO 42001, NIST 800-53 |
assess_risk_tier | EU AI Act risk tier classification |
generate_report | Governance status reports (summary, detailed, executive) |
| Tool | Description |
|---|---|
seal_memory_pack | Create immutable, TTL-bound knowledge artifacts |
load_memory_pack | Load packs with trust level and role enforcement |
transfer_memory_pack | Governed knowledge transfer between agents |
compose_memory_packs | Merge packs with risk contamination rules |
distill_memory_pack | Extract governance patterns from usage history |
promote_memory_pack | Promote packs to higher trust levels after review |
| Tool | Description |
|---|---|
monitor_agents | Agent health, repair history, failure counts |
srt_run_watchdog | Infrastructure health probes (API, disk, memory, TLS, DB, DNS) |
srt_diagnose | Incident diagnosis with playbook matching |
srt_approve_repair | Human-approved repair execution |
srt_generate_postmortem | Structured incident postmortems with TTD/TTR metrics |
| Tool | Description |
|---|---|
gia_scan_environment | Scout swarm for environment detection |
gia_list_packs | List remediation, patrol, hardening, and audit packs |
gia_dry_run_pack | Preview pack execution with blast radius analysis |
gia_apply_pack | Execute remediation with mandatory human approval |
gia_run_patrol | Read-only posture checks and compliance audits |
| Tool | Description |
|---|---|
record_value_metric | Track time saved, risks blocked, autonomy levels |
record_governance_event | Log gates, drift prevention, violations blocked |
generate_impact_report | Economic + governance ROI reporting |
system_status | Engine health, uptime, configuration |
GIA enforces governance through three layers:
Every governance action is recorded in a SHA-256 hash-chained audit ledger that can be independently verified.
Built by Advanced Consulting Experts (ACE) — a Service-Disabled Veteran-Owned Small Business (SDVOSB).
GIA was designed by William J. Storey III, a 17-year Information System Security Officer with experience across DoD contracts and U.S. Army Ranger Battalion operations. The same discipline applied to securing classified systems now governs AI agent workforces.
MIT