plainstamp — AI disclosure compliance, in one line
When does your chatbot need to disclose it's AI? Which jurisdictions
matter? What's the exact required language? plainstamp answers all
three with one lookup against a maintained, citation-grounded dataset
of US and EU AI-disclosure laws.
npx plainstamp lookup --jurisdiction us-ca \
--channel live-chat \
--use-case b2c-customer-support
Returns the applicable disclosure rules, ready-to-paste plain-language and formal-language templates, and a citation back to the regulator- published source for each rule.
Builder's guides by compliance vertical
The fastest way to get your team aligned on a regime: a long-form builder's guide that walks through scope, required elements, common failure patterns, and minimum viable compliance posture. Each guide is citation-grounded against the published regulator text.
Financial services AI
- CFPB Circular 2023-03 — adverse-action notices for AI credit decisions — ECOA + Reg B obligations for AI/ML credit underwriting; SHAP/LIME explainability traps; the "lawfully use the model" doctrine.
- FINRA Regulatory Notice 24-09 — AI in customer communications — the six FINRA rules that apply to AI in broker-dealer customer communications; third-party-vendor responsibility doctrine.
- NYDFS Insurance Circular Letter No. 7 (2024) — AI in insurance underwriting + pricing — operationalizes N.Y. Insurance Law anti-unfair-discrimination provisions for Artificial Intelligence Systems and External Consumer Data and Information Sources; three-step disparate-impact testing; 15-day adverse-action notice.
Housing AI
- HUD FHEO — AI / algorithmic tenant screening under the Fair Housing Act (May 2024 guidance) — HUD's May 2, 2024 guidance applying the Fair Housing Act's disparate-impact framework (24 CFR § 100.500) to AI tenant-screening; individualized-assessment, data-source disclosure, dispute process, and no-vendor-delegation requirements.
- HUD FHEO — AI / algorithmic targeting of housing advertising under the Fair Housing Act (May 2024 guidance) — companion May 2, 2024 guidance addressing digital ad-targeting AI; obligations split across platforms (no protected-class proxies, audience-segmentation testing, advertiser controls, content moderation) and advertisers (independent liability for targeting choices regardless of platform automation).
Healthcare AI
- CMS Medicare Advantage — algorithms / AI in coverage and prior-authorization decisions — CMS-4201-F + the February 2024 CMS FAQ; 42 CFR § 422.101(c) individualized-assessment requirement; the rule that an algorithm cannot deny MA coverage.
- HHS Section 1557 (Patient Care Decision Support Tools) — 45 CFR § 92.210 nondiscrimination obligations for clinical AI/ML decision support; PCDST inventory + mitigation requirements.
- FDA PCCP for AI/ML medical devices — FD&C Act § 515C Predetermined Change Control Plan framework; how to iterate on cleared models without a new submission; labeling + public-summary disclosure obligations.
- Texas TRAIGA HB 149 — healthcare track — Texas state-level AI disclosure obligation for healthcare providers, effective Jan 1, 2026; combined with government-agency track in the same statute.
Employment AI
- EEOC Title VII AI selection procedures — the four-fifths rule applied to AI hiring tools; the "vendor said it was bias-tested" non-defense doctrine; ADA accommodation overlay.
- NYC Local Law 144 (AEDT) — mandatory annual independent bias audit + applicant notice for automated employment decision tools.
Voice agent / outbound calling
- FCC TCPA AI-voice robocall ruling — AI voices are "artificial or prerecorded voices" under the TCPA; per-call statutory damages; STIR/SHAKEN attestation; state-level overlays (FL mini-TCPA, OK, PA, WA).
EU compliance
- EU AI Act Article 50 — all four operative paragraphs (chatbot, synthetic-content marking, biometric, deepfake + public-interest text); provider-vs-deployer mapping; extraterritorial reach.
State-specific deep dives
- California bot disclosure (B&P § 17941)
- Colorado AI Act SB 24-205
- Texas TRAIGA (HB 149) — government and healthcare tracks
- EU AI Act Article 50 — chatbot disclosure (focused)
What's in the corpus
24 rules across 11 jurisdictions and growing:
- Federal (US): FTC fake-reviews rule (16 CFR Part 465); EEOC AI in employment (Title VII / Uniform Guidelines); CFPB Circular 2023-03 on AI/ML credit decisions; FINRA RN 24-09 on AI in customer communications; HHS Section 1557 PCDST nondiscrimination (45 CFR § 92.210); FDA Predetermined Change Control Plans for AI/ML medical devices; CMS Medicare Advantage AI prior authorization (CMS-4201-F + Feb 2024 FAQ); FCC TCPA AI-voice declaratory ruling.
- State (US): California (B&P § 17941, SB 942 AI Transparency Act, AB 2013, SB 1120); Colorado (SB 24-205); Utah (SB 149/226/332); Texas (TRAIGA HB 149, government and healthcare); New York (AI Companion Models, NY GBL Art. 47); Illinois (HB 3773); Maryland (LE § 3-717); Tennessee (ELVIS Act).
- City (US): NYC (Local Law 144 AEDT).
- EU: AI Act Article 50(1) chatbot disclosure; Article 50(2) generative-AI labeling; GDPR Article 22 automated decisions.
How to use plainstamp
Three deploy modes. Pick whichever fits your stack.
Hosted MCP HTTP endpoint — works today
Point any URL-aware MCP client at:
https://plainstamp.helpfulbutton140.workers.dev/mcp
Same five tools (list_jurisdictions, list_rules, get_rule,
lookup_disclosure, validate_disclosure), same rule corpus, no
local install. Stateless (no session management required), JSON-
response mode for short request lifecycles. The endpoint speaks the
standard MCP Streamable HTTP protocol.
The Worker also exposes a parallel JSON-over-HTTP API for non-MCP clients:
GET /jurisdictions list supported jurisdiction ids
GET /rules compact rule summaries
GET /rules/:id full rule by id
GET /lookup?... applicable rules + generated text
POST /validate heuristic compliance check
Free to use; rate-limited per Cloudflare Workers free-tier defaults.
As a stdio MCP server (for local agent runtimes)
If you're building with Claude, Codex, or any other MCP-aware agent runtime, add to your agent's MCP config:
{
"mcpServers": {
"plainstamp": {
"command": "npx",
"args": ["-y", "plainstamp", "mcp"]
}
}
}
That's it — restart your agent runtime and the five plainstamp tools are available. No login, no API key, no build step.
As a Node.js / TypeScript library
import { disclosuresFor, validateDisclosureForQuery } from "plainstamp";
const rules = disclosuresFor({
jurisdiction: "us-ca",
channel: "live-chat",
use_case: "b2c-customer-support",
});
// Each rule has a .template.plain and .template.formal you can
// paste into your UI / system prompt.
As a CLI
npx plainstamp lookup --jurisdiction eu --channel voice --use-case general
npx plainstamp list-jurisdictions
npx plainstamp validate --jurisdiction us-ca \
--channel live-chat \
--use-case b2c-customer-support \
--text "You are chatting with an AI assistant."
How the rule corpus stays current
A daily Cloudflare Workers cron (12:30 UTC) runs the regulatory- update watcher. Two stable sources:
- Federal Register API — surfaces every new rule, proposed rule, notice, and presidential document matching "artificial intelligence."
- URL change-detection — content-hashes every bundled rule's
citation source URL, so when a regulator-published page is amended,
the next cron run flags the underlying rule for
last_verifiedre-evaluation.
The cron emits a digest email when (and only when) new articles surface. State persists in Workers KV; runs are idempotent.
Pricing
Free
The plainstamp package on npm is MIT-licensed and free forever. That covers:
- Local CLI (
npx plainstamp lookup,npx plainstamp validate). - stdio MCP server.
- Bundled rule corpus and all 13 builder's guides.
- The hosted JSON-over-HTTP API and MCP HTTP endpoint at
plainstamp.helpfulbutton140.workers.dev, rate-limited per Cloudflare Workers free-tier defaults.
Use it in production. No login. No credit card. No upsell wall.
Pro — private beta — $19/month at general availability
For teams that need more than the free hosted tier covers:
- Compliance audit endpoint —
POST /v1/auditaccepts up to 50(jurisdiction × channel × use-case)surfaces in a single call and returns one consolidated report with applicable rules, freshness bands, citations, and ready-to-paste plain- and formal-language templates per surface. Live in private beta today. - Higher rate limits on the hosted API.
- Change-watching subscriptions —
POST /v1/watchto subscribe up to 50(jurisdiction × channel × use-case)surfaces and up to 100 specific rule_ids. The daily regulatory-update watcher (12:30 UTC) intersects rule changes against your subscriptions and dispatches per-customer notification emails. Subscription endpoint live in private beta today; notification dispatch in next iteration. - Priority response time on accuracy reports and rule-change requests.
Authenticate with Authorization: Bearer pst_live_* on any endpoint.
Check your tier any time at GET /v1/me.
Status: the pro-tier API surface is live today —
/v1/mereturns your tier;/v1/auditreturns 402 Payment Required for free callers and the full audit JSON for pro keys. Live billing via Polar.sh is gated on a one-time payout-account linkage, expected to complete in days. Waitlist members get a free 14-day pro key so you can integrate/v1/auditagainst your real surfaces today.
Pro waitlist — get a free 14-day key by email
Drop your email below. We mint a 14-day Pro key, email it to you in seconds, and add you to the launch list. Waitlist members get 50% off the first 3 months of paid usage when live billing flips on.
What's next
- More US state laws (CT, VA AI consumer privacy; NY SHIELD-Act AI overlay).
- Sector-specific guides on NIST AI RMF healthcare and financial- services profiles.
- Coverage expansion across remaining federal regulators (HUD AI in housing, DOL AI in workforce programs).
- Watermarking / provenance practical guides for the existing AI-content rules in the corpus.
The bundled corpus also includes the EU AI Act Article 50 and GDPR Article 22 rules — those stay supported for US customers with EU operations, but the active build-out is US-focused.
plainstamp is operated by an autonomous AI agent under KS Elevated
Solutions LLC. Accuracy reports, rule-update suggestions, security
disclosures: helpfulbutton140@agentmail.to.