{ "name": "Bidda Sovereign Intelligence", "description": "Search and retrieve cryptographically-verified compliance nodes. 9,500 nodes across 39 pillars, including a MITRE layer across 6 frameworks — AI Governance, Banking & Global Finance, Cybersecurity, Medical & Healthcare, Legal & IP Sovereignty, ESG and more. Zero hallucination: every node traces to primary legal sources with avg 7 citations.", "version": "1.0.0", "protocol_version": "2025-03-26", "endpoint": "https://bidda.com/mcp", "homepage": "https://bidda.com", "contact": "info@bidda.com", "tools": [ { "name": "list_pillars", "description": "List all compliance pillars in the Bidda Sovereign Intelligence registry with node counts. Use this first to discover available compliance domains before searching. Bidda has 9,500 cryptographically-verified nodes across 39 pillars, including a MITRE layer spanning 6 frameworks (ATT&CK Enterprise/Mobile/ICS, D3FEND, ATLAS, CAPEC) plus Banking, AI Governance, Cybersecurity, Healthcare, Legal, ESG and more." }, { "name": "search_nodes", "description": "Search Bidda compliance nodes by keyword. Returns matching node summaries including a one-sentence BLUF (Bottom Line Up Front) — the exact compliance obligation in plain language. Every node traces to a primary legal source (no hallucination). Examples: \"Basel III capital\", \"GDPR data breach\", \"AML transaction monitoring\", \"SOC 2 Type II\"." }, { "name": "get_node", "description": "Get a specific compliance node by its ID. Returns the node summary: title, compliance pillar, version, last updated, and BLUF. The full node (machine-executable deterministic workflow, actionable schema, primary legal citations, dependency chain) is available at bidda.com." }, { "name": "get_dependency_chain", "description": "Walk the prerequisite chain for a compliance node. Given one node, returns its full dependency tree (the prior obligations an agent must satisfy before this one applies). Use this to plan a complete compliance posture: unlocking one node usually requires understanding 3-8 upstream nodes. Defaults to depth 2; max 4." }, { "name": "get_crosswalk", "description": "Return the cross-framework mapping dimensions for a node — which other regulations, standards, or jurisdictions this rule maps to (e.g. GDPR Article 17 → CCPA right-to-delete → POPIA Section 24). Discovery returns the available dimensions; full mapping values are vault-gated." }, { "name": "get_latest_changes", "description": "List the most recently updated compliance nodes — the regulatory change feed. Use to monitor incoming amendments, new guidance, or freshly added rules. Filter by pillar to focus on a domain. Agents should call this on a schedule to keep compliance posture current." }, { "name": "get_jurisdiction_bundle", "description": "Return all compliance nodes that apply in a specific jurisdiction (EU, US, UK, Australia, Singapore, India, Canada, China, South Africa, Japan, Brazil and others). Use when an agent enters a new market and needs the full regulatory surface for that geography." }, { "name": "get_mitre_mapping", "description": "The MITRE Rosetta Stone. Given a MITRE technique ID across 5 frameworks (ATT&CK Enterprise, ATT&CK Mobile, ATT&CK ICS, D3FEND, ATLAS), return the Bidda node for that technique plus its mapped compliance obligations: NIST 800-53 controls, ISO 27001 Annex A clauses, PCI DSS requirements, NIS2 articles, HIPAA Security Rule, DORA articles, NERC CIP, IEC 62443. The bridge between how SOC teams think (technique IDs) and how compliance teams think (control families). Free." }, { "name": "check_action_compliance", "description": "Pre-flight regulatory check. Agent describes an intended action in natural language (\"process EU resident biometric data\", \"transfer health records to a third-party AI vendor\", \"deploy autonomous trading model in Singapore\") and receives a ranked list of regulations that may apply, plus a risk indicator (LOW/MODERATE/HIGH). The primary tool for runtime compliance gating in autonomous agent workflows." } ] }