AI Act + GDPR Risk Scanner
The scanner will use deterministic questions first. AI explanations can be added later, but raw scoring must stay controlled.
AI Act Checks
Prohibited-risk signals, high-risk indicators, transparency duties, and human oversight.
GDPR Checks
Personal data, automated decisions, DPIA signals, processor/vendor documentation.
Outputs must be phrased as risk indicators and recommended review actions, not final legal conclusions.