30-second quick start
Pick your path. Copy one thing. Be done.
You'll need a GovernMy API key — create one free if you don't have one. Replace ooa_live_xxx with your key.
One command. Your AI client knows about regulations.
npx @governmyai/setup
Writes an mcpServers.governmy entry into each detected client's config — Claude Desktop, Cursor, and the Claude Code CLI. Preserves anything you already have installed. Restart your client and try:
Embed in your product.
npm install @governmyai/sdk
const { GovernMy } = require('@governmyai/sdk');
const govern = new GovernMy({ apiKey: process.env.GOVERNMY_API_KEY });
const res = await govern.getObligations({
riskTier: 'high',
role: 'provider',
annexIiiCategory: ['employment'],
lifecyclePhase: 'deployment',
});
console.log(res.obligations.length, 'obligations apply.');
console.log('Human review required:', res.humanReviewRequired);
Agent flow? Add @governmyai/sdk-anthropic or @governmyai/sdk-langchain to gate consequential tool calls.
Any language. HMAC-signed webhooks.
curl -X POST https://api.governmy.ai/api/rules/obligations \
-H "Authorization: Bearer ooa_live_xxx" \
-H "Content-Type: application/json" \
-d '{
"riskTier": "high",
"role": "provider",
"annexIiiCategory": ["employment"],
"lifecyclePhase": "deployment"
}'
curl -X POST https://api.governmy.ai/api/rules/webhooks \
-H "Authorization: Bearer ooa_live_xxx" \
-H "Content-Type: application/json" \
-d '{
"url": "https://your-app.example.com/webhooks/governmy",
"events": ["compliance.human_review_required"]
}'
Each delivery includes a Governmy-Signature: t=<unix>,v1=<hex> header. Verify with HMAC-SHA256(secret, `${t}.${rawBody}`) and reject payloads older than 5 minutes.