Skip to main content
The MeshAI readiness score measures your organization’s EU AI Act compliance posture across 7 components. The maximum score is 120 points.

Score Components

#ComponentMax PointsWhat It Checks
1Agent Registry20All agents registered with complete metadata (name, description, framework, model, environment)
2Risk Classification20All agents have a risk level assigned (minimal, limited, high, unacceptable)
3Governance Policies15Active policies covering model allowlisting, budget limits, or approval requirements
4Human Oversight20HITL approval policies in place for high-risk agents; require_human_review for applicable agents
5Audit Trail15Audit logging is active and events are being recorded; no gaps in coverage
6FRIA Completion20Fundamental Rights Impact Assessments submitted for all high-risk agents
7Incident Readiness10Incident reporting workflow configured; no overdue incidents

Score Ranges

RangeRatingMeaning
100–120ExcellentStrong compliance posture; ready for audit
70–99GoodMost requirements met; address remaining gaps
40–69FairSignificant gaps; prioritize missing components
0–39PoorMajor compliance risk; immediate action needed

Get Your Readiness Score

curl https://api.meshai.dev/compliance/readiness \
  -H "Authorization: Bearer msh_YOUR_API_KEY"

{
  "success": true,
  "data": {
    "total_score": 85,
    "max_score": 120,
    "rating": "good",
    "components": [
      {
        "name": "agent_registry",
        "score": 20,
        "max_score": 20,
        "status": "complete",
        "details": "12/12 agents fully registered"
      },
      {
        "name": "risk_classification",
        "score": 15,
        "max_score": 20,
        "status": "partial",
        "details": "10/12 agents classified — 2 agents missing risk level"
      },
      {
        "name": "governance_policies",
        "score": 15,
        "max_score": 15,
        "status": "complete",
        "details": "3 active policies covering model, budget, and approval"
      },
      {
        "name": "human_oversight",
        "score": 15,
        "max_score": 20,
        "status": "partial",
        "details": "HITL approval active for 3/4 high-risk agents"
      },
      {
        "name": "audit_trail",
        "score": 15,
        "max_score": 15,
        "status": "complete",
        "details": "234 events recorded, no gaps detected"
      },
      {
        "name": "fria_completion",
        "score": 5,
        "max_score": 20,
        "status": "partial",
        "details": "1/4 high-risk agents have submitted FRIA"
      },
      {
        "name": "incident_readiness",
        "score": 0,
        "max_score": 10,
        "status": "missing",
        "details": "No incident reporting workflow configured"
      }
    ],
    "recommendations": [
      "Classify the remaining 2 agents with a risk level",
      "Add require_approval policy for high-risk agent 'finance-analyzer'",
      "Complete FRIA for agents: hr-screener, loan-evaluator, medical-triage",
      "Configure incident reporting workflow in Settings"
    ],
    "assessed_at": "2026-03-17T10:00:00Z"
  }
}

Improving Your Score

1

Complete agent registry (20 pts)

Ensure every agent has a name, description, framework, model provider, model name, and environment. Use PATCH /agents/{id} to fill in missing fields.
2

Classify all agents (20 pts)

Assign a risk level to every registered agent. Use the AI-assisted suggestion endpoint if unsure.
3

Create governance policies (15 pts)

Set up at least one policy — a model allowlist, budget limit, or approval requirement.
4

Enable human oversight (20 pts)

Create require_approval policies for all high-risk agents. Ensure HITL workflows are active in the dashboard.
5

Verify audit trail (15 pts)

This component scores automatically as events are recorded. Check for gaps by reviewing the audit trail.
6

Submit FRIAs (20 pts)

Complete and submit a FRIA for every high-risk agent before deployment.
7

Configure incident reporting (10 pts)

Set up the incident reporting workflow. Ensure your team knows the 15-day and 2-day deadlines.