Find compliance blind spots
before regulators do.

Scans your code against HIPAA, SOC2, PCI-DSS, GDPR, CCPA, and 5 more
Asks the exact questions regulators ask in investigations
Finds the evidence in specific files and line numbers
HIPAA fines averaged $9.48M per breach in 2024
45% of AI-generated code has security flaws — Veracode 2025
OpenDocket asks the questions an investigator would ask — and finds the evidence in your code
Use my API keys
Both keys are used only for this scan and never stored.
3 free scans per hour · No account required
--
repos scanned
--
lines of code evaluated
--
findings analyzed
--
confirmed findings

How It Works

1

Point it at a repo

Give OpenDocket any public GitHub URL. It clones the repository, runs qualification gates, and detects which regulatory domains apply — healthcare, fintech, SaaS, payments, communications, and more.

2

It asks legal questions

Based on the domain, OpenDocket loads compliance frameworks — 17 frameworks, 160+ questions from actual regulatory text. The questions a regulator would ask in a deposition or audit.

3

You get a legal brief

For each question, OpenDocket finds evidence in your code — specific files, line numbers, patterns. Gemini independently reviews every finding. You get a structured report with risk levels and remediation.

Compliance Intelligence Directory

Real compliance scans of open-source repositories.

RepositoryDomainFrameworksFindings BreakdownExaminedStatusReport
Loading directory...

Compliance Frameworks

17 regulatory frameworks. 160+ legal questions. Self-expanding question library.

FrameworkApplies toMax PenaltyQuestions
HIPAAHealthcare apps, EHR systems, telemedicine$1.5M/year per category10+
SOC 2SaaS platforms, cloud services, B2B softwareLoss of enterprise contracts10+
PCI-DSSPayment processors, e-commerce, fintech$5K-$100K/month10+
GDPRAny app with EU users, personal data processorsEUR 20M or 4% turnover10+
TCPASMS marketing, automated calling, messaging apps$500-$1,500/violation8+
SOXPublic company software, financial reportingCriminal penalties, delisting8+
CCPA/CPRAAny app with California users, SaaS$2,500-$7,500/violation10+
COPPAApps used by children under 13, educationUp to $51,744/violation8+
FERPAEd-tech, LMS, student information systemsLoss of federal funding8+
GLBAFintech, banking, insurance, financial advisors$100K/violation + criminal8+
NIST CSF 2.0 NEWCritical infrastructure, government contractors, enterpriseContract loss, regulatory action10
ISO 27001 NEWInternational B2B SaaS, enterprise softwareCertification loss, contract loss10
DORA NEWEU fintech, banking, insurance, payment servicesUp to 1% global turnover10
PSD2/SCA NEWEU payment processors, e-commerce checkoutRegulatory enforcement, license revocation10
BIPA NEWBiometric data collection, facial recognition, fingerprints$1,000-$5,000/violation + class action10
EU AI Act NEWAI/ML systems, automated decision-makingUp to EUR 35M or 7% turnover10
HITRUST CSF NEWHealthcare SaaS, EHR vendors, health data processorsContract loss, certification denial10
Question libraries are self-expanding — the system discovers and adds new compliance patterns with every scan. Contribute on GitHub

Open Source

MIT License. Scan any public repo, contribute frameworks, or build on top of it.

View on GitHub Contribute