EU AI Act Compliance | AgentForge

1. AgentForge and the EU AI Act

The EU Artificial Intelligence Act (Regulation (EU) 2024/1689) establishes a comprehensive legal framework for AI systems in the European Union. AgentForge is committed to full compliance with this regulation and to supporting our users in meeting their own obligations.

AgentForge operates as a marketplace and registry for MCP (Model Context Protocol) servers — it is not an AI system itself. Our platform facilitates the discovery, connection, and management of tool servers that AI agents can use. We provide the infrastructure layer between AI agents and the tools they need, without making autonomous decisions or generating AI outputs.

Where AgentForge incorporates AI-powered features (such as Smart Search or agent recommendations), these are clearly identified and operate under the transparency requirements of the AI Act.

2. Risk Classification

Under the EU AI Act's risk-based framework, AgentForge falls under the minimal risk category. Here is our assessment:

Risk Level	Description	AgentForge Status
Unacceptable	Social scoring, manipulative AI, real-time biometric surveillance	Not applicable
High Risk	Critical infrastructure, law enforcement, employment, education	Not applicable
Limited Risk	Chatbots, emotion recognition, deepfake generation	Transparency obligations apply to AI-powered features
Minimal Risk	AI-enabled tools, spam filters, recommendation engines	AgentForge's classification

We do not deploy high-risk AI systems.
MCP servers listed on our platform are tools, not autonomous decision-making systems. They execute specific functions when called by agents.
AgentForge does not engage in social scoring, biometric identification, or any prohibited AI practices under the AI Act.

3. Transparency Obligations

In accordance with the EU AI Act's transparency requirements, AgentForge ensures users always know when they are interacting with AI:

AI-powered features are clearly labeled: Smart Search, agent recommendations, and any AI-assisted functionality are visually marked in the interface so users can distinguish AI-generated suggestions from factual platform data.
No hidden AI: We do not use AI to manipulate user behavior, generate deceptive content, or make decisions that affect users without their knowledge.
Agent identification: AI agents registered on AgentForge receive distinct identity keys (af_agent_ prefix) to ensure they are always distinguishable from human users in API interactions.
Documentation: Our API documentation clearly specifies which endpoints use AI processing and what data is sent to AI providers.

4. Our Commitments

AgentForge upholds the following commitments aligned with the EU AI Act's principles:

Transparency

All AI-powered features are clearly marked in the user interface. We publish our AI usage policies and make it easy for users to understand how AI is used within the platform. No AI features operate without user awareness.

Documentation

Our API documentation is publicly available and comprehensively covers all endpoints, data flows, and integration patterns. Machine-readable API docs are available at /api/v1/docs. We maintain detailed records of our AI systems and their intended purposes.

Human Oversight

Enterprise customers have access to a governance dashboard with full visibility into agent activities, API usage, and server interactions. All automated processes can be monitored, paused, or overridden by human operators. Administrative controls ensure that humans remain in the loop for critical decisions.

Data Quality

We maintain high data quality standards for our marketplace through verified server listings, a community review process with verified usage badges, automated health checks and uptime monitoring, and structured capability descriptions that prevent ambiguity. Our review system distinguishes between verified (usage-based) and unverified reviews.

5. For AI Agent Developers

If you are developing AI agents that use AgentForge to discover and interact with MCP servers, the following guidance will help you meet your own EU AI Act obligations:

Clearly describe your agent's purpose: When registering your agent via our API, provide a clear, accurate description of its intended purpose and capabilities. This supports the AI Act's transparency requirements and helps the AgentForge ecosystem maintain trust.
Implement appropriate safeguards: Depending on your agent's use case, you may need to implement human oversight mechanisms, safety boundaries, and fallback procedures. High-risk applications require conformity assessments under the AI Act.
Maintain audit trails: AgentForge's API provides detailed usage logs for every tool call your agent makes. Use the GET /api/v1/agents/me endpoint to access your agent's activity history. Retain these logs as part of your AI Act documentation requirements.
Follow GDPR for personal data: If your AI agent processes personal data through MCP servers on our platform, you are the data controller for that data. Ensure you have a valid legal basis for processing, provide appropriate privacy notices, and respect data subject rights. See our GDPR Compliance and DPA pages for details.
Classify your AI system's risk level: Determine whether your agent falls under the minimal, limited, or high-risk category of the AI Act. If your agent makes decisions that affect individuals (hiring, lending, law enforcement), additional obligations apply.

6. Regulatory References

EU AI Act: Regulation (EU) 2024/1689 of the European Parliament and of the Council
GDPR: Regulation (EU) 2016/679 — General Data Protection Regulation
Czech AI oversight: Czech Trade Inspection Authority (Česká obchodní inspekce) for AI Act market surveillance in the Czech Republic

This page is reviewed and updated regularly to reflect evolving regulatory guidance and enforcement practice under the EU AI Act. Last reviewed: March 2026.

1. AgentForge and the EU AI Act

Where AgentForge incorporates AI-powered features (such as Smart Search or agent recommendations), these are clearly identified and operate under the transparency requirements of the AI Act.

2. Risk Classification

Under the EU AI Act's risk-based framework, AgentForge falls under the minimal risk category. Here is our assessment:

Risk Level	Description	AgentForge Status
Unacceptable	Social scoring, manipulative AI, real-time biometric surveillance	Not applicable
High Risk	Critical infrastructure, law enforcement, employment, education	Not applicable
Limited Risk	Chatbots, emotion recognition, deepfake generation	Transparency obligations apply to AI-powered features
Minimal Risk	AI-enabled tools, spam filters, recommendation engines	AgentForge's classification

We do not deploy high-risk AI systems.
MCP servers listed on our platform are tools, not autonomous decision-making systems. They execute specific functions when called by agents.
AgentForge does not engage in social scoring, biometric identification, or any prohibited AI practices under the AI Act.

3. Transparency Obligations

In accordance with the EU AI Act's transparency requirements, AgentForge ensures users always know when they are interacting with AI:

AI-powered features are clearly labeled: Smart Search, agent recommendations, and any AI-assisted functionality are visually marked in the interface so users can distinguish AI-generated suggestions from factual platform data.
No hidden AI: We do not use AI to manipulate user behavior, generate deceptive content, or make decisions that affect users without their knowledge.
Agent identification: AI agents registered on AgentForge receive distinct identity keys (af_agent_ prefix) to ensure they are always distinguishable from human users in API interactions.
Documentation: Our API documentation clearly specifies which endpoints use AI processing and what data is sent to AI providers.

4. Our Commitments

AgentForge upholds the following commitments aligned with the EU AI Act's principles:

Transparency

Documentation

Human Oversight

Data Quality

5. For AI Agent Developers

If you are developing AI agents that use AgentForge to discover and interact with MCP servers, the following guidance will help you meet your own EU AI Act obligations:

Clearly describe your agent's purpose: When registering your agent via our API, provide a clear, accurate description of its intended purpose and capabilities. This supports the AI Act's transparency requirements and helps the AgentForge ecosystem maintain trust.
Implement appropriate safeguards: Depending on your agent's use case, you may need to implement human oversight mechanisms, safety boundaries, and fallback procedures. High-risk applications require conformity assessments under the AI Act.
Maintain audit trails: AgentForge's API provides detailed usage logs for every tool call your agent makes. Use the GET /api/v1/agents/me endpoint to access your agent's activity history. Retain these logs as part of your AI Act documentation requirements.
Follow GDPR for personal data: If your AI agent processes personal data through MCP servers on our platform, you are the data controller for that data. Ensure you have a valid legal basis for processing, provide appropriate privacy notices, and respect data subject rights. See our GDPR Compliance and DPA pages for details.
Classify your AI system's risk level: Determine whether your agent falls under the minimal, limited, or high-risk category of the AI Act. If your agent makes decisions that affect individuals (hiring, lending, law enforcement), additional obligations apply.

6. Regulatory References

EU AI Act: Regulation (EU) 2024/1689 of the European Parliament and of the Council
GDPR: Regulation (EU) 2016/679 — General Data Protection Regulation
Czech AI oversight: Czech Trade Inspection Authority (Česká obchodní inspekce) for AI Act market surveillance in the Czech Republic

This page is reviewed and updated regularly to reflect evolving regulatory guidance and enforcement practice under the EU AI Act. Last reviewed: March 2026.