Requirements Risk Analyser
БесплатноНе проверенAI-powered pipeline that analyzes user stories and PRDs for gaps, ambiguities, and missing acceptance criteria before coding, with MCP tools for requirement ana
Описание
AI-powered pipeline that analyzes user stories and PRDs for gaps, ambiguities, and missing acceptance criteria before coding, with MCP tools for requirement analysis and risk reporting.
README
An AI-powered requirements risk analysis pipeline built with TypeScript, Claude API, and MCP.
Finds gaps, ambiguities, and missing acceptance criteria in user stories and PRDs — before a single line of code is written.
Architecture
Three specialised agents run in sequence:
- Agent 1 — Requirements Analyst: Extracts structured data from raw requirement text — acceptance criteria, user roles, business rules, third-party dependencies, integrations, and data fields
- Agent 2 — Risk Identifier: Analyses the structured requirement against all business rules and acceptance criteria, identifies genuine gaps across 10 risk categories with HIGH / MEDIUM / LOW severity. Only flags risks that are missing from both AC and business rules combined
- Agent 3 — Report Generator: Produces a quality score /100, a markdown risk report with a Sources Analysed section, and posts a comment on the Jira ticket if applicable
Input Sources
Three ways to provide requirements:
| Method | How | What gets fetched |
|---|---|---|
| File | Paste requirement into input/requirement.md |
File content only |
| Jira | Pass --jira TICKET-ID or use the MCP tool |
Jira description + linked Confluence pages + linked Jira tickets + attachments |
| Inline | Pass text as CLI argument | Inline text only |
Jira + Confluence integration
When a Jira ticket is provided, the pipeline automatically:
- Fetches the ticket description
- Follows remote links to linked Confluence pages and fetches full page content
- Fetches linked Jira tickets (parent / child / related) — 1 level deep
- Downloads and reads plain text attachments
- Merges all content into one combined requirement before analysis
- Posts the risk report summary as a comment back on the Jira ticket
All sources fetched are listed in the Sources Analysed section of the report.
Risk Categories
| Category | What it catches |
|---|---|
missing_negative_scenario |
No sad path defined |
undefined_boundary_value |
Ranges implied but not specified |
missing_error_handling |
Network/DB calls with no failure state |
ambiguous_language |
should, might, fast, valid, strong |
missing_user_role |
Which user type does this apply to? |
missing_acceptance_criteria |
Business rule exists but no testable AC written for it |
security_gap |
No auth, rate limiting, or input validation |
third_party_dependency |
Named external service with no fallback defined |
integration_assumption |
External API assumed always available — no timeout/retry |
data_privacy_gap |
PII collected with no compliance mention |
Sample Output
# Requirements Risk Report
**Requirement:** Password Reset
**Quality Score: 30/100** 🔴
## Risk Summary
| Severity | Count |
|----------|-------|
| 🔴 HIGH | 4 |
| 🟡 MEDIUM | 2 |
| 🟢 LOW | 0 |
## Sources Analysed
| Source | Type | Reference |
|--------|------|-----------|
| QRA-1 — User Password Reset | jira ticket | [Link](...) |
| Password Reset — Detailed Requirements | confluence page | [Link](...) |
MCP Tools
analyse_requirement— full 3-agent pipeline (file or Jira input)extract_requirements— Agent 1 onlyidentify_risks— Agent 2 onlyget_risk_report— read last generated report
Tech Stack
- TypeScript + Node.js
- Anthropic Claude API (Sonnet 4.6 + Haiku 4.5)
- Ollama (local LLM support — toggle via USE_OLLAMA)
- Model Context Protocol (MCP) SDK
- Jira REST API v3
- Confluence REST API v1
Setup
git clone https://github.com/abchahal/requirements-risk-analyser.git
cd requirements-risk-analyser
npm install
cp .env.example .env
# Add your credentials to .env
Running the pipeline
Via terminal
# Analyse input/requirement.md
npm run pipeline
# Analyse a Jira ticket (fetches Confluence + linked tickets automatically)
npm run pipeline -- --jira PROJ-123
# Analyse inline text
npm run pipeline "As a user I want to reset my password..."
Via Claude Desktop / Claude Code
Analyse the requirement in input/requirement.md
Analyse Jira ticket QRA-1 for requirement risks
Output
output/
├── risk_report.md ← full risk report with score and sources
└── archive/
└── 2026-xx-xx/
└── risk_report.md ← previous runs archived automatically
Each report includes:
- Quality score /100 with colour indicator
- Executive summary
- Risks grouped by HIGH / MEDIUM / LOW severity
- Suggested acceptance criteria in Given/When/Then format
- Sources Analysed table — every URL fetched during analysis
Model Strategy
| Agent | Model | Reason |
|---|---|---|
| Agent 1 | Haiku 4.5 | Structured JSON extraction — fast and accurate |
| Agent 2 | Sonnet 4.6 | Risk reasoning — requires deeper analysis |
| Agent 3 | Haiku 4.5 | Report formatting — structured output |
MCP Setup via CLI
Step 1 — Update start-mcp.bat with your path
@echo off
cd /d "C:\path\to\requirements-risk-analyser"
node --loader ts-node/esm src/server.ts
Step 2 — Register the MCP server
claude mcp add -s user requirements-risk-analyser "C:\path\to\requirements-risk-analyser\start-mcp.bat"
Step 3 — Verify
claude mcp get requirements-risk-analyser
Expected output:
requirements-risk-analyser:
Scope: User config (available in all your projects)
Status: ✔ Connected
Type: stdio
Command: C:\path\to\requirements-risk-analyser\start-mcp.bat
Step 4 — Remove the server (if needed)
claude mcp remove requirements-risk-analyser -s user
Switching between Ollama and Claude API
Ollama → Claude API
USE_OLLAMA=false
ANTHROPIC_API_KEY=sk-ant-your-key-here
Claude API → Ollama
ollama pull qwen2.5-coder:7b
USE_OLLAMA=true
OLLAMA_MODEL=qwen2.5-coder:7b
Restart the MCP server after changing .env.
Provider comparison
| Ollama (local) | Claude API (cloud) | |
|---|---|---|
| Cost | Free | Per token |
| Speed | 15–25 minutes | 30–60 seconds |
| Quality | Good | Best |
| Internet required | No | Yes |
| Best for | Development and debugging | Production runs and demos |
Environment Variables
| Variable | Required | Description |
|---|---|---|
ANTHROPIC_API_KEY |
Yes (if USE_OLLAMA=false) | Anthropic API key from console.anthropic.com |
USE_OLLAMA |
Yes | true for local Ollama, false for Claude API |
OLLAMA_MODEL |
No | Default: qwen2.5-coder:7b |
JIRA_BASE_URL |
No | Your Atlassian instance URL e.g. https://yourcompany.atlassian.net |
CONFLUENCE_BASE_URL |
No | Same as JIRA_BASE_URL on Atlassian Cloud |
JIRA_EMAIL |
No | Your Atlassian account email |
JIRA_API_TOKEN |
No | API token from id.atlassian.com/manage-profile/security/api-tokens |
Note: On Atlassian Cloud,
JIRA_BASE_URLandCONFLUENCE_BASE_URLare the same URL. The same API token works for both Jira and Confluence.
Установка Requirements Risk Analyser
У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.
▸ github.com/abchahal/requirements-risk-analyserFAQ
Requirements Risk Analyser MCP бесплатный?
Да, Requirements Risk Analyser MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Requirements Risk Analyser?
Нет, Requirements Risk Analyser работает без API-ключей и переменных окружения.
Requirements Risk Analyser — hosted или self-hosted?
Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.
Как установить Requirements Risk Analyser в Claude Desktop, Claude Code или Cursor?
Открой Requirements Risk Analyser на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
Fetch
Web content fetching and conversion for efficient LLM usage.
AWS KB Retrieval
Retrieval from AWS Knowledge Base using Bedrock Agent Runtime.
автор: modelcontextprotocolSpring AI MCP Server
Provides auto-configuration for setting up an MCP server in Spring Boot applications.
llm-analysis-assistant
A very streamlined mcp client that supports calling and monitoring stdio/sse/streamableHttp, and can also view request responses through the /logs page. It also
автор: xuzexin-hzCompare Requirements Risk Analyser with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории ai
