Global Compliance

AI-powered global compliance checker, document generator, and risk assessor for GDPR, CCPA, SOC2, ISO27001, HIPAA and more

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 0 · 132 · 1 current installs · 1 all-time installs

byJustin Liu@ZhenStaff

MIT-0

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

high confidence

Purpose & Capability

The SKILL.md describes a compliance assistant and its CLI usage (compliance check/generate/assess), which is coherent with the skill name. However, two other included files (SKILL-EN.md and SKILL-ZH.md) are for a completely different 'video-generator' skill. Having unrelated skill documents bundled with a compliance skill is incoherent and suggests mispackaging or intentional mixing of functionality.

ℹ

Instruction Scope

Runtime instructions ask the agent to request user files, run a local CLI (compliance check/generate/assess/query), and summarize or save outputs. Those instructions stay within the compliance domain and do not request unrelated system files or secrets. However the skill also defines AUTO-TRIGGER keywords (broad) which could cause frequent invocation; and it instructs users/agents to install/run an external CLI not provided by the registry (see install_mechanism).

Install Mechanism

The skill is instruction-only (no install spec), but SKILL.md tells users/agents to run 'npm install -g openclaw-global-compliance' and use a 'compliance' CLI. Installing an unvetted global npm package has risk: the package source, integrity, and behavior are unknown. Additionally, the repo includes unrelated files referencing a different project, increasing suspicion that the install instructions could direct you to other code or commands.

✓

Credentials

The skill declares no required environment variables, credentials, or config paths. The instructions do not ask for secrets beyond normal document inputs and company info. There is no direct request for unrelated credentials or system configuration.

✓

Persistence & Privilege

Skill flags are default (always: false, agent-invocable allowed). It does not request permanent/privileged presence or to modify other skills. Autonomous invocation is normal and not, by itself, a problem here.

What to consider before installing

Do not install or run the suggested npm package until you verify its provenance. Specific concerns: (1) This skill bundle contains unrelated SKILL-EN.md/SKILL-ZH.md files for a video-generator skill — likely a packaging error or intentional mixing. (2) The runtime instructions advise installing a global npm CLI (openclaw-global-compliance) that is not part of this registry entry, which could run arbitrary code. Suggested steps before proceeding: 1) Verify the package on npm and inspect its author, version history, and repository URL; prefer packages with a clear homepage/repo and reproducible source. 2) Search for 'openclaw-global-compliance' and the owner identity; confirm it matches the registry owner. 3) Inspect the npm package contents in a sandbox (or review its GitHub repo) to see exactly what binaries/scripts it installs. 4) If you need the skill now, run the CLI in an isolated environment (container or VM) and avoid giving it privileged access or secrets. 5) Contact the publisher/maintainer for clarification about the unrelated video-generator files and request a clean release or corrected packaging. If you cannot verify the package/source, do not install it.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.1

Download zip

latestvk97ejq70317gd1hk3a1g22x3b182ekk8

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

⚖️ Global Compliance Skill

AI-powered compliance assistant that helps enterprises check documents, generate compliance policies, assess risks, and query regulations for GDPR, CCPA, SOC 2, ISO 27001, HIPAA, and other standards.

📦 Installation

Step 1: Install the Skill

clawhub install global-compliance

Step 2: Install via npm

# Install globally
npm install -g openclaw-global-compliance

# Verify installation
compliance --version
compliance help

🚀 Usage

When to Use This Skill

AUTO-TRIGGER when user's message contains:

Keywords: compliance, GDPR, CCPA, privacy policy, 合规, 隐私政策, 风险评估
Asks about legal/regulatory requirements
Wants to check documents for compliance
Needs to generate compliance documents
Wants risk assessment for different regions

TRIGGER EXAMPLES:

"Check if my privacy policy complies with GDPR"
"Generate a GDPR-compliant privacy policy"
"What are the CCPA requirements?"
"Assess our compliance risk"

DO NOT USE when:

Only general legal questions (use general legal research)
Contract review (use contract analysis tools)

🎯 Core Features

Complete compliance management system:

🔍 Compliance Checking - GDPR, CCPA, SOC 2, ISO 27001, HIPAA
📄 Document Generation - Privacy policies, terms of service, DPA
⚖️ Risk Assessment - Multi-jurisdiction risk analysis
📚 Regulation Query - Search and query compliance requirements
📊 Audit Reports - Generate professional audit reports
🌍 Multi-Region Support - EU, US, China, Brazil, global

💻 Agent Usage Guide

Primary Commands

When user requests compliance checking or document generation, use these commands:

Check Compliance:

compliance check --type gdpr --file privacy-policy.md --output report.json

Generate Document:

compliance generate privacy-policy \
  --company "Company Name" \
  --region eu \
  --industry saas \
  --data-types "pii,usage-analytics" \
  --output privacy-policy.md

Assess Risk:

compliance assess \
  --company-info company.json \
  --standards "gdpr,ccpa,soc2" \
  --output risk-report.pdf

Query Regulations:

compliance query --standard gdpr --topic "data retention"

Example Workflows

Example 1: Check GDPR Compliance

User: "Check if my privacy policy complies with GDPR"

Agent:

Ask for policy file or content
Execute: compliance check --type gdpr --file policy.md
Summarize results and provide recommendations

Example 2: Generate Privacy Policy

User: "Generate a GDPR-compliant privacy policy for my SaaS company"

Agent:

Gather company info (name, industry, data types)
Execute: compliance generate privacy-policy --company "CompanyName" --region eu --industry saas
Review output and offer to save file

Example 3: Multi-Standard Assessment

User: "We're expanding to Europe. What compliance requirements do we need?"

Agent:

Collect company details
Execute: compliance assess --company-info info.json --standards "gdpr,soc2"
Explain high-priority gaps and provide roadmap

⚙️ Supported Standards

Data Privacy

GDPR - EU General Data Protection Regulation
CCPA - California Consumer Privacy Act
PIPL - China Personal Information Protection Law
LGPD - Brazil General Data Protection Law

Information Security

ISO 27001 - Information Security Management
SOC 2 - Service Organization Control
PCI-DSS - Payment Card Industry Data Security

Industry-Specific

HIPAA - Healthcare (US)
GLBA - Financial Services (US)
FERPA - Education (US)

📊 Tool Functions

1. check_compliance

Check document or process for compliance.

Parameters:

standard (string): gdpr | ccpa | soc2 | iso27001 | hipaa
content (string): Document content or file path
checkpoints (array, optional): Specific checks to run

Returns:

{
  compliant: boolean,
  score: number,  // 0-100
  totalChecks: number,
  passedChecks: number,
  failedChecks: number,
  issues: Array<{
    checkpoint: string,
    severity: 'critical' | 'high' | 'medium' | 'low',
    title: string,
    description: string,
    remediation: string
  }>,
  recommendations: string[]
}

2. generate_document

Generate compliance document.

Parameters:

type (string): privacy-policy | tos | dpa | cookie-policy
company_info (object):
- name (string)
- industry (string)
- regions (array)
- data_types (array)
region (string): eu | us | cn | global
language (string, optional): en | zh | es

Returns:

{
  type: string,
  content: string,
  format: 'markdown' | 'html' | 'pdf',
  metadata: {
    standard: string[],
    region: string,
    generated: string
  },
  warnings: string[]
}

3. assess_risk

Assess compliance risk.

Parameters:

company_info (object): Company details
standards (array): Standards to assess
regions (array): Target regions

Returns:

{
  overallScore: number,  // 0-100
  riskLevel: 'low' | 'medium' | 'high' | 'critical',
  byStandard: {
    [standard: string]: {
      score: number,
      gaps: string[],
      priority: number
    }
  },
  recommendations: Array<{
    priority: string,
    title: string,
    description: string,
    effort: string,
    timeline: string
  }>,
  estimatedCost: {
    immediate: number,
    annual: number
  }
}

4. query_regulation

Query regulation requirements.

Parameters:

standard (string): Compliance standard
topic (string): Topic to query

Returns:

{
  standard: string,
  topic: string,
  requirements: string[],
  references: Array<{
    article: string,
    text: string,
    url: string
  }>
}

💰 Cost Estimation

Document Checking: Free (rule-based)
AI-Assisted Analysis: $0.01-0.05 per document
Document Generation: $0.02-0.10 per document
Risk Assessment: $0.10-0.50 per assessment

📝 Usage Examples

Example 1: Check Privacy Policy

# Create test policy
cat > policy.md <<EOF
# Privacy Policy
We collect email addresses and usage data.
We use encryption to protect your data.
EOF

# Check GDPR compliance
compliance check --type gdpr --file policy.md

# Output:
# Score: 35/100
# Status: ✗ Non-compliant
# Found 8 issues (3 critical, 5 high)

Example 2: Generate Complete Policy

# Generate GDPR-compliant privacy policy
compliance generate privacy-policy \
  --company "TechStartup Inc" \
  --region eu \
  --industry saas \
  --data-types "pii,usage-analytics" \
  --output privacy-policy.md

# Output: Complete GDPR-compliant privacy policy

Example 3: Multi-Region Risk Assessment

# Assess risk for EU expansion
cat > company.json <<EOF
{
  "name": "US Company",
  "industry": "saas",
  "regions": ["us"],
  "dataTypes": ["pii", "financial"]
}
EOF

compliance assess \
  --company-info company.json \
  --standards "gdpr,ccpa,soc2"

🔧 Troubleshooting

Issue 1: Package Not Installed

Error: command not found: compliance

Solution:

npm install -g openclaw-global-compliance

Issue 2: Config File Missing

Error: Cannot find config file

Solution:

# Create default config
compliance init

📚 Full Documentation

GitHub: https://github.com/ZhenRobotics/openclaw-global-compliance
Documentation: Full compliance guides
Support: GitHub Issues

🎯 Agent Behavior Guidelines

When using this skill, agents should:

DO:

✅ Ask for necessary company information
✅ Provide clear, actionable recommendations
✅ Explain compliance issues in plain language
✅ Warn about legal review requirements
✅ Suggest prioritization for critical issues

DON'T:

❌ Provide legal advice (recommend consulting lawyers)
❌ Guarantee 100% compliance
❌ Skip critical warnings
❌ Auto-publish generated documents without review

📊 Compliance Checkpoints

GDPR (12 checkpoints)

Legal basis for processing
User rights (access, erasure, rectification, portability)
Data retention periods
Third-party sharing disclosure
International transfers
Security measures
Breach notification
Children's data protection
DPO contact (if applicable)

CCPA (8 checkpoints)

Right to know
Right to delete
Right to opt-out
Non-discrimination
Sale of personal information disclosure
Categories of data collected
Third-party sharing
Privacy policy accessibility

SOC 2 (10 checkpoints)

Security policies
Access controls
Change management
Risk assessment
Monitoring and logging
Incident response
Vendor management
Business continuity
Encryption
Physical security

🆕 Version History

v1.0.0 (2026-03-08)

✨ Initial release
🔍 GDPR compliance checker
🔍 CCPA compliance checker (basic)
📄 Privacy policy generator
⚖️ Risk assessment framework
📚 Regulation query system
🤖 CLI tool and Agent integration

Project Status: ✅ Ready for Use

License: MIT

Author: @justin

Support: https://github.com/ZhenRobotics/openclaw-global-compliance/issues

ClawHub: https://clawhub.ai/justin/global-compliance

Files

3 total

Select a file

Select a file to preview.

Comments

Loading comments…