DCL Policy Enforcer
v1.0.3Instruction-only compliance checker for AI outputs. Detects jailbreaks, prompt injection, EU AI Act violations, GDPR breaches, unsafe financial and medical a...
⭐ 0· 114·0 current·0 all-time
byDari Rinch@daririnch
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name, description, and SKILL.md are coherent: it is an instruction-only compliance checklist for model outputs and does not request credentials or install software. Note: the SKILL.md header lists Version 2.0.0 while the registry metadata lists 1.0.3 (minor metadata inconsistency). The skill also claims broad regulatory coverage (EU AI Act, GDPR, MiFID II, HIPAA, SEC, etc.) — this is plausible for a checklist-style tool but users should confirm the checklist content meets their legal requirements.
Instruction Scope
Runtime instructions are limited to copying/pasting AI output and running static checklists within the agent context. The instructions do not ask the agent to read files, access env vars, or make network requests, and they explicitly state analysis is local.
Install Mechanism
No install spec and no code files are present (instruction-only). That minimizes disk/write risk; there is nothing in the skill that would download or execute external code.
Credentials
The skill declares no required environment variables, credentials, or config paths. That matches the described behavior of local, instruction-only checks.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and is user-invocable only. Autonomous invocation is allowed by default but is not combined with broad privileges here.
Assessment
This skill is instruction-only and internally consistent, which makes it low-risk from an installation standpoint. Before using it in production: 1) verify the checklist items against your organization's legal/compliance requirements (the SKILL.md is a starting point, not legal advice); 2) confirm the publisher identity/track record (metadata shows a different SKILL.md version than registry metadata); 3) when running on sensitive outputs, ensure your agent/runtime enforces local-only handling (platform-level logging or telemetry could still capture text); and 4) test with representative model outputs to confirm the checklists detect the violations you care about.Like a lobster shell, security has layers — review code before you run it.
latestvk973k5c73tw4x8n0y902pvycxs84shc6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.