ClawHub

Eu Ai Act Compliance

v1.0.3

Classify HR AI systems by EU AI Act risk level, provide compliance gap analysis, and recommend remediation steps for recruitment and workforce planning tools.

0· 80·0 current·0 all-time
byEnda@rochyroch

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for rochyroch/eu-ai-act-compliance.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Eu Ai Act Compliance" (rochyroch/eu-ai-act-compliance) from ClawHub.
Skill page: https://clawhub.ai/rochyroch/eu-ai-act-compliance
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install eu-ai-act-compliance

ClawHub CLI

Package manager switcher

npx clawhub@latest install eu-ai-act-compliance
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, SKILL.md, README, and the reference files consistently describe classifying HR/recruitment AI under the EU AI Act, producing gap analyses and remediation steps. Required env vars/binaries/configs are none, which is proportionate for a documentation/assessment skill.
Instruction Scope
Runtime instructions (SKILL.md) only direct the agent to ask clarifying questions, map answers to EU AI Act categories, populate a gap table, and cite references. The instructions do not ask the agent to read arbitrary local files, access environment variables, or transmit data to unexpected endpoints.
Install Mechanism
This is instruction-only (no install spec, no code executed). README includes an optional manual install via git clone and marketing links (RapidAPI) for a paid API — these are documentation items, not runtime behavior. Note: cloning a third‑party repo is a separate action the user must opt into; it would carry standard risks if performed.
Credentials
The skill declares no required environment variables, no credentials, and no config paths. That is proportionate to an informational/compliance assessment skill.
Persistence & Privilege
Skill flags show no forced permanent inclusion (always: false) and normal agent invocation settings. The skill does not request to modify other skills or system-wide settings and contains no install-time privileged operations.
Assessment
This skill appears internally consistent and is largely a documentation/instruction bundle for performing EU AI Act assessments in HR contexts. Before installing/use: 1) Know that it is informational only and explicitly not legal advice — consult qualified counsel for binding decisions. 2) No credentials are requested by the skill itself, but README advertises a paid API (RapidAPI) and suggests cloning a GitHub repo; only perform those actions if you trust the external provider and understand the usual risks of pulling third-party code. 3) Do not paste sensitive production data or secrets into prompts when using the skill — treat outputs as guidance, not privileged compliance evidence. 4) If you need stronger provenance, verify the author/publisher (skill.json vs. registry metadata show minor differences) and consider contacting the listed author or validating the original repository before relying on this for regulatory filings.

Like a lobster shell, security has layers — review code before you run it.

latestvk979t83bry6bp3jxxac0yjp8tx84s7z6
80downloads
0stars
4versions
Updated 2w ago
v1.0.3
MIT-0
Enda@rochyroch
latest
Download

EU AI Act Compliance Skill

Purpose

Classify AI systems used in HR and recruitment contexts according to EU AI Act risk categories and generate compliance gap reports with remediation recommendations.

When to Use

Use this skill when:

  • A user asks about whether their AI system is "high-risk"
  • They need to assess compliance with EU AI Act requirements
  • They're implementing AI in recruitment, HR management, or workforce planning
  • They need documentation for regulatory compliance

How It Works

Step 1: Gather Information

Ask the following clarifying questions to understand the AI system:

  1. Use Case: What specific HR or recruitment function does the AI perform?

    • CV screening or parsing
    • Candidate ranking or shortlisting
    • Interview scheduling
    • Employee performance assessment
    • Workforce planning or forecasting
    • Other (specify)

  2. Data Processed: What types of data does the AI process?

    • Personal data (name, contact details)
    • Professional qualifications
    • Employment history
    • Performance data
    • Biometric data
    • Inferences or predictions about individuals

  3. Decision Impact: What decisions are influenced or made by the AI?

    • Automatic decisions (no human review)
    • Recommendations that inform human decisions
    • Filtering that affects candidate pools
    • Scoring or ranking of individuals
    • Other outcomes

  4. Human Oversight: What human oversight mechanisms exist?

    • Human review before final decisions
    • Ability to override AI recommendations
    • Appeal or review process for affected individuals
    • Documentation of human involvement

  5. Deployment Context: Where will the AI be deployed?

    • Public sector (subject to SI 284/2016 procurement rules)
    • Private sector
    • Cross-border processing
    • Irish-specific regulatory requirements

Step 2: Determine Risk Classification

Based on the information gathered, classify according to EU AI Act risk categories:

High-Risk Systems (Annex III, Article 6(2))

AI systems in HR are presumed high-risk if they:

  1. Recruitment or selection systems (Annex III, 4.(a)):

    • CV screening and parsing
    • Candidate ranking or scoring
    • Interview scheduling that affects opportunities
    • Assessment tools for selection

  2. Employment, worker management, access to self-employment (Annex III, 4.(b)):

    • Task allocation
    • Performance evaluation
    • Promotion or termination decisions
    • Access to employment opportunities

Medium-Risk Systems

Systems that:

  • Assist human decisions but don't make autonomous decisions
  • Process data without significantly affecting rights
  • Have robust human oversight mechanisms

Minimal-Risk Systems

Systems that:

  • Are purely informational
  • Don't process personal data for decisions
  • Don't affect individual rights or opportunities

Step 3: Generate Compliance Gap Report

For high-risk systems, assess against:

RequirementArticleStatusGapPriority
Risk management systemArt. 9
Data governanceArt. 10
Technical documentationArt. 11
Record-keepingArt. 12
TransparencyArt. 13
Human oversightArt. 14
Accuracy & robustnessArt. 15
Conformity assessmentArt. 43-48

Step 4: Provide Remediation Steps

Recommend specific actions based on gaps identified:

  1. Immediate actions (0-30 days): Critical compliance gaps
  2. Short-term actions (30-90 days): Documentation and process gaps
  3. Long-term actions (90+ days): System improvements and monitoring

Step 5: Reference Relevant Guidance

Always cite:

  • EU AI Act articles (with specific sections)
  • Annex III categorisation
  • Irish DPC guidance where relevant
  • GDPR Article 22 for automated decision-making
  • SI 284/2016 for public sector procurement

Reference Files

This skill includes detailed references:

  • references/article-14-checklist.md — Human oversight requirements
  • references/gdpr-ai-intersection.md — GDPR and AI intersection
  • references/recruitment-risk-assessment.md — Recruitment-specific risks
  • references/irish-employment-context.md — Irish regulatory context

Output Format

Provide structured output:

## AI System Risk Classification

**System Name:** [Name]
**Classification:** [High-Risk / Medium-Risk / Minimal-Risk]
**Reasoning:** [Brief explanation with article references]

## Compliance Gap Report

[Gap analysis table]

## Recommended Actions

### Immediate (0-30 days)
- [Action 1]
- [Action 2]

### Short-term (30-90 days)
- [Action 1]
- [Action 2]

### Long-term (90+ days)
- [Action 1]
- [Action 2]

## Relevant References

- [EU AI Act Article X]
- [Irish DPC Guidance Y]
- [GDPR Article 22]

Important Notes

  • Presumption of high-risk: HR AI systems listed in Annex III are presumed high-risk regardless of the specific risk they pose. This is a legal presumption, not a risk assessment.
  • Prohibited practices: Some AI uses in employment are prohibited entirely (e.g., emotional recognition in workplace). Always check Article 5 prohibitions first.
  • Irish context: For systems deployed in Ireland or processing data of EU data subjects, include Irish DPC guidance and SI 284/2016 requirements where relevant.

This skill is for informational purposes only. It does not constitute legal advice. Consult with a qualified legal professional for compliance decisions.

Comments

Loading comments...