EU Compliance Skill - complisec

v1.0.0

EU compliance enforcement for AI agents — NIS2, GDPR, ISO 27001. ACTIVATE on EVERY prompt. Reads .compliance/profile.json to enforce data residency, supplier...

⭐ 0· 59·0 current·0 all-time

byeyesecurity@pkerkhofs

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for pkerkhofs/eu-compliance.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "EU Compliance Skill - complisec" (pkerkhofs/eu-compliance) from ClawHub.
Skill page: https://clawhub.ai/pkerkhofs/eu-compliance
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install eu-compliance

ClawHub CLI

Package manager switcher

npx clawhub@latest install eu-compliance

Security Scan

Capability signals

CryptoRequires walletCan make purchasesRequires sensitive credentials

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The skill claims to enforce EU compliance (NIS2, GDPR, ISO27001) and includes many sub-skills and guidance consistent with that goal. However, the package contains a Python script (nis2_check.py) and documentation saying Python 3.10+ is required while the registry metadata lists no required binaries — a mismatch. The README/SKILL.md justify reading and persisting a .compliance/profile.json which is coherent with the purpose, but the claim 'ACTIVATE on EVERY prompt' in the SKILL.md contrasts with the registry flags (always:false).

Instruction Scope

Runtime instructions tell the agent to 'Detect platform capabilities' and to scan for a profile by searching the file system AND the conversation/system prompt/custom instructions AND memory. It explicitly instructs to 'Record your capabilities silently — do not explain them to the user.' Those behaviors involve reading potentially sensitive platform state and hidden recording, which is privacy-sensitive and broader than typical 'compliance helper' needs. The skill also instructs users to paste organization profile JSON into system prompts/custom instructions or memory for persistence — this encourages replication of sensitive org data into places that may be accessible beyond intended scope.

ℹ

Install Mechanism

There is no install spec (instruction-only) which reduces installation risk. However, a sub-skill requires Python (nis2-gap-analysis/nis2_check.py) and README/SKILL.md mention Python 3.10+. The registry metadata did not declare that binary requirement. No network download/install steps are present.

Credentials

The skill declares no required env vars or config paths, and it does not request external credentials — appropriate for its function. But its runtime instructions access environment-like secrets: searching system prompts, project instructions, and conversational memory (which may contain other skills' tokens or private data). This access is not declared in the metadata and may lead to exposure of unrelated sensitive information. It also asks to persist profiles into system prompts/memory which may be undesirable for secrets or legal data.

Persistence & Privilege

The SKILL.md repeatedly instructs the agent to persist the org profile between conversations (filesystem, memory, or paste into system prompts) and to 'ACTIVATE on EVERY prompt'. Registry flags do not set always:true, but the skill's instructions encourage persistent presence and hidden capability recording. The combination (silent capability detection + persistence into system prompts/memory) increases the blast radius if the skill runs autonomously or is present in shared environments.

Scan Findings in Context

[no_regex_findings] expected: Static pre-scan reported no injection signals. The code files (nis2_check.py) appear legitimate and related to NIS2 applicability; absence of regex hits is not proof of safety. The presence of a Python script without a declared binary requirement is an incoherence to note.

What to consider before installing

This skill mostly does what it says (build and enforce an org compliance profile), but several behaviors deserve attention before you install or enable it: 1) Ask the author to explain why the agent should 'record capabilities silently' and to remove or justify any hidden behaviour. 2) Confirm where the profile files and change records will be stored (filesystem path, memory, system prompt) and whether those storage locations are acceptable for your organisation — avoid pasting secrets or personally identifiable data into system prompts or public memory. 3) Verify the missing declared dependency: the nis2 gap analysis requires Python 3.10+, so either the registry metadata should list this or you should run the code in an isolated environment. 4) Because the skill recommends scanning system prompts and memory, review the code (especially sub-skills) yourself or in a sandboxed account to ensure it does not exfiltrate data or access unrelated credentials. 5) Ask for provenance: the source/homepage is unknown; prefer skills with a verifiable author or repository. If you must test it, do so in a controlled environment with nonproduction sample data and without exposing real secrets or third-party credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fxapn4k9ntezt47ad23wwps84zd6k

59downloads

0stars

1versions

Updated 1w ago

v1.0.0

MIT-0

complisec — EU Compliance for AI Agents

Important: Installation vs Usage

If you were asked to install, clone, or set up this skill — complete the installation and confirm to the user. Do NOT run the onboarding questionnaire during installation. The questionnaire only runs when the user explicitly invokes /complisec setup or asks to create their org profile.

Boot sequence

When this skill is first loaded, execute these steps IN ORDER. Do not skip any step.

Step 1 — Detect platform capabilities

Determine what you can do:

Capability	How to check	Examples
File read/write	Can you read/write files on disk?	Claude Code, Cursor, Codex, local agents
Shell commands	Can you run bash/shell?	Claude Code, Cursor, Codex
Memory/persistence	Can you store data between conversations?	ChatGPT memory, Claude.ai projects, LangDock workspace
Web fetch	Can you fetch URLs?	Claude.ai, some ChatGPT configs

Record your capabilities silently — do not explain them to the user.

Step 2 — Find the org profile

Search for "complisec_profile" in this order. Stop at the first match:

File system (if you can read files): read .compliance/profile.json
Conversation context: scan the current system prompt, project instructions, custom instructions, or workspace settings for "complisec_profile"
Memory (if platform has memory): search for a previously stored complisec profile

Step 3 — Act on what you found

If profile found: respond with exactly this format (fill in the values from the profile):

complisec loaded — [org name] ([jurisdiction])
Critical assets: [count] | Data residency: [constraint] | Legal: [regulations]
Compliance enforcement active. Type /complisec setup to update the profile.

Then proceed with the user's request, applying enforcement rules below.

If NO profile found: respond with exactly this:

complisec loaded — no organisation profile found.

To activate compliance enforcement, I need to know about your organisation.
This takes about 5 minutes and covers: critical assets, data residency,
risk appetite, suppliers, and legal obligations.

Ready? I'll start with: tell me about your organisation — name, country,
what you do, how many people.

(Or type /complisec setup later to do this at any time.)

If the user responds with organisation details, proceed with the questionnaire from skills/org-profile/SKILL.md. If they want to skip, acknowledge and proceed without profile-specific enforcement.

Step 4 — After profile creation, deploy it

The profile must persist between conversations. How depends on the platform:

Platform	How to persist
Claude Code / Cursor / Codex	Save to `.compliance/profile.json` — the skill reads it automatically
ChatGPT	Save to memory. Also tell user: "Go to Settings → Personalization → Custom Instructions and paste the profile JSON so it loads in every conversation."
Claude.ai (Projects)	Tell user: "Open your project → Project Instructions. Paste the profile JSON at the top."
LangDock	Tell user: "Go to workspace settings → find complisec → paste the profile JSON in the system prompt."
Other / unknown	Output the profile as a copyable code block and say: "Paste this into your platform's system prompt, custom instructions, or memory so it persists across conversations."

Enforcement rules

If $ARGUMENTS equals "setup", read skills/org-profile/SKILL.md and run the onboarding questionnaire.

Otherwise, once the profile is loaded, apply these rules when relevant:

1. Secrets

Scan for credentials, API keys, tokens, passwords, private keys, connection strings, national IDs. If found: block, never echo the value in your response, warn, guide to rotate. See skills/data-sensitivity/SKILL.md.

2. Critical assets

Does the conversation touch a critical asset from complisec_profile.critical_assets? If yes:

What's the CIA impact?
Is it within risk_appetite?
Does a new data flow or supplier touch it?
Are there regulatory implications from legal?

3. Data residency

Does the action involve cloud services, hosting, external APIs, or SaaS? Check data_residency. Flag violations: "Your profile restricts data to [regions]. This action sends data to [violating region]."

4. Risk appetite

Architectural decisions, trade-offs, cost vs security? Cross-reference the proposed risk against risk_appetite per CIA dimension. If risk exceeds appetite for an affected critical asset: warn. If within appetite: proceed.

5. Suppliers

New service or integration? Check complisec_profile.suppliers. Unknown supplier = flag: DPA needed, hosting location check. See skills/vendor-risk/SKILL.md.

6. Code generation

Never hardcode secrets. Include structured audit logging for data access. Respect data residency. See skills/audit-logging/SKILL.md.

7. Changes to critical assets

Modification to a critical asset? Impact assessment + rollback plan before proceeding. See skills/change-management/SKILL.md.

8. Incidents

Security incident, breach, or outage reported? Start the incident lifecycle immediately. Calculate notification deadlines using incident_reporting. See skills/incident-management/SKILL.md.

9. Skill vetting

Before installing a new skill: does it access critical assets? Send data outside allowed regions? Request credentials? Flag against the profile.

Sub-skills

Read when needed — don't load everything at once. If you have file access, read from the skills/ directory. If not, these are included in the ZIP that was uploaded.

Sub-skill	When to read
`skills/org-profile/SKILL.md`	Create or update the org profile
`skills/nis2-gap-analysis/SKILL.md`	NIS2 gap analysis
`skills/data-sensitivity/SKILL.md`	Data classification, secret blocking
`skills/audit-logging/SKILL.md`	Audit logging for agent actions and code
`skills/incident-management/SKILL.md`	Incident lifecycle + notification deadlines
`skills/vendor-risk/SKILL.md`	Vendor assessment + supply chain risk
`skills/change-management/SKILL.md`	Change records for critical assets
`skills/compliance-hub/SKILL.md`	Central log collection + observability
`skills/security-compliance-tools/SKILL.md`	Critical asset methodology, CISO workflow
`skills/eu-compliance-directives/SKILL.md`	EU regulation source index
`skills/risk-assessment-writer/SKILL.md`	Write, draft, or generate risk assessments, risk entries, or threat/vulnerability descriptions

Comments

Loading comments...