ClawHub

nexus-eu-ai-compliance

v2.1.0

EU AI Act automation: risk classification, Article 11 documentation, bias testing, conformity assessment.

0· 10·0 current·0 all-time
by@shuwanito
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (EU AI Act automation: risk classification, Article 11 docs, bias testing, conformity) align with the SKILL.md capabilities and workflow. Nothing in the manifest asks for unrelated credentials, binaries, or installs that would be inconsistent with the stated purpose.
Instruction Scope
SKILL.md provides a high-level workflow (inventory systems, classify risk, generate documentation, implement bias testing, monitor regulatory changes). It does not instruct the agent to read specific files, env vars, or external endpoints, but it is vague: performing the workflow in practice will require access to organizational systems, CI/CD pipelines, and regulatory sources. The lack of concrete data-access instructions is coherent but leaves broad discretion to the agent.
Install Mechanism
No install spec and no code files — instruction-only skill. This is low risk: nothing will be downloaded or written to disk by the skill itself.
Credentials
The skill requests no environment variables, credentials, or config paths. That is proportionate given it only contains process guidance and templates; any necessary access to CI/CD, repos, or regulatory data would need to be provided separately by the user.
Persistence & Privilege
always is false and the skill does not request elevated or persistent privileges. Autonomous invocation is enabled by default (normal) but the skill does not ask for extra system-wide presence or to modify other skills' settings.
Assessment
This is an instruction-only compliance assistant — it won't install code or request credentials by itself, but to actually perform inventory, bias testing, or CI/CD automation you'll need to supply access and data. Before use: verify the skill author and repository, test in a non-production environment, avoid giving broad read/write credentials (use least privilege service accounts), review any generated documentation before sharing externally, and be explicit about what data the agent may access or transmit. If you plan to automate CI/CD or monitoring, prepare isolated resources and logs so the agent's activities are auditable.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ddrn2wqx9hyp5gcxn8bzrxd842b98

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📋 Clawdis
OSmacOS · Linux · Windows

SKILL.md

EU AI Act Compliance Automator

Comprehensive compliance automation for the EU AI Act (effective August 2, 2026).

Capabilities

  • Classify AI systems by Annex III risk categories (unacceptable, high, limited, minimal)
  • Generate required technical documentation per Article 11
  • Implement bias testing and fairness auditing in CI/CD pipelines
  • Prepare conformity assessment packages for high-risk systems
  • Monitor regulatory changes across 27 EU member states
  • Calculate compliance gap analysis with remediation roadmap
  • Generate GPAI provider obligations documentation

Workflow

  1. Inventory all AI systems in the organization with use-case mapping
  2. Classify each system by EU AI Act risk level (Annex III criteria)
  3. Assess current compliance state against requirements per category
  4. Generate gap analysis with prioritized remediation tasks
  5. Create technical documentation templates (Article 11, training summaries)
  6. Implement automated bias testing and monitoring
  7. Prepare conformity assessment package and audit trail

Guidelines

  • Penalties reach EUR 35M or 7% global turnover — accuracy is critical
  • Do NOT rely on Digital Omnibus delay — prepare for August 2026 deadline
  • High-risk domains: biometrics, education, employment, critical infrastructure
  • Cross-reference requirements with GDPR and national transpositions
  • All documentation must be versioned and audit-ready
  • Only 8 of 27 EU states have transposed as of March 2026 — monitor updates

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…