← Back to Skills Marketplace
Mova Compliance Audit
by
Sergii Miasoiedov
· GitHub ↗
· v1.0.1
· MIT-0
173
Downloads
0
Stars
0
Active Installs
4
Versions
Install in OpenClaw
/install mova-compliance-audit
Description
Submit documents for AI-powered compliance audit against GDPR, PCI-DSS, ISO 27001, or SOC 2 via MOVA HITL. Trigger when the user uploads a document and menti...
Usage Guidance
This skill appears to do what it claims: submit documents to the MOVA platform for a human-in-the-loop compliance audit. Before installing/using it: 1) Verify and review the openclaw-mova plugin (the skill depends on it); confirm the plugin's provenance, code, and permissions. 2) Be aware that documents and organization metadata will be sent to api.mova-lab.eu (EU-hosted) and to MOVA connectors (OCR, rules engine) — do not upload sensitive or regulated data until you confirm retention, residency, and privacy policies. 3) Confirm how MOVA credentials are provided and stored by the plugin (the skill itself does not declare env vars). 4) Test with non-sensitive sample documents first and ensure your compliance officer is prepared for the mandatory human sign-off flow. If you cannot review the plugin or accept external data sharing, do not enable this skill.
Capability Analysis
Type: OpenClaw Skill
Name: mova-compliance-audit
Version: 1.0.1
The mova-compliance-audit skill is a legitimate integration for performing regulatory audits (GDPR, PCI-DSS, etc.) via the MOVA platform. It features mandatory human-in-the-loop (HITL) sign-off, transparently discloses data flows to 'api.mova-lab.eu' in its metadata, and includes explicit defensive instructions for the agent to avoid using shell commands or manual HTTP requests. While it includes a tool for registering connectors with authentication headers, this capability is documented for legitimate infrastructure integration and is governed by the skill's structured workflow in SKILL.md.
Capability Assessment
Purpose & Capability
The name/description (MOVA compliance audit) align with the instructions: submit document URL/ID, request framework, run rule checks, present findings, and require human sign-off. The SKILL.md explicitly references calling mova_hitl_start_compliance and sending data to api.mova-lab.eu, which is expected for this capability.
Instruction Scope
The runtime instructions stay within the stated purpose: ingest a document (URL/ID), run OCR/connectors/rules engine via MOVA, display findings, and require human decision. There are no instructions to read unrelated local files, system env vars, or to send data to arbitrary third parties beyond the documented MOVA endpoints.
Install Mechanism
The skill is instruction-only (no install spec) which is low risk, but the metadata requires an external OpenClaw plugin (openclaw-mova). That plugin installation is an out-of-band action not packaged in this skill and may pull code/credentials into your environment — the plugin should be reviewed/trusted before installation.
Credentials
The skill itself declares no environment variables or credentials, which is coherent for an instruction-only wrapper, but it will send document URLs and org metadata to api.mova-lab.eu. In practice the required MOVA credentials/config are likely managed by the external plugin (not declared here). Confirm how the plugin stores/uses credentials and ensure you consent to sending potentially sensitive documents to MOVA.
Persistence & Privilege
The skill does not request permanent/always-on presence, does not modify other skills' configs, and requires a human gate for final decisions. No elevated persistence privileges are requested by the skill itself.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install mova-compliance-audit - After installation, invoke the skill by name or use
/mova-compliance-audit - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Added Contract Skill type label.
v1.2.0
Fix: remove incorrect API key requirement
v1.1.0
Add demo screenshots from live agent run
v1.0.0
Initial release: compliance audit HITL workflow for GDPR, PCI-DSS, ISO 27001, SOC 2
Metadata
Frequently Asked Questions
What is Mova Compliance Audit?
Submit documents for AI-powered compliance audit against GDPR, PCI-DSS, ISO 27001, or SOC 2 via MOVA HITL. Trigger when the user uploads a document and menti... It is an AI Agent Skill for Claude Code / OpenClaw, with 173 downloads so far.
How do I install Mova Compliance Audit?
Run "/install mova-compliance-audit" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Mova Compliance Audit free?
Yes, Mova Compliance Audit is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Mova Compliance Audit support?
Mova Compliance Audit is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Mova Compliance Audit?
It is built and maintained by Sergii Miasoiedov (@mova-compact); the current version is v1.0.1.
More Skills