← Back to Skills Marketplace
142
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install ccpa-privacy-checker
Description
Assess your business's compliance with California Consumer Privacy Act (CCPA) regulations and identify privacy governance gaps.
README (SKILL.md)
Overview
The CCPA Privacy Checker Tool is a specialized compliance assessment platform designed to evaluate organizations' adherence to the California Consumer Privacy Act (CCPA) and related privacy regulations. It conducts a comprehensive audit of your data handling practices, consumer rights implementations, and organizational privacy controls across 31 compliance dimensions.
This tool is essential for any business collecting personal information from California consumers. It analyzes your business model, data practices, privacy policies, consumer request procedures, and internal governance to deliver a detailed compliance score and actionable recommendations. The assessment covers mandatory CCPA requirements including consumer rights (access, deletion, opt-out, correction), disclosure obligations, third-party vendor management, and audit capabilities.
Ideal users include compliance officers, privacy teams, legal departments, and business leaders seeking to understand their CCPA exposure, prioritize remediation efforts, and demonstrate due diligence in privacy governance to regulators and stakeholders.
Usage
Submit a comprehensive assessment of your organization's privacy practices and data handling operations. The tool evaluates all dimensions against CCPA requirements and returns a detailed compliance report.
Sample Request:
{
"business_name": "TechFlow Analytics Inc.",
"business_type": "SaaS / Data Analytics",
"annual_revenue": "$15,000,000",
"california_consumers": "500,000+",
"personal_info_types": [
"Name",
"Email",
"IP Address",
"Device Identifiers",
"Browsing History",
"Location Data"
],
"data_sources": [
"Website Forms",
"Mobile Application",
"Third-Party Data Brokers",
"Customer Interactions"
],
"sells_personal_info": true,
"shares_for_advertising": true,
"has_website": true,
"has_mobile_app": true,
"uses_third_parties": true,
"collects_sensitive_info": false,
"right_to_know": true,
"right_to_delete": true,
"right_to_opt_out": true,
"right_to_correct": false,
"right_to_limit": true,
"non_discrimination": true,
"privacy_policy_updated": true,
"collection_disclosure": true,
"business_purposes": true,
"third_party_sharing": true,
"retention_periods": false,
"contact_info": true,
"request_processing": true,
"identity_verification": true,
"response_timeframes": true,
"employee_training": false,
"vendor_contracts": true,
"data_inventory": false,
"record_keeping": true,
"regular_audits": false
}
Sample Response:
{
"compliance_score": 72,
"compliance_status": "Partial Compliance",
"total_requirements_assessed": 31,
"requirements_met": 22,
"requirements_not_met": 9,
"critical_gaps": [
{
"requirement": "Right to Correct",
"impact": "Critical",
"description": "Business does not provide mechanism for consumers to correct inaccurate personal information"
},
{
"requirement": "Data Retention Periods",
"impact": "High",
"description": "No documented data retention and deletion schedules are in place"
},
{
"requirement": "Employee Privacy Training",
"impact": "High",
"description": "Staff lacks formal CCPA compliance training"
}
],
"high_priority_recommendations": [
"Implement consumer correction request interface within 90 days",
"Develop and document comprehensive data retention policy",
"Conduct mandatory CCPA training for all employees handling personal data",
"Establish regular third-party vendor audit schedule",
"Create formal data inventory and mapping documentation"
],
"risk_assessment": {
"enforcement_risk": "Medium-High",
"estimated_remediation_effort": "4-6 weeks",
"estimated_cost": "$45,000 - $75,000"
},
"next_steps": "Schedule compliance remediation roadmap; prioritize critical gaps; engage legal counsel for vendor contract review"
}
Endpoints
POST /ccpa-compliance
Performs a comprehensive CCPA compliance assessment based on business characteristics and privacy practices.
Method: POST
Path: /ccpa-compliance
Description: Evaluates an organization against all 31 CCPA compliance requirements, including consumer rights implementation, disclosure obligations, data governance, and organizational controls. Returns compliance score, identified gaps, risk assessment, and remediation recommendations.
Request Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| business_name | string | Yes | Official registered name of the business entity |
| business_type | string | Yes | Industry classification (e.g., "SaaS", "Retail", "Healthcare", "Financial Services") |
| annual_revenue | string | Yes | Total annual revenue bracket (e.g., "$1M-$10M", "$10M-$100M") |
| california_consumers | string | Yes | Number of California residents whose data is processed (e.g., "10,000+", "500,000+") |
| personal_info_types | array | Yes | List of personal information categories collected (e.g., "Name", "Email", "IP Address", "Location Data") |
| data_sources | array | Yes | Channels through which data is collected (e.g., "Website", "Mobile App", "Third-Party Partners") |
| sells_personal_info | boolean | Yes | Whether the business sells personal information to third parties |
| shares_for_advertising | boolean | Yes | Whether personal data is shared with advertising partners |
| has_website | boolean | Yes | Organization maintains a public-facing website |
| has_mobile_app | boolean | Yes | Organization offers a mobile application for consumers |
| uses_third_parties | boolean | Yes | Personal information is shared with or processed by vendors/service providers |
| collects_sensitive_info | boolean | Yes | Sensitive personal information is collected (SSN, financial data, health, biometrics) |
| right_to_know | boolean | Yes | System in place for consumers to request and access their personal data |
| right_to_delete | boolean | Yes | Mechanism to delete consumer personal information upon request |
| right_to_opt_out | boolean | Yes | Consumers can opt out of personal information sales/sharing |
| right_to_correct | boolean | Yes | Consumers can request correction of inaccurate information |
| right_to_limit | boolean | Yes | Consumers can limit use and disclosure of sensitive personal information |
| non_discrimination | boolean | Yes | Business does not discriminate against consumers exercising CCPA rights |
| privacy_policy_updated | boolean | Yes | Privacy policy reflects current CCPA requirements and practices |
| collection_disclosure | boolean | Yes | Privacy policy discloses all categories of personal information collected |
| business_purposes | boolean | Yes | Privacy policy specifies business purposes for data collection |
| third_party_sharing | boolean | Yes | Privacy policy discloses all categories of third parties receiving data |
| retention_periods | boolean | Yes | Documentation exists for data retention and deletion schedules |
| contact_info | boolean | Yes | Privacy policy includes clear consumer contact methods for requests |
| request_processing | boolean | Yes | Documented procedures exist for handling consumer data requests |
| identity_verification | boolean | Yes | Process to verify consumer identity before fulfilling requests |
| response_timeframes | boolean | Yes | Commitment to respond to requests within CCPA-required timeframes (45 days) |
| employee_training | boolean | Yes | Staff trained on CCPA requirements and privacy obligations |
| vendor_contracts | boolean | Yes | Data processing agreements with vendors include CCPA clauses |
| data_inventory | boolean | Yes | Documented inventory of all personal data collected and stored |
| record_keeping | boolean | Yes | Records maintained of consumer requests and responses |
| regular_audits | boolean | Yes | Regular audits conducted to verify compliance and identify gaps |
Response Shape:
{
"compliance_score": "integer (0-100)",
"compliance_status": "string (Full Compliance | Partial Compliance | Non-Compliant)",
"total_requirements_assessed": "integer",
"requirements_met": "integer",
"requirements_not_met": "integer",
"critical_gaps": [
{
"requirement": "string",
"impact": "string (Critical | High | Medium | Low)",
"description": "string"
}
],
"high_priority_recommendations": ["string"],
"risk_assessment": {
"enforcement_risk": "string",
"estimated_remediation_effort": "string",
"estimated_cost": "string"
},
"next_steps": "string"
}
Status Codes:
| Code | Description |
|---|---|
| 200 | Successful compliance assessment returned |
| 422 | Validation error - one or more required fields missing or invalid |
Pricing
| Plan | Calls/Day | Calls/Month | Price |
|---|---|---|---|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
About
ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- toolweb.in
- portal.toolweb.in
- hub.toolweb.in
- toolweb.in/openclaw/
- rapidapi.com/user/mkrishna477
- youtube.com/@toolweb-009
References
- Kong Route: https://api.mkkpro.com/compliance/ccpa-privacy
- API Docs: https://api.mkkpro.com:8040/docs
Usage Guidance
This skill appears coherent and low-risk because it has no install steps, no credential requests, and its inputs match the CCPA assessment purpose. Before using it: (1) verify the skill's origin or developer (source/homepage are missing); (2) confirm where the API calls are sent (openapi.json has no server URL) so you do not accidentally transmit data to an unknown endpoint; (3) avoid submitting real consumer personal data or identifiable records — submit high-level, non-sensitive example data for testing; and (4) treat any results as advisory, not legal advice. If you plan to act on remediation recommendations, validate them with internal counsel or an external privacy lawyer.
Capability Analysis
Type: OpenClaw Skill
Name: ccpa-privacy-checker
Version: 1.0.0
The CCPA Privacy Checker Tool is a compliance assessment utility designed to evaluate business adherence to privacy regulations. It functions by collecting business-related data (e.g., revenue, data types, and internal controls) and sending it to an external API endpoint (api.mkkpro.com) for analysis. The requested information is consistent with the stated purpose of a privacy audit, and no indicators of malicious intent, prompt injection, or unauthorized code execution were found in SKILL.md or openapi.json.
Capability Assessment
Purpose & Capability
The name, description, SKILL.md usage examples, and the openapi.json schema all align: the skill accepts a business-level assessment payload and returns a compliance report across 31 CCPA dimensions. There are no unrelated environment variables, binaries, or config paths requested that would be inconsistent with a compliance assessment tool. The only minor provenance issue is that 'source' and 'homepage' are missing, so origin is unknown but not contradictory to purpose.
Instruction Scope
The SKILL.md instructs the agent to accept an assessment JSON and return a compliance report — this stays within the stated scope and does not ask the agent to read files, environment variables, or unrelated system state. One ambiguity: the included openapi.json does not include any servers/host URL, so it's unclear where POST /ccpa-compliance would be sent at runtime; you should confirm the runtime endpoint before sending actual business or consumer data.
Install Mechanism
This is an instruction-only skill with no install specification and no code files that execute. No downloads, package installs, or extracted archives are present — lowest-risk installation footprint.
Credentials
The skill requests no environment variables, no credentials, and no file paths. Inputs are limited to business assessment fields (strings/booleans/arrays) appropriate for a compliance checker, so there is no disproportionate credential or secret access.
Persistence & Privilege
Skill flags use default settings (always: false, user-invocable: true, model invocation allowed). It does not request persistent presence or system-wide configuration changes. No indications it modifies other skills or agent configuration.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install ccpa-privacy-checker - After installation, invoke the skill by name or use
/ccpa-privacy-checker - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of the CCPA Privacy Checker Tool.
- Provides comprehensive CCPA compliance assessments across 31 privacy requirements.
- Delivers detailed compliance score, critical gap analysis, and actionable remediation steps.
- Supports business model, data practice, and privacy policy evaluation.
- Offers risk assessment, cost and timeline estimates for remediation.
- Designed for legal, compliance, and privacy professionals.
Metadata
Frequently Asked Questions
What is CCPA Privacy Checker?
Assess your business's compliance with California Consumer Privacy Act (CCPA) regulations and identify privacy governance gaps. It is an AI Agent Skill for Claude Code / OpenClaw, with 142 downloads so far.
How do I install CCPA Privacy Checker?
Run "/install ccpa-privacy-checker" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is CCPA Privacy Checker free?
Yes, CCPA Privacy Checker is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does CCPA Privacy Checker support?
CCPA Privacy Checker is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created CCPA Privacy Checker?
It is built and maintained by ToolWeb (@krishnakumarmahadevan-cmd); the current version is v1.0.0.
More Skills