← 返回 Skills 市场
afrexai-cto

Compliance Readiness

作者 afrexai-cto · GitHub ↗ · v1.0.1 · MIT-0
cross-platform ✓ 安全检测通过
229
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install afrexai-compliance-readiness
功能描述
AI Compliance Readiness Assessment — evaluate how prepared an organization is for AI governance regulations (EU AI Act, NIST AI RMF, HHS mandates, state bar...
使用说明 (SKILL.md)

AI Compliance Readiness Assessment

Evaluate organizational readiness for AI governance regulations and generate an actionable compliance roadmap.

When to Use

  • Assessing AI compliance posture before an audit
  • Preparing for EU AI Act (Aug 2026), HHS AI mandates, NIST AI RMF
  • Building a governance roadmap for AI deployments
  • Evaluating risk exposure from current AI usage

How to Use

When asked to assess AI compliance readiness, gather these inputs:

Required Inputs

  1. Industry (legal, healthcare, financial-services, insurance, construction, manufacturing, government, other)
  2. Company size (employees or revenue range)
  3. AI systems in use (list: chatbots, document review, fraud detection, hiring tools, customer service, analytics, other)
  4. Jurisdictions (US-only, EU-exposed, both, global)

Optional Inputs

  • Current governance framework (if any)
  • Upcoming audit dates
  • Existing compliance certifications (SOC2, ISO 27001, HIPAA, etc.)
  • Number of AI vendors/tools in use

Assessment Framework

Score each dimension 1-5 (1=no controls, 5=mature):

8 Dimensions

  1. Risk Classification — Have you categorized AI systems by risk level per EU AI Act / NIST?
  2. Documentation — Technical docs, model cards, data lineage for each AI system?
  3. Human Oversight — Defined human-in-the-loop processes for high-risk decisions?
  4. Bias & Fairness — Regular bias audits, fairness metrics, disparate impact testing?
  5. Data Governance — Training data provenance, consent, retention, and deletion policies?
  6. Incident Response — AI-specific incident playbook, reporting procedures, rollback plans?
  7. Vendor Management — AI vendor risk assessments, contractual AI governance requirements?
  8. Audit Trail — Logging, explainability, decision traceability for AI-assisted outputs?

Scoring

  • 35-40: Compliance-ready — minor gaps to address
  • 25-34: Partially prepared — significant work needed in specific areas
  • 15-24: High risk — major gaps across multiple dimensions
  • 8-14: Critical — immediate action required before any regulatory review

Output Format

Generate a report with:

  1. Executive Summary — Overall score, risk level, top 3 gaps
  2. Dimension Scores — Table with score, evidence, and gap description per dimension
  3. Regulatory Exposure — Which regulations apply and key deadlines:
    • EU AI Act: Aug 2, 2026 (high-risk system requirements)
    • HHS AI Transparency: April 3, 2026 (healthcare)
    • NIST AI RMF: Ongoing (federal contractors + best practice)
    • State bar AI rules: Varies (legal industry)
安全使用建议
This instruction-only skill appears internally consistent and carries low technical risk because it asks users for information and produces a report without requesting credentials or installing code. Before installing or relying on its output: (1) verify the vendor/source since the registry entry lacks a public homepage — confirm trust and support channels; (2) avoid pasting sensitive secrets or PHI directly into the agent — feed only the minimum required, or anonymize data; (3) treat the generated compliance recommendations as advisory and have legal/compliance teams review them before taking action; (4) if you plan to integrate this into automated workflows, audit any agent that will invoke it for appropriate access controls.
功能分析
Type: OpenClaw Skill Name: afrexai-compliance-readiness Version: 1.0.1 The skill bundle is a purely informational tool designed to guide an AI agent through conducting an AI compliance readiness assessment. It contains no executable code, network requests, or instructions that could lead to data exfiltration or system compromise. The content in SKILL.md and README.md is strictly aligned with its stated purpose of evaluating regulatory readiness (e.g., EU AI Act, NIST AI RMF).
能力评估
Purpose & Capability
Name, description, README and SKILL.md all describe an AI compliance-readiness assessment and the inputs/outputs requested are consistent with that purpose. No unrelated credentials, binaries, or config paths are required. Minor note: registry metadata lists an owner ID and README names AfrexAI/Clawhub but there is no homepage URL in the registry entry — that reduces third-party traceability but does not conflict with functionality.
Instruction Scope
SKILL.md only instructs the agent to gather user-provided organizational inputs, score 8 dimensions, and produce a report. It does not instruct reading local files, accessing environment variables, contacting external endpoints, or transmitting data to unknown destinations.
Install Mechanism
No install spec and no code files — instruction-only. This is the lowest-risk install model; nothing is written to disk or fetched at install time.
Credentials
No environment variables, credentials, or config paths are requested. The skill does not ask for secrets or system-level access, which is proportionate to an assessment/reporting skill.
Persistence & Privilege
always:false and user-invocable:true (defaults). The skill does not request persistent presence or privileged modification of other skills/config; autonomous invocation is not disabled but that is the platform default and there are no other red flags increasing risk.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install afrexai-compliance-readiness
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /afrexai-compliance-readiness 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
- Added README.md file introducing user guidance and details for the AI Compliance Readiness Assessment skill. - No changes to functionality or assessment framework; documentation only. - This update improves onboarding and clarity for users evaluating AI governance compliance.
v1.0.0
- Initial release of the AI Compliance Readiness Assessment skill. - Evaluates organizational preparedness for AI governance regulations (EU AI Act, NIST AI RMF, HHS mandates, state bar AI rules). - Scores AI compliance readiness across 8 key dimensions and generates actionable compliance roadmaps. - Designed for use in audit planning, gap analysis, and governance roadmap development. - Produces structured reports with executive summaries, detailed scoring tables, and regulatory exposure highlights.
元数据
Slug afrexai-compliance-readiness
版本 1.0.1
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 2
常见问题

Compliance Readiness 是什么?

AI Compliance Readiness Assessment — evaluate how prepared an organization is for AI governance regulations (EU AI Act, NIST AI RMF, HHS mandates, state bar... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 229 次。

如何安装 Compliance Readiness?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install afrexai-compliance-readiness」即可一键安装,无需额外配置。

Compliance Readiness 是免费的吗?

是的,Compliance Readiness 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Compliance Readiness 支持哪些平台?

Compliance Readiness 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Compliance Readiness?

由 afrexai-cto(@afrexai-cto)开发并维护,当前版本 v1.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 留言讨论