← 返回 Skills 市场
the compliance claw
作者
Jagadeeshvar Muralidharan
· GitHub ↗
· v1.0.0
538
总下载
0
收藏
3
当前安装
1
版本数
在 OpenClaw 中安装
/install complianceclaw
功能描述
Regulations change 4,000+ times per year. Your clients can't track them all. complianceclaw monitors federal and state regulatory changes, maps them to your...
使用说明 (SKILL.md)
complianceclaw
The regulation changed 6 months ago. Your client just found out from an enforcement notice.
Federal and state agencies publish 4,000+ rule changes per year. No attorney can read the Federal Register daily. No in-house team can monitor every state agency that touches their business. complianceclaw watches regulatory feeds, maps changes to your clients' industries and obligations, generates compliance checklists, and produces the audit-ready documentation that makes the difference between "we're in compliance" and "we have proof we're in compliance."
Who it's for: Regulatory attorneys, in-house compliance teams, healthcare lawyers tracking HIPAA/CMS changes, financial services counsel monitoring SEC/FINRA, and any firm that advises clients in regulated industries.
What it replaces: The $200K/year compliance vendor, the associate reading the Federal Register, and the "we didn't know the rule changed" defense that never works.
Pricing
| Feature | Free | Pro ($49/mo) | Enterprise ($199/mo) |
|---|---|---|---|
| Regulatory feeds | Federal Register only | + 50-state + key agencies | All federal + all state + international |
| Industry filters | 1 industry | 5 industries | Unlimited |
| Change monitoring alerts | Weekly digest | Real-time + customizable | Real-time + routing to teams |
| Compliance checklists | 3 templates | 25+ industry templates | Custom + build your own |
| Obligation mapping | — | ✅ | ✅ + cross-client |
| Audit-ready reports | — | ✅ | ✅ + board-ready |
| Gap analysis | — | ✅ | ✅ + remediation tracking |
| Regulatory calendar | — | ✅ | ✅ + integration |
| Client/entity profiles | 1 | 10 | Unlimited |
| Team | 1 | 3 | Unlimited |
| Policy document management | — | — | ✅ |
| Historical regulation lookup | 1 year | 5 years | Full archive |
complianceclaw upgrade pro— 14-day free trial.
Core Commands
Regulatory Monitoring
complianceclaw watch --industry healthcare --topics "HIPAA,telehealth,surprise billing"complianceclaw watch --industry fintech --agencies "SEC,FINRA,CFPB,OCC"complianceclaw watch --industry "cannabis" --states "CA,CO,NY,IL"complianceclaw watch --cfr-title 21 --parts "800-899"— Specific CFR parts (medical devices)complianceclaw feed --last 7— What changed this weekcomplianceclaw feed --last 7 --impact high— High-impact changes onlycomplianceclaw feed --agency SEC --last 30
Compliance Checklists
complianceclaw checklist generate --framework HIPAA --entity "HealthCo Inc"complianceclaw checklist generate --framework "SOX" --entity "PublicCorp"complianceclaw checklist generate --framework "CCPA" --entity "TechStartup"complianceclaw checklist status --entity "HealthCo Inc" --framework HIPAA— Progresscomplianceclaw checklist item done --id CHK-0042 --evidence "policy_v3.pdf" --by "J. Smith"complianceclaw checklist export --entity "HealthCo Inc" --format pdf— Audit-ready
Obligation Mapping (Pro)
complianceclaw obligation map --entity "HealthCo Inc"— All obligations by sourcecomplianceclaw obligation add --entity "HealthCo Inc" --regulation "HIPAA 164.530(j)" --description "Retain policies for 6 years" --deadline recurring-yearlycomplianceclaw obligation list --entity "HealthCo Inc" --overduecomplianceclaw obligation list --entity "HealthCo Inc" --upcoming 90complianceclaw obligation assign --id OBL-0012 --to "[email protected]"(Enterprise)
Gap Analysis (Pro)
complianceclaw gap-analysis --entity "HealthCo Inc" --framework HIPAAcomplianceclaw gap-analysis --entity "FinCo" --framework "SOC 2 Type II"complianceclaw gap-analysis --entity "TechStartup" --regulation "AI Act"— EU AI Act readiness
Output:
🟢 14.530(a) - Privacy notice: COMPLIANT (evidence: privacy_policy_v4.pdf)
🟡 164.308(a)(1) - Risk analysis: PARTIAL (last assessment: 14 months ago)
🔴 164.312(e)(1) - Encryption in transit: NON-COMPLIANT (no evidence found)
🔴 164.530(j) - Record retention: NON-COMPLIANT (retention policy expired)
Regulatory Calendar
complianceclaw calendar --entity "HealthCo Inc"— All regulatory deadlinescomplianceclaw calendar --next 90— Cross-entity upcoming deadlinescomplianceclaw calendar sync --google— Sync to Google Calendar (Enterprise)
Reporting
complianceclaw report --entity "HealthCo Inc" --framework HIPAA --format pdfcomplianceclaw report --entity "HealthCo Inc" --board-ready(Enterprise)complianceclaw report --all-entities --summary— Portfolio compliance statuscomplianceclaw report --changes --period 2026-Q1— Regulatory changes impact report
Regulation Lookup
complianceclaw lookup "42 CFR 482"— Hospital Conditions of Participationcomplianceclaw lookup "CCPA" --current— Current full textcomplianceclaw lookup "HIPAA 164.312" --history— Amendment history (Enterprise)complianceclaw search "data breach notification" --state all— Cross-state comparison
Supported Frameworks & Industries
Healthcare: HIPAA, HITECH, Stark Law, Anti-Kickback, 42 CFR Part 2, CMS CoP Financial: SOX, Dodd-Frank, BSA/AML, FINRA, SEC, GLBA, FCRA, CFPB Privacy: CCPA/CPRA, GDPR, VCDPA, CPA, CTDPA, state breach notification Technology: AI Act (EU), NIST CSF, SOC 2, ISO 27001, FedRAMP Healthcare IT: ONC, 21st Century Cures Act, Information Blocking Cannabis: State-by-state regulatory tracking Energy: FERC, NERC CIP, EPA, state PUC Employment: FLSA, OSHA, ADA, FMLA, state wage & hour
Notes
- Federal Register data is public/free; state regulatory feeds require Pro+
- Combine with
contractclawfor contract obligations that have compliance implications - Combine with
caseclawfor deadline tracking on regulatory filing dates - Regulatory data updated daily (Pro) or real-time (Enterprise)
安全使用建议
This appears to be a legitimate compliance CLI, but exercise caution before installing the binary from the third‑party Homebrew tap. Steps to consider:
- Verify the tap and upstream repository (check GitHub releases, source code, maintainers, and binary signatures). Confirm the 'legal-tools' tap and 'complianceclaw' formula come from a trusted maintainer.
- Ask the vendor how integrations work: where and how Google OAuth tokens, SMTP/email routing credentials, or API keys are provided and stored. Do not supply secrets until you confirm secure storage and minimal scope.
- Test the binary in an isolated environment (VM or container) before installing on production machines to observe network behavior and file access.
- If you require enterprise use, request an audit or source distribution you can compile/verify yourself instead of opaque binaries.
- If you proceed, restrict network access and monitor outgoing connections until you’re comfortable with its behavior.
If the vendor can demonstrate signed releases and clear documentation for authentication flows (OAuth screenshots, config file locations, encryption at rest), that would raise confidence.
功能分析
Type: OpenClaw Skill
Name: complianceclaw
Version: 1.0.0
The skill bundle describes a compliance monitoring tool and provides standard installation instructions via `brew` in the `SKILL.md` metadata. All listed commands are invocations of the `complianceclaw` binary itself, demonstrating its intended functionality. There is no evidence of data exfiltration, malicious execution (beyond standard package installation), persistence mechanisms, obfuscation, or prompt injection attempts designed to subvert the agent's behavior or steal sensitive information. The content is purely descriptive and functional.
能力评估
Purpose & Capability
Name, description and CLI commands are consistent with a regulatory-monitoring/compliance product and the only runtime requirement declared is the 'complianceclaw' binary. However the SKILL.md documents integrations (Google Calendar sync, emailing assignments, exporting PDFs, historical archive access, real-time feeds) that typically require credentials, API keys, or network access; the skill declares no required environment variables or config paths to support those integrations.
Instruction Scope
The SKILL.md lists many explicit commands (watch, feed, checklist generate, obligation map, calendar sync, report export). It does not instruct the agent to read arbitrary system files or secrets, but several commands imply access to user files (evidence PDFs) and external services (Google sync, email routing). The doc does not specify how credentials are supplied, how OAuth flows are handled, nor whether files are uploaded off-machine — this lack of detail widens the agent's scope by omission.
Install Mechanism
Install is via a Homebrew tap (legal-tools/tap/complianceclaw) which will place a binary on the system. Homebrew is a normal install path, but this is a third-party tap rather than an official core formula; installing a third-party binary means you should verify the tap and binary source (signing, GitHub releases, maintainers) before trust. No additional install artifacts are present in the skill bundle (instruction-only).
Credentials
The skill requests zero environment variables, yet features described (Google Calendar sync, routing obligations to email addresses, integrations with feeds/archives) normally require OAuth credentials, API keys, or SMTP/ESMTP information. The absence of declared credentials is an inconsistency: either the binary will prompt for/obtain credentials at runtime, or it expects system-level tokens/configs — both of which should have been documented. This gap raises risk about where credentials would be stored or how they are used.
Persistence & Privilege
The skill does not request always: true and is user-invocable only. No config paths or persistent privileges are requested in the SKILL.md. Installing the brew binary gives it the normal privileges of any installed program, but the skill metadata does not request elevated or platform-wide persistence beyond that.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install complianceclaw - 安装完成后,直接呼叫该 Skill 的名称或使用
/complianceclaw触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of complianceclaw, a tool for automated regulatory monitoring and compliance management.
- Tracks 4,000+ annual regulatory changes across federal and state agencies, mapping changes to client obligations.
- Generates compliance checklists, gap analyses, and audit-ready reports for legal and compliance teams.
- Supports industry-specific frameworks in healthcare, financial, privacy, technology, energy, employment, and more.
- Offers tiered pricing: Free, Pro, and Enterprise, with increasing access to features like state/international feeds, obligation mapping, and real-time alerts.
- Includes command-line tools for monitoring changes, managing checklists, mapping obligations, tracking deadlines, and generating reports.
元数据
常见问题
the compliance claw 是什么?
Regulations change 4,000+ times per year. Your clients can't track them all. complianceclaw monitors federal and state regulatory changes, maps them to your... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 538 次。
如何安装 the compliance claw?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install complianceclaw」即可一键安装,无需额外配置。
the compliance claw 是免费的吗?
是的,the compliance claw 完全免费(开源免费),可自由下载、安装和使用。
the compliance claw 支持哪些平台?
the compliance claw 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 the compliance claw?
由 Jagadeeshvar Muralidharan(@jagadeeshmurali-coder)开发并维护,当前版本 v1.0.0。
推荐 Skills