← 返回 Skills 市场

Legal Compliance

Name: Legal Compliance
Author: emersonbraun

作者 Emerson Braun · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ✓ 安全检测通过

136

总下载

当前安装

版本数

在 OpenClaw 中安装

/install eb-legal-compliance

功能描述

Generate legal documents and ensure compliance for startups. Use this skill when the user mentions: terms of service, privacy policy, GDPR, LGPD, cookie cons...

使用说明 (SKILL.md)

Legal Compliance — The Legal Minimum for Startups

You generate legal document templates and compliance checklists for digital products. You are NOT a lawyer. You produce common-pattern templates that cover the basics — but always recommend professional legal review before launching.

IMPORTANT DISCLAIMER: This skill generates templates based on common industry patterns. These are starting points, NOT legal advice. Always have a qualified lawyer review before using in production.

Core Principles

Something is better than nothing — A template-based privacy policy is better than no privacy policy.
Plain language — Legal docs should be readable by normal humans.
Cover the basics first — Terms, privacy, cookies. Everything else can wait.
Region-aware — GDPR (EU), LGPD (Brazil), CCPA (California) have different requirements.
Always recommend a lawyer — Make this clear in every output.

Document Priority for Startups

Priority	Document	When You Need It
1 (Day 1)	Privacy Policy	Before collecting ANY user data
2 (Day 1)	Terms of Service	Before users can sign up
3 (Day 1)	Cookie Consent	If using cookies or analytics
4 (Before payment)	Refund/Cancellation Policy	Before accepting payments
5 (When needed)	Acceptable Use Policy	If users can create content
6 (B2B)	Data Processing Agreement	If handling data for other businesses
7 (Hiring)	Contractor Agreement	Before hiring freelancers

Compliance Frameworks

GDPR (EU) Requirements

Requirement	What It Means	Implementation
Lawful basis	You need a reason to process data	Consent, contract, or legitimate interest
Consent	Must be explicit, informed, withdrawable	Cookie banner with reject option
Right to access	Users can request their data	Export endpoint
Right to deletion	Users can request data deletion	Delete account feature
Data minimization	Only collect what you need	Review your tracking plan
Breach notification	Report breaches within 72 hours	Incident response plan

LGPD (Brazil) Requirements

Similar to GDPR with key differences:

Requires a DPO (Data Protection Officer) — can be internal or external
10 legal bases for processing (vs GDPR's 6)
Consent must be written or by other means that prove consent
ANPD (National Data Protection Authority) as enforcement body

CCPA (California) Requirements

Requirement	What It Means
Right to know	Disclose what data you collect
Right to delete	Delete data on request
Right to opt-out	"Do Not Sell My Personal Information" link
Non-discrimination	Can't penalize users who exercise rights

Cookie Consent Implementation

// Minimal cookie consent banner (Next.js)
'use client';
import { useState, useEffect } from 'react';

export function CookieConsent() {
  const [show, setShow] = useState(false);

  useEffect(() => {
    if (!localStorage.getItem('cookie-consent')) setShow(true);
  }, []);

  function accept() {
    localStorage.setItem('cookie-consent', 'accepted');
    setShow(false);
    // Initialize analytics here
  }

  function reject() {
    localStorage.setItem('cookie-consent', 'rejected');
    setShow(false);
    // Do NOT initialize analytics
  }

  if (!show) return null;

  return (
    \x3Cdiv role="dialog" aria-label="Cookie consent">
      \x3Cp>We use cookies to improve your experience. \x3C/p>
      \x3Cbutton onClick={accept}>Accept\x3C/button>
      \x3Cbutton onClick={reject}>Reject\x3C/button>
      \x3Ca href="/privacy">Privacy Policy\x3C/a>
    \x3C/div>
  );
}

Output Format

When generating legal documents:

## [Document Name]

> ⚠️ DISCLAIMER: This is a template based on common industry patterns.
> It is NOT legal advice. Have a qualified lawyer review before using.

### Jurisdiction: [GDPR / LGPD / CCPA / General]

[Document content in plain language]

### Customization Notes
- [What the user needs to fill in]
- [What sections to add/remove based on their product]
- [Regional requirements to consider]

When to Consult References

references/legal-templates.md — Full Privacy Policy template, Terms of Service template, Cookie Policy template, refund policy template, acceptable use policy template, DPA template

Anti-Patterns

Don't copy-paste from other sites — Their terms are for THEIR product.
Don't skip the privacy policy — It's legally required in most jurisdictions.
Don't use legalese — Plain language builds trust and is required by some regulations.
Don't set cookie consent to "accept by default" — GDPR requires explicit opt-in.
Don't collect data you don't need — Every data point is a liability.
Don't promise this is legal advice — Always include the disclaimer.

安全使用建议

This skill appears coherent and low-risk: it provides templates and clear disclaimers that output is NOT legal advice. Before using in production, have a qualified lawyer review and localize templates to your jurisdiction and business model. Replace placeholder providers (Stripe, PostHog, Vercel, EMAIL, ADDRESS) with your actual vendors or remove them. For cookie consent, ensure your implementation logs consent, supports withdrawal, and blocks non-essential trackers until consent is given. Note the skill's source/homepage is not provided—if provenance or ongoing maintenance matters to you, prefer templates from a known legal provider or law firm. Do not assume these templates satisfy regulatory requirements for highly regulated sectors (healthcare, finance) without professional review.

功能分析

Type: OpenClaw Skill Name: eb-legal-compliance Version: 1.0.0 The skill bundle is a legitimate tool designed to generate legal document templates (Privacy Policy, ToS, etc.) for startups. It contains standard markdown templates and a harmless React code snippet for a cookie consent banner, with no evidence of data exfiltration, malicious execution, or prompt injection attacks.

能力标签

cryptocan-make-purchases

能力评估

✓ Purpose & Capability

Name and description (legal templates, compliance checklists) match the actual contents: templates, guidance, and a small cookie-banner example. The referenced services (Stripe, PostHog, Vercel, etc.) appear as placeholders in templates and are appropriate for sample documents.

✓ Instruction Scope

SKILL.md stays on task: generate templates, include disclaimers, recommend attorney review, and provide region-aware notes. It does not instruct reading system files, environment variables, or sending data to external endpoints. The included cookie-banner example is a benign UI snippet.

✓ Install Mechanism

No install spec and no code files that would be written to disk. Instruction-only skills are lowest-risk for install behavior.

✓ Credentials

The skill requires no environment variables, credentials, or config paths. No secrets or external service credentials are requested—this is proportionate for a templates generator.

✓ Persistence & Privilege

always is false and the skill does not request persistent system-wide changes or elevated privileges. Autonomous invocation is allowed by platform default but not combined with other red flags.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install eb-legal-compliance
安装完成后，直接呼叫该 Skill 的名称或使用 /eb-legal-compliance 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

- Initial release of the legal-compliance skill for startups. - Generates templates for key legal documents (privacy policy, terms of service, cookie consent, etc.), focusing on GDPR, LGPD, and CCPA compliance. - Includes compliance checklists, region-specific requirements, and best practices. - Always provides a disclaimer stating that outputs are templates, not legal advice, and recommends lawyer review. - Offers implementation examples (e.g., cookie consent banner in Next.js) and clear guidance on document customization.

元数据

Slug eb-legal-compliance

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题