← 返回 Skills 市场
Global Compliance
作者
Justin Liu
· GitHub ↗
· v1.0.1
404
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install global-compliance
功能描述
AI-powered global compliance checker, document generator, and risk assessor for GDPR, CCPA, SOC2, ISO27001, HIPAA and more
使用说明 (SKILL.md)
⚖️ Global Compliance Skill
AI-powered compliance assistant that helps enterprises check documents, generate compliance policies, assess risks, and query regulations for GDPR, CCPA, SOC 2, ISO 27001, HIPAA, and other standards.
📦 Installation
Step 1: Install the Skill
clawhub install global-compliance
Step 2: Install via npm
# Install globally
npm install -g openclaw-global-compliance
# Verify installation
compliance --version
compliance help
🚀 Usage
When to Use This Skill
AUTO-TRIGGER when user's message contains:
- Keywords:
compliance,GDPR,CCPA,privacy policy,合规,隐私政策,风险评估 - Asks about legal/regulatory requirements
- Wants to check documents for compliance
- Needs to generate compliance documents
- Wants risk assessment for different regions
TRIGGER EXAMPLES:
- "Check if my privacy policy complies with GDPR"
- "Generate a GDPR-compliant privacy policy"
- "What are the CCPA requirements?"
- "Assess our compliance risk"
DO NOT USE when:
- Only general legal questions (use general legal research)
- Contract review (use contract analysis tools)
🎯 Core Features
Complete compliance management system:
- 🔍 Compliance Checking - GDPR, CCPA, SOC 2, ISO 27001, HIPAA
- 📄 Document Generation - Privacy policies, terms of service, DPA
- ⚖️ Risk Assessment - Multi-jurisdiction risk analysis
- 📚 Regulation Query - Search and query compliance requirements
- 📊 Audit Reports - Generate professional audit reports
- 🌍 Multi-Region Support - EU, US, China, Brazil, global
💻 Agent Usage Guide
Primary Commands
When user requests compliance checking or document generation, use these commands:
Check Compliance:
compliance check --type gdpr --file privacy-policy.md --output report.json
Generate Document:
compliance generate privacy-policy \
--company "Company Name" \
--region eu \
--industry saas \
--data-types "pii,usage-analytics" \
--output privacy-policy.md
Assess Risk:
compliance assess \
--company-info company.json \
--standards "gdpr,ccpa,soc2" \
--output risk-report.pdf
Query Regulations:
compliance query --standard gdpr --topic "data retention"
Example Workflows
Example 1: Check GDPR Compliance
User: "Check if my privacy policy complies with GDPR"
Agent:
- Ask for policy file or content
- Execute:
compliance check --type gdpr --file policy.md - Summarize results and provide recommendations
Example 2: Generate Privacy Policy
User: "Generate a GDPR-compliant privacy policy for my SaaS company"
Agent:
- Gather company info (name, industry, data types)
- Execute:
compliance generate privacy-policy --company "CompanyName" --region eu --industry saas - Review output and offer to save file
Example 3: Multi-Standard Assessment
User: "We're expanding to Europe. What compliance requirements do we need?"
Agent:
- Collect company details
- Execute:
compliance assess --company-info info.json --standards "gdpr,soc2" - Explain high-priority gaps and provide roadmap
⚙️ Supported Standards
Data Privacy
- GDPR - EU General Data Protection Regulation
- CCPA - California Consumer Privacy Act
- PIPL - China Personal Information Protection Law
- LGPD - Brazil General Data Protection Law
Information Security
- ISO 27001 - Information Security Management
- SOC 2 - Service Organization Control
- PCI-DSS - Payment Card Industry Data Security
Industry-Specific
- HIPAA - Healthcare (US)
- GLBA - Financial Services (US)
- FERPA - Education (US)
📊 Tool Functions
1. check_compliance
Check document or process for compliance.
Parameters:
standard(string): gdpr | ccpa | soc2 | iso27001 | hipaacontent(string): Document content or file pathcheckpoints(array, optional): Specific checks to run
Returns:
{
compliant: boolean,
score: number, // 0-100
totalChecks: number,
passedChecks: number,
failedChecks: number,
issues: Array\x3C{
checkpoint: string,
severity: 'critical' | 'high' | 'medium' | 'low',
title: string,
description: string,
remediation: string
}>,
recommendations: string[]
}
2. generate_document
Generate compliance document.
Parameters:
type(string): privacy-policy | tos | dpa | cookie-policycompany_info(object):name(string)industry(string)regions(array)data_types(array)
region(string): eu | us | cn | globallanguage(string, optional): en | zh | es
Returns:
{
type: string,
content: string,
format: 'markdown' | 'html' | 'pdf',
metadata: {
standard: string[],
region: string,
generated: string
},
warnings: string[]
}
3. assess_risk
Assess compliance risk.
Parameters:
company_info(object): Company detailsstandards(array): Standards to assessregions(array): Target regions
Returns:
{
overallScore: number, // 0-100
riskLevel: 'low' | 'medium' | 'high' | 'critical',
byStandard: {
[standard: string]: {
score: number,
gaps: string[],
priority: number
}
},
recommendations: Array\x3C{
priority: string,
title: string,
description: string,
effort: string,
timeline: string
}>,
estimatedCost: {
immediate: number,
annual: number
}
}
4. query_regulation
Query regulation requirements.
Parameters:
standard(string): Compliance standardtopic(string): Topic to query
Returns:
{
standard: string,
topic: string,
requirements: string[],
references: Array\x3C{
article: string,
text: string,
url: string
}>
}
💰 Cost Estimation
- Document Checking: Free (rule-based)
- AI-Assisted Analysis: $0.01-0.05 per document
- Document Generation: $0.02-0.10 per document
- Risk Assessment: $0.10-0.50 per assessment
📝 Usage Examples
Example 1: Check Privacy Policy
# Create test policy
cat > policy.md \x3C\x3CEOF
# Privacy Policy
We collect email addresses and usage data.
We use encryption to protect your data.
EOF
# Check GDPR compliance
compliance check --type gdpr --file policy.md
# Output:
# Score: 35/100
# Status: ✗ Non-compliant
# Found 8 issues (3 critical, 5 high)
Example 2: Generate Complete Policy
# Generate GDPR-compliant privacy policy
compliance generate privacy-policy \
--company "TechStartup Inc" \
--region eu \
--industry saas \
--data-types "pii,usage-analytics" \
--output privacy-policy.md
# Output: Complete GDPR-compliant privacy policy
Example 3: Multi-Region Risk Assessment
# Assess risk for EU expansion
cat > company.json \x3C\x3CEOF
{
"name": "US Company",
"industry": "saas",
"regions": ["us"],
"dataTypes": ["pii", "financial"]
}
EOF
compliance assess \
--company-info company.json \
--standards "gdpr,ccpa,soc2"
🔧 Troubleshooting
Issue 1: Package Not Installed
Error: command not found: compliance
Solution:
npm install -g openclaw-global-compliance
Issue 2: Config File Missing
Error: Cannot find config file
Solution:
# Create default config
compliance init
📚 Full Documentation
- GitHub: https://github.com/ZhenRobotics/openclaw-global-compliance
- Documentation: Full compliance guides
- Support: GitHub Issues
🎯 Agent Behavior Guidelines
When using this skill, agents should:
DO:
- ✅ Ask for necessary company information
- ✅ Provide clear, actionable recommendations
- ✅ Explain compliance issues in plain language
- ✅ Warn about legal review requirements
- ✅ Suggest prioritization for critical issues
DON'T:
- ❌ Provide legal advice (recommend consulting lawyers)
- ❌ Guarantee 100% compliance
- ❌ Skip critical warnings
- ❌ Auto-publish generated documents without review
📊 Compliance Checkpoints
GDPR (12 checkpoints)
- Legal basis for processing
- User rights (access, erasure, rectification, portability)
- Data retention periods
- Third-party sharing disclosure
- International transfers
- Security measures
- Breach notification
- Children's data protection
- DPO contact (if applicable)
CCPA (8 checkpoints)
- Right to know
- Right to delete
- Right to opt-out
- Non-discrimination
- Sale of personal information disclosure
- Categories of data collected
- Third-party sharing
- Privacy policy accessibility
SOC 2 (10 checkpoints)
- Security policies
- Access controls
- Change management
- Risk assessment
- Monitoring and logging
- Incident response
- Vendor management
- Business continuity
- Encryption
- Physical security
🆕 Version History
v1.0.0 (2026-03-08)
- ✨ Initial release
- 🔍 GDPR compliance checker
- 🔍 CCPA compliance checker (basic)
- 📄 Privacy policy generator
- ⚖️ Risk assessment framework
- 📚 Regulation query system
- 🤖 CLI tool and Agent integration
Project Status: ✅ Ready for Use
License: MIT
Author: @justin
Support: https://github.com/ZhenRobotics/openclaw-global-compliance/issues
安全使用建议
Do not install or run the suggested npm package until you verify its provenance. Specific concerns: (1) This skill bundle contains unrelated SKILL-EN.md/SKILL-ZH.md files for a video-generator skill — likely a packaging error or intentional mixing. (2) The runtime instructions advise installing a global npm CLI (openclaw-global-compliance) that is not part of this registry entry, which could run arbitrary code. Suggested steps before proceeding: 1) Verify the package on npm and inspect its author, version history, and repository URL; prefer packages with a clear homepage/repo and reproducible source. 2) Search for 'openclaw-global-compliance' and the owner identity; confirm it matches the registry owner. 3) Inspect the npm package contents in a sandbox (or review its GitHub repo) to see exactly what binaries/scripts it installs. 4) If you need the skill now, run the CLI in an isolated environment (container or VM) and avoid giving it privileged access or secrets. 5) Contact the publisher/maintainer for clarification about the unrelated video-generator files and request a clean release or corrected packaging. If you cannot verify the package/source, do not install it.
功能分析
Type: OpenClaw Skill
Name: global-compliance
Version: 1.0.1
The skill bundle contains a critical discrepancy between its primary metadata and documentation (_meta.json, SKILL.md), which describe a 'global-compliance' tool, and its localized versions (SKILL-EN.md, SKILL-ZH.md), which describe a 'video-generator'. This 'bait-and-switch' content is highly irregular and suggests either severe mispackaging or intentional hidden functionality. Furthermore, the video generator instructions direct the agent to perform high-risk operations, including cloning a remote repository (github.com/ZhenRobotics/openclaw-video), running 'npm install', and executing external shell scripts, which constitutes a remote code execution (RCE) risk and potential for supply chain attacks.
能力评估
Purpose & Capability
The SKILL.md describes a compliance assistant and its CLI usage (compliance check/generate/assess), which is coherent with the skill name. However, two other included files (SKILL-EN.md and SKILL-ZH.md) are for a completely different 'video-generator' skill. Having unrelated skill documents bundled with a compliance skill is incoherent and suggests mispackaging or intentional mixing of functionality.
Instruction Scope
Runtime instructions ask the agent to request user files, run a local CLI (compliance check/generate/assess/query), and summarize or save outputs. Those instructions stay within the compliance domain and do not request unrelated system files or secrets. However the skill also defines AUTO-TRIGGER keywords (broad) which could cause frequent invocation; and it instructs users/agents to install/run an external CLI not provided by the registry (see install_mechanism).
Install Mechanism
The skill is instruction-only (no install spec), but SKILL.md tells users/agents to run 'npm install -g openclaw-global-compliance' and use a 'compliance' CLI. Installing an unvetted global npm package has risk: the package source, integrity, and behavior are unknown. Additionally, the repo includes unrelated files referencing a different project, increasing suspicion that the install instructions could direct you to other code or commands.
Credentials
The skill declares no required environment variables, credentials, or config paths. The instructions do not ask for secrets beyond normal document inputs and company info. There is no direct request for unrelated credentials or system configuration.
Persistence & Privilege
Skill flags are default (always: false, agent-invocable allowed). It does not request permanent/privileged presence or to modify other skills. Autonomous invocation is normal and not, by itself, a problem here.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install global-compliance - 安装完成后,直接呼叫该 Skill 的名称或使用
/global-compliance触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
v1.0.1 Bug Fix: Repository Name Correction
修复:
- GitHub 仓库名称拼写错误已修复
- 更新所有文档中的 URL 引用
- 确保各平台命名一致性
兼容性: 完全向后兼容 v1.0.0
链接: https://github.com/ZhenRobotics/openclaw-global-compliance
元数据
常见问题
Global Compliance 是什么?
AI-powered global compliance checker, document generator, and risk assessor for GDPR, CCPA, SOC2, ISO27001, HIPAA and more. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 404 次。
如何安装 Global Compliance?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install global-compliance」即可一键安装,无需额外配置。
Global Compliance 是免费的吗?
是的,Global Compliance 完全免费(开源免费),可自由下载、安装和使用。
Global Compliance 支持哪些平台?
Global Compliance 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Global Compliance?
由 Justin Liu(@zhenstaff)开发并维护,当前版本 v1.0.1。
推荐 Skills