⚖️ Global Compliance Skill
AI-powered compliance assistant that helps enterprises check documents, generate compliance policies, assess risks, and query regulations for GDPR, CCPA, SOC 2, ISO 27001, HIPAA, and other standards.
📦 Installation
Step 1: Install the Skill
CODEBLOCK0
Step 2: Install via npm
CODEBLOCK1�
🚀 Usage
When to Use This Skill
AUTO-TRIGGER when user's message contains:
- - Keywords:
compliance, GDPR, CCPA, privacy policy, 合规, 隐私政策, �INLINECODE6 - Asks about legal/regulatory requirements
- Wants to check documents for compliance
- Needs to generate compliance documents
- Wants risk assessment for different regions
TRIGGER EXAMPLES:
- - "Check if my privacy policy complies with GDPR"
- "Generate a GDPR-compliant privacy policy"
- "What are the CCPA requirements?"
- "Assess our compliance risk"
DO NOT USE when:
- - Only general legal questions (use general legal research)
- Contract review (use contract analysis tools)
🎯 Core Features
Complete compliance management system:
- - 🔍 Compliance Checking - GDPR, CCPA, SOC 2, ISO 27001, HIPAA
- 📄 Document Generation - Privacy policies, terms of service, DPA
- ⚖️ Risk Assessment - Multi-jurisdiction risk analysis
- 📚 Regulation Query - Search and query compliance requirements
- 📊 Audit Reports - Generate professional audit reports
- 🌍 Multi-Region Support - EU, US, China, Brazil, global
💻 Agent Usage Guide
Primary Commands
When user requests compliance checking or document generation, use these commands:
Check Compliance:
�CODEBLOCK2
Generate Document:
�CODEBLOCK3
Assess Risk:
�CODEBLOCK4
Query Regulations:
�CODEBLOCK5
Example Workflows
Example 1: Check GDPR Compliance
User: "Check if my privacy policy complies with GDPR"
Agent:
- 1. Ask for policy file or content
- Execute: �INLINECODE7
- Summarize results and provide recommendations
Example 2: Generate Privacy Policy
User: "Generate a GDPR-compliant privacy policy for my SaaS company"
Agent:
- 1. Gather company info (name, industry, data types)
- Execute: �INLINECODE8
- Review output and offer to save file
Example 3: Multi-Standard Assessment
User: "We're expanding to Europe. What compliance requirements do we need?"
Agent:
- 1. Collect company details
- Execute: �INLINECODE9
- Explain high-priority gaps and provide roadmap
⚙️ Supported Standards
Data Privacy
- - GDPR - EU General Data Protection Regulation
- CCPA - California Consumer Privacy Act
- PIPL - China Personal Information Protection Law
- LGPD - Brazil General Data Protection Law
Information Security
- - ISO 27001 - Information Security Management
- SOC 2 - Service Organization Control
- PCI-DSS - Payment Card Industry Data Security
Industry-Specific
- - HIPAA - Healthcare (US)
- GLBA - Financial Services (US)
- FERPA - Education (US)
📊 Tool Functions
1. check_compliance
Check document or process for compliance.
Parameters:
- -
standard (string): gdpr | ccpa | soc2 | iso27001 | hipaa - INLINECODE11� (string): Document content or file path
- INLINECODE12� (array, optional): Specific checks to run
Returns:
�CODEBLOCK6
2. generate_document
Generate compliance document.
Parameters:
- -
type (string): privacy-policy | tos | dpa | cookie-policy - INLINECODE14� (object):
-
name (string)
-
industry (string)
-
regions (array)
-
data_types (array)
- -
region (string): eu | us | cn | global - INLINECODE20� (string, optional): en | zh | es
Returns:
�CODEBLOCK7
3. assess_risk
Assess compliance risk.
Parameters:
- -
company_info (object): Company details - INLINECODE22� (array): Standards to assess
- INLINECODE23� (array): Target regions
Returns:
�CODEBLOCK8
4. query_regulation
Query regulation requirements.
Parameters:
- -
standard (string): Compliance standard - INLINECODE25� (string): Topic to query
Returns:
{
standard: string,
topic: string,
requirements: string[],
references: Array<{
article: string,
text: string,
url: string
}>
}
💰 Cost Estimation
- - Document Checking: Free (rule-based)
- AI-Assisted Analysis: $0.01-0.05 per document
- Document Generation: $0.02-0.10 per document
- Risk Assessment: $0.10-0.50 per assessment
📝 Usage Examples
Example 1: Check Privacy Policy
CODEBLOCK10
Example 2: Generate Complete Policy
CODEBLOCK11
Example 3: Multi-Region Risk Assessment
CODEBLOCK12�
🔧 Troubleshooting
Issue 1: Package Not Installed
Error: �INLINECODE26
Solution:
�CODEBLOCK13
Issue 2: Config File Missing
Error: Cannot find config file
Solution:
# Create default config
compliance init
📚 Full Documentation
- - GitHub: https://github.com/ZhenRobotics/openclaw-global-compliance
- Documentation: Full compliance guides
- Support: GitHub Issues
🎯 Agent Behavior Guidelines
When using this skill, agents should:
DO:
- - ✅ Ask for necessary company information
- ✅ Provide clear, actionable recommendations
- ✅ Explain compliance issues in plain language
- ✅ Warn about legal review requirements
- ✅ Suggest prioritization for critical issues
DON'T:
- - ❌ Provide legal advice (recommend consulting lawyers)
- ❌ Guarantee 100% compliance
- ❌ Skip critical warnings
- ❌ Auto-publish generated documents without review
📊 Compliance Checkpoints
GDPR (12 checkpoints)
- - Legal basis for processing
- User rights (access, erasure, rectification, portability)
- Data retention periods
- Third-party sharing disclosure
- International transfers
- Security measures
- Breach notification
- Children's data protection
- DPO contact (if applicable)
CCPA (8 checkpoints)
- - Right to know
- Right to delete
- Right to opt-out
- Non-discrimination
- Sale of personal information disclosure
- Categories of data collected
- Third-party sharing
- Privacy policy accessibility
SOC 2 (10 checkpoints)
- - Security policies
- Access controls
- Change management
- Risk assessment
- Monitoring and logging
- Incident response
- Vendor management
- Business continuity
- Encryption
- Physical security
🆕 Version History
v1.0.0 (2026-03-08)
- - ✨ Initial release
- 🔍 GDPR compliance checker
- 🔍 CCPA compliance checker (basic)
- 📄 Privacy policy generator
- ⚖️ Risk assessment framework
- 📚 Regulation query system
- 🤖 CLI tool and Agent integration
Project Status: ✅ Ready for Use
License: MIT
Author: @justin
Support: https://github.com/ZhenRobotics/openclaw-global-compliance/issues
ClawHub: https://clawhub.ai/justin/global-compliance
⚖️ 全球合规技能
AI驱动的合规助手,帮助企业检查文档、生成合规政策、评估风险,并查询GDPR、CCPA、SOC 2、ISO 27001、HIPAA及其他标准的法规要求。
📦 安装
步骤1:安装技能
bash
clawhub install global-compliance
步骤2:通过npm安装
bash
全局安装
npm install -g openclaw-global-compliance
验证安装
compliance --version
compliance help
🚀 使用说明
何时使用此技能
自动触发 当用户消息包含以下内容时:
- - 关键词:compliance、GDPR、CCPA、privacy policy、合规、隐私政策、风险评估
- 询问法律/法规要求
- 希望检查文档合规性
- 需要生成合规文档
- 希望进行不同地区的风险评估
触发示例:
- - 检查我的隐私政策是否符合GDPR
- 生成一份符合GDPR的隐私政策
- CCPA有哪些要求?
- 评估我们的合规风险
请勿使用 当:
- - 仅涉及一般法律问题(请使用通用法律研究)
- 合同审查(请使用合同分析工具)
🎯 核心功能
完整的合规管理系统:
- - 🔍 合规检查 - GDPR、CCPA、SOC 2、ISO 27001、HIPAA
- 📄 文档生成 - 隐私政策、服务条款、数据处理协议
- ⚖️ 风险评估 - 多司法管辖区风险分析
- 📚 法规查询 - 搜索和查询合规要求
- 📊 审计报告 - 生成专业审计报告
- 🌍 多区域支持 - 欧盟、美国、中国、巴西、全球
💻 代理使用指南
主要命令
当用户请求合规检查或文档生成时,使用以下命令:
检查合规性:
bash
compliance check --type gdpr --file privacy-policy.md --output report.json
生成文档:
bash
compliance generate privacy-policy \
--company 公司名称 \
--region eu \
--industry saas \
--data-types pii,usage-analytics \
--output privacy-policy.md
评估风险:
bash
compliance assess \
--company-info company.json \
--standards gdpr,ccpa,soc2 \
--output risk-report.pdf
查询法规:
bash
compliance query --standard gdpr --topic data retention
示例工作流程
示例1:检查GDPR合规性
用户:检查我的隐私政策是否符合GDPR
代理:
- 1. 询问政策文件或内容
- 执行:compliance check --type gdpr --file policy.md
- 总结结果并提供建议
示例2:生成隐私政策
用户:为我的SaaS公司生成一份符合GDPR的隐私政策
代理:
- 1. 收集公司信息(名称、行业、数据类型)
- 执行:compliance generate privacy-policy --company 公司名称 --region eu --industry saas
- 审查输出并提供保存文件选项
示例3:多标准评估
用户:我们正在向欧洲扩张。需要满足哪些合规要求?
代理:
- 1. 收集公司详细信息
- 执行:compliance assess --company-info info.json --standards gdpr,soc2
- 解释高优先级差距并提供路线图
⚙️ 支持的标准
数据隐私
- - GDPR - 欧盟通用数据保护条例
- CCPA - 加州消费者隐私法案
- PIPL - 中国个人信息保护法
- LGPD - 巴西通用数据保护法
信息安全
- - ISO 27001 - 信息安全管理
- SOC 2 - 服务组织控制
- PCI-DSS - 支付卡行业数据安全标准
行业特定
- - HIPAA - 医疗保健(美国)
- GLBA - 金融服务(美国)
- FERPA - 教育(美国)
📊 工具功能
1. check_compliance
检查文档或流程的合规性。
参数:
- - standard(字符串):gdpr | ccpa | soc2 | iso27001 | hipaa
- content(字符串):文档内容或文件路径
- checkpoints(数组,可选):要运行的具体检查项
返回:
typescript
{
compliant: boolean,
score: number, // 0-100
totalChecks: number,
passedChecks: number,
failedChecks: number,
issues: Array<{
checkpoint: string,
severity: critical | high | medium | low,
title: string,
description: string,
remediation: string
}>,
recommendations: string[]
}
2. generate_document
生成合规文档。
参数:
- - type(字符串):privacy-policy | tos | dpa | cookie-policy
- company_info(对象):
- name(字符串)
- industry(字符串)
- regions(数组)
- data_types(数组)
- - region(字符串):eu | us | cn | global
- language(字符串,可选):en | zh | es
返回:
typescript
{
type: string,
content: string,
format: markdown | html | pdf,
metadata: {
standard: string[],
region: string,
generated: string
},
warnings: string[]
}
3. assess_risk
评估合规风险。
参数:
- - company_info(对象):公司详细信息
- standards(数组):要评估的标准
- regions(数组):目标地区
返回:
typescript
{
overallScore: number, // 0-100
riskLevel: low | medium | high | critical,
byStandard: {
[standard: string]: {
score: number,
gaps: string[],
priority: number
}
},
recommendations: Array<{
priority: string,
title: string,
description: string,
effort: string,
timeline: string
}>,
estimatedCost: {
immediate: number,
annual: number
}
}
4. query_regulation
查询法规要求。
参数:
- - standard(字符串):合规标准
- topic(字符串):要查询的主题
返回:
typescript
{
standard: string,
topic: string,
requirements: string[],
references: Array<{
article: string,
text: string,
url: string
}>
}
💰 成本估算
- - 文档检查:免费(基于规则)
- AI辅助分析:每份文档$0.01-0.05
- 文档生成:每份文档$0.02-0.10
- 风险评估:每次评估$0.10-0.50
📝 使用示例
示例1:检查隐私政策
bash
创建测试政策
cat > policy.md <
隐私政策
我们收集电子邮件地址和使用数据。
我们使用加密技术保护您的数据。
EOF
检查GDPR合规性
compliance check --type gdpr --file policy.md
输出:
评分:35/100
状态:✗ 不合规
发现8个问题(3个严重,5个高)
示例2:生成完整政策
bash
生成符合GDPR的隐私政策
compliance generate privacy-policy \
--company TechStartup Inc \
--region eu \
--industry saas \
--data-types pii,usage-analytics \
--output privacy-policy.md
输出:完整的符合GDPR的隐私政策
示例3:多区域风险评估
bash
评估欧盟扩张风险
cat > company.json <
{
name: US Company,
industry: saas,
regions: [us],
dataTypes: [pii, financial]
}
EOF
compliance assess \
--company-info company.json \
--standards gdpr,ccpa,soc2
🔧 故障排除
问题1:包未安装
错误:command not found: compliance
解决方案:
bash
npm install -g openclaw-global-compliance
问题2:配置文件缺失
错误:找不到配置文件
解决方案:
bash
创建默认配置
com
