技能详情(站内镜像,无评论)
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.0
统计:⭐ 0 · 81 · 0 current installs · 0 all-time installs
⭐ 0
安装量(当前) 0
🛡 VirusTotal :良性 · OpenClaw :良性
Package:afrexai-cto/afrexai-compliance-readiness
安全扫描(ClawHub)
- VirusTotal :良性
- OpenClaw :良性
OpenClaw 评估
Instruction-only skill that asks for user-provided organizational inputs and produces a compliance-readiness report; its requests and behavior are coherent with its described purpose.
目的
The name/description (AI compliance readiness assessment) matches the SKILL.md: it requests domain, size, AI systems, jurisdictions, and governance details to score eight compliance dimensions. There are no unrelated requirements (no env vars, binaries, or install).
说明范围
Runtime instructions are limited to collecting user-provided inputs and generating a JSON report with scores and an action plan. The SKILL.md does not instruct the agent to read local files, access system credentials, call external endpoints, or exfiltrate data. It does include regulatory deadline references (check accuracy before relying on them).
安装机制
No install spec and no code files — the skill is instruction-only, so nothing is written to disk or downloaded during installation.
证书
The skill declares no environment variables, credentials, or config paths, which is proportional to an assessment/reporting utility that only uses user-provided inputs.
持久
always is false and the skill does not request persistent or elevated privileges. Autonomous invocation is allowed by default on the platform but is not combined with other concerning capabilities here.
综合结论
This skill is internally consistent and appears to do what it says, but before use: (1) do not paste secrets, PHI, or raw PII into the prompts—use redacted or synthetic examples when testing; (2) verify regulatory deadlines and jurisdictional applicability with legal/compliance experts (the SKILL.md includes specific dates you should confirm); (3) test the skill on non-sensitive data first to confirm output format and accuracy; and (4) if you …
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「Compliance Readiness」。简介:AI Compliance Readiness Assessment — evaluate how prepared an organization is f…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/afrexai-cto/afrexai-compliance-readiness/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
---
name: compliance-readiness
description: AI Compliance Readiness Assessment — evaluate how prepared an organization is for AI governance regulations (EU AI Act, NIST AI RMF, HHS mandates, state bar AI rules). Scores readiness across 8 dimensions and generates an action plan. Use when assessing AI compliance gaps, preparing for audits, or building a governance roadmap.
---
# AI Compliance Readiness Assessment
Evaluate organizational readiness for AI governance regulations and generate an actionable compliance roadmap.
## When to Use
- Assessing AI compliance posture before an audit
- Preparing for EU AI Act (Aug 2026), HHS AI mandates, NIST AI RMF
- Building a governance roadmap for AI deployments
- Evaluating risk exposure from current AI usage
## How to Use
When asked to assess AI compliance readiness, gather these inputs:
### Required Inputs
1. **Industry** (legal, healthcare, financial-services, insurance, construction, manufacturing, government, other)
2. **Company size** (employees or revenue range)
3. **AI systems in use** (list: chatbots, document review, fraud detection, hiring tools, customer service, analytics, other)
4. **Jurisdictions** (US-only, EU-exposed, both, global)
### Optional Inputs
- Current governance framework (if any)
- Upcoming audit dates
- Existing compliance certifications (SOC2, ISO 27001, HIPAA, etc.)
- Number of AI vendors/tools in use
## Assessment Framework
Score each dimension 1-5 (1=no controls, 5=mature):
### 8 Dimensions
1. **Risk Classification** — Have you categorized AI systems by risk level per EU AI Act / NIST?
2. **Documentation** — Technical docs, model cards, data lineage for each AI system?
3. **Human Oversight** — Defined human-in-the-loop processes for high-risk decisions?
4. **Bias & Fairness** — Regular bias audits, fairness metrics, disparate impact testing?
5. **Data Governance** — Training data provenance, consent, retention, and deletion policies?
6. **Incident Response** — AI-specific incident playbook, reporting procedures, rollback plans?
7. **Vendor Management** — AI vendor risk assessments, contractual AI governance requirements?
8. **Audit Trail** — Logging, explainability, decision traceability for AI-assisted outputs?
### Scoring
- **35-40**: Compliance-ready — minor gaps to address
- **25-34**: Partially prepared — significant work needed in specific areas
- **15-24**: High risk — major gaps across multiple dimensions
- **8-14**: Critical — immediate action required before any regulatory review
## Output Format
Generate a report with:
1. **Executive Summary** — Overall score, risk level, top 3 gaps
2. **Dimension Scores** — Table with score, evidence, and gap description per dimension
3. **Regulatory Exposure** — Which regulations apply and key deadlines:
- EU AI Act: Aug 2, 2026 (high-risk system requirements)
- HHS AI Transparency: April 3, 2026 (healthcare)
- NIST AI RMF: Ongoing (federal contractors + best practice)
- State bar AI rules: Varies (legal industry)