📦 AI Compliance — AI合规检测

v1.1.0

一键扫描生成符合欧盟AI法案、ISO 42001、NIST AI RMF、GDPR、OECD及SEC/FCA/FINRA/DORA/MiFID II等金融法规的合规报告，自动识别风险差距并提供整改建议，助力企业快速通过多区域监管审计。

0· 252·0 当前·0 累计

by @opietaylor911 (OpieTaylor911)

安全数据分析文档工具云服务测试工具

下载技能包

最后更新

2026/3/13

安全扫描

VirusTotal

无害

查看报告

OpenClaw

安全

medium confidence

NULL

评估建议

This skill appears to be a coherent compliance toolkit (checklists, templates, and playbooks) and is likely useful for producing compliance outputs. Before using: 1) Review and remove or adapt any firm-specific examples (mentions of fi.com, webhook_events, or OpenClaw-specific paths/users) so you don't leak internal assumptions. 2) Do NOT execute any shell commands from remediation playbooks verbatim—verify they match your OS, user accounts, and security policies. 3) If you plan to have the agen...

详细分析 ▾

✓ 用途与能力

The name/description (AI compliance across EU AI Act, ISO 42001, NIST, GDPR, financial regs) matches the included templates and reference files. The files and templates present are consistent with producing checklists, assessments, gap analyses and playbooks — no unrelated credentials, binaries, or install steps are requested.

ℹ 指令范围

SKILL.md instructs the agent to load relevant reference files and to gather information from the user about the AI system/use case, then produce structured compliance outputs. A few playbooks (incident-response, remediation) reference pulling prompts or events from 'webhook_events' or DLP logs; the skill does not declare any config paths or require automatic access to such logs, so those references are contextual examples but could lead an agent to attempt log access if given broad runtime permissions.

✓ 安装机制

This is instruction-only (no install spec, no code files to execute). That is the lowest-risk install mechanism and consistent with the skill's purpose.

ℹ 凭证需求

The skill does not request environment variables or credentials. However, some reference files include operational commands and hard-coded operational guidance (e.g., storing secrets in /etc/openclaw/secrets.env and chown to user 'bcaddy', 'fi.com' telemetry references, and calls to webhook_events/DLP logs). Those are plausible for an in-house compliance runbook but are firm-specific and could be dangerous if copied verbatim into a different environment.

✓ 持久化与权限

always:false, no install, and no requested system configuration changes. The skill does not request persistent presence or elevated platform privileges.

安全有层次，运行前请审查代码。

运行时依赖

无特殊依赖

版本

latestv1.1.02026/3/13

NULL

● 无害

安装命令

点击复制

官方npx clawhub@latest install ai-compliance

镜像加速npx clawhub@latest install ai-compliance --registry https://cn.longxiaskill.com

数据来源：ClawHub ↗ · 中文优化：龙虾技能库