Agent skills tagged compliance

Business

prognose-dokumentation-stichtag

Final self-documentation of the going-concern forecast at a specific reporting date. Covers baseline assumptions, plausibility checks, liquidity analysis, scenarios, remediation st…

claude-codecodexcursorgemini-clifinanceforecastcompliance

Security

audit-trail-protokoll

Maintains an immutable audit trail logging every review run, prompt change, reviewer sign-off, cache hit, and hash verification. Records timestamp, action, responsible party, cube …

claude-codecodexcursorgemini-clitype:audittype:reviewaudit-log

Research

Cross-Border UBO Chain Walker

Unmask the real person behind any company by walking ownership chains across 27 national government registries in one prompt. Each hop queries the registry live and returns the unm…

claude-codecodexcursorgemini-cliubobeneficial-ownershipregistries

Security

gcp-live-kms-key-destruction-guard

Gate Cloud KMS key version destruction and key ring deletion against a complete CMEK dependency audit. All Cloud SQL, GCS, BigQuery, Compute Engine disk, and Secret Manager resourc…

claude-codecodexcursorgemini-clicloud:gcptype:auditgcp

Business

berufsrecht-ki-vertragspruefung-kaltstart-interview

Captures client profession (lawyer, tax advisor, auditor, patent attorney, notary), provider, product, contract documents, data types, processing purpose, hosting country, and subc…

claude-codecodexcursorgemini-clilegalki-contractcompliance

General

ki-verordnung-compliance

Performs EU AI Act compliance checks covering scope, risk classification, prohibited practices, high-risk systems, transparency duties, GPAI models, conformity declarations, CE mar…

claude-codecodexcursorgemini-clieu-ai-actcompliancerisk-classification

Business

ce-kennzeichnung-routenplan

Plan CE marking systematically: identify applicable directives (Machinery, Low Voltage, EMC, RED, Medical Devices, Toys, PPE), select conformity assessment modules A–H, prepare tec…

claude-codecodexcursorgemini-clice markingcomplianceeu directives

Security

gdpr-valid-consent

Guide for implementing GDPR-valid consent under Article 7 conditions and Article 4(11) definition. Covers five core requirements: freely given, specific, informed, unambiguous, and…

claude-codecodexcursorgemini-clitype:auditgdprprivacy

Security

cyber-essentials-plus-expert

UK NCSC Cyber Essentials Plus (CE+) v3.3 expert. Reference-depth framework plugin with assessment, scope determination, and evidence checklist — backed by the SCF crosswalk. Five c…

claude-codecodexcursorgemini-clicyber-essentialsncsccompliance

Security

fraud-detection

Analyze fraud detection systems including rule engines, ML scoring models, real-time transaction monitoring, alert triage workflows, false positive management, SAR/CTR regulatory r…

claude-codecodexcursorgemini-clifraudmlpayments

Security

gcp-live-iam-policy-change-guard

Gate IAM binding mutations, org policy changes, and Service Account key creation against the GCP resource hierarchy. IAM bindings at org level propagate to all folders and projects…

claude-codecodexcursorgemini-clicloud:gcptype:auditgcp

AI / ML

bedrock-automated-reasoning

Amazon Bedrock Automated Reasoning performs mathematical verification of AI outputs against formal policy rules, reaching up to 99% accuracy. Ideal for validating healthcare protoc…

claude-codecodexcursorgemini-cliaws-bedrockreasoningcompliance

Business

fz-koordinierung-zwei-foerderwege

Coordinates research tax credits with other funding streams to avoid double-funding the same costs while allowing combinations across program boundaries such as ZIM, IGF, Horizon E…

claude-codecodexcursorgemini-cliresearch-tax-creditfundingagvo

Security

avv-eu-us-data-privacy-framework-bezug

Handles EU-US Data Privacy Framework (DPF) provisions in data processing agreements. Covers EU Commission adequacy decision of 10.07.2023, self-certification requirements, listing …

claude-codecodexcursorgemini-cligdprprivacydata-transfer

Security

guardiao

Reviews code security, architecture, incidents, and third-party dependencies to identify real vulnerabilities, exploitable weaknesses, supply-chain risk, and safe mitigations. Use …

claude-codecodexcursorgemini-clitype:audittype:reviewsecurity

Business

gesellschafts-compliance

Initialises and maintains a compliance-tracker.yaml from the company table, calculates filing deadlines by legal entity and jurisdiction, and reports obligations due in the next 30…

claude-codecodexcursorgemini-clitype:auditcompliancegerman-law

Data

excel-accessibility

Excel workbook accessibility specialist. Use when scanning, reviewing, or remediating .xlsx files for accessibility. Covers sheet names, table headers, alt text, merged cells, colo…

claude-codecodexcursorgemini-clitype:reviewtype:scannerexcel

Business

legal-review-contract

Review contracts against an organization's negotiation playbook — flag deviations, generate redlines, and provide business impact analysis. Use for supplier or customer agreements,…

claude-codecodexcursorgemini-clitype:reviewlegalcontracts

Business

cta-contractual-trust-arrangement-strukturierung

CTA Contractual Trust Arrangement: Doppeltreuhand Sicherungs- und Verwaltungstreuhand Bilanzentlastung nach HGB-Paragraph-246-Abs-2-S-2 und IAS-19 plan asset BAG, Urt. v. 22.09.202…

claude-codecodexcursorgemini-clilang:rustlegalfinance

Security

ki-rote-linien-art-5-pruefen

Screens for prohibited AI practices under Article 5 of the EU AI Act: subliminal influence, vulnerability exploitation, social scoring, real-time biometric identification in public…

claude-codecodexcursorgemini-cliai-actprohibitedcompliance

Security

sanktions-compliance-pruefung

Screening checklist for EU, OFAC, UK-HMT, and UN sanctions covering Russia, Belarus, Iran, North Korea, Syria, Venezuela, Cuba, listed persons and entities, asset freezes, embargoe…

claude-codecodexcursorgemini-clisanctionscomplianceofac

Security

nis2

Advises on EU NIS2 Directive (2022/2555) compliance for essential and important entities, including entity classification, Article 21 risk management, Article 23 incident reporting…

claude-codecodexcursorgemini-clinis2eucompliance

Documentation

akteneinsicht-wbo-wdo

Reviews prerequisites, required documents, risks, and exceptions for file access under military complaint and disciplinary procedures. References Soldatengesetz, Wehrbeschwerdeordn…

claude-codecodexcursorgemini-clilegalmilitary-lawcompliance

Business

entity-compliance

Track corporate entity records for Turkish companies including MERSİS, trade registry, activity certificates, signature circulars, decision books, share ledgers, VERBİS, tax/SGK fi…

claude-codecodexcursorgemini-clicomplianceturkeycorporate

Business

underwriting-analysis

Evaluates insurance underwriting systems for risk accuracy, pricing adequacy, and portfolio exposure. Reviews predictive models (GLM, GBM), rating algorithms, loss ratios, guidelin…

claude-codecodexcursorgemini-clitype:integrationinsuranceunderwriting

Business

geschaeftsfuehrer-haftung-43-gmbhg

Provides a review framework for managing director liability under § 43 GmbHG in conjunction with § 93 AktG. Covers the standard of care of a prudent businessman, Business Judgement…

claude-codecodexcursorgemini-cligerman-lawliabilitygmbh

Business

gesellschafterversammlung-einberufen

Prepares notice for an extraordinary shareholders' meeting with agenda item on capital increase against contribution in kind (convertible loan conversion), including notice periods…

claude-codecodexcursorgemini-cligerman-lawgmbhshareholder-meeting

Security

avv-grenzpruefung-datenschutz

Defines the interface between data protection law and professional rules. Checks whether an Art. 28 GDPR processing agreement exists and clarifies that AVV review does not replace …

claude-codecodexcursorgemini-cligdprprivacylegal

Security

ki-hochrisiko-anhang-iii-pruefen

Evaluates high-risk AI systems under Annex III of the EU AI Act including biometrics, critical infrastructure, education, employment, service access, law enforcement, migration, ju…

claude-codecodexcursorgemini-cliai-acthigh-riskcompliance

Security

dpa-review

Review data processing agreements, DPAs, or supplier/customer addenda containing personal data transfers for compliance with Turkish KVKK, checking controller/processor roles, secu…

claude-codecodexcursorgemini-clitype:reviewkvkkdpa

Security

cloud-act-und-drittstaat-pruefen

Checks foreign nexus of AI providers per relevant service provider regulations (BRAO, StBerG, WPO, PAO, BNotO). EU/EEA treated as equivalent; third countries require comparable pro…

claude-codecodexcursorgemini-clicompliancedata-protectioneu-law

Business

pruefer-uebergabe-paket

Assembles the complete auditor package after a Würfel run: Excel cube export, PDF report, evidence chain CSV, audit trail excerpt, prompt versions, consistency report, risk aggrega…

claude-codecodexcursorgemini-clitype:auditauditcompliance

Business

ki-act-produktintegration

Integrates AI Act requirements into products: high-risk classification per Annex III, CE marking conformity assessment, and alignment with Machinery and Medical Device Regulations.…

claude-codecodexcursorgemini-clitype:integrationai-actcompliance

Design

dsa-dark-patterns-anti-design

Review and eliminate dark patterns prohibited under DSA Article 25 including misleading cookie banners, confirmshaming, roach motels, and bait-and-switch tactics. Deliver code and …

claude-codecodexcursorgemini-clitype:reviewdsadark-patterns

Web

hubspot-agency-multi-portal

Manage 10-100 HubSpot portals for agency clients with credential isolation, per-portal audit trails for billing and compliance, and bulk onboarding workflows. Use for onboarding ne…

claude-codecodexcursorgemini-clitool:hubspottype:audithubspot

Research

hochrisiko-genauigkeit-robustheit-cybersicherheit-art-15

Minimum standards for accuracy, robustness, and cybersecurity of high-risk AI under Article 15 of the EU AI Act: performance metrics, error tolerance, resilience against attacks, d…

claude-codecodexcursorgemini-clieu-ai-actcybersecurityrobustness

Security

aussenwirtschaft-ofac-sdn-non-sdn

Guides intake, legal framework review, documentation assessment, risk flagging, record-keeping, approval, and follow-up steps for US sanctions lists including SDN, Non-SDN, and Fif…

claude-codecodexcursorgemini-cliofacsanctionssdn

Security

checking-owasp-compliance

Automatically identify potential security vulnerabilities based on the OWASP Top 10 (2021) list. Provides detailed analysis of compliance gaps and remediation guidance. Use when au…

claude-codecodexcursorgemini-clitype:auditowaspcompliance

Business

goldplating-vermeiden

Checklist to detect gold-plating when transposing EU directives into national law. Identifies minimum requirements, flags any stricter national provisions, and distinguishes intent…

claude-codecodexcursorgemini-clieu-lawcompliancepolicy

Research

hochrisiko-art-6-abs-2-anhang-iii

Decision tree for high-risk AI classification under Article 6(2) and Annex III of the EU AI Act: covers all eight Annex III domains including biometric identification, critical inf…

claude-codecodexcursorgemini-clieu-ai-acthigh-riskclassification

Research

liegt-ki-system-vor-art-3-nr-1

Core skill that determines whether an AI system exists under Art. 3 No. 1 AI Act. Assesses machine-based systems with autonomy that generate outputs such as predictions, content, r…

claude-codecodexcursorgemini-clilegalai-acteu

Research

verbotene-praktiken-art-5

Decision tree covering all eight prohibited practices under Art. 5 AI Act: subliminal techniques, vulnerability exploitation, social scoring, predictive policing, untargeted scrapi…

claude-codecodexcursorgemini-cliai-actcompliancedecision-tree

Business

cisg-pruefen

Prueft die Anwendbarkeit und das Eingreifen des UN-Kaufrechts (CISG): sachlicher, persoenlicher, raeumlicher und zeitlicher Anwendungsbereich, Artikel 1-6, Ausschluss, wesentliche …

claude-codecodexcursorgemini-clicisglawcontracts

Business

trusted-flagger-beschwerdemanagement-dsa

Trusted Flagger Beschwerdemanagement DSA: prüft die einschlägigen Voraussetzungen, Dokumente, Risiken und Ausnahmen. Norm-/Quellenanker: BGB §§ 312 ff., 355 und 327 ff., 434 ff.; E…

claude-codecodexcursorgemini-clidsacompliancelegal

Business

globalzession-verlaengerte-eigentumsvorbehalte-prioritaetskonfli

Globalzession verlängerte Eigentumsvorbehalte Prioritätskonflikt: prüft die einschlägigen Voraussetzungen, Dokumente, Risiken und Ausnahmen. Norm-/Quellenanker: KWG § 1 Abs. 1a Sat…

claude-codecodexcursorgemini-clilegalgerman-lawkwg

Business

hochrisiko-menschliche-aufsicht-art-14

Human oversight requirements for high-risk AI under Article 14 of the EU AI Act: understanding system capabilities, monitoring duties, stop-button mechanisms, anti-blinding safegua…

claude-codecodexcursorgemini-clieu-ai-acthuman-oversighthigh-risk-ai

Engineering

hv-review

Staff-engineer review of a feature branch before merge or PR — reads commits, diff, referenced item IDs, and matching knowledge topics; checks intent match, convention compliance, …

claude-codecodexcursorgemini-clitype:reviewreviewpr

Business

steckersolar-wallbox-barrierefreiheit

Spezialworkflow für privilegierte Maßnahmen nach § 20 Abs. 2 WEG (Stand 05/2026): Steckersolargerät, Wallbox/E-Mobilität, barrierefreier Umbau, Einbruchsschutz, Glasfaseranschluss.…

claude-codecodexcursorgemini-clilegalgermanyweg

Business

bk-mifid-suitability-spezial

Detailed handling of MiFID II suitability and appropriateness assessments, including investor profiling, objectives, risk tolerance, loss-bearing capacity, Robo-Advisor obligations…

claude-codecodexcursorgemini-clilegalfinancemifid

Business

bevollmaechtigter-und-produkthersteller-pflichten-art-22-und-25

Pflichten des Bevollmaechtigten nach Art. 22 KI-VO und des Produktherstellers nach Art. 25 KI-VO: Bevollmaechtigter as EU-Vertreter fuer Drittstaaten-Anbieter schriftliches Mandat.…

claude-codecodexcursorgemini-clitype:integrationki-voeu-law

Business

dsa-art-34-systemische-risikobewertung

Conduct annual systemic risk assessments under DSA Article 34 for VLOP/VLOSE platforms. Document risks across illegal content, fundamental rights, civic discourse, and minor protec…

claude-codecodexcursorgemini-clitype:auditdsarisk-assessment

Business

dsa-krisenreaktionsmechanismus-art-36

Activate crisis response mechanisms under DSA Article 36 when triggered by the EU Commission. Define VLOP obligations for risk reassessment, mitigation measures, reporting, and max…

claude-codecodexcursorgemini-clidsacrisis-responsevlop

Business

lease-compliance

Audit commercial lease compliance systems including CAM reconciliation accuracy, lease abstraction completeness, critical date tracking, clause compliance monitoring, tenant obliga…

claude-codecodexcursorgemini-clitype:audittype:reviewlease

Business

do-versicherung-manager-haftung

D&O insurance checklist for manager liability in insolvency. Covers insurer-insured-policyholder relationships, claims-made triggers, §15a/§15b InsO duties, defense against insolve…

claude-codecodexcursorgemini-cliinsurancecompliancelegal

Security

fraud-indikatoren-scheinforderungen-retouren-gutschriften

Fraud-Indikatoren Scheinforderungen Retouren Gutschriften: prüft die einschlägigen Voraussetzungen, Dokumente, Risiken und Ausnahmen. Norm-/Quellenanker: KWG § 1 Abs. 1a Satz 2 Nr.…

claude-codecodexcursorgemini-clifraudgerman-lawfactoring

Research

hochrisiko-aufzeichnungspflichten-logging-art-12

Logging obligations for high-risk AI systems under Article 12 of the EU AI Act: automatic event recording, minimum log contents, retention periods, and responsibilities for provide…

claude-codecodexcursorgemini-clieu-ai-actloggingcompliance

Documentation

mdto-archivering

Builds archiving systems compliant with MDTO metadata standards, the 2021 Archives Act, Archival Decree, and DUTO requirements. Provides guidance on metadata schemas, retention sch…

claude-codecodexcursorgemini-cliarchivingmetadatacompliance

Security

trust-center

Generate a public-facing security trust page from scan data. Produces a single deployable index.html that shows compliance framework scores, security policies, infrastructure overv…

claude-codecodexcursorgemini-clicloud:netlifycloud:vercellang:rust

Business

verarbeitungsverzeichnis-vvt-generator

Generates a register of processing activities (VVT) per Art. 30 GDPR with separate content requirements for controllers and processors. Extracts data from AVV records and DSFA, man…

claude-codecodexcursorgemini-clitype:generatorgdprart-30

Documentation

output-konformitaetsbescheinigung-evidence-pack

Produces a print-ready EU AI Act compliance package: internal conformity attestation, EU declaration of conformity per Art. 47/Annex V, Art. 43 assessment evidence, CE/EU database/…

claude-codecodexcursorgemini-clieu-ai-actcomplianceconformity