Use this skill when the user wants an AI governance, legal-risk, privacy, compliance, procurement, or vendor-risk review of an internal AI use case, an AI product feature, an LLM workflow, or a third-party AI vendor. The skill asks intake and clarifying questions first when facts or evidence are missing, identifies required documentation and missing evidence, maps the use case to AI governance frameworks and applicable legal domains, and produces a preliminary or final governance review with scorecards, findings, owners, remediation actions, and follow-up questions.
Analyse systématique d'un Data Processing Agreement (DPA) au regard de l'article 28 RGPD, des lignes directrices EDPB 07/2020 et 02/2024, des CCT 2021 (décision d'exécution 2021/914), des recommandations EDPB 01/2020 (mesures supplémentaires post-Schrems II), et du Règlement (UE) 2024/1689 (Règlement IA). Produit un rapport structuré clause par clause (18 clauses : 13 obligatoires + 5 complémentaires) avec diagnostic 🟢/🟡/🔴, remédiations prêtes à insérer, analyse détaillée des transferts internationaux, vérification Règlement IA, et questions à poser au fournisseur. Triggers : "analyse de DPA", "audit DPA", "vérifier un DPA", "DPA fournisseur", "data processing agreement", "art. 28 RGPD", "sous-traitant RGPD", "négociation DPA", "review DPA", "conformité contrat sous-traitance".
Audit de conformité RGPD complet d'un site internet. Réalise une observation systématique du site selon une checklist de 10 sections (mentions légales, hébergeur, formulaires, newsletter, politique de confidentialité, cookies et bandeau, mots de passe, trackers et mesure d'audience, sous-traitants et transferts hors UE, accessibilité du recueil des droits) plus une annexe 22 items reproduisant les exigences des articles 13 et 14 RGPD. Produit un rapport structuré avec niveau de conformité global, points bloquants (risque 3), points de vigilance (risque 2), recommandations prioritaires et notes techniques. Le skill est tool-agnostique : il fonctionne avec un outil de navigation automatique (Claude in Chrome, Cowork ou équivalent) ou en mode dégradé copier-coller. Triggers : "audit RGPD site", "audit site internet", "vérifie ce site", "scanne ce site", "audit conformité site", "audite la conformité de [URL]", "audit cookies site", "audit politique de confidentialité site".
Audits a website for compliance with Azerbaijan's Law on Personal Data No. 998-IIIQ and, where applicable, EU GDPR plus ePrivacy/cookie consent rules. Inventories the privacy documents present (privacy policy, cookie policy, cookie banner, consent flow, controller and DPO contact, data subject rights channel, cross-border transfer disclosures, AZ operator-registration references) and scores each against the applicable statutory requirements. Produces a dual-layer report: a plain-language traffic-light summary for business owners plus a clause-by-clause findings table with article-level citations for lawyers. Assessment-only — no drafting. Use whenever the user shares a URL or privacy/cookie policy text for an AZ-based or AZ-targeted site; also when the user mentions an .az domain, Law 998, the AZ State Register, ePrivacy, an Art. 27 EU representative, or asks "is my site GDPR compliant", "do I need to register as an operator in Azerbaijan", or "is our cookie banner lawful" — even without the word "audit".
Orientação completa sobre conformidade com regulamentações do Banco Central do Brasil: Resolução CMN nº 4.893/2021 (Política de Segurança Cibernética), Resolução BCB nº 85/2021 (GRSIC), Open Finance Brasil (Resoluções BCB nº 32/2020 e atualizações), e demais normas prudenciais do BACEN. Cobre elaboração e revisão de Política de Segurança Cibernética, Plano de Ação e Resposta a Incidentes (PARI), Gestão de Riscos de Serviços de Informação e Comunicação (GRSIC), consentimento e compartilhamento de dados no Open Finance, requisitos de API, gestão de terceiros (outsourcing) e sanções do BACEN. Triggers: Bacen, Banco Central, CMN 4.893, Resolução 4.893, segurança cibernética bancária, PARI, GRSIC, Open Finance, Open Banking, compartilhamento de dados financeiros, consentimento Open Finance, API financeira, outsourcing bancário, risco cibernético, incidente cibernético banco, LGPD financeira, fintech compliance, instituição financeira, DICT, Pix segurança.
When your bar comes asking "show me how you billed AI-assisted work" — and ABA 512, Florida 24-1, California, New York, and DC all have opinions out — you need an artifact that survives review. billable-time produces it. From your Claude Code session logs, it drafts reviewable time entries plus a printable HTML audit packet with: SHA-256 chain of evidence (source files + matter.yml + active disclosure pack + verifiable artifact self-hash), attorney identity and signature block, a bar-opinion disclosure pack with starter language for five jurisdictions, and content-aware deterministic narratives derived from filename and tool shape — never from prompt text by default. The tool refuses to bill on its own. --strict mode refuses to ship the artifact if any audit invariant fails (broad routes, missing attorney, missing/unverified disclosure). Comes as a Node CLI and a self-contained browser version (no backend; JSONL never leaves the page). 15 invariant tests verify the contract. AGPL-3.0.
Operational billing execution for legal matters. Monthly bill prep and billing instructions, LC invoice review and disbursement treatment, client billing query responses, cashflow modelling (LC payment obligations vs client receipts), and leverage and burn analysis (staffing mix, predicted total cost, margin trajectory). Trigger on: 'prepare the bill', 'billing instruction', 'end of month billing', 'LC invoice', 'local counsel invoice', 'pass through as disbursement', 'client querying the invoice', 'billing dispute', 'cashflow gap', 'when will we get paid', 'LC payment due', 'leverage analysis', 'staffing mix', 'predicted total cost', 'burn rate by grade', 'are we on track', 'what will this matter cost'.
Matter budgeting and ongoing WIP/variance monitoring. Build phase-based fee estimates at matter setup, run bottom-up budgets by jurisdiction or workstream, calculate contingency, and structure AFA arrangements (fixed fee, capped fee, phased fixed fees). Ongoing monitoring: WIP tracking against budget, proportionality assessment (spend vs progress), variance commentary with root cause analysis, forecast-to-complete, realisation monitoring, write-off analysis. Trigger on: 'build a budget', 'fee estimate', 'what will this cost', 'WIP review', 'budget vs actual', 'how are we tracking against budget', 'we're over budget', 'realisation is poor', 'what's our ETC', 'budget for the German workstream', 'model the financial impact of this scope change', 'draft a fee adjustment', 'write-off analysis', 'how much contingency', 'AFA structure', 'fixed fee estimate', 'budget update', 'forecast to complete'.