Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues 24 Pull Requests Actions 2 Packages Projects Releases Wiki Activity

feat: ZeroClaw compliance agent — document analysis + role assignment + email

Browse Source 
Add autonomous compliance agent that fetches web documents (cookie banners,
privacy policies), classifies them via Qwen/Ollama, assesses DSGVO compliance,
assigns to the responsible role, and sends notification emails.

Components:
- ZeroClaw SOP (6-step workflow: fetch, classify, assess, summarize, assign, notify)
- Backend: /api/compliance/agent/analyze (combined endpoint)
- Backend: /api/compliance/agent/notify (standalone email)
- Frontend: /sdk/agent page (Manager UI with URL input + results)
- Helper scripts + E2E test

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
2026-04-27 23:27:25 +02:00
parent f528b8e7a9
commit 0c0dd4e3a6
16 changed files with 1095 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

98
zeroclaw/sops/compliance-analyst/SOP.md Normal file
View File

@@ -0,0 +1,98 @@
## Context
Du bist ein Compliance-Analyst-Agent. Du analysierst Web-Dokumente (Cookie-Banner, Datenschutzerklaerungen) auf DSGVO-Konformitaet mithilfe des BreakPilot Compliance SDK.
### Endpunkte
- **Compliance SDK:** http://localhost:8093
- **Backend:** http://localhost:8002
- **Mailpit SMTP:** localhost:1025
- **Mailpit Web:** http://localhost:8025
### Authentifizierung
Alle SDK-Anfragen benoetigen diese Header:
- `X-Tenant-ID: 9282a473-5c95-4b3a-bf78-0ecc0ec71d3e`
- `X-User-ID: 00000000-0000-0000-0000-000000000001`
## Steps
### 1. Fetch Document
Hole die Ziel-URL und extrahiere den Text:
```bash
curl -sL "$URL" | sed 's/<style[^>]*>.*<\/style>//g; s/<script[^>]*>.*<\/script>//g; s/<[^>]*>//g; s/&nbsp;/ /g; s/&amp;/\&/g; s/ */ /g' | head -c 4000
```
Speichere das Ergebnis als `$DOCUMENT_TEXT`.
### 2. Classify Document
Sende den Text an das SDK zur Klassifizierung:
```bash
curl -s -X POST http://localhost:8093/sdk/v1/llm/chat \
-H "Content-Type: application/json" \
-H "X-Tenant-ID: 9282a473-5c95-4b3a-bf78-0ecc0ec71d3e" \
-H "X-User-ID: 00000000-0000-0000-0000-000000000001" \
-d '{
"messages": [
{"role": "system", "content": "Klassifiziere das folgende Dokument in GENAU EINE Kategorie: privacy_policy, cookie_banner, terms_of_service, imprint, dpa, other. Antworte NUR mit dem Kategorienamen."},
{"role": "user", "content": "'"$DOCUMENT_TEXT"'"}
]
}'
```
### 3. Analyze Compliance
Fuehre eine UCCA-Bewertung durch:
```bash
curl -s -X POST http://localhost:8093/sdk/v1/ucca/assess \
-H "Content-Type: application/json" \
-H "X-Tenant-ID: 9282a473-5c95-4b3a-bf78-0ecc0ec71d3e" \
-H "X-User-ID: 00000000-0000-0000-0000-000000000001" \
-d '{
"use_case_text": "'"$DOCUMENT_TEXT"'",
"domain": "'"$CLASSIFICATION"'",
"data_categories": ["personal_data", "tracking", "cookies", "third_party_sharing"]
}'
```
Notiere: `risk_score`, `risk_level`, `escalation_level`, `triggered_rules`, `required_controls`.
### 4. Prepare Summary
Erstelle einen Manager-Report auf Deutsch mit:
- **Dokumenttyp:** (aus Schritt 2)
- **Quelle:** (URL)
- **Risikobewertung:** (risk_level + risk_score aus Schritt 3)
- **Wesentliche Findings:** (triggered_rules zusammengefasst)
- **Erforderliche Massnahmen:** (required_controls zusammengefasst)
- **Empfehlung:** (Handlungsempfehlung basierend auf escalation_level)
### 5. Determine Responsible Role
Basierend auf dem `escalation_level` aus Schritt 3:
- **E0** → Kein Handlungsbedarf, automatische Compliance
- **E1** → Teamleitung Datenschutz
- **E2** → Datenschutzbeauftragter (DSB)
- **E3** → DSB + Rechtsabteilung (gemeinsame Entscheidung)
### 6. Send Notification Email
Sende eine Benachrichtigung an die zustaendige Rolle:
```bash
curl -s -X POST http://localhost:8002/api/compliance/agent/notify \
-H "Content-Type: application/json" \
-d '{
"recipient": "dsb@breakpilot.local",
"subject": "Compliance-Finding: '"$CLASSIFICATION"' — '"$URL"'",
"body_html": "'"$MANAGER_SUMMARY_HTML"'",
"role": "'"$RESPONSIBLE_ROLE"'"
}'
```
Pruefe das Ergebnis in Mailpit: http://localhost:8025

15
zeroclaw/sops/compliance-analyst/SOP.toml Normal file
View File

@@ -0,0 +1,15 @@
[sop]
name = "compliance-analyst"
description = "Fetch a web document (cookie banner, privacy policy), analyze for DSGVO compliance via BreakPilot SDK, assign to responsible role, notify via email"
version = "1.0.0"
priority = "normal"
execution_mode = "supervised"
max_concurrent = 1
cooldown_secs = 60
[[triggers]]
type = "manual"
[[triggers]]
type = "webhook"
path = "/sop/compliance-analyst"