Plugin proposal: governance and compliance for regulated knowledge work #65
Description
Proposal: Governance & Compliance Plugin for Knowledge Workers
Summary
A plugin that brings governance awareness to knowledge work — policy checks before sharing sensitive documents, compliance audit trails for regulated workflows, and trust verification for cross-team collaboration.
Use Case
Knowledge workers in regulated industries (finance, healthcare, legal) need governance guardrails when using AI assistants:
- Document classification — Before sharing or summarizing a document, check if it contains PII, trade secrets, or classified information
- Compliance workflow — For regulated processes (SOX, HIPAA, GDPR), maintain an audit trail of every AI-assisted decision
- Cross-team trust — When collaborating across departments, verify information sharing policies
- Content policy enforcement — Ensure AI-generated content meets organizational standards (tone, accuracy, sourcing)
Proposed Plugin Structure
governance-compliance/
├── .claude-plugin/
│ └── plugin.json
├── commands/
│ ├── compliance-check.md # /compliance-check — verify document compliance
│ └── audit-report.md # /audit-report — generate compliance report
├── skills/
│ └── governance/
│ └── SKILL.md # Governance patterns for knowledge work
└── README.md
Skills Coverage
- Document Governance: Classification, sharing policies, retention rules
- Workflow Compliance: Audit trails, approval chains, regulatory checks
- Information Barriers: Cross-team sharing restrictions (e.g., Chinese walls in finance)
- AI Content Policy: Sourcing requirements, accuracy verification, tone guidelines
Context
We maintain Agent-OS governance framework. Related:
- anthropics/skills #412 — Governance skill
- anthropics/claude-plugins-official #415 — Governance plugin
- anthropics/claude-agent-sdk-python #587 — Governance hooks