ai-act-readiness
by alirezarezvaniai-act-readiness is a Compliance Review skill for EU AI Act intake, pre-deployment checks, conformity readiness, and annual refreshes. It uses /cs:ai-act-readiness <system> to walk through six article-linked questions on prohibited practices, high-risk status, roles, GPAI triggers, and phase-in dates.
This skill scores 68/100, which means it is acceptable for directory listing but should be presented as a lightweight compliance interrogation rather than a complete EU AI Act readiness toolkit. Directory users get a clear command, use cases, and a structured set of article-cited questions, but they should expect to supply their own legal validation, evidence collection process, and any referenced tooling.
- Clear trigger and timing: `/cs:ai-act-readiness <system>` is explicitly tied to AI-system intake, EU deployment, conformity assessment, annual refresh, and role changes.
- Provides a focused six-question EU AI Act interrogation rather than a generic compliance prompt, with article references and high-impact stop conditions such as Article 5 prohibited practices.
- The description and body are substantive, with no placeholder or experimental markers and enough structure for an agent to guide a readiness review.
- No support files, references, or install/readme metadata are present, so users must rely entirely on SKILL.md and verify legal details independently.
- The skill tells the agent to run `ai_system_risk_classifier.py`, but repository evidence shows no scripts, which creates an execution gap.
Overview of ai-act-readiness skill
What ai-act-readiness does
ai-act-readiness is a compliance review skill for pressure-testing an AI system against the EU AI Act before EU deployment, market placement, conformity assessment, or a scheduled compliance refresh. It is designed around the command /cs:ai-act-readiness <system> and uses a six-question interrogation format tied to major EU AI Act decision points, including prohibited practices, high-risk classification, provider/deployer role changes, conformity obligations, GPAI/systemic-risk triggers, and Article 113 phase-in dates.
Best fit for Compliance Review teams
The ai-act-readiness skill is most useful for legal, governance, product, security, and responsible AI reviewers who need a structured first-pass review before deeper counsel or formal conformity work. It fits intake reviews for new AI features, pre-launch EU checks, annual AI inventory refreshes, and material-change reviews where an organization may move from deployer to provider under substantial modification rules.
What makes it different from a generic prompt
A generic EU AI Act prompt often produces broad summaries. This skill is more operational: it forces the reviewer through article-linked questions and stops the workflow when a prohibited practice or major classification issue appears. Its value is not legal finality; it is reducing missed threshold questions early enough that teams can pause deployment, gather evidence, or escalate to counsel before signing off.
Adoption constraints to know first
The repository currently exposes the skill mainly through SKILL.md; there are no visible companion rules/, references/, resources/, or executable support files in the skill folder. Treat the embedded article references and workflow as a guided review checklist, not a complete legal knowledge base. For regulated deployments, pair outputs with current EU AI Act text, harmonized standards, internal policies, and qualified legal review.
How to Use ai-act-readiness skill
ai-act-readiness install and file review path
Install from the skill repository if your agent environment supports GitHub skill installation:
npx skills add alirezarezvani/claude-skills --skill ai-act-readiness
Then inspect the source before relying on it: compliance-os/skills/ai-act-readiness/SKILL.md is the key file. Because the skill folder is lightweight, reading SKILL.md is not optional; it tells you the exact command, intended timing, and six-question review sequence. Confirm your platform recognizes /cs:ai-act-readiness after installation.
Inputs the skill needs to work well
For useful ai-act-readiness usage, do not pass only a product name. Provide enough system facts to classify risk and identify obligations:
- system purpose and user-facing function
- target EU countries and users
- provider, deployer, importer, distributor, or downstream role
- whether it affects employment, education, credit, law enforcement, migration, biometrics, healthcare, safety, or essential services
- model type, training source, autonomy level, and human oversight
- deployment context, affected persons, and known failure modes
- planned launch date or refresh date
A weak prompt is: “Review our chatbot for EU AI Act.” A stronger prompt is: “Use /cs:ai-act-readiness for a customer-support AI assistant deployed to EU consumers by a SaaS provider, using a third-party LLM, no biometric processing, no automated legal decisions, logs retained for QA, launch planned September 2026. Identify prohibited-practice, high-risk, transparency, GPAI, and conformity concerns.”
Suggested workflow for a first review
Start with a concise system description, then ask the skill to answer each of the six questions separately with evidence gaps and escalation points. Run it during intake, again after architecture or use-case changes, and before EU market placement. If the system touches Annex III-like domains, ask for a high-risk rationale rather than a simple yes/no. If the organization’s role may shift because it modifies or rebrands another provider’s AI system, explicitly ask about Article 25-style provider implications.
Practical prompt pattern
Use this structure for better results:
/cs:ai-act-readiness <system description>. Return: 1) likely EU AI Act role, 2) Article 5 prohibited-practice screen, 3) high-risk analysis, 4) transparency and human-oversight obligations, 5) GPAI/systemic-risk triggers if relevant, 6) evidence missing, 7) go/no-go recommendation for compliance review.
This prompt turns a rough goal into an auditable intake note and makes gaps visible instead of hiding them in a polished summary.
ai-act-readiness skill FAQ
Is ai-act-readiness a legal opinion?
No. The ai-act-readiness skill is a structured compliance review aid, not legal advice. It helps teams identify EU AI Act questions that must be answered before deployment or conformity work. Use it to prepare counsel review, document assumptions, and avoid obvious intake misses.
When should I not use this skill?
Do not use it as the only approval mechanism for high-risk AI, prohibited-practice edge cases, biometric systems, law-enforcement uses, critical infrastructure, or employment and education decisions. Also avoid using it with vague system descriptions; the output will be only as reliable as the facts supplied.
How is it different from an AI risk classifier?
This skill is broader than a one-label classifier. It is intended to walk through a compliance reasoning path: prohibition screen, high-risk triggers, role and modification questions, EU deployment timing, and readiness for declaration or refresh. It can inform classification, but it should not replace formal risk management documentation.
Is ai-act-readiness beginner-friendly?
Yes for structured intake, but beginners should read the skill file first and keep the EU AI Act text nearby. The article references are helpful, yet the reviewer still needs domain facts and judgment. Beginners get best results by asking the skill to list assumptions and evidence gaps, not just conclusions.
How to Improve ai-act-readiness skill
Improve ai-act-readiness inputs before rerunning
Most weak outputs come from missing facts. Before rerunning ai-act-readiness, add the deployment country, user group, decision impact, human review process, model source, training or fine-tuning details, and whether the system is safety-related or embedded in a regulated product. These details directly affect prohibited-practice screening and high-risk analysis.
Ask for decision-grade outputs, not summaries
For Compliance Review, request a table with Question, Likely answer, Evidence, Uncertainty, Required follow-up, and Owner. This makes the result usable in an intake ticket or governance workflow. If the model gives a confident conclusion without evidence, ask it to separate legal interpretation from product facts.
Common failure modes to catch
Watch for overconfident “not high-risk” findings when the use case involves employment, education, credit, public benefits, law enforcement, migration, biometrics, or safety components. Also check whether the output ignores role changes: a deployer that substantially modifies a system may inherit provider-like obligations. Finally, verify dates because Article 113 phase-in timing affects which obligations are immediately relevant.
Iterating after the first output
After the first ai-act-readiness pass, turn each uncertainty into a follow-up prompt. Example: “You flagged possible high-risk status due to employment screening. Ask the minimum facts needed to decide whether Annex III applies.” Then rerun the skill with answers from product, legal, security, and model owners. The best use is iterative: classify, expose gaps, collect evidence, and only then produce a readiness recommendation.
