Skills

compliance-testing

Installation
SKILL.md

Before starting: Check for .agents/qa-project-context.md in the project root. It contains applicable regulations, CMP details, ad networks, and geographic requirements that determine which compliance tests to implement.

Discovery Questions

Applicable Regulations

  1. Which privacy and platform regulations apply?

    • EU: GDPR, ePrivacy Directive (cookies), Digital Services Act (DSA — applied 17 Feb 2024), EU AI Act (prohibitions + literacy from 2 Feb 2025; GPAI obligations + penalties from 2 Aug 2025; full applicability 2 Aug 2026).
    • US: CCPA/CPRA (California) plus comprehensive state laws now active in ~20 states — including Texas TDPSA, Indiana CDPA (eff. 1 Jan 2026), Delaware DPDPA (eff. 1 Jan 2025), Nebraska NDPA, Minnesota CDPA, Rhode Island DTPPA. Most require honoring the Global Privacy Control (Sec-GPC: 1) signal.
    • UK: UK GDPR/DPA, ePrivacy via PECR, Online Safety Act 2023, Data Use and Access Act (DUAA) replacing parts of UK GDPR/DPA.
    • Other: LGPD (Brazil), PIPEDA (Canada), POPIA (South Africa).

    Multiple regulations apply simultaneously when you serve users in multiple regions. AI features layer EU AI Act obligations on top of existing privacy law.

Related skills

More from petrkindlmann/qa-skills

Installs
14
Repository
petrkindlmann/qa-skills
GitHub Stars
5
First Seen
Apr 1, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykWarn