EU AI Act per-system inventory — track each AI system's role (provider, deployer, importer, distributor, authorized representative, product manufacturer) and risk tier (prohibited, high-risk, limited, minimal, GPAI, GPAI+systemic). Role and tier are assessed per system, not per company. Use when the user says "ai inventory", "add an ai system", "what systems do we have", "classify this ai system", "eu ai act register", or "ai system registry".
Copy the install command and let the AI configure it · recommended for beginners
Please install the "ai-inventory" skill from askskill: 1. Download https://raw.githubusercontent.com/anthropics/claude-for-legal/main/ai-governance-legal/skills/ai-inventory/SKILL.md 2. Save it as ~/.claude/skills/ai-inventory/SKILL.md 3. Reload skills and tell me it's ready
The user wants to manage their AI system inventory under the EU AI Act. The core idea the skill exists to enforce: role and tier are per-system, not per-company. A single organization can be a provider of System A, a deployer of System B, and an importer of System C. Each combination triggers a different set of obligations under the AI Act. The inventory exists so those assessments are tracked where you can find them — the obligations themselves are derived in conversation, not from a table.
Read the config. Read
~/.claude/plugins/config/claude-for-legal/ai-governance-legal/CLAUDE.md.
If it doesn't exist or still has [PLACEHOLDER] markers, direct the user
to /ai-governance-legal:cold-start-interview first.
Read the inventory. Inventory lives at
~/.claude/plugins/config/claude-for-legal/ai-governance-legal/ai-systems.yaml.
If it doesn't exist, create it with an empty systems: list when the
first add runs.
Dispatch on the argument:
list → show the inventory table (see List below).add → run the Add flow.edit <id> → show the current record, ask what to change, update one
field, confirm, write.classify <id> → run the Classification walk-through on an
existing record, updating role, tier, role_basis, and tier_basis.show <id> → show the full record.On list, offer the dashboard: "Want the full dashboard? Filter by status / tier / EU nexus / owner. Say the word."
Close every action with a hook into the lawyer's work. After any write, say:
Recorded. When you're ready to walk through obligations for this system, just ask — I'll do it in-conversation and flag where the AI Act article mapping needs your verification. I don't derive obligations from a table because the mapping is complex and changing.
Render as a compact table:
| ID | Name | Owner | Status | EU nexus | Role | Tier | Next review |
|---|---|---|---|---|---|---|---|
| sys-001 | Resume screening | HR / Jamie | in_production | yes | deployer | high_risk | 2026-08-01 |
| sys-002 | Email drafting assistant | IT / Priya | in_production | no | deployer | limited | 2026-12-01 |
Under the table, show counts by tier and a line: "N systems flagged for review within 30 days."
Ask, one field at a time (or accept a paste). The required fields are
name, owner, description, status, eu_nexus. The rest can be
deferred — say so explicitly: "you can come back to classification with
/ai-governance-legal:ai-inventory classify <id>."
planned | in_development | in_production | deprecated.Assign an ID: sys-NNN where NNN is the next integer in the file.
The walk-through produces role, role_basis, tier, tier_basis. Both
bases are tagged [verify against current AI Act text] — not because the
skill is hedging, but because the article mapping is complex and the AI
Act is still phasing in. The lawyer owns verification.
Who does what to this system?
Options, with the distinguishing test:
…
Review and approve (or reject) pending playbook update proposals from the playbook-monitor agent and apply approved changes to the practice profile. Use when the playbook-monitor agent has surfaced proposals, when the user says "review playbook proposals", "what playbook updates are pending", or wants to step through deviation-driven playbook changes.
Reference: review of SaaS subscription agreements with attention to the terms that matter most in subscription deals — auto-renewal mechanics, price escalation, data portability, uptime SLAs, and subprocessor rights. Loaded by /commercial-legal:review when a SaaS or subscription agreement is detected.
Drafts board or committee meeting minutes in your house format. Auto-detects upcoming board and committee meetings from your calendar, asks for the agenda and any slides or pre-read materials, and produces a complete draft in the format learned from your seed minutes. Also handles written consents in lieu of meetings. Trigger: "board minutes", "draft minutes", "upcoming board meeting", "committee minutes", "written consent", or calendar detection of an upcoming board or committee event.
Aggregate diligence findings into a deal team briefing at the right altitude for the audience — exec summary for leadership, working summary for the team. Use when user says "brief the deal team", "what's the state of diligence", "summarize findings for [audience]", "deal update", or on the briefing cadence.
Entity compliance tracker — initialize, report upcoming deadlines, update status, run health audit, export to CSV. Maintains a compliance-tracker.yaml built from the entity table, calculates filing deadlines by entity and jurisdiction, and surfaces what's due in the next 30/60/90 days. Use when user says "entity compliance", "filing deadlines", "annual reports due", "entity tracker", "what filings are due", "entity health", or "good standing".
Trace how a contract has changed across its base agreement and all amendments — either a summary of all changes over time, or a provision trace for a specific clause. Use when the user says "what changed in this contract over time", "show me the amendment history", "where's the latest [clause]", "how has [provision] evolved", or uploads multiple versions of an agreement.