# ComplianceLint — EU AI Act Compliance Scanning # Add this file to your repo at .github/workflows/compliancelint.yml # # Required secrets: # ANTHROPIC_API_KEY — Your Anthropic API key (claude.ai) # COMPLIANCELINT_API_KEY — Your ComplianceLint dashboard API key (compliancelint.dev) name: ComplianceLint on: push: branches: [main, master] pull_request: branches: [main, master] permissions: contents: read jobs: compliance-scan: name: EU AI Act Compliance Scan runs-on: ubuntu-latest timeout-minutes: 15 steps: - name: Checkout code uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v5 with: python-version: "3.11" - name: Install ComplianceLint run: pip install compliancelint - name: Install Claude Code CLI run: npm install -g @anthropic-ai/claude-code - name: Configure MCP run: | mkdir -p ~/.claude cat > ~/.claude/mcp.json << 'MCPEOF' { "mcpServers": { "compliancelint": { "command": "python", "args": ["-m", "scanner.server"], "env": { "COMPLIANCELINT_API_KEY": "${{ secrets.COMPLIANCELINT_API_KEY }}" } } } } MCPEOF - name: Run compliance scan env: ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} run: | claude -p "Run a full EU AI Act compliance scan on this project: 1. Use cl_analyze_project() to understand the codebase 2. Use cl_scan_all() to scan against all 25 articles 3. Use cl_sync() to upload results to the dashboard 4. Report the final compliance summary If any article has status NON_COMPLIANT, exit with code 1. If all articles are COMPLIANT or PARTIALLY_COMPLIANT, exit with code 0." \ --output-format json > scan-results.json # Check for critical non-compliance if grep -q '"NON_COMPLIANT"' scan-results.json; then echo "::error::Critical non-compliance findings detected. Check the ComplianceLint dashboard for details." exit 1 fi - name: Upload scan results if: always() uses: actions/upload-artifact@v4 with: name: compliancelint-results path: scan-results.json retention-days: 90