Claude AI Governance Legal Plugin
Run Anthropic's AI governance legal plugin: 10 skills covering EU AI Act inventory + use case triage + AIA generation + vendor AI review + reg gap analysis + AI policy. Built for the August 2 2026 deadline. AIGOV credential.
Anthropic shipped an AI governance counsel plugin on May 12, 2026 — and it’s built for the August 2 2026 EU AI Act deadline
The AI governance legal plugin covers in-house AI governance counsel workflows: AI inventory tracking (per-system role + risk tier), use case triage (approved / conditional / never), AI impact assessments (AIAs) in house format, vendor AI agreement review, and regulation gap analysis. Built around a builder/deployer/both classification learned during cold-start.
The plugin reads your seed documents: your AI policy or acceptable use policy URL, one prior impact assessment (your house style reference), and key vendor AI agreements. From these, it captures your firm’s: builder/deployer role, applicable regulations (EU AI Act, CO AI Act, NIST AI RMF, federal AI executive orders), use case red lines, AI policy positions, vendor AI standards. Subsequent skills apply this calibration automatically — use-case-triage classifies new requests; aia-generation produces house-format AIAs; vendor-ai-review compares vendor terms to your positions; reg-gap-analysis identifies remediation when new AI regulations emerge.
This course walks the 10 skills: cold-start-interview, ai-inventory, use-case-triage, aia-generation, vendor-ai-review, reg-gap-analysis, policy-monitor, policy-starter, matter-workspace, customize. You’ll learn the EU AI Act risk-tier framework (unacceptable / high / limited / minimal), the provider/deployer/importer/distributor role classification, AIA structure (intake → analysis → mitigation → consistency check), vendor AI position categories (training data attribution, model fine-tuning rights, opt-out for training, indemnification for IP), and the policy-starter that produces first-draft AI policies sourced from ABA, NIST, EU AI Act, and peer policies.
You’ll come out with a CLAUDE.md profile at ~/.claude/plugins/config/claude-for-legal/ai-governance-legal/CLAUDE.md, a sample AIA in your house format, a sample vendor-AI-review output, and a credential (AIGOV-XXXXXX) documenting the work. The plugin costs nothing beyond your Claude Pro subscription. The operating discipline this course teaches is the difference between AI governance counsel that scrambles per use case and AI governance counsel that runs structured, regulator-defensible workflows ready for August 2 2026.
What You'll Learn
- Install and cold-start the AI governance legal plugin: builder/deployer/both classification + seed documents + use case red lines
- Run `ai-inventory` for EU AI Act per-system tracking (role + risk tier per system)
- Operate `use-case-triage` for new use case classification (approved / conditional / never)
- Run `aia-generation` to produce AI impact assessments in your house format
- Apply `vendor-ai-review` for AI-specific contract review against governance positions
After This Course, You Can
What You'll Build
Course Syllabus
Prerequisites
- Active AI governance counsel, privacy counsel doing AI work, or product counsel with AI components
- Recommended: existing AI policy or acceptable use policy to seed the plugin
- Claude Cowork or Claude Code installed; ability to install plugins from the Anthropic marketplace
Who Is This For?
- AI governance counsel (in-house + outside)
- Privacy counsel handling AI-related impact assessments
- Product counsel with AI components in launches
- Procurement counsel reviewing vendor AI contracts
- GC overseeing AI policy + board-level issues
- Compliance officers tracking AI regulations across jurisdictions
Frequently Asked Questions
What is the August 2 2026 EU AI Act deadline?
August 2 2026 is the deadline for compliance with key EU AI Act provisions for high-risk AI systems. General provisions came into effect August 1 2024; high-risk obligations (Art. 8-15) and most provider/deployer obligations take effect August 2 2026. Firms with EU operations or selling AI to EU customers must be compliant. The ai-governance-legal plugin helps you assess scope, build inventory, classify use cases, and produce AIAs — all required documentation for compliance.
How is this different from privacy-legal's reg-gap-analysis?
Privacy-legal's reg-gap-analysis is generic to privacy regulations (GDPR, CCPA, etc.). AI governance plugin focuses specifically on AI regulations (EU AI Act, state AI laws like CO AI Act, federal AI executive orders). Different reg landscape, different policy positions, different risk-tier framework. Pair them: this for AI regs; that for privacy.
Builder vs Deployer — why does the classification matter so much?
Under EU AI Act, providers (builders) and deployers have different obligations: providers do risk management + technical docs + testing + conformity assessment; deployers do AIA + monitoring + transparency + human oversight. Classification drives every subsequent skill's output — your obligations differ entirely. Most firms are 'both' (build some, deploy others) — captured during cold-start.
Does the plugin handle non-EU AI regulations (US state laws, NIST, etc.)?
Yes. cold-start captures which regulators apply to your firm. Plugin handles: EU AI Act (most comprehensive), CO AI Act (Colorado, effective Feb 2026), NYC bias audit law, federal AI executive orders, NIST AI RMF, ABA opinions on attorney AI use. Many firms are subject to multiple frameworks; plugin tracks all.
How does this work with other practice-area plugins?
AI governance pairs with: Privacy-Legal (data/consent intersection), Product-Legal (launch with AI component), Commercial-Legal (vendor AI agreements), Regulatory-Legal (AI reg monitoring). Many firms run AI governance + privacy + product as the 'AI plugin triangle' for comprehensive coverage.
