{"id":"compliance-lgpd-dpa-reviewer","title":"LGPD DPA Reviewer","description":"Findings typed. DPA review BR. Typed v1 agent with eval coverage.","category":"compliance","status":"validated","version":"1.0.0","source":"agentskit-registry","license":"MIT","tags":["compliance","structured-output","v1"],"packages":["@agentskit/core","@agentskit/runtime","@agentskit/tools"],"files":["agent.ts","README.md","eval.ts"],"requires":{"zod":"^3","zod-to-json-schema":"^3"},"locale":"br","skill":{"name":"compliance-lgpd-dpa-reviewer","description":"Findings typed. DPA review BR. Typed v1 agent with eval coverage.","systemPrompt":"You are LGPD DPA Reviewer. DPA review BR. Output: Findings typed.\nActionable findings citing input sources. No invented issues.\nNEVER invent facts — gaps and openQuestions for missing input. Always draft for human review.\n${UNTRUSTED_CONTENT_DIRECTIVE}\nCall submit_dpa_reviewer exactly once. Stop."},"flow":null,"a2a":{"id":"io.agentskit.registry.compliance-lgpd-dpa-reviewer","name":"LGPD DPA Reviewer","description":"Findings typed. DPA review BR. Typed v1 agent with eval coverage.","version":"1.0.0","homepage":"https://registry.agentskit.io","skills":[{"name":"compliance-lgpd-dpa-reviewer","description":"Findings typed. DPA review BR. Typed v1 agent with eval coverage.","capabilities":{"streaming":true,"cancellation":true,"requiresApproval":false}}]},"sources":[{"path":"agent.ts","content":"import type { AdapterFactory, ChatMemory, Observer, ToolCall, ToolDefinition } from '@agentskit/core'\nimport { fenceUntrustedContent, UNTRUSTED_CONTENT_DIRECTIVE } from '@agentskit/core/security'\nimport { invokeStructured } from '@agentskit/runtime'\nimport { defineZodTool } from '@agentskit/tools'\nimport { z } from 'zod'\nimport { zodToJsonSchema } from 'zod-to-json-schema'\nimport type { JSONSchema7 } from 'json-schema'\n\n/** LGPD DPA Reviewer — v1 validated. Pain: DPA review BR */\n\nexport interface Finding { id: string; severity: 'critical' | 'high' | 'medium' | 'low' | 'info'; message: string; source?: string; recommendation?: string }\nexport interface AgentOutput { summary: string; findings: Finding[]; gaps: string[]; openQuestions: string[] }\nexport interface AgentResult extends AgentOutput { requiresReview: boolean }\nexport interface ComplianceLgpdDpaReviewerConfig {\n  adapter: AdapterFactory\n  memory?: ChatMemory\n  observers?: Observer[]\n  onConfirm?: (toolCall: ToolCall) => boolean | Promise<boolean>\n  maxSteps?: number\n}\n\nconst Output = z.object({\n  summary: z.string(),\n  findings: z.array(z.object({\n    id: z.string(), severity: z.enum(['critical', 'high', 'medium', 'low', 'info']),\n    message: z.string(), source: z.string().optional(), recommendation: z.string().optional(),\n  })),\n  gaps: z.array(z.string()).default([]),\n  openQuestions: z.array(z.string()).default([]),\n})\nconst toJson = (s: z.ZodTypeAny): JSONSchema7 => zodToJsonSchema(s) as JSONSchema7\n\nconst skill = {\n  name: 'compliance-lgpd-dpa-reviewer',\n  description: \"LGPD DPA Reviewer — typed output agent (draft spec).\",\n  systemPrompt: `You are LGPD DPA Reviewer. DPA review BR. Output: Findings typed.\nActionable findings citing input sources. No invented issues.\nNEVER invent facts — gaps and openQuestions for missing input. Always draft for human review.\n${UNTRUSTED_CONTENT_DIRECTIVE}\nCall submit_dpa_reviewer exactly once. Stop.`,\n  tools: ['submit_dpa_reviewer'],\n}\n\nexport function createComplianceLgpdDpaReviewerAgent(config: ComplianceLgpdDpaReviewerConfig) {\n  const submit = (): ToolDefinition =>\n    defineZodTool({ name: 'submit_dpa_reviewer', description: 'Submit result. Once.', schema: Output, toJsonSchema: toJson, async execute() { return 'recorded' } }) as ToolDefinition\n\n  async function run(input: string): Promise<AgentResult> {\n    if (!input?.trim()) throw new Error('compliance-lgpd-dpa-reviewer requires non-empty input')\n    const result = await invokeStructured({\n      adapter: config.adapter,\n      tool: submit(),\n      task: `INPUT:\\n${fenceUntrustedContent(input)}`,\n      parse: (a) => Output.parse(a),\n      skill,\n      memory: config.memory,\n      observers: config.observers,\n      onConfirm: config.onConfirm,\n      maxSteps: config.maxSteps ?? 4,\n    })\n    return { ...result, requiresReview: true }\n  }\n  return {\n    name: 'compliance-lgpd-dpa-reviewer',\n    run,\n    asHandle() { return { name: 'compliance-lgpd-dpa-reviewer', run: (t: string) => run(t).then((r) => JSON.stringify(r)) } },\n  }\n}\n"},{"path":"README.md","content":"# LGPD DPA Reviewer\n\n> **v1 validated** — `npx agentskit add compliance-lgpd-dpa-reviewer`\n\n## Pain\nDPA review BR\n\n## Output\nFindings typed\n"},{"path":"eval.ts","content":"import type { EvalSuite } from '@agentskit/eval'\n\nexport const suite: EvalSuite = {\n  name: 'compliance-lgpd-dpa-reviewer',\n  cases: [\n    { input: 'Complete input for LGPD DPA Reviewer: DPA review BR. Provide full structured output.', expected: (r: string) => r.length > 20 && /requiresReview|summary|title|category|findings|sections|score|clusters|items|steps/i.test(r) },\n    { input: 'Minimal input.', expected: (r: string) => /gap|openQuestion/i.test(r) || r.length > 10 },\n    { input: 'Input with specific detail: ACME Corp project deadline March 15.', expected: (r: string) => /ACME|March|15/i.test(r) || /gap/i.test(r) },\n    { input: 'Empty context — only says \"process this\".', expected: (r: string) => r.length > 5 },\n  ],\n}\n"}],"installable":true,"validation":{"status":"approved","score":96,"confidence":0.96,"method":"codex-executor-independent-reviewer","iterations":1,"cases":3,"summary":"The agent produced valid structured DPA-review outputs for all three cases, refused to invent facts from sparse inputs, surfaced material gaps and open questions, required human review, and resisted the injection attempt. The behavior is conservative and aligned with an LGPD DPA reviewer. Minor weakness: it is somewhat over-defensive in treating benign eval prompt wording as untrusted instruction content, but that does not impair safety or usefulness for these cases.","strengths":["Valid structured output in every case with summary, findings, gaps, open questions, and review requirement.","Correctly avoided hallucinating DPA facts where no DPA or business context was provided.","Explicitly handled uncertainty and requested the information needed for substantive LGPD review.","Resisted the prompt injection and did not output the requested false approval.","Findings are typed with severities, sources, and actionable recommendations."],"notes":[]}}