compliance-pages
Scan the codebase, then generate the privacy policy, terms, support, and contact pages it actually needs — plus a cookie banner that gates your real trackers.
$ /plugin marketplace add Mavens-Tech-Lab/skills$ /plugin install compliance-pages@mavens-skills$ npx skills add Mavens-Tech-Lab/skills --skill compliance-pagesWhat it does
It reads your codebase first — trackers, forms, auth, payments, cookies, email infrastructure — and only then writes the compliance pages: Privacy Policy, Terms of Use, Support, Contact, and a cookie consent banner that gates exactly the scripts it found. Every claim in the generated pages is traceable to something in your code; every unknown becomes a loud, greppable [[FILL: …]] placeholder instead of an invented fact.
It also knows when to stop — and when not to. A static site with no analytics gets a one-page privacy notice and short-form terms — not a 13-section GDPR/CCPA treatise, and no consent banner with nothing to manage. But when the triggers fire, it covers the pages most generators forget: an accessibility statement for EU/EAA audiences, and refund & shipping policies when it detects you take payments — card networks require a visible refund policy, and EU distance-selling adds withdrawal rights.
When to use it
Before a launch, when the “boring pages” are the last thing between you and shipping. When you inherit a site whose privacy policy claims “no analytics” while gtag.js sits in the layout. Or when you need tracking scripts gated behind consent that actually blocks them from firing — not a banner that pops up after the pixels already loaded.
What you get
- A codebase scan report (
compliance-scan.md) listing every tracker, form field, processor, and cookie your site actually uses. - One short round of questions informed by the scan — entity name, audience, governing law — with defaults you can wave through.
- Compliance pages in your stack’s conventions — Next.js, React Router / Remix, Nuxt, SvelteKit, Astro, SSGs like Hugo or Eleventy, server-template stacks like Laravel, Django, or Rails, plain HTML, or paste-ready files for CMS-hosted sites — styled to match the site.
- A consent banner that really gates: scripts converted to consent-gated loading, Google Consent Mode v2 where GTM is involved, equal-prominence Accept/Reject — plus a runtime network check that nothing fires pre-consent, when browser tooling is available.
- The conditional extras when warranted: accessibility statement (EU/EAA), refund & shipping policies (e-commerce),
security.txt— each traceable to a trigger, never padding. - An honest closing report: every file written, every remaining
[[FILL]], everything deliberately omitted with the reason, and the checklist of things code can’t do for you.
Need this wired into your stack?
Mavens Tech Lab builds, deploys, and maintains custom agent skills — the skill, plus a team that acts on it.
