{ "schemaVersion": "1.0", "item": { "slug": "afrexai-data-governance", "name": "Data Governance Framework", "source": "tencent", "type": "skill", "category": "其他", "sourceUrl": "https://clawhub.ai/1kalin/afrexai-data-governance", "canonicalUrl": "https://clawhub.ai/1kalin/afrexai-data-governance", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/afrexai-data-governance", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=afrexai-data-governance", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "README.md", "SKILL.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/afrexai-data-governance" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/afrexai-data-governance", "agentPageUrl": "https://openagent3.xyz/skills/afrexai-data-governance/agent", "manifestUrl": "https://openagent3.xyz/skills/afrexai-data-governance/agent.json", "briefUrl": "https://openagent3.xyz/skills/afrexai-data-governance/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Data Governance Framework", "body": "Assess, score, and remediate your organization's data governance posture across 6 domains." }, { "title": "What This Covers", "body": "Data Quality — Completeness, accuracy, consistency, timeliness scoring\nData Cataloging — Asset inventory, lineage tracking, metadata management\nAccess Control — Role-based permissions, least privilege, data classification (public/internal/confidential/restricted)\nCompliance Mapping — GDPR, CCPA, SOX, HIPAA, PCI-DSS, industry-specific regulations\nRetention & Lifecycle — Retention policies, archival schedules, deletion procedures, legal hold\nAI/Agent Data Governance — Training data provenance, model input/output logging, bias detection, PII handling in agent workflows" }, { "title": "How to Use", "body": "When asked to assess data governance:\n\nAsk which domains are priority (or assess all 6)\nFor each domain, evaluate 8 controls on a 0-3 scale:\n\n0 = Not implemented\n1 = Ad hoc / informal\n2 = Documented and partially enforced\n3 = Automated and continuously monitored\n\n\nCalculate domain score (sum / 24 × 100)\nCalculate overall governance score (average of domains)\nGenerate remediation roadmap prioritized by risk" }, { "title": "Scoring Interpretation", "body": "ScoreRatingAction0-25%CriticalImmediate remediation — regulatory risk26-50%Developing90-day improvement plan required51-75%ManagedOptimize and automate weak areas76-100%OptimizedMaintain and benchmark against peers" }, { "title": "Domain 1: Data Quality Controls", "body": "Data profiling automation (duplicate detection, format validation)\nQuality dashboards with SLA thresholds\nRoot cause analysis for quality failures\nStewardship program (assigned data owners per domain)\nQuality gates in data pipelines (reject bad data at ingestion)\nBusiness rule validation (domain-specific logic checks)\nCross-system reconciliation (source vs target matching)\nQuality trend tracking (month-over-month improvement metrics)" }, { "title": "Domain 2: Data Cataloging Controls", "body": "Automated asset discovery (databases, APIs, files, SaaS)\nBusiness glossary with agreed definitions\nData lineage tracking (source → transformation → consumption)\nSearch and discovery interface for business users\nMetadata enrichment (tags, classifications, sensitivity labels)\nCatalog coverage tracking (% of assets documented)\nUsage analytics (who accesses what, how often)\nIntegration with BI/analytics tools (catalog-aware queries)" }, { "title": "Domain 3: Access Control", "body": "Role-based access control (RBAC) with regular review\nData classification enforcement (labels drive permissions)\nLeast privilege principle (minimal default access)\nAccess request and approval workflows\nPrivileged access management (admin accounts monitored)\nAccess certification (quarterly re-certification of permissions)\nAnomaly detection (unusual access patterns flagged)\nDe-provisioning automation (access removed on role change/exit)" }, { "title": "Domain 4: Compliance Mapping", "body": "Regulation inventory (which laws apply, by geography and industry)\nControl-to-regulation mapping (which controls satisfy which requirements)\nData processing records (Article 30 GDPR / equivalent)\nConsent management (capture, storage, withdrawal tracking)\nData subject rights automation (access, deletion, portability)\nCross-border transfer compliance (SCCs, adequacy decisions)\nBreach notification procedures (72-hour GDPR, state-specific)\nRegular compliance audits (internal + third-party)" }, { "title": "Domain 5: Retention & Lifecycle", "body": "Retention schedule by data type (contractual, regulatory, operational)\nAutomated archival pipelines (hot → warm → cold → delete)\nLegal hold management (litigation preservation)\nDeletion verification (confirmed purge with audit trail)\nStorage cost optimization (tiered storage aligned to access patterns)\nBackup and recovery testing (regular restore drills)\nData minimization enforcement (collect only what is needed)\nEnd-of-life procedures for decommissioned systems" }, { "title": "Domain 6: AI/Agent Data Governance", "body": "Training data provenance tracking (source, consent, bias review)\nModel input/output logging (what went in, what came out)\nPII detection and masking in agent workflows\nHallucination monitoring (output accuracy validation)\nAgent decision audit trail (explainability for automated decisions)\nData feedback loops (human review of agent data modifications)\nVendor data sharing agreements (what third-party APIs see your data)\nSynthetic data policies (when and how to use generated data)" }, { "title": "Cost of Poor Governance", "body": "RiskAverage CostPrevention CostGDPR fine$4.3M (average 2025)$45K-$120K/yearData breach$4.88M (IBM 2025)$60K-$200K/yearFailed audit$150K-$500K remediation$30K-$80K/yearBad data decisions15-25% revenue impact$20K-$60K/yearAI bias incident$2M-$50M (litigation + brand)$25K-$75K/year" }, { "title": "Remediation Priority Matrix", "body": "Always fix in this order:\n\nCompliance gaps — regulatory fines are existential\nAccess control — breaches destroy trust overnight\nAI governance — fastest-growing risk category\nData quality — garbage in = garbage out at scale\nCataloging — you cannot govern what you cannot find\nRetention — storage costs compound, legal risk accumulates" }, { "title": "Industry Benchmarks (2026)", "body": "IndustryAvg Governance ScoreTop QuartileRegulatory PressureFinancial Services68%85%+Extreme (SOX, PCI, GDPR)Healthcare62%80%+High (HIPAA, FDA, state)SaaS/Tech55%78%+Growing (SOC 2, GDPR, CCPA)Manufacturing45%70%+Moderate (ITAR, ISO)Retail/Ecommerce48%72%+Growing (PCI, CCPA, GDPR)" }, { "title": "Next Steps", "body": "Need a complete data governance implementation tailored to your industry?\n\nCalculate your AI revenue leak\nIndustry context packs — $47 each\nAgent setup wizard" } ], "body": "Data Governance Framework\n\nAssess, score, and remediate your organization's data governance posture across 6 domains.\n\nWhat This Covers\nData Quality — Completeness, accuracy, consistency, timeliness scoring\nData Cataloging — Asset inventory, lineage tracking, metadata management\nAccess Control — Role-based permissions, least privilege, data classification (public/internal/confidential/restricted)\nCompliance Mapping — GDPR, CCPA, SOX, HIPAA, PCI-DSS, industry-specific regulations\nRetention & Lifecycle — Retention policies, archival schedules, deletion procedures, legal hold\nAI/Agent Data Governance — Training data provenance, model input/output logging, bias detection, PII handling in agent workflows\nHow to Use\n\nWhen asked to assess data governance:\n\nAsk which domains are priority (or assess all 6)\nFor each domain, evaluate 8 controls on a 0-3 scale:\n0 = Not implemented\n1 = Ad hoc / informal\n2 = Documented and partially enforced\n3 = Automated and continuously monitored\nCalculate domain score (sum / 24 × 100)\nCalculate overall governance score (average of domains)\nGenerate remediation roadmap prioritized by risk\nScoring Interpretation\nScore\tRating\tAction\n0-25%\tCritical\tImmediate remediation — regulatory risk\n26-50%\tDeveloping\t90-day improvement plan required\n51-75%\tManaged\tOptimize and automate weak areas\n76-100%\tOptimized\tMaintain and benchmark against peers\nDomain 1: Data Quality Controls\nData profiling automation (duplicate detection, format validation)\nQuality dashboards with SLA thresholds\nRoot cause analysis for quality failures\nStewardship program (assigned data owners per domain)\nQuality gates in data pipelines (reject bad data at ingestion)\nBusiness rule validation (domain-specific logic checks)\nCross-system reconciliation (source vs target matching)\nQuality trend tracking (month-over-month improvement metrics)\nDomain 2: Data Cataloging Controls\nAutomated asset discovery (databases, APIs, files, SaaS)\nBusiness glossary with agreed definitions\nData lineage tracking (source → transformation → consumption)\nSearch and discovery interface for business users\nMetadata enrichment (tags, classifications, sensitivity labels)\nCatalog coverage tracking (% of assets documented)\nUsage analytics (who accesses what, how often)\nIntegration with BI/analytics tools (catalog-aware queries)\nDomain 3: Access Control\nRole-based access control (RBAC) with regular review\nData classification enforcement (labels drive permissions)\nLeast privilege principle (minimal default access)\nAccess request and approval workflows\nPrivileged access management (admin accounts monitored)\nAccess certification (quarterly re-certification of permissions)\nAnomaly detection (unusual access patterns flagged)\nDe-provisioning automation (access removed on role change/exit)\nDomain 4: Compliance Mapping\nRegulation inventory (which laws apply, by geography and industry)\nControl-to-regulation mapping (which controls satisfy which requirements)\nData processing records (Article 30 GDPR / equivalent)\nConsent management (capture, storage, withdrawal tracking)\nData subject rights automation (access, deletion, portability)\nCross-border transfer compliance (SCCs, adequacy decisions)\nBreach notification procedures (72-hour GDPR, state-specific)\nRegular compliance audits (internal + third-party)\nDomain 5: Retention & Lifecycle\nRetention schedule by data type (contractual, regulatory, operational)\nAutomated archival pipelines (hot → warm → cold → delete)\nLegal hold management (litigation preservation)\nDeletion verification (confirmed purge with audit trail)\nStorage cost optimization (tiered storage aligned to access patterns)\nBackup and recovery testing (regular restore drills)\nData minimization enforcement (collect only what is needed)\nEnd-of-life procedures for decommissioned systems\nDomain 6: AI/Agent Data Governance\nTraining data provenance tracking (source, consent, bias review)\nModel input/output logging (what went in, what came out)\nPII detection and masking in agent workflows\nHallucination monitoring (output accuracy validation)\nAgent decision audit trail (explainability for automated decisions)\nData feedback loops (human review of agent data modifications)\nVendor data sharing agreements (what third-party APIs see your data)\nSynthetic data policies (when and how to use generated data)\nCost of Poor Governance\nRisk\tAverage Cost\tPrevention Cost\nGDPR fine\t$4.3M (average 2025)\t$45K-$120K/year\nData breach\t$4.88M (IBM 2025)\t$60K-$200K/year\nFailed audit\t$150K-$500K remediation\t$30K-$80K/year\nBad data decisions\t15-25% revenue impact\t$20K-$60K/year\nAI bias incident\t$2M-$50M (litigation + brand)\t$25K-$75K/year\nRemediation Priority Matrix\n\nAlways fix in this order:\n\nCompliance gaps — regulatory fines are existential\nAccess control — breaches destroy trust overnight\nAI governance — fastest-growing risk category\nData quality — garbage in = garbage out at scale\nCataloging — you cannot govern what you cannot find\nRetention — storage costs compound, legal risk accumulates\nIndustry Benchmarks (2026)\nIndustry\tAvg Governance Score\tTop Quartile\tRegulatory Pressure\nFinancial Services\t68%\t85%+\tExtreme (SOX, PCI, GDPR)\nHealthcare\t62%\t80%+\tHigh (HIPAA, FDA, state)\nSaaS/Tech\t55%\t78%+\tGrowing (SOC 2, GDPR, CCPA)\nManufacturing\t45%\t70%+\tModerate (ITAR, ISO)\nRetail/Ecommerce\t48%\t72%+\tGrowing (PCI, CCPA, GDPR)\nNext Steps\n\nNeed a complete data governance implementation tailored to your industry?\n\nCalculate your AI revenue leak\nIndustry context packs — $47 each\nAgent setup wizard" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/1kalin/afrexai-data-governance", "publisherUrl": "https://clawhub.ai/1kalin/afrexai-data-governance", "owner": "1kalin", "version": "1.0.0", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/afrexai-data-governance", "downloadUrl": "https://openagent3.xyz/downloads/afrexai-data-governance", "agentUrl": "https://openagent3.xyz/skills/afrexai-data-governance/agent", "manifestUrl": "https://openagent3.xyz/skills/afrexai-data-governance/agent.json", "briefUrl": "https://openagent3.xyz/skills/afrexai-data-governance/agent.md" } }