LIVE · v1.5 STABLE
BUILD 2026.05.27
70 REFERENCE FILES
AGPL-3.0 · 8 EVAL CASES · 78 ASSERTIONS

EVERY
ANSWER
with CITATIONS
ATTACHED.

Authoritative regulatory Q&A on Regulation (EU) 2024/1689, the EU AI Act. Grounded in 70 structured reference files across 15 subdirectories — full regulation text + recitals, Commission guidelines, EDPB/EDPS opinions, codes of practice, harmonised standards, FRIA guides, and incident templates. Every answer cites article, paragraph, and recital.

REGULATION 2024/1689   ·   ART. 5 PROHIBITED   ·   ART. 6 HIGH-RISK   ·   ART. 27 FRIA   ·   ART. 51–56 GPAI   ·   ART. 99 PENALTIES   ·   ANNEX III   ·   EDPB OPINION 28/2024   ·   GPAI CODE OF PRACTICE   ·   JTC 21 STANDARDS   ·   AI OFFICE   ·   ENISA   ·   DIGITAL OMNIBUS   ·   REGULATION 2024/1689   ·   ART. 5 PROHIBITED   ·   ART. 6 HIGH-RISK   ·   ART. 27 FRIA   ·   ART. 51–56 GPAI   ·   ART. 99 PENALTIES   ·   ANNEX III   ·   EDPB OPINION 28/2024   ·   GPAI CODE OF PRACTICE   ·   JTC 21 STANDARDS   ·   AI OFFICE   ·   ENISA   ·   DIGITAL OMNIBUS
§ 01 · CAPABILITIES

SIX PRIMITIVES.
One SKILL.

Each capability is documented separately, tested separately, and called by the workflow at the right moment. Compose them or invoke individually.

01
ARTICLE-LEVEL Q&A
Direct answers grounded in the full regulation text — preamble plus all 13 Titles. Quotes operative text, then states the legal basis.
02
TOPIC ROUTER
Maps the question to the right files across 15 subdirectories. Most answers read the primary source, the article text, and an interpreting guideline or opinion.
03
CITATION DISCIPLINE
Every answer cites Art. X(y), recital, or guideline section verbatim. No hallucinated provisions — if it is not in the references, the skill says so.
04
SOURCE HIERARCHY
Regulation text > delegated acts > Commission guidelines > codes of practice > EDPB opinions > sector guidance. Higher authority prevails on conflict.
05
DECISION TREES
Walks Tree A (is this an AI system?), Tree B (high-risk under Art. 6), and Tree C (provider vs. deployer) from core/decision-trees.md.
06
GERMAN-NATIVE
Every reference file carries a German title. For DE users, first reference includes it: Art. 9 (Risikomanagementsystem), Art. 5 (Verbotene Praktiken).
§ 02 · WORKFLOW

FROM INPUT
to ARTEFACT.

Ten structured steps. The human stays accountable; the skill carries the structure, the citations, and the document trail.

01
Show disclaimer
Non-blocking notice at session start: structured AI Act information grounded in official EU sources, not legal advice.
02
Classify the question
Article lookup, concept, obligation mapping, classification, cross-framework, timeline, penalty, national, incident, or sector-specific.
03
Route via Topic Router
Map the question type to its reference subdirectory. For unlisted topics, Glob the references/ tree by keyword.
04
Read reference files
Read 2–3 files: the primary source, the regulation article text, and any interpreting guideline or opinion.
05
Check recitals
Consult core/regulation-preamble-recitals.md for interpretive context on ambiguous provisions.
06
Synthesize with citations
Lead with the direct answer, then the legal basis. Quote operative text using the per-source citation format.
07
Flag uncertainty
Where guidance is in preparation (Watch List) or the regulation is ambiguous, say so and cite the relevant recital.
08
Note the Digital Omnibus
When discussing affected provisions, flag both current law and proposed Omnibus changes — including postponed high-risk dates.
09
Search the web if needed
References cover official sources through March 2026. Search for later events, enforcement, or non-official analysis.
10
Hand off to a workflow skill
When the user needs a structured assessment, recommend ai-act-classifier, -roles, -obligations, -report, or -quick.
§ 03 · ANATOMY

WHAT'S
IN the SKILL.

Single-folder skill. SKILL.md is the runtime spec; references hold the knowledge corpus; evals hold the proof.

ai-act-knowledge/
├── evals  # Test cases + assertions
│   └── evals.json  # 8 cases, 78 assertions
├── references  # Reference corpus
│   ├── codes-of-practice
│   │   ├── README.md  # Deployment guide
│   │   ├── gpai-code-detailed.md
│   │   ├── gpai-code-ec-overview.md
│   │   ├── gpai-code-final.md
│   │   ├── transparency-code-draft-1.md
│   │   ├── transparency-code-draft-2.md
│   │   └── transparency-code-overview.md
│   ├── commission-guidelines
│   │   ├── art-6-classification-annex-i-2026.md
│   │   ├── art-6-classification-annex-iii-2026.md
│   │   └── art-6-classification-general-principles-2026.md
│   ├── compliance-guides
│   │   ├── README.md  # Deployment guide
│   │   ├── ai-literacy-repository.md
│   │   ├── copyright-tdm-consultation.md
│   │   ├── modifying-ai-classification.md
│   │   ├── small-businesses-guide.md
│   │   └── whistleblowing-ai-act.md
│   ├── core
│   │   ├── README.md  # Deployment guide
│   │   ├── annex-iii-high-risk.md
│   │   ├── decision-trees.md
│   │   ├── high-level-summary.md
│   │   ├── regulation-preamble-recitals.md
│   │   ├── regulation-title-I-general.md
│   │   ├── regulation-title-II-prohibited.md
│   │   ├── regulation-title-III-high-risk.md
│   │   ├── regulation-title-IV-transparency.md
│   │   ├── regulation-title-V-gpai.md
│   │   ├── regulation-title-VI-X-governance.md
│   │   └── regulation-title-XI-XIII-final.md
│   ├── cybersecurity
│   │   ├── README.md  # Deployment guide
│   │   ├── enisa-advisory-opinion.md
│   │   ├── enisa-ai-cybersecurity.md
│   │   └── enisa-cybersecurity-standardisation.md
│   ├── fria
│   │   ├── README.md  # Deployment guide
│   │   ├── article-27-fria.md
│   │   ├── ecnl-fria-guide.md
│   │   └── fria-guide-danish-institute.md
│   ├── governance
│   │   ├── README.md  # Deployment guide
│   │   ├── ai-office-faq.md
│   │   ├── ai-pact.md
│   │   ├── ec-qa-navigating-ai-act.md
│   │   ├── governance-enforcement.md
│   │   ├── implementation-next-steps.md
│   │   ├── implementation-timeline.md
│   │   └── whistleblower-tool.md
│   ├── guidelines
│   │   ├── README.md  # Deployment guide
│   │   ├── ai-system-definition.md
│   │   ├── digital-omnibus.md
│   │   ├── ec-regulatory-framework.md
│   │   ├── gpai-obligations-scope.md
│   │   ├── guidelines-roadmap.md
│   │   ├── prohibited-practices-full.md
│   │   └── prohibited-practices-web.md
│   ├── impact-assessments
│   │   ├── README.md  # Deployment guide
│   │   ├── healthcare-study-2026.md
│   │   ├── impact-assessment-original.md
│   │   └── supporting-study.md
│   ├── law-enforcement
│   │   ├── README.md  # Deployment guide
│   │   ├── europol-ai-policing.md
│   │   └── gpai-guidelines-overview.md
│   ├── national
│   │   ├── README.md  # Deployment guide
│   │   ├── german-ai-bill.md
│   │   ├── national-implementation-plans.md
│   │   ├── national-resources-service-desk.md
│   │   └── regulatory-sandboxes.md
│   ├── opinions
│   │   ├── README.md  # Deployment guide
│   │   ├── edpb-edps-joint-opinion-2021.md
│   │   ├── edpb-edps-joint-opinion-2026.md
│   │   └── edpb-opinion-28-2024.md
│   ├── sector-specific
│   │   ├── README.md  # Deployment guide
│   │   ├── banking-ai-implications.md
│   │   ├── medical-devices-ai.md
│   │   └── staffing-businesses-ai.md
│   ├── standards
│   │   ├── README.md  # Deployment guide
│   │   ├── article-40-harmonised-standards.md
│   │   ├── harmonised-standards-map.md
│   │   ├── pren-18286.md
│   │   ├── standardisation-overview.md
│   │   ├── standardisation-qa.md
│   │   └── standardisation-request-c2025-3871.md
│   └── templates
│       ├── README.md  # Deployment guide
│       ├── draft-guidance-art73-high-risk.md
│       ├── gpai-submitting-documents.md
│       ├── gpai-training-data-summary.md
│       └── serious-incident-template-gpai.md
├── CHANGELOG.md  # Version history
├── README.md  # Deployment guide
└── SKILL.md  # Main skill instructions
§ 04 · DEPLOYMENT

INSTALL
and INVOKE.

Two deployment surfaces. The skill auto-triggers on relevant keywords once installed.

CLAUDE.AI USER SKILLS

  1. Settings → Profile → Custom Skills
  2. Upload the entire ai-act-knowledge/ folder
  3. Skill auto-triggers on relevant keywords

CLAUDE CODE / MCP

  1. Copy folder to your skills directory:
cp -r ai-act-knowledge/ \
   ~/.claude/skills/user/
§ 05 · OUTPUTS

WHAT YOU
get BACK.

Every output is documented, version-pinned, and traceable to its source citation.

Cited answer
Direct response with operative text quoted and the legal basis attached: Art. X(y), recital, or guideline section.
Cross-references
Related provisions and overlapping frameworks (GDPR, MDR/IVDR, CRD, LED, DSM, CRA) surfaced alongside the answer.
Decision-tree walk
Step-by-step traversal of the AI-system, high-risk, or provider/deployer tree with the controlling article at each branch.
Timeline read
Applicability dates by Title with the governing article — Art. 5/4 (Feb 2025), GPAI (Aug 2025), high-risk (Dec 2027), Annex I (Aug 2028).
Watch-List flag
Explicit notice when official guidance is still in preparation, with an offer to search the web for the latest status.
§ 06 · EVALS

TESTED
before SHIPPED.

Every release runs against a fixed test suite. Assertions check numeric consistency, citation accuracy, and decision-tree branches.

08
Test Cases
78
Assertions
100%
Coverage Required
01
We're a German manufacturer that integrates a third-party LLM into our customer-...
10 ASSERTS
02
We're building a high-risk AI system for HR (CV ranking, Annex III Nr
10 ASSERTS
03
The Digital Omnibus has been discussed for over a year
9 ASSERTS
04
We release an open-source foundation model with weights, code, training data ref...
10 ASSERTS
05
We're adhering to the GPAI Code of Practice
9 ASSERTS
06
We're deploying an AI system that generates synthetic news anchor videos for our...
9 ASSERTS
07
We're a medical device manufacturer placing an AI-enabled diagnostic tool on the...
11 ASSERTS
08
How does the German KI-Verordnungs-Durchführungsgesetz (AI Act implementation la...
10 ASSERTS
§ 07 · REGULATORY BASIS

WHAT IT
cites.

Every legal verdict resolves to one of these instruments. No invented articles, no synthetic recitals.

EU AI Act
Regulation (EU) 2024/1689 — full text, preamble, and recitals.
Commission Guidelines
AI system definition, Art. 5 prohibitions, Art. 6 high-risk classification (2026 draft), Digital Omnibus.
EDPB Opinion 28/2024
DPIA for AI processing; plus EDPB-EDPS joint opinions (2021, 2026).
GPAI Code of Practice
Art. 53/55 implementation framework; Art. 50 Transparency Code.
Art. 40 Harmonised Standards
JTC 21 roadmap and prEN 18286.
ENISA Advisories
AI cybersecurity and standardisation guidance.
§ 08 · TRUST

EVERY STEP,
auditable.

The trace is the product. Nothing happens off the record — no hidden tool calls, no silent retrieval, no opaque chain-of-thought.

§
Source-anchored output.
Every answer cites article, paragraph, recital, or guideline section — sourced exclusively from EUR-Lex, the Commission, EDPB, EDPS, ENISA, and the AI Office.
VERIFIED
Reproducible answers.
70 structured reference files across 15 subdirectories. Pin a build; recreate the cited answer years later for audit or advice defence.
IMMUTABLE
No hallucinated citations.
Source hierarchy enforced; higher authority prevails on conflict. If a provision is not in the references, the skill says so rather than inventing it.
ENFORCED
**
EU-native.
Built around the AI Act text, Commission soft law, and Member State implementation. German title on every reference. Not retrofitted.
NATIVE

EU AI Act Knowledge Engine — Deployment Guide

📄 View the interactive skill page →

See CHANGELOG.md for version history.

Overview

EU AI Act Knowledge Engine — an authoritative regulatory Q&A skill grounded in 70 official EU source documents:

  • Article-level citations from the full text of Regulation (EU) 2024/1689
  • Full preamble + 13 Titles covered by structured reference files (Titles I–XIII)
  • Commission guidelines on AI system definition, prohibited practices, high-risk classification, and Digital Omnibus
  • EDPB/EDPS opinions including Opinion 28/2024 (AI-DPIA interplay) and 2026 joint opinion
  • Codes of Practice — GPAI Code (3 versions), Transparency Code (drafts + overview)
  • FRIA materials — Art. 27 text, Danish Institute guide, ECNL practical guide
  • Harmonised standards — Art. 40 framework, prEN 18286, JTC 21 roadmap
  • Sector-specific guidance for banking, medical devices, staffing, healthcare, law enforcement
  • National implementation tracking — German AI bill, regulatory sandboxes, national service desks
  • Incident reporting templates — GPAI serious incident, Art. 73 high-risk draft guidance

File Structure

ai-act-knowledge/
├── SKILL.md                          # Main skill instructions (deploy this)
├── CHANGELOG.md                      # Version history
└── references/                       # 70 reference files across 15 subdirectories
    ├── core/                         # Regulation text by Title (I–XIII) + preamble + Annex III + decision trees
    ├── guidelines/                   # Commission guidelines (AI system definition, prohibited, GPAI, omnibus)
    ├── codes-of-practice/            # GPAI Code + Transparency Code (multiple versions)
    ├── opinions/                     # EDPB/EDPS opinions (2021, 2026, 28/2024)
    ├── standards/                    # Art. 40 harmonised standards, prEN 18286, JTC 21
    ├── fria/                         # Art. 27 FRIA — text + practical guides
    ├── governance/                   # AI Office FAQ, AI Pact, enforcement, timeline
    ├── national/                     # National implementation (DE bill, sandboxes, service desks)
    ├── sector-specific/              # Banking, medical devices, staffing
    ├── cybersecurity/                # ENISA advisories
    ├── law-enforcement/              # Europol AI policing
    ├── compliance-guides/            # AI literacy, SME guide, copyright/TDM, whistleblowing
    ├── impact-assessments/           # Commission IA + supporting study + healthcare 2026
    └── templates/                    # GPAI training data, serious incident, high-risk draft

Deployment

Claude.ai (User Skills)

  1. Go to Settings → Profile → Custom Skills (or equivalent)
  2. Upload the entire ai-act-knowledge/ folder structure
  3. The skill will auto-trigger when you ask about AI Act articles, requirements, penalties, GPAI obligations, FRIA, or any AI Act topic

Claude Code / Custom MCP Setup

  1. Copy the ai-act-knowledge/ folder to your skills directory: bash cp -r ai-act-knowledge/ /path/to/your/skills/user/ai-act-knowledge/
  2. Ensure the skill is registered in your configuration

Usage

Quick Start

Ask any AI Act question:

"What does Art. 27 require for a Fundamental Rights Impact Assessment, and when does it apply to deployers of high-risk systems?"

The skill will route to the right reference files and produce a cited answer.

Trigger Phrases

  • "Explain Art. X" / "What does Article X say?" / "AI Act requirements"
  • "GPAI obligations" / "High-risk AI" / "Prohibited AI practices"
  • "AI Act and GDPR" / "Fundamental rights impact assessment" / "AI literacy"
  • "KI-Verordnung" / "Hochrisiko-KI" / "GPAI-Verhaltenskodex"

For assessment workflows that produce a classification decision, use ai-act-classifier instead.

Workflow

Step Description
1. Classify Question Topic Router determines which reference subdirectory(ies) to consult
2. Load References Read targeted reference files (article text, guidelines, opinions, codes)
3. Synthesise Produce answer with article-level citations and cross-references to related provisions

Capabilities Summary

Feature Description
Article-Level Q&A Direct answers grounded in the full regulation text (preamble + 13 Titles)
Commission Guidelines AI system definition, prohibited practices, high-risk, Digital Omnibus
EDPB/EDPS Opinions 2021 joint, 2026 joint, Opinion 28/2024 (AI-DPIA)
Codes of Practice GPAI Code (3 versions), Transparency Code (drafts + overview)
FRIA Materials Art. 27 text + Danish Institute and ECNL practical guides
Harmonised Standards Art. 40 framework, prEN 18286, JTC 21 roadmap
Sector Guidance Banking, medical devices, staffing, healthcare, law enforcement
National Implementation German AI bill, regulatory sandboxes, Member State service desks
Incident Templates GPAI serious incident reporting, Art. 73 high-risk draft
Cross-Framework AI Act ↔ GDPR, ENISA cybersecurity overlays

Regulatory Basis

Document Reference
EU AI Act Regulation (EU) 2024/1689 (full text + recitals)
Commission Guidelines AI system definition, Art. 5 prohibitions, Art. 6 high-risk, Digital Omnibus
EDPB Opinion 28/2024 DPIA for AI processing
EDPB-EDPS Joint Opinions 2021 and 2026
GPAI Code of Practice Art. 53/55 implementation framework
Art. 50 Code of Practice Transparency labeling framework
Art. 40 Harmonised Standards JTC 21 framework, prEN 18286
ENISA Advisories AI cybersecurity, standardisation

License & Disclaimer

This skill provides structured AI Act regulatory information based on Regulation (EU) 2024/1689 and official EU institutional sources. It is not legal advice. Specific compliance decisions should involve qualified legal counsel with AI Act expertise.

Licensed under AGPL-3.0 — see LICENSE at the repo root.


Created by Oliver Schmidt-Prietz — OneZero Legal