Places your organization in the AI Act value chain and tests for the quasi-provider trap. Provider / deployer / importer / distributor, Art. 25 substantial modification, finetuning escalation, changed intended purpose, product-manufacturer integration, and a chainable role dashboard — through one guided decision tree.
Each capability is documented separately, tested separately, and called by the workflow at the right moment. Compose them or invoke individually.
Ten structured steps. The human stays accountable; the skill carries the structure, the citations, and the document trail.
Single-folder skill. SKILL.md is the runtime spec; references hold the knowledge corpus; evals hold the proof.
ai-act-roles/ ├── evals # Test cases + assertions │ └── evals.json # 3 cases, 0 assertions ├── references # Reference corpus │ ├── case-studies.md │ ├── compliance-deadlines.md │ ├── employment-law-overlay.md │ ├── finetuning-assessment.md │ ├── quasi-provider-scenarios.md │ ├── role-definitions.md │ ├── sector-guidance-crossref.md │ ├── substantial-modification.md │ └── value-chain-obligations.md ├── CHANGELOG.md # Version history ├── README.md # Deployment guide └── SKILL.md # Main skill instructions
Two deployment surfaces. The skill auto-triggers on relevant keywords once installed.
ai-act-roles/ foldercp -r ai-act-roles/ \ ~/.claude/skills/user/
Every output is documented, version-pinned, and traceable to its source citation.
Every release runs against a fixed test suite. Assertions check numeric consistency, citation accuracy, and decision-tree branches.
Every legal verdict resolves to one of these instruments. No invented articles, no synthetic recitals.
The trace is the product. Nothing happens off the record — no hidden tool calls, no silent retrieval, no opaque chain-of-thought.
See CHANGELOG.md for version history.
EU AI Act Role Determination — determines the organisation's role in the AI value chain and assesses quasi-provider risk:
ai-act-roles/
├── SKILL.md # Main skill instructions (deploy this)
├── CHANGELOG.md # Version history
├── evals/
│ └── evals.json # Test cases
└── references/
├── role-definitions.md # Provider, deployer, importer, distributor — Art. 3 definitions
├── substantial-modification.md # Art. 3(23) substantial-modification analysis
├── quasi-provider-scenarios.md # Art. 25 trigger scenarios
├── finetuning-assessment.md # When fine-tuning becomes substantial modification
├── value-chain-obligations.md # Obligation map per role
├── compliance-deadlines.md # Deadline anchors per role
├── employment-law-overlay.md # HR/workforce-specific overlay
├── sector-guidance-crossref.md # Sector-specific role considerations
└── case-studies.md # Worked role-determination examples
ai-act-roles/ folder structureai-act-roles/ folder to your skills directory:
bash
cp -r ai-act-roles/ /path/to/your/skills/user/ai-act-roles/Describe what your organisation does with the AI:
"We're a German bank. We licensed an off-the-shelf credit-scoring model from a US vendor, fine-tuned it on our own data, and rebranded the output for our customers. Are we the provider, deployer, or quasi-provider?"
The skill will walk through primary-role and quasi-provider trees.
| Phase | Description |
|---|---|
| Phase 1: Context Gathering | Adaptive intake — what the organisation does with the AI, source/origin of the system |
| Phase 2: Primary Role Determination | Visual decision tree — provider / deployer / importer / distributor |
| Phase 3: Quasi-Provider Risk Assessment (Art. 25) | Trigger assessment tree — substantial modification, rebranding, purpose change, high-risk repurposing |
| Phase 4: Role Determination Dashboard | Output: primary role + quasi-provider verdict + legal basis + obligations preview |
| Feature | Description |
|---|---|
| Primary Role Determination | Provider, deployer, importer, distributor — visual decision tree |
| Quasi-Provider Assessment | Art. 25 trigger tree (substantial modification, rebranding, purpose change, high-risk repurposing) |
| Fine-Tuning Analysis | When fine-tuning a GPAI model becomes substantial modification |
| Substantial Modification | Art. 3(23) analysis with Commission guidance |
| Value Chain Mapping | Obligations per role with cross-reference to ai-act-obligations |
| Employment-Law Overlay | HR/workforce-specific role considerations |
| Sector Cross-References | Sector-specific role nuances |
| Role Dashboard | Single-page output with verdict + legal basis + next steps |
| Document | Reference |
|---|---|
| EU AI Act | Regulation (EU) 2024/1689 |
| Art. 3 | Definitions — provider, deployer, importer, distributor |
| Art. 3(23) | Substantial modification definition |
| Art. 25 | Responsibilities along the AI value chain (quasi-provider) |
| Commission Value Chain Guidance | Quasi-provider trigger interpretation |
| Art. 16, 26 | Obligations per primary role |
This skill provides structured AI Act role-determination guidance based on Regulation (EU) 2024/1689 and Commission value chain guidance. It is not legal advice. Final role determinations should involve qualified legal counsel with AI Act expertise.
Licensed under AGPL-3.0 — see LICENSE at the repo root.
Created by Oliver Schmidt-Prietz — OneZero Legal