Clausi - AI Compliance Audits in Your Terminal

Overview

Clausi CLI submits source-code and metadata to the hosted Clausi platform (https://api.clausi.ai) which returns a compliance report in the format of your choice (PDF, HTML, JSON).

Supported Regulatory Frameworks

Key	Regulation
EU-AIA	European Union Artificial Intelligence Act (EU AI Act)
GDPR	General Data Protection Regulation
ISO-42001	ISO/IEC 42001:2023 - AI Management System Standard
HIPAA	Health Insurance Portability and Accountability Act
SOC2	SOC 2 - System and Organization Controls Type 2

Additional frameworks can be added on the server side without requiring a client update.

Installation

pip install clausi

Requires Python 3.8 or higher

Quick Start

1. Run Your First Scan

Choose your preferred approach:

RECOMMENDED

Interactive Mode

Guided wizard - perfect for first-time users

clausi

You'll see a menu you can navigate with arrow keys:

What would you like to do?

→ 1. Scan a project for compliance

2. View configuration

3. List available AI models

4. Run setup wizard

5. Show help

6. Exit Clausi

Use ↑↓ arrows to navigate, Enter to select

The wizard guides you through:

Selecting your project folder
Choosing AI provider (Clausi AI, Claude, or OpenAI)
Picking regulations to scan against
Optional cost-saving presets

POWER USER

Direct Commands

Run scans directly from the command line

clausi scan . -r EU-AIA

Common examples:

Scan with Clausi AI (default, no API key):

clausi scan /path/to/project -r EU-AIA

Scan with Claude (BYOK - $0.50/scan):

clausi scan . -r EU-AIA --claude

Scan with OpenAI (BYOK - $0.50/scan):

clausi scan . -r EU-AIA --openai

Multiple regulations:

clausi scan . -r EU-AIA -r GDPR -r SOC2

Interactive Scan Wizard Preview

When you select "Scan a project" in interactive mode, you'll be guided through each step:

Step 1: Select Project

How would you like to specify the path?

→ 1. Current directory (.)

2. Open file explorer...

3. Browse in terminal...

4. Type path manually

Step 2: Select AI Provider

Select AI provider:

→ 1. Clausi AI (no API key needed)

2. Claude (BYOK + $0.50 fee)

3. OpenAI (BYOK + $0.50 fee)

Step 3: Select Regulations (multi-select)

Select regulations (Enter to toggle):

→ ✓ EU-AIA - EU AI Act

✓ GDPR - General Data Protection

ISO-42001 - AI Management

HIPAA - Health Insurance

SOC2 - Service Organization

── Done (selected: 2) ──

Step 4: Run Scan

Running command:

clausi scan "." -r EU-AIA --open-findings

Scan starts automatically...

2. AI Provider Options

Clausi works out of the box with no API key. Or bring your own key for lower per-scan costs:

Clausi AI (Default) - No Setup Required

Just run the scan — no API key needed. Pricing: $2.00 minimum + $0.80/100k tokens

Claude (BYOK) - $0.50 flat per scan

Set your Anthropic API key:

export ANTHROPIC_API_KEY=sk-ant-your-key-here

Get key from: console.anthropic.com

OpenAI (BYOK) - $0.50 flat per scan

Set your OpenAI API key:

export OPENAI_API_KEY=sk-your-key-here

Get key from: platform.openai.com/api-keys

3. Custom Regulations (Optional)

Beyond the built-in regulations, you can define your own compliance rules tailored to your organization's specific policies, industry standards, or internal requirements.

Why Custom Regulations?

•Internal Policies: Enforce company-specific coding standards and security requirements
•Industry Standards: Add compliance checks for domain-specific frameworks not yet built-in
•Client Requirements: Meet specific contractual obligations with auditable evidence
•Evolving Regulations: Quickly adapt to new laws before official Clausi support

Create a custom regulation YAML file:

# ~/.clausi/custom_regulations/company-security.yml
name: "Company Security Policy"
description: "Internal security requirements for AI systems"
version: "1.0"

clauses:
  - id: "SEC-001"
    title: "Authentication Requirements"
    requirements:
      - "All AI endpoints must require authentication"
      - "API keys must not be hardcoded in source"
    severity: "critical"

  - id: "SEC-002"
    title: "Data Logging"
    requirements:
      - "All model inputs must be logged for audit"
      - "PII must be masked before logging"
    severity: "high"

Storage locations:

Global (all projects)

~/.clausi/custom_regulations/*.yml

Project-specific

.clausi/regulations/*.yml

Use your custom regulation:

clausi scan . -r EU-AIA -r COMPANY-SECURITY

The regulation name is derived from the filename (e.g., company-security.yml → COMPANY-SECURITY)

4. View Your Results

After the scan completes, reports are saved to your project's clausi/ folder:

findings.md - Main compliance findings
compliance_report.pdf - Executive PDF report
traceability_matrix.md - Code-to-clause mapping

Tip: Use --open-findings to auto-open results in your editor.

Getting Started with Clausi