Dingdawg Compliance

1authSTDIOregistry active

Summary

If you're shipping AI systems that make consequential decisions in Colorado (or preparing for the EU AI Act), this gives you a compliance score in about a minute. It walks through 25 SB 205 controls interactively or scores from JSON, highlighting critical gaps like missing impact assessments or consumer disclosure failures. The scanner runs entirely locally with no external dependencies, and it can store assessment history in SQLite or run automated checks against your codebase and databases. You get a 0-100 score with category breakdowns and a prioritized gap list. It won't generate remediation plans or audit docs, but it tells you exactly which controls you're failing before the June 2026 deadline.

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

dingdawg-compliance

Colorado SB 205 AI Act compliance scanner. Run it in 60 seconds. Get your score. Know your gaps before June 30, 2026.

pip install dingdawg-compliance
python3 -m dingdawg_compliance scan

What it does

Colorado SB 205 requires any company using AI for consequential decisions (employment, housing, credit, insurance, healthcare, education) to:

Conduct impact assessments before deployment
Disclose AI use to consumers at point of decision
Provide appeal and human review mechanisms
Designate a Responsible AI Officer
Test for discriminatory bias
Maintain a 3-year audit trail

This tool scores your readiness across all 25 SB 205 controls. Free. No signup. Runs locally.

Install

pip install dingdawg-compliance

Requires Python 3.9+. No external dependencies — stdlib only.

Usage

Interactive scan (recommended)

python3 -m dingdawg_compliance scan

Walk through all 25 controls. Answer y/n/skip for each. Get your score at the end.

Example output:

──────────────────────────────────────────────────────
  Overall Score: 44/100  [████████░░░░░░░░░░░░]  NEEDS WORK
──────────────────────────────────────────────────────

  Category Scores:
    ~ scope                  100%
    ✗ impact_assessment        0%
    ✗ transparency            33%
    ✗ appeal                   0%
    ~ governance              50%
    ✗ bias_testing             0%
    ✗ data_governance          0%
    ✗ incident_response       50%
    ✓ audit                  100%

  ⚠ Critical gaps (2) — mandatory under SB 205:
    • CO-3   Pre-Deployment Impact Assessment
    • CO-6   Consumer Disclosure at Point of Decision

  Need the full remediation report?
  → dingdawg.com/compliance  (CO SB 205 gap report — $199)

Score from a JSON file

python3 -m dingdawg_compliance score responses.json

Format for responses.json:

{
  "CO-1": true,
  "CO-2": true,
  "CO-3": false,
  "CO-4": null
}

true = implemented, false = not implemented, null = unknown (scored as not implemented).

List all 25 controls

python3 -m dingdawg_compliance controls

Use as a library

from dingdawg_compliance import calculate_co_sb205_score, CO_SB_205_CONTROLS

# Score a self-assessment
responses = {
    "CO-1": True,   # scope: identified consequential decisions
    "CO-3": False,  # impact_assessment: no pre-deployment assessment yet
    "CO-6": True,   # transparency: consumer disclosure implemented
    # ... rest of controls
}

result = calculate_co_sb205_score(responses)
print(result["score"])           # 0-100
print(result["gaps"])            # list of unimplemented controls
print(result["critical_gaps"])   # CO-3, CO-6, CO-10, CO-14 if missing

Track assessments in SQLite

from dingdawg_compliance import ComplianceStore, ComplianceScorer, ComplianceFramework

store = ComplianceStore()  # stored at ~/.dingdawg/compliance/compliance.db

# Register and assess a control
store.assess_control("CO-3", status="COMPLIANT", assessor="legal-team", notes="Completed Q1 2026")

# Score
scorer = ComplianceScorer(store)
print(scorer.overall_posture_score())   # e.g. 72.0
print(scorer.per_framework_score())     # per-framework breakdown
print(scorer.gap_analysis())            # prioritized gap list

Automated checks (read-only)

from dingdawg_compliance import AutoAssessor
from pathlib import Path

assessor = AutoAssessor(
    base_dir=Path("./src"),
    db_paths=[Path("./data/app.db")]
)

results = assessor.run_all_checks()
print(results["checks"]["access_controls"]["summary"])
print(results["checks"]["audit_logging"]["summary"])

The 25 CO SB 205 Controls

ID	Category	Control	Critical
CO-1	scope	Consequential Decision Identification
CO-2	scope	High-Risk AI System Classification
CO-3	impact_assessment	Pre-Deployment Impact Assessment	★
CO-4	impact_assessment	Annual Impact Assessment Review
CO-5	impact_assessment	Impact Assessment Documentation
CO-6	transparency	Consumer Disclosure at Point of Decision	★
CO-7	transparency	Disclosure Timing
CO-8	transparency	Disclosure Content — AI Role
CO-9	transparency	Disclosure Content — Data Used
CO-10	appeal	Appeal Mechanism	★
CO-11	appeal	Human Review Option
CO-12	appeal	Opt-Out Mechanism
CO-13	appeal	Appeal Response Timeline
CO-14	governance	Responsible AI Officer Designation	★
CO-15	governance	AI Inventory
CO-16	governance	Vendor Due Diligence
CO-17	governance	Policy Documentation
CO-18	bias_testing	Pre-Deployment Bias Testing
CO-19	bias_testing	Ongoing Bias Monitoring
CO-20	bias_testing	Protected Class Analysis
CO-21	data_governance	Training Data Documentation
CO-22	data_governance	Data Minimization
CO-23	incident_response	AI Incident Response Plan
CO-24	incident_response	Error Notification
CO-25	audit	Third-Party Audit Trail

★ Critical — mandatory remediation required before June 30, 2026.

What this doesn't include

This scanner shows what to check and where your gaps are. It does not generate remediation plans, regulatory citations, evidence templates, or audit-ready documentation.

For the full gap report with remediation guidance → dingdawg.com/compliance

License

Apache 2.0 — free to use, fork, and contribute.

Contributing

PRs welcome for new indicators, additional frameworks, or CLI improvements. Open an issue first for anything structural.

Featured

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

Configuration

DINGDAWG_API_KEYsecret

API key for paid tier access — get free at dingdawg.com

Registryactive

Packagedingdawg-compliance

TransportSTDIO

AuthRequired

UpdatedApr 6, 2026

View on GitHub

dingdawg-compliance

Colorado SB 205 AI Act compliance scanner. Run it in 60 seconds. Get your score. Know your gaps before June 30, 2026.

pip install dingdawg-compliance
python3 -m dingdawg_compliance scan

What it does

Colorado SB 205 requires any company using AI for consequential decisions (employment, housing, credit, insurance, healthcare, education) to:

Conduct impact assessments before deployment
Disclose AI use to consumers at point of decision
Provide appeal and human review mechanisms
Designate a Responsible AI Officer
Test for discriminatory bias
Maintain a 3-year audit trail

This tool scores your readiness across all 25 SB 205 controls. Free. No signup. Runs locally.

Install

pip install dingdawg-compliance

Requires Python 3.9+. No external dependencies — stdlib only.

Usage

Interactive scan (recommended)

python3 -m dingdawg_compliance scan

Walk through all 25 controls. Answer y/n/skip for each. Get your score at the end.

Example output:

──────────────────────────────────────────────────────
  Overall Score: 44/100  [████████░░░░░░░░░░░░]  NEEDS WORK
──────────────────────────────────────────────────────

  Category Scores:
    ~ scope                  100%
    ✗ impact_assessment        0%
    ✗ transparency            33%
    ✗ appeal                   0%
    ~ governance              50%
    ✗ bias_testing             0%
    ✗ data_governance          0%
    ✗ incident_response       50%
    ✓ audit                  100%

  ⚠ Critical gaps (2) — mandatory under SB 205:
    • CO-3   Pre-Deployment Impact Assessment
    • CO-6   Consumer Disclosure at Point of Decision

  Need the full remediation report?
  → dingdawg.com/compliance  (CO SB 205 gap report — $199)

Score from a JSON file

python3 -m dingdawg_compliance score responses.json

Format for responses.json:

{
  "CO-1": true,
  "CO-2": true,
  "CO-3": false,
  "CO-4": null
}

true = implemented, false = not implemented, null = unknown (scored as not implemented).

List all 25 controls

python3 -m dingdawg_compliance controls

Use as a library

from dingdawg_compliance import calculate_co_sb205_score, CO_SB_205_CONTROLS

# Score a self-assessment
responses = {
    "CO-1": True,   # scope: identified consequential decisions
    "CO-3": False,  # impact_assessment: no pre-deployment assessment yet
    "CO-6": True,   # transparency: consumer disclosure implemented
    # ... rest of controls
}

result = calculate_co_sb205_score(responses)
print(result["score"])           # 0-100
print(result["gaps"])            # list of unimplemented controls
print(result["critical_gaps"])   # CO-3, CO-6, CO-10, CO-14 if missing

Track assessments in SQLite

from dingdawg_compliance import ComplianceStore, ComplianceScorer, ComplianceFramework

store = ComplianceStore()  # stored at ~/.dingdawg/compliance/compliance.db

# Register and assess a control
store.assess_control("CO-3", status="COMPLIANT", assessor="legal-team", notes="Completed Q1 2026")

# Score
scorer = ComplianceScorer(store)
print(scorer.overall_posture_score())   # e.g. 72.0
print(scorer.per_framework_score())     # per-framework breakdown
print(scorer.gap_analysis())            # prioritized gap list

Automated checks (read-only)

from dingdawg_compliance import AutoAssessor
from pathlib import Path

assessor = AutoAssessor(
    base_dir=Path("./src"),
    db_paths=[Path("./data/app.db")]
)

results = assessor.run_all_checks()
print(results["checks"]["access_controls"]["summary"])
print(results["checks"]["audit_logging"]["summary"])

The 25 CO SB 205 Controls

ID	Category	Control	Critical
CO-1	scope	Consequential Decision Identification
CO-2	scope	High-Risk AI System Classification
CO-3	impact_assessment	Pre-Deployment Impact Assessment	★
CO-4	impact_assessment	Annual Impact Assessment Review
CO-5	impact_assessment	Impact Assessment Documentation
CO-6	transparency	Consumer Disclosure at Point of Decision	★
CO-7	transparency	Disclosure Timing
CO-8	transparency	Disclosure Content — AI Role
CO-9	transparency	Disclosure Content — Data Used
CO-10	appeal	Appeal Mechanism	★
CO-11	appeal	Human Review Option
CO-12	appeal	Opt-Out Mechanism
CO-13	appeal	Appeal Response Timeline
CO-14	governance	Responsible AI Officer Designation	★
CO-15	governance	AI Inventory
CO-16	governance	Vendor Due Diligence
CO-17	governance	Policy Documentation
CO-18	bias_testing	Pre-Deployment Bias Testing
CO-19	bias_testing	Ongoing Bias Monitoring
CO-20	bias_testing	Protected Class Analysis
CO-21	data_governance	Training Data Documentation
CO-22	data_governance	Data Minimization
CO-23	incident_response	AI Incident Response Plan
CO-24	incident_response	Error Notification
CO-25	audit	Third-Party Audit Trail

★ Critical — mandatory remediation required before June 30, 2026.

What this doesn't include

This scanner shows what to check and where your gaps are. It does not generate remediation plans, regulatory citations, evidence templates, or audit-ready documentation.

For the full gap report with remediation guidance → dingdawg.com/compliance

License

Apache 2.0 — free to use, fork, and contribute.

Contributing

PRs welcome for new indicators, additional frameworks, or CLI improvements. Open an issue first for anything structural.