license-compliance-checker
Automated license compliance verification for dependencies to ensure legal compliance during migration
Best use case
license-compliance-checker is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Automated license compliance verification for dependencies to ensure legal compliance during migration
Teams using license-compliance-checker should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/license-compliance-checker/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How license-compliance-checker Compares
| Feature / Agent | license-compliance-checker | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Automated license compliance verification for dependencies to ensure legal compliance during migration
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# License Compliance Checker Skill
Automated verification of license compliance across all project dependencies to ensure legal compliance during migration activities.
## Purpose
Enable comprehensive license compliance checking for:
- Dependency license identification
- Compatibility verification
- Copyleft license flagging
- Attribution requirement tracking
- Policy enforcement
## Capabilities
### 1. License Identification
- Extract licenses from dependencies
- Parse SPDX identifiers
- Detect custom licenses
- Handle multi-license packages
### 2. Compatibility Checking
- Verify license compatibility
- Check against project license
- Identify conflicting licenses
- Map dependency license chains
### 3. Copyleft License Flagging
- Detect GPL/AGPL licenses
- Identify viral clauses
- Flag distribution implications
- Alert on copyleft in proprietary projects
### 4. Attribution Requirement Tracking
- Collect NOTICE requirements
- Track attribution obligations
- Generate attribution documents
- Monitor compliance completeness
### 5. Policy Enforcement
- Define allowed/blocked licenses
- Enforce organizational policies
- Generate compliance reports
- Track policy violations
### 6. Compliance Report Generation
- Create audit-ready reports
- Generate SBOM with licenses
- Produce attribution files
- Export compliance evidence
## Tool Integrations
| Tool | Purpose | Integration Method |
|------|---------|-------------------|
| FOSSA | Full compliance platform | API |
| WhiteSource | License scanning | API |
| Black Duck | Comprehensive analysis | API |
| license-checker | npm license checking | CLI |
| licensee | License detection | CLI |
| go-licenses | Go license checking | CLI |
| pip-licenses | Python license checking | CLI |
## Output Schema
```json
{
"analysisId": "string",
"timestamp": "ISO8601",
"projectLicense": "string",
"dependencies": [
{
"name": "string",
"version": "string",
"license": "string",
"spdxId": "string",
"compatible": "boolean",
"attributionRequired": "boolean",
"riskLevel": "high|medium|low|none"
}
],
"compliance": {
"status": "compliant|non-compliant|review-required",
"violations": [],
"warnings": [],
"attributionNeeded": []
},
"sbom": {
"format": "SPDX|CycloneDX",
"path": "string"
}
}
```
## Integration with Migration Processes
- **dependency-analysis-updates**: License verification
- **legacy-codebase-assessment**: Compliance assessment
## Related Skills
- `dependency-scanner`: Dependency discovery
- `vulnerability-scanner`: Security + compliance
## Related Agents
- `dependency-modernization-agent`: License-safe updates
- `compliance-migration-agent`: Full complianceRelated Skills
contrast-checker
Check color contrast ratios for WCAG compliance
compliance-checker
Check compliance with SOC 2, GDPR, HIPAA, and PCI-DSS standards
soc2-compliance-automator
SOC 2 Trust Services Criteria compliance automation for evidence collection, control mapping, and audit preparation
pci-dss-compliance-automator
PCI DSS compliance assessment and reporting for cardholder data protection, SAQ automation, and ASV scan orchestration
hipaa-compliance-automator
HIPAA security and privacy compliance automation for ePHI protection, safeguards assessment, and audit preparation
gdpr-compliance-automator
GDPR compliance assessment and automation for data mapping, consent management, DSAR handling, and privacy impact assessments
compliance-evidence-collector
Automated evidence collection across compliance frameworks from cloud providers, identity systems, and security tools
regulatory-compliance-assessment
Evaluate organizational compliance with healthcare regulations including HIPAA, CMS Conditions of Participation, and accreditation standards through gap analysis and audit procedures
accessibility-compliance-auditing
Evaluate learning materials and technology for WCAG, Section 508, and accessibility compliance with remediation recommendations
accessibility-compliance
Ensure cultural programs and facilities meet ADA requirements and universal design principles including accommodations, assistive technologies, and inclusive practices
jupyter-reproducibility-checker
Skill for checking and ensuring Jupyter notebook reproducibility
iso-nanotechnology-compliance-checker
Regulatory compliance skill for ISO nanotechnology standards verification and documentation