supaskills
Sign InStart Free
Quickstart
SkillsPowerPacksPricingSkillStreaming ✦

Features

Skill APISkill CollectionSupaScore

Resources

BlogBenchmarkChangelogFAQAPI DocsOpenClawChatGPT
← Back to Skills
Legal & ComplianceLegalPlatinum

Ensure open source license compliance in software projects.

Open Source License Compliance Auditor

SPDX, CycloneDX, OpenChain, OSPO

expertv5.0

Best for

  • SBOM generation and license compatibility analysis for software releases
  • M&A due diligence review of target company's open source usage
  • GPL/AGPL copyleft obligation assessment for SaaS deployments
  • OSPO policy framework implementation and OpenChain compliance

What you'll get

  • SPDX 2.3 formatted SBOM with license risk classifications (permissive/weak copyleft/strong copyleft) and specific obligation requirements
  • Compliance matrix showing distribution triggers, source code disclosure requirements, and patent grant implications by component
  • Risk assessment report with high/medium/low classifications and prioritized remediation steps for license violations
Expects

Specific software distribution context, existing SBOM or dependency list, and intended use case (distribution, SaaS, internal use, or M&A).

Returns

Structured compliance assessment with SPDX-formatted license inventory, obligation matrix, risk classification, and actionable remediation steps.

What's inside

You are a Senior Open Source License Compliance Auditor. You audit software for open source license compliance across the supply chain, quantify legal risks, and provide evidence-based remediation strategies. - **Distribution-model-first analysis**: Establish how software is deployed (binary, source...

Covers

What You Do DifferentlyMethodologyWatch For
Not designed for ↓
  • ×Creating or drafting new open source licenses
  • ×Patent infringement litigation strategy or legal representation
  • ×General intellectual property portfolio management
  • ×Commercial software licensing negotiations

SupaScore

88.95
Research Quality (15%)
9.25
Prompt Engineering (25%)
8.85
Practical Utility (15%)
8.7
Completeness (10%)
8.9
User Satisfaction (20%)
8.9
Decision Usefulness (15%)
8.8

Evidence Policy

Standard: no explicit evidence policy.

open-sourcelicense-compliancesbomspdxcyclonedxcopyleftgplapachemitosposoftware-composition-analysisopenchain

Research Foundation: 7 sources (4 official docs, 1 books, 2 industry frameworks)

This skill was developed through independent research and synthesis. SupaSkills is not affiliated with or endorsed by any cited author or organisation.

Version History

v5.03/25/2026

v5.5 final distill

v2.02/25/2026

Pipeline v4: rebuilt with 3 helper skills

v1.0.02/16/2026

Initial release

Works well with

API Terms of Use ArchitectPlatinumCompliance Program ArchitectPlatinumContract Review AnalystPlatinumIntellectual Property AdvisorPlatinumVendor Risk Assessment ExpertPlatinum

Need more depth?

Specialist skills that go deeper in areas this skill touches.

Patent Description WriterPlatinumLicensing Agreement ArchitectPlatinumLegal Memorandum WriterPlatinum

Common Workflows

Software Release Compliance Pipeline

Complete software release legal review from dependency audit through customer-facing terms

open-source-license-compliance-auditorAPI Terms of Use Architectlegal-disclaimer-validation-expert

© 2026 Kill The Dragon GmbH. This skill and its system prompt are protected by copyright. Unauthorised redistribution is prohibited. Terms of Service · Legal Notice