comply54 0.2.0__tar.gz

comply54-0.2.0/PKG-INFO

@@ -0,0 +1,365 @@
+Metadata-Version: 2.4
+Name: comply54
+Version: 0.2.0
+Summary: African AI governance compliance — enforcement engine and sector packs for NDPA, CBN, NHA, NAICOM, KDPA, POPIA and 15+ African regulatory frameworks. LangGraph-native guard node included.
+Author-email: Oluwajuwon Omotayo <ginuxtechacademy@gmail.com>
+License-Expression: Apache-2.0
+Project-URL: Homepage, https://comply54.io
+Project-URL: Repository, https://github.com/comply54/comply54
+Project-URL: Issues, https://github.com/comply54/comply54/issues
+Keywords: comply54,africa,compliance,ai-governance,ndpa,cbn,kdpa,popia,rego,opa,fintech,data-protection,nigeria,kenya
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: Topic :: Security
+Classifier: Topic :: Office/Business :: Financial
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Requires-Python: >=3.9
+Description-Content-Type: text/markdown
+Requires-Dist: regopy>=1.4.0
+Requires-Dist: pydantic>=2.0.0
+Provides-Extra: langchain
+Requires-Dist: langchain-core>=0.1.0; extra == "langchain"
+Provides-Extra: langgraph
+Requires-Dist: langchain-core>=0.1.0; extra == "langgraph"
+Requires-Dist: langgraph>=0.2.0; extra == "langgraph"
+Requires-Dist: langchain-anthropic>=0.2.0; extra == "langgraph"
+Provides-Extra: crewai
+Requires-Dist: crewai>=0.28.0; extra == "crewai"
+Provides-Extra: autogen
+Requires-Dist: pyautogen>=0.2.0; extra == "autogen"
+Provides-Extra: all
+Requires-Dist: langchain-core>=0.1.0; extra == "all"
+Requires-Dist: langgraph>=0.2.0; extra == "all"
+Requires-Dist: langchain-anthropic>=0.2.0; extra == "all"
+Requires-Dist: crewai>=0.28.0; extra == "all"
+Requires-Dist: pyautogen>=0.2.0; extra == "all"
+Provides-Extra: dev
+Requires-Dist: pytest>=8.0; extra == "dev"
+Requires-Dist: pytest-cov; extra == "dev"
+Requires-Dist: ruff; extra == "dev"
+Requires-Dist: pyright; extra == "dev"
+
+# Comply54
+
+**Open-source AI governance enforcement for African regulatory compliance.**
+
+[![CI](https://github.com/comply54/comply54/actions/workflows/ci.yml/badge.svg)](https://github.com/comply54/comply54/actions/workflows/ci.yml)
+[![codecov](https://codecov.io/gh/comply54/comply54/branch/main/graph/badge.svg)](https://codecov.io/gh/comply54/comply54)
+[![PyPI](https://img.shields.io/pypi/v/comply54.svg)](https://pypi.org/project/comply54)
+[![npm](https://img.shields.io/npm/v/@comply54/core.svg)](https://www.npmjs.com/package/@comply54/core)
+[![Python](https://img.shields.io/pypi/pyversions/comply54.svg)](https://pypi.org/project/comply54)
+[![License](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](LICENSE)
+
+---
+
+## What it does
+
+Comply54 intercepts AI agent tool calls and evaluates them against African regulatory frameworks — CBN, NDPA, NHA, NAICOM, KDPA, POPIA, and more — **before execution**. Blocked calls never reach the tool.
+
+```
+Agent decides to call transfer_funds(amount=15_000_000)
+         │
+         ▼
+   comply54 guard  ──► CBN NIP cap exceeded ──► ToolMessage error returned
+         │                                       Agent explains to user
+         ✗ tool never executes
+```
+
+No OPA binary required. No subprocess. Works in serverless environments.
+
+---
+
+## How it relates to agt-policies-nigeria
+
+```
+kingztech2019/agt-policies-nigeria          comply54
+──────────────────────────────────          ────────────────────────────────────
+The policy SOURCE.                          The enforcement and tooling LAYER.
+
+• Rego policy packs (NDPA, CBN, ...)  ──▶  • PackSpec registry indexes them
+• Cited in Microsoft AGT main         ──▶  • Sector classes compose them
+• OPA tests (306 passing)             ──▶  • LangGraph / CrewAI / AutoGen adapters
+• Stays at kingztech2019 forever      ──▶  • regopy evaluates in-process (no binary)
+```
+
+`agt-policies-nigeria` is where the policy files live — permanently cited in
+[Microsoft Agent-OS](https://github.com/microsoft/agent-governance-toolkit).
+
+`comply54` is where the ecosystem lives — the enforcement engine, sector compositions,
+framework adapters, and CI tooling that make those policies consumable from LangChain,
+LangGraph, CrewAI, AutoGen, and any OPA pipeline.
+
+---
+
+## Quick Start
+
+### Install
+
+```bash
+# Core (no framework)
+pip install comply54
+
+# With LangGraph / LangChain
+pip install "comply54[langgraph]"
+
+# With CrewAI
+pip install "comply54[crewai]"
+
+# Everything
+pip install "comply54[all]"
+```
+
+### Nigerian Fintech Agent (LangGraph)
+
+```python
+from comply54.sectors import NigeriaFintechCompliance
+from comply54.langchain import Comply54Guard, comply54_route
+from langgraph.graph import END, StateGraph
+from langgraph.prebuilt import ToolNode
+
+compliance = NigeriaFintechCompliance()
+guard = Comply54Guard(compliance, context={"kyc_tier": 3})
+
+graph = StateGraph(AgentState)
+graph.add_node("agent", call_model)
+graph.add_node("comply54_guard", guard)       # intercepts before tools run
+graph.add_node("tools", ToolNode(tools))
+
+graph.add_conditional_edges("agent", should_continue,
+    {"comply54_guard": "comply54_guard", END: END})
+graph.add_conditional_edges("comply54_guard", comply54_route,
+    {"tools": "tools", "agent": "agent"})     # blocked → agent, clear → tools
+graph.add_edge("tools", "agent")
+```
+
+### Direct check (no framework)
+
+```python
+from comply54.sectors import NigeriaFintechCompliance
+
+compliance = NigeriaFintechCompliance()
+
+result = compliance.check(
+    action="transfer_funds",
+    params={"amount": 15_000_000, "currency": "NGN"},
+    context={"kyc_tier": 3},
+)
+
+print(result.overall)                          # "deny"
+print(result.primary_violation.messages[0])   # "CBN NIP Framework: ..."
+```
+
+### Compliance certificate (for auditors)
+
+```python
+cert = compliance.certificate(
+    action="transfer_funds",
+    params={"amount": 5_000_000, "currency": "NGN"},
+    context={"kyc_tier": 3},
+)
+print(cert.to_json())   # tamper-evident JSON with SHA-256 integrity hash
+```
+
+---
+
+## Sector Packs
+
+Sector packs are the main entry point. One import wires up all relevant regulatory frameworks for your use case.
+
+### Nigerian Sector Packs
+
+| Sector class | Regulations covered | Use case |
+|---|---|---|
+| `NigeriaFintechCompliance` | NDPA + CBN + BVN/NIN + NFIU AML + OWASP | Payment agents, digital banking |
+| `NigeriaHealthcareCompliance` | NHA 2014 + NDPA (special-category) + FMOH AI Policy + OWASP | EHR agents, clinical decision support |
+| `NigeriaInsuranceCompliance` | Insurance Act 2003 + NAICOM Guidelines + NFIU AML + NDPA + OWASP | Claims processing, underwriting |
+
+### Other Sector Packs
+
+| Sector class | Jurisdictions | Use case |
+|---|---|---|
+| `KenyaFintechCompliance` | KE | Kenyan payment agents |
+| `PanAfricanFintechCompliance` | NG, KE, ZA, GH, RW, EG, ET, MU, TZ, UG | Multi-market agents |
+
+```python
+from comply54.sectors import (
+    NigeriaFintechCompliance,
+    NigeriaHealthcareCompliance,
+    NigeriaInsuranceCompliance,
+    KenyaFintechCompliance,
+    PanAfricanFintechCompliance,
+)
+```
+
+---
+
+## Policy Packs
+
+All packs use in-process Rego evaluation via `regopy` — no OPA binary required.
+
+### Universal Agent Safety Controls
+
+| Pack ID | Regulation | OWASP Ref |
+|---|---|---|
+| `universal/prompt-injection` | OWASP Agentic AI — LLM01/ASI01 | LLM01 |
+| `universal/pii-leakage` | OWASP LLM06 — Sensitive Information Disclosure | LLM06 |
+| `universal/tool-permissions` | OWASP LLM08 — Excessive Agency | LLM08 |
+| `universal/human-approval` | OWASP LLM09 — Overreliance | LLM09 |
+| `universal/model-routing` | OWASP LLM03/LLM05 — Model Selection Controls | LLM03/LLM05 |
+
+### Nigerian Regulatory Packs
+
+| Pack ID | Regulation | Authority |
+|---|---|---|
+| `nigeria/ndpa` | Nigeria Data Protection Act 2023 | NDPC |
+| `nigeria/cbn` | CBN Transaction Limits & Tiered KYC (FPR/DIR/GEN/CIR/07/003) | CBN |
+| `nigeria/bvn-nin` | CBN BVN Framework & NIBSS Scheme Rules | CBN / NIBSS |
+| `nigeria/nfiu-aml` | MLPPA 2022 / NFIU AML Guidelines | NFIU |
+| `nigeria/nha` | Nigeria National Health Act 2014 / FMOH AI Policy | FMOH / MDCN |
+| `nigeria/naicom` | Insurance Act 2003 / NAICOM Operational Guidelines 2021 / Market Conduct 2023 | NAICOM |
+
+### East Africa
+
+| Pack ID | Regulation | Authority |
+|---|---|---|
+| `kenya/kdpa` | Kenya Data Protection Act 2019 | ODPC |
+| `mauritius/dpa` | Mauritius Data Protection Act 2017 | DPC Mauritius |
+| `tanzania/pdpa` | Tanzania Personal Data Protection Act 2022 | PDPC Tanzania |
+| `uganda/dppa` | Uganda Data Protection and Privacy Act 2019 | PDPO Uganda |
+| `ethiopia/pdp` | Ethiopia Personal Data Protection Proclamation 1321/2024 | ECA |
+| `rwanda/dpa` | Rwanda Law No. 058/2021 on Personal Data Protection | RISA |
+
+### Southern Africa
+
+| Pack ID | Regulation | Authority |
+|---|---|---|
+| `south-africa/popia` | Protection of Personal Information Act 4 of 2013 | Information Regulator ZA |
+
+### West Africa
+
+| Pack ID | Regulation | Authority |
+|---|---|---|
+| `ghana/dpa` | Ghana Data Protection Act 843 of 2012 | DPC Ghana |
+
+### North Africa
+
+| Pack ID | Regulation | Authority |
+|---|---|---|
+| `egypt/pdpl` | Egypt Personal Data Protection Law No. 151/2020 | PDPRL Egypt |
+
+---
+
+## Framework Adapters
+
+### LangGraph (recommended)
+
+```python
+from comply54.langchain import Comply54Guard, comply54_route
+
+# Comply54Guard is a callable LangGraph node.
+# It reads AIMessage.tool_calls, evaluates each via comply54,
+# and injects ToolMessage errors for any blocked calls.
+
+guard = Comply54Guard(
+    NigeriaFintechCompliance(),
+    context={"kyc_tier": 3},
+    block_on_escalate=False,   # True = escalate decisions also block
+)
+```
+
+### LangChain StructuredTool
+
+```python
+from comply54.langchain import comply54_tool
+
+# Exposes comply54 as a tool the agent can call to self-check
+tool = comply54_tool(NigeriaFintechCompliance())
+agent = create_react_agent(llm, tools=[*my_tools, tool])
+```
+
+### CrewAI
+
+```python
+from comply54.crewai import build_compliance_tools
+
+tools = build_compliance_tools(NigeriaFintechCompliance())
+agent = Agent(role="Fintech Agent", tools=tools, ...)
+```
+
+### AutoGen
+
+```python
+from comply54.autogen import ComplianceMiddleware
+
+middleware = ComplianceMiddleware(NigeriaFintechCompliance())
+```
+
+### Direct OPA (from agt-policies-nigeria)
+
+```bash
+git clone https://github.com/kingztech2019/agt-policies-nigeria
+cd agt-policies-nigeria
+opa test policies/rego/ -v   # 306 tests
+```
+
+---
+
+## Example Agents
+
+Three complete LangGraph demo agents are in `examples/`:
+
+| Example | Sector | Regulations demonstrated |
+|---|---|---|
+| `examples/nigeria_fintech_agent/` | Fintech | CBN NIP cap, Tier KYC limits, Maker-Checker, NFIU AML |
+| `examples/nigeria_health_agent/` | Healthcare | NHA patient consent, AI diagnosis oversight, NDPA special-category |
+| `examples/nigeria_insurance_agent/` | Insurance | NAICOM auto-denial cap, anti-discrimination, life underwriting, fraud |
+
+```bash
+export ANTHROPIC_API_KEY=sk-ant-...
+cd examples/nigeria_fintech_agent && python agent.py
+cd examples/nigeria_health_agent  && python agent.py
+cd examples/nigeria_insurance_agent && python agent.py
+```
+
+---
+
+## Adding a New Pack
+
+See [CONTRIBUTING.md](CONTRIBUTING.md) for the full guide. Quick summary:
+
+1. Write `comply54/packs/<jurisdiction>/<pack>.rego` with Rego `deny`, `escalate`, `audit`, `allow` rules
+2. Add a `PackSpec` entry in `comply54/core/packs.py`
+3. Compose it into a sector class in `comply54/sectors/`
+4. Add tests in `tests/`
+
+---
+
+## Validation & CI
+
+```bash
+pip install -e ".[dev]"
+
+# Run all tests
+pytest tests/ -v
+
+# Validate pack registry
+python tools/validate.py
+
+# OPA tests (requires opa binary)
+opa test comply54/packs/ -v
+
+# Lint Rego
+regal lint comply54/packs/
+```
+
+---
+
+## Disclaimer
+
+Comply54 policy packs are community-maintained governance **starter templates**, not
+certified legal compliance instruments. Organisations must perform their own assessments
+with qualified legal and regulatory advisors before deploying in regulated environments.

comply54-0.2.0/README.md

@@ -0,0 +1,320 @@
+# Comply54
+
+**Open-source AI governance enforcement for African regulatory compliance.**
+
+[![CI](https://github.com/comply54/comply54/actions/workflows/ci.yml/badge.svg)](https://github.com/comply54/comply54/actions/workflows/ci.yml)
+[![codecov](https://codecov.io/gh/comply54/comply54/branch/main/graph/badge.svg)](https://codecov.io/gh/comply54/comply54)
+[![PyPI](https://img.shields.io/pypi/v/comply54.svg)](https://pypi.org/project/comply54)
+[![npm](https://img.shields.io/npm/v/@comply54/core.svg)](https://www.npmjs.com/package/@comply54/core)
+[![Python](https://img.shields.io/pypi/pyversions/comply54.svg)](https://pypi.org/project/comply54)
+[![License](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](LICENSE)
+
+---
+
+## What it does
+
+Comply54 intercepts AI agent tool calls and evaluates them against African regulatory frameworks — CBN, NDPA, NHA, NAICOM, KDPA, POPIA, and more — **before execution**. Blocked calls never reach the tool.
+
+```
+Agent decides to call transfer_funds(amount=15_000_000)
+         │
+         ▼
+   comply54 guard  ──► CBN NIP cap exceeded ──► ToolMessage error returned
+         │                                       Agent explains to user
+         ✗ tool never executes
+```
+
+No OPA binary required. No subprocess. Works in serverless environments.
+
+---
+
+## How it relates to agt-policies-nigeria
+
+```
+kingztech2019/agt-policies-nigeria          comply54
+──────────────────────────────────          ────────────────────────────────────
+The policy SOURCE.                          The enforcement and tooling LAYER.
+
+• Rego policy packs (NDPA, CBN, ...)  ──▶  • PackSpec registry indexes them
+• Cited in Microsoft AGT main         ──▶  • Sector classes compose them
+• OPA tests (306 passing)             ──▶  • LangGraph / CrewAI / AutoGen adapters
+• Stays at kingztech2019 forever      ──▶  • regopy evaluates in-process (no binary)
+```
+
+`agt-policies-nigeria` is where the policy files live — permanently cited in
+[Microsoft Agent-OS](https://github.com/microsoft/agent-governance-toolkit).
+
+`comply54` is where the ecosystem lives — the enforcement engine, sector compositions,
+framework adapters, and CI tooling that make those policies consumable from LangChain,
+LangGraph, CrewAI, AutoGen, and any OPA pipeline.
+
+---
+
+## Quick Start
+
+### Install
+
+```bash
+# Core (no framework)
+pip install comply54
+
+# With LangGraph / LangChain
+pip install "comply54[langgraph]"
+
+# With CrewAI
+pip install "comply54[crewai]"
+
+# Everything
+pip install "comply54[all]"
+```
+
+### Nigerian Fintech Agent (LangGraph)
+
+```python
+from comply54.sectors import NigeriaFintechCompliance
+from comply54.langchain import Comply54Guard, comply54_route
+from langgraph.graph import END, StateGraph
+from langgraph.prebuilt import ToolNode
+
+compliance = NigeriaFintechCompliance()
+guard = Comply54Guard(compliance, context={"kyc_tier": 3})
+
+graph = StateGraph(AgentState)
+graph.add_node("agent", call_model)
+graph.add_node("comply54_guard", guard)       # intercepts before tools run
+graph.add_node("tools", ToolNode(tools))
+
+graph.add_conditional_edges("agent", should_continue,
+    {"comply54_guard": "comply54_guard", END: END})
+graph.add_conditional_edges("comply54_guard", comply54_route,
+    {"tools": "tools", "agent": "agent"})     # blocked → agent, clear → tools
+graph.add_edge("tools", "agent")
+```
+
+### Direct check (no framework)
+
+```python
+from comply54.sectors import NigeriaFintechCompliance
+
+compliance = NigeriaFintechCompliance()
+
+result = compliance.check(
+    action="transfer_funds",
+    params={"amount": 15_000_000, "currency": "NGN"},
+    context={"kyc_tier": 3},
+)
+
+print(result.overall)                          # "deny"
+print(result.primary_violation.messages[0])   # "CBN NIP Framework: ..."
+```
+
+### Compliance certificate (for auditors)
+
+```python
+cert = compliance.certificate(
+    action="transfer_funds",
+    params={"amount": 5_000_000, "currency": "NGN"},
+    context={"kyc_tier": 3},
+)
+print(cert.to_json())   # tamper-evident JSON with SHA-256 integrity hash
+```
+
+---
+
+## Sector Packs
+
+Sector packs are the main entry point. One import wires up all relevant regulatory frameworks for your use case.
+
+### Nigerian Sector Packs
+
+| Sector class | Regulations covered | Use case |
+|---|---|---|
+| `NigeriaFintechCompliance` | NDPA + CBN + BVN/NIN + NFIU AML + OWASP | Payment agents, digital banking |
+| `NigeriaHealthcareCompliance` | NHA 2014 + NDPA (special-category) + FMOH AI Policy + OWASP | EHR agents, clinical decision support |
+| `NigeriaInsuranceCompliance` | Insurance Act 2003 + NAICOM Guidelines + NFIU AML + NDPA + OWASP | Claims processing, underwriting |
+
+### Other Sector Packs
+
+| Sector class | Jurisdictions | Use case |
+|---|---|---|
+| `KenyaFintechCompliance` | KE | Kenyan payment agents |
+| `PanAfricanFintechCompliance` | NG, KE, ZA, GH, RW, EG, ET, MU, TZ, UG | Multi-market agents |
+
+```python
+from comply54.sectors import (
+    NigeriaFintechCompliance,
+    NigeriaHealthcareCompliance,
+    NigeriaInsuranceCompliance,
+    KenyaFintechCompliance,
+    PanAfricanFintechCompliance,
+)
+```
+
+---
+
+## Policy Packs
+
+All packs use in-process Rego evaluation via `regopy` — no OPA binary required.
+
+### Universal Agent Safety Controls
+
+| Pack ID | Regulation | OWASP Ref |
+|---|---|---|
+| `universal/prompt-injection` | OWASP Agentic AI — LLM01/ASI01 | LLM01 |
+| `universal/pii-leakage` | OWASP LLM06 — Sensitive Information Disclosure | LLM06 |
+| `universal/tool-permissions` | OWASP LLM08 — Excessive Agency | LLM08 |
+| `universal/human-approval` | OWASP LLM09 — Overreliance | LLM09 |
+| `universal/model-routing` | OWASP LLM03/LLM05 — Model Selection Controls | LLM03/LLM05 |
+
+### Nigerian Regulatory Packs
+
+| Pack ID | Regulation | Authority |
+|---|---|---|
+| `nigeria/ndpa` | Nigeria Data Protection Act 2023 | NDPC |
+| `nigeria/cbn` | CBN Transaction Limits & Tiered KYC (FPR/DIR/GEN/CIR/07/003) | CBN |
+| `nigeria/bvn-nin` | CBN BVN Framework & NIBSS Scheme Rules | CBN / NIBSS |
+| `nigeria/nfiu-aml` | MLPPA 2022 / NFIU AML Guidelines | NFIU |
+| `nigeria/nha` | Nigeria National Health Act 2014 / FMOH AI Policy | FMOH / MDCN |
+| `nigeria/naicom` | Insurance Act 2003 / NAICOM Operational Guidelines 2021 / Market Conduct 2023 | NAICOM |
+
+### East Africa
+
+| Pack ID | Regulation | Authority |
+|---|---|---|
+| `kenya/kdpa` | Kenya Data Protection Act 2019 | ODPC |
+| `mauritius/dpa` | Mauritius Data Protection Act 2017 | DPC Mauritius |
+| `tanzania/pdpa` | Tanzania Personal Data Protection Act 2022 | PDPC Tanzania |
+| `uganda/dppa` | Uganda Data Protection and Privacy Act 2019 | PDPO Uganda |
+| `ethiopia/pdp` | Ethiopia Personal Data Protection Proclamation 1321/2024 | ECA |
+| `rwanda/dpa` | Rwanda Law No. 058/2021 on Personal Data Protection | RISA |
+
+### Southern Africa
+
+| Pack ID | Regulation | Authority |
+|---|---|---|
+| `south-africa/popia` | Protection of Personal Information Act 4 of 2013 | Information Regulator ZA |
+
+### West Africa
+
+| Pack ID | Regulation | Authority |
+|---|---|---|
+| `ghana/dpa` | Ghana Data Protection Act 843 of 2012 | DPC Ghana |
+
+### North Africa
+
+| Pack ID | Regulation | Authority |
+|---|---|---|
+| `egypt/pdpl` | Egypt Personal Data Protection Law No. 151/2020 | PDPRL Egypt |
+
+---
+
+## Framework Adapters
+
+### LangGraph (recommended)
+
+```python
+from comply54.langchain import Comply54Guard, comply54_route
+
+# Comply54Guard is a callable LangGraph node.
+# It reads AIMessage.tool_calls, evaluates each via comply54,
+# and injects ToolMessage errors for any blocked calls.
+
+guard = Comply54Guard(
+    NigeriaFintechCompliance(),
+    context={"kyc_tier": 3},
+    block_on_escalate=False,   # True = escalate decisions also block
+)
+```
+
+### LangChain StructuredTool
+
+```python
+from comply54.langchain import comply54_tool
+
+# Exposes comply54 as a tool the agent can call to self-check
+tool = comply54_tool(NigeriaFintechCompliance())
+agent = create_react_agent(llm, tools=[*my_tools, tool])
+```
+
+### CrewAI
+
+```python
+from comply54.crewai import build_compliance_tools
+
+tools = build_compliance_tools(NigeriaFintechCompliance())
+agent = Agent(role="Fintech Agent", tools=tools, ...)
+```
+
+### AutoGen
+
+```python
+from comply54.autogen import ComplianceMiddleware
+
+middleware = ComplianceMiddleware(NigeriaFintechCompliance())
+```
+
+### Direct OPA (from agt-policies-nigeria)
+
+```bash
+git clone https://github.com/kingztech2019/agt-policies-nigeria
+cd agt-policies-nigeria
+opa test policies/rego/ -v   # 306 tests
+```
+
+---
+
+## Example Agents
+
+Three complete LangGraph demo agents are in `examples/`:
+
+| Example | Sector | Regulations demonstrated |
+|---|---|---|
+| `examples/nigeria_fintech_agent/` | Fintech | CBN NIP cap, Tier KYC limits, Maker-Checker, NFIU AML |
+| `examples/nigeria_health_agent/` | Healthcare | NHA patient consent, AI diagnosis oversight, NDPA special-category |
+| `examples/nigeria_insurance_agent/` | Insurance | NAICOM auto-denial cap, anti-discrimination, life underwriting, fraud |
+
+```bash
+export ANTHROPIC_API_KEY=sk-ant-...
+cd examples/nigeria_fintech_agent && python agent.py
+cd examples/nigeria_health_agent  && python agent.py
+cd examples/nigeria_insurance_agent && python agent.py
+```
+
+---
+
+## Adding a New Pack
+
+See [CONTRIBUTING.md](CONTRIBUTING.md) for the full guide. Quick summary:
+
+1. Write `comply54/packs/<jurisdiction>/<pack>.rego` with Rego `deny`, `escalate`, `audit`, `allow` rules
+2. Add a `PackSpec` entry in `comply54/core/packs.py`
+3. Compose it into a sector class in `comply54/sectors/`
+4. Add tests in `tests/`
+
+---
+
+## Validation & CI
+
+```bash
+pip install -e ".[dev]"
+
+# Run all tests
+pytest tests/ -v
+
+# Validate pack registry
+python tools/validate.py
+
+# OPA tests (requires opa binary)
+opa test comply54/packs/ -v
+
+# Lint Rego
+regal lint comply54/packs/
+```
+
+---
+
+## Disclaimer
+
+Comply54 policy packs are community-maintained governance **starter templates**, not
+certified legal compliance instruments. Organisations must perform their own assessments
+with qualified legal and regulatory advisors before deploying in regulated environments.