Quick start
From the root of any git repository:
npx compliancegate install
This runs the compliancegate npm installer, which:
- Creates
.venvin your repo pip installs ComplianceGate from GitHub- Runs
compliancegate init— hooks, config, storage dirs - Copies the
compliancegateagent skill to.cursor/skills/
Then start live review:
.venv/bin/compliancegate watch
Requirements
| Requirement | Version |
|---|---|
| Node.js (for npx) | 18+ |
| Python | 3.10+ |
| Git repository | Target project must have .git/ |
npm package
ComplianceGate ships a Node wrapper on npm so you never clone the repo just to install hooks.
| Resource | Link |
|---|---|
| npm | npmjs.com/package/compliancegate |
| Application source | github.com/tedrubin80/compliancegate |
| Install command | npx compliancegate install |
npx commands
| Command | Purpose |
|---|---|
npx compliancegate install | Full install into a git repo |
npx compliancegate check | Verify venv, hooks, config, CLI |
npx compliancegate skills install | Install Cursor / Claude agent skills |
npx compliancegate run … | Passthrough to Python CLI |
Install options
npx compliancegate install --mode sqlite_markdown --packs base,pii --langchain
| Flag | Description |
|---|---|
--repo PATH | Target git repo (default: current directory) |
--mode MODE | sqlite, markdown, remote, sqlite_markdown, or all |
--packs LIST | Comma-separated rule packs (default: base) |
--langchain | Also install compliancegate[langchain] for two-stage LLM review |
--source SPEC | Override pip source (default: GitHub main) |
--no-venv | Use system Python instead of .venv |
Verify
npx compliancegate check
Checks for git repo, .venv, config.yaml, pre-commit/pre-push hooks, and a working compliancegate CLI.
Agent skills
Two skills ship with the npm package:
| Skill | Use when |
|---|---|
compliancegate | Repo has CG hooks — invoke CLI, interpret findings, fix-recheck loop |
compliance-review | Standalone in-chat review — no ComplianceGate install required |
npx compliancegate skills install --all-skills --all
npx compliancegate install automatically copies the compliancegate skill into .cursor/skills/compliancegate/ in your repo.
LLM routing
Heuristic scans run locally without an API key. For LLM review, edit config.yaml after install:
Install LangChain dependencies at setup time:
npx compliancegate install --langchain
Or add them after install: pip install 'compliancegate[langchain]'
npx compliancegate run llm test
Rule packs
Enable packs in config.yaml under compliance.rule_packs:
npx compliancegate run rules list
Storage modes
| Mode | What you get |
|---|---|
sqlite_markdown | Local SQLite + markdown session reports (default) |
markdown | Markdown reports only |
sqlite | SQLite audit DB only |
remote | Sanitized metadata sync to Postgres or MySQL |
For remote sync, also install database drivers:
pip install 'compliancegate[postgres,mysql]'
Other install paths
Install script
git clone https://github.com/tedrubin80/compliancegate.git && cd compliancegate && bash scripts/install.sh --repo /path/to/project --langchain
Manual pip
pip install git+https://github.com/tedrubin80/compliancegate.git && compliancegate init --mode sqlite_markdown
Emergency bypass
Logged when storage is enabled. Use sparingly.
CG_SKIP=1 git commit -m "hotfix"
CLI reference
| Command | Description |
|---|---|
compliancegate watch | Live file watcher with debounced alerts |
compliancegate review | Review current git diff on demand |
compliancegate pre-commit | Pre-commit gate (hooks call this) |
compliancegate status | Storage mode, session, unresolved findings |
compliancegate llm route | Show LLM / LangChain config |
compliancegate llm test | Probe LLM connectivity |
compliancegate export-md | Export session markdown report |
compliancegate sync-db | Push sanitized metadata to remote DB |
Alias: cg. Full docs: GitHub README.