Skip to content

feat: add four new compliance and governance modes #8707

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: add four new compliance and governance modes #8707

wants to merge 1 commit into from
+48 −0

Conversation

roomote[bot]
Copy link

@roomote roomote bot commented Oct 17, 2025

This PR attempts to address Issue #8706 by adding four new specialized modes for compliance and governance tasks.

Summary

Added four new modes to assist with regulatory compliance, security audits, accessibility reviews, and open-source governance:

🧾 GDPR Consultant

  • Specializes in identifying and mitigating privacy risks within software systems
  • Assesses data collection, processing, and storage practices for UK GDPR and EU GDPR compliance
  • Reviews APIs, databases, and logs for data minimization, retention, and access control

🧩 Compliance Auditor

  • Expert in regulatory and technical compliance frameworks (ISO 27001, Cyber Essentials, SOC 2)
  • Reviews access controls, IAM policies, and permission boundaries
  • Checks encryption standards and audit logging
  • Identifies misconfigurations in CI/CD, cloud, or endpoint environments

🔍 Accessibility Reviewer

  • Web accessibility specialist versed in WCAG 2.2 and GOV.UK Design System standards
  • Evaluates semantic HTML structure and ARIA roles
  • Checks keyboard navigation, focus order, and skip links
  • Assesses colour contrast ratios and text scaling

🌐 Open-Source License Checker

  • Licensing compliance specialist focused on open-source software governance
  • Analyzes dependency manifests (package.json, requirements.txt, go.mod, etc.)
  • Detects incompatible or restrictive licenses
  • Ensures SPDX identifiers and license files are correctly applied

Changes

  • Added four new mode configurations to DEFAULT_MODES in packages/types/src/mode.ts
  • Each mode includes appropriate roleDefinition, whenToUse, description, groups, and customInstructions

Testing

  • ✅ All tests pass successfully
  • ✅ TypeScript compilation successful
  • ✅ ESLint checks pass with no warnings

Notes

This implementation follows the suggestions from @DirectITServicesUK in issue #8706. Feedback and guidance are welcome!

Fixes #8706

@roomote
feat: add four new compliance and governance modes
ea14ebc 
- Added GDPR Consultant mode for privacy compliance assessment
- Added Compliance Auditor mode for ISO 27001, Cyber Essentials, and SOC 2 audits
- Added Accessibility Reviewer mode for WCAG 2.2 and GOV.UK standards
- Added Open-Source License Checker mode for licensing compliance

These modes provide specialized assistance for regulatory compliance,
security audits, accessibility reviews, and open-source governance.

Fixes #8706
@roomote roomote bot requested review from cte, jr and mrubens as code owners October 17, 2025 17:35
@dosubot dosubot bot added the size:M This PR changes 30-99 lines, ignoring generated files. label Oct 17, 2025
@roomote Roomote
Copy link
Author

roomote bot commented Oct 17, 2025
edited
Loading

Review Complete

I've completed my review of this pull request. No issues were found - the implementation is clean and follows all existing patterns correctly.

Summary

The four new compliance and governance modes are:

  • Well-structured and schema-compliant
  • Consistent with existing mode patterns
  • Comprehensive in their role definitions and instructions
  • Ready for merge

✅ All checks passed - no action items required.

@dosubot dosubot bot added the enhancement New feature or request label Oct 17, 2025
@roomote roomote bot mentioned this pull request Oct 17, 2025
Open
1 task
@hannesrudolph hannesrudolph added the Issue/PR - Triage New issue. Needs quick review to confirm validity and assign labels. label Oct 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mrubens mrubens Awaiting requested review from mrubens mrubens is a code owner

@cte cte Awaiting requested review from cte cte is a code owner

@jr jr Awaiting requested review from jr jr is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

enhancement New feature or request Issue/PR - Triage New issue. Needs quick review to confirm validity and assign labels. size:M This PR changes 30-99 lines, ignoring generated files.

Projects

Roo Code Roadmap
Status: Triage

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

I have a few MODEs you might like.

2 participants

@hannesrudolph @roomote