-
Notifications
You must be signed in to change notification settings - Fork 0
Analytics
Skill name: exchek-analytics | Folder: exchek-analytics | Command: /exchek analytics
The ExChek Compliance Intelligence dashboard. It answers the three questions every compliance professional loses sleep over: Am I audit-ready? What am I missing? Is my posture improving? Analytics computes a headline Audit Readiness Score (0–100), charts compliance posture over time, shows transaction pipeline completeness and gaps, surfaces risk concentration by destination and ECCN category, generates auditor-ready export packages, and reports skill-usage stats — all from local logs only. No compliance content ever leaves your machine. Free; optional donation.
It reads two local files: ~/.exchek/analytics/events.jsonl (skill-run telemetry) and .exchek/state/transactions.jsonl (the transaction lifecycle log written by the Orchestrator).
- "Am I audit-ready?", "Show my compliance score"
- "What compliance gaps do I have?", "What areas am I missing?"
- "How is my compliance trending?", "Show my usage stats"
- "Generate an audit package", "Export analytics to CSV"
- "Risk heatmap", "Transaction pipeline", "How do I compare?"
- Preparing for a BIS, OFAC, or DDTC audit
-
/exchek analytics(or/exchek analytics export auditfor the full package)
Audit Readiness Score. The headline number — a single 0–100 score computed locally from six weighted dimensions:
| Dimension | Weight | What it measures |
|---|---|---|
| Transaction completion rate | 20% | Fully complete classify → screen → license → docs chains / total transactions |
| Re-screening cadence | 15% | Parties re-screened within the window (default 90 days, configurable) |
| Documentation coverage | 20% | Transactions with a license determination that also have export docs |
| ECP currency | 15% | Time since the ECP skill last ran (decays from 100 to 0) |
| Recordkeeping compliance | 15% | Time since the last recordkeeping review (same decay) |
| Skill coverage | 15% | Critical skill categories used at least once (of 15) |
Below the score, the dashboard always shows What to improve — specific, actionable recommendations for every dimension scoring below 90%.
Compliance posture timeline. Re-computes the score at each month boundary to show whether your posture is improving or declining over the last 90 days (or longer if data exists).
Transaction pipeline view. A funnel from transactions.jsonl showing how many transactions reached each stage (classified → screened → license → docs → fully documented), followed by a gap analysis that lists every drop-off with an actionable next step.
Risk heatmap. Risk concentration across two dimensions — by destination country and by ECCN category — flagging combinations of elevated concern (e.g. Category 6 sensors to China).
Skill usage breakdown. Total runs (all-time / 7-day / 30-day), per-skill counts, success rate, average duration, most active periods, and a compliance-coverage matrix of which categories have been used vs. not.
Export options. A quick CSV export of events, or a comprehensive audit package — a dated folder containing a compliance activity summary, transaction/screening/classification logs, a gap report, and the full readiness scorecard. This is what an auditor asks for.
AUDIT READINESS SCORE: 87/100
████████████████████░░░
Breakdown:
Transaction completion: 92% ████████████████████░
Re-screening cadence: 85% █████████████████░░░░
Documentation coverage: 95% ███████████████████░░
ECP currency: 100% ████████████████████░
Recordkeeping: 78% ████████████████░░░░░
Skill coverage: 72% ███████████████░░░░░░
What to improve:
- 4 parties overdue for re-screening. Run /exchek screen [party].
- 3 transaction chains missing export docs. Run /exchek export-docs.
- 7 of 15 skill categories never used. Try /exchek red-flags, /exchek jurisdiction.
Transaction Pipeline — Last 30 Days
52 items classified
|-- 48 parties screened (92%)
|-- 47 license determinations (90%)
|-- 41 export docs generated (79%)
/exchek analytics export audit writes a dated folder under your report folder containing:
| File | Contents |
|---|---|
Compliance-Activity-Summary.md |
Posture narrative for an auditor or management |
Transaction-Log.csv |
Every transaction with chain status and missing steps |
Screening-Log.csv |
Every CSL screening event |
Classification-Log.csv |
Every classification event |
Gap-Report.md |
Incomplete transactions, overdue re-screenings, unused categories |
Audit-Readiness-Scorecard.md |
Full six-dimension breakdown with trends and recommendations |
Analytics is computed entirely from event metadata and transaction lifecycle status — never from the substance of compliance decisions. The following are never logged, stored, or transmitted, locally or to the cloud:
- Source code, file contents, file paths
- User prompts or agent responses
- PII, company names, party names, transaction details
- ECCN results, classification outcomes, or screening hits
- API keys, tokens, report contents
Only skill names, timestamps, durations, success/failure, OS, agent type, and engine version are recorded. Anonymized industry benchmarks are shown only if you opt in to cloud telemetry in .exchek/telemetry.json.
| Step | Skill |
|---|---|
| Where transaction data comes from | Orchestrator |
| Close coverage gaps the dashboard flags | ECCN Classification, CSL Search, License Determination |
| Run a deeper retrospective review | Audit / Lookback |
| Convert the audit-package narrative to .docx | Document Converter |
→ See Skills Overview for all 20 skills.
-
Local data only. Analytics reads
~/.exchek/analytics/events.jsonland.exchek/state/transactions.jsonland never sends compliance content anywhere. It is richest on Claude Code or a desktop runtime, where those local logs and the audit-package files are written. (Cowork can run it, but the local analytics/transaction logs and.docxgeneration need Claude Code or a desktop runtime.) - No data yet? If both source files are missing or empty, Analytics tells you to run some skills first and come back; with only one present, it proceeds on partial data and notes what is missing.
- CUI/Classified gate first. As with every ExChek skill, a CUI/classified "yes" routes to on-prem guidance before anything runs. See CUI and Classified Information.
- Decision-support only. The Audit Readiness Score is a self-assessment aid, not a substitute for qualified export compliance counsel.