Documentation

Know what the CLI does before running a scan.

These pages explain how Compliance Flag uses Anthropic's Opus model, how to run it, how to read the report, and where its SEC Marketing Rule review limits are.

What Compliance Flag is for

Compliance Flag is an open-source, AI-assisted Python CLI for reviewing RIA website marketing content against the SEC Marketing Rule. It can scan authorized URLs and local draft files when a firm wants to preserve what was reviewed.

The tool captures the source material, sends the review request to Anthropic's Opus model through the user's Anthropic API key, analyzes it against bundled SEC regulatory sources, validates the report structure, and writes JSON and HTML output. The report is a draft for review, not a final compliance decision.

Anthropic API access is required.

Compliance Flag does not provide model access. The user supplies their own Anthropic API key, and Anthropic API usage may be billed through that user's Anthropic account.

Human review is required.

Findings are potential issues for reviewers to evaluate. A clean output does not prove compliance, and a flagged issue is not a final legal or regulatory conclusion.

Start with the path that matches your role

Compliance and supervisory reviewers Learn what the report contains, how to verify excerpts, and how to treat draft findings. Developers and technical users Install the CLI, get an Anthropic API key, run a first scan, and find the generated artifacts. Firm operators and project owners Review the authorized-use limits, current SEC Marketing Rule focus, and professional-judgment boundaries. Contributors and evaluators Check project status, support routes, security reporting, license, and repository links.

Current scope

  • Python 3.10+ command-line package distributed as compliance-flag.
  • AI-assisted report drafting with Anthropic's Opus model through the user's Anthropic API key.
  • Local file scans for .html, .htm, .md, and .txt.
  • Experimental URL scans for pages the user is authorized to review.
  • JSON report output validated against a bundled schema.
  • HTML report rendering plus preserved source and source metadata artifacts.
  • Initial regulatory focus on SEC Rule 275.206(4)-1, the SEC Marketing Rule, with related SEC materials used for context.
Next Getting Started

Compliance Flag and Quillmark LLC are not law firms and do not provide legal, compliance, regulatory, investment, tax, accounting, or financial advice. The project, scan outputs, articles, and examples are for informational and operational use only. They should be reviewed by qualified personnel before use. Compliance Flag and Quillmark LLC do not determine that any communication meets all applicable requirements and are not affiliated with, endorsed by, or acting on behalf of the SEC or any other regulator. Regulatory and enforcement references are based on source materials and may not reflect later developments.

Compliance Flag is a Quillmark Open Source initiative. Compliance Flag is not endorsed by, sponsored by, or affiliated with OpenAI, Anthropic, or any model provider.