Add compliance baseline for ip-legal plugin

[oxunafufa55]

Summary

This PR adds COMPLIANCE.md to the ip-legal plugin — a jurisdiction-agnostic compliance baseline that every skill reads before execution.

What it covers

• Deployment environment classification — public cloud / private / air-gapped, with per-tier AI suitability rules
• Five-tier information sensitivity framework — Public → Internal → Confidential → Restricted → Prohibited, with clear AI processing rules per tier
• Mandatory pre-input self-assessment checklist — five yes/no checks before every skill invocation
• Per-skill confidentiality quick-reference table — maps all 13 ip-legal skills to typical input sensitivity and environment requirements
• Bright-line prohibited input rules — six categories that must never be submitted to any AI system
• Output management — mandatory disclaimer, tier inheritance, no-direct-filing rule, storage requirements
• Audit & logging standards — invocation logging, retention, access control, incident reporting
• Privilege considerations — attorney-client privilege, patent-agent privilege scope, work-product doctrine

Design rationale

CONTRIBUTING.md states that CLAUDE.md provides the "plugin-level safety net." This file complements CLAUDE.md by providing a dedicated compliance baseline focused on data handling and confidentiality — concerns that apply to every legal AI deployment regardless of jurisdiction.

The file is jurisdiction-agnostic. It does not cite any specific country's laws, making it reusable across all claude-for-legal plugins.

Test plan

• File passes markdown lint
• All 13 skills listed in the quick-reference table match the current skills/ directory
• Sensitivity tier definitions are consistent with CLAUDE.md practice profile fields
• No jurisdiction-specific legal references remain in the text

[github-actions]

All contributors have signed the CLA ✍️ ✅
_{Posted by the CLA Assistant Lite bot.}

[oxunafufa55]

警告

Pull Request 的发起者并非此 PR 中任何提交的作者或共同作者。

• 开场白：@oxunafufa55
• 提交者：@guofeng1369，@claude作品4.7

此检查被阻止，以防止提交者使用其无法控制的受信任身份提交代码。如果此 PR 是合法的 cherry-pick、发布工程提交或邮件列表式补丁推送，则仓库维护者可以通过require-opener-as-author: 'false'在仓库工作流程中启用 CLA 助手步骤来选择退出此检查。

感谢您的提交，我们非常感激。与许多开源项目一样，我们要求所有贡献者在提交代码之前签署我们的贡献者许可协议 (CLA)。您可以通过在 Pull Request 中发布评论来签署 CLA，格式如下。

我已阅读CLA文件，并在此签署CLA文件。

两位提交者中没有一位签署了贡献者许可协议 (CLA) 。❌@oxunafufa55❌@guofeng1369

警告

此 PR 中的 1 个提交是由未​​与任何 GitHub 用户关联的电子邮件地址创建的，因此我们无法确定作者是否已签署 CLA。

未链接作者：

• 国风1369<guofeng1369@github.com>

要解除此 PR 的阻塞，请执行以下操作之一：

1. 将此邮箱地址关联到您的 GitHub 帐户（推荐）。请在github.com/settings/emails添加上述每个地址，然后推送另一个提交（或评论recheck）以重新运行此检查。有关详细信息，请参阅“为什么提交未关联到用户”。

2. 请修改提交记录，使用已关联到您 GitHub 帐户的电子邮件地址：

   # Set the correct email locally (one-off, for this repo):
   git config user.email you@example.com
   # Rewrite every commit on this branch with the corrected identity:
   git rebase -i --root --exec 'git commit --amend --reset-author --no-edit'
   git push --force-with-lease

   推送完成后，请recheck在此 PR 中留言（或直接重新推送）以重新运行检查。
   您可以通过在此拉取请求中留言**“recheck”来重新触发此机器人。由CLA Assistant Lite 机器人**发布。

I have read the CLA Document and I hereby sign the CLA

[oxunafufa55]

I have read the CLA Document and I hereby sign the CLA

[oxunafufa55]

recheck

[oxunafufa55]

recheck