Open-source CLI for vendor privacy risk assessment. Free forever. Provider-agnostic.

Bandit is a Python CLI that assesses vendor privacy policies against a published, enforcement-grounded rubric. Point it at a company name, domain, or URL — it finds the policy, extracts evidence with an LLM, scores it deterministically across 8 dimensions, and saves an HTML report with findings for each team.

The AI extracts evidence. Bandit scores it. GPT-4o and Claude produce the same score from the same policy.

git clone https://github.com/conorrusso/bandit.git
cd bandit
pip install -e .

Set your API key (or pass --api-key):

export ANTHROPIC_API_KEY=sk-ant-...

git clone https://github.com/conorrusso/bandit.git
cd bandit
pip install -e .

With Google Drive support:

pip install -e ".[drive]"

bandit setup

5 questions. Takes about 2 minutes. Configures Bandit for your industry, location, and regulatory profile. Run once, update anytime.

For Google Drive integration:

bandit setup --drive

# Public privacy policy only
bandit assess "Salesforce"

# With local documents
bandit assess "Salesforce" --docs ./vendor-docs/Salesforce/

# With Google Drive
bandit assess "Salesforce" --drive

bandit assess <vendor>           Run a full privacy risk assessment
bandit assess <vendor> -v        Verbose — see fetched pages and signals
bandit assess <vendor> --json    Output raw JSON
bandit batch <vendors.txt>       Assess a full vendor list
bandit profile <vendor>          Show vendor function profile and doc requirements
bandit profile --show            List all cached vendor profiles
bandit rubric                    Show the scoring rubric summary
bandit rubric --dim D5           Show criteria for one dimension
bandit setup                     Configure your industry and regulatory profile
bandit setup --stack             Set up your internal tech stack
bandit setup --notify            Configure IT notification contact
bandit setup --show              Show current profile
bandit setup --reset             Start setup over
bandit vendor add <vendor>       Run 12-question intake wizard for a new vendor
bandit vendor show <vendor>      View vendor profile and assessment history
bandit vendor edit <vendor>      Update intake answers
bandit vendor list               List all vendors with risk tier and next due date
bandit vendor list --due         Vendors due for reassessment only
bandit vendor list --risk HIGH   Filter by risk tier
bandit legal <vendor>            Standalone contract gap analysis
bandit dashboard                 Portfolio risk overview
bandit schedule                  Reassessment schedule
bandit schedule --due            Vendors due for reassessment
bandit register                  Export TPRM register (CSV / JSON / HTML)
bandit notify --all              Send all queued IT notifications
bandit sync                      Sync with Drive — discovers, links, pulls docs

bandit assess accepts three input formats:

Create a text file with one vendor per line (names, domains, or URLs — any format):

Salesforce
hubspot.com
https://notion.so/privacy
# This line is ignored
Anecdotes AI

Run:

bandit batch vendors.txt

HTML reports are saved to ./reports/ after every run. The batch command prints a summary table when all vendors are done.

Run a full privacy risk assessment for one vendor.

bandit assess "Salesforce"                           # company name
bandit assess salesforce.com                         # domain
bandit assess https://salesforce.com/privacy         # full URL
bandit assess "Acme Corp" --verbose                  # show all stages
bandit assess "Acme Corp" --json > acme.json         # raw JSON output
bandit assess "Acme Corp" --no-report                # skip HTML report
bandit assess "Acme Corp" --model claude-opus-4-6    # override model
bandit assess "Acme Corp" --docs ./vendor-docs/acme/ # with documents
bandit assess "Acme Corp" --drive                    # from Google Drive

Run the interactive setup wizard. 5 core questions + up to 3 conditional. Infers regulatory frameworks automatically and adjusts dimension weights. Saves to bandit.config.yml.

bandit setup            # Run wizard (~2 minutes)
bandit setup --stack    # Collect internal tools by category (used in vendor intake)
bandit setup --notify   # Configure IT notification contact and method
bandit setup --show     # Show current config
bandit setup --reset    # Start over
bandit setup --advanced # Advanced config (coming soon)

The wizard asks:

1. Organisation type — sets industry-specific defaults
2. Locations — where you and your customers operate
3. Sensitive data types — PHI, PCI, children's data, biometric, HR, special categories
4. Required certifications — SOC 2, HIPAA BAA, GDPR DPA, PCI AOC, etc.
5. Risk approach — Strict / Standard / Pragmatic (sets cadence and escalation)

Conditional (asked only when relevant):

• Infrastructure location (if EU/EEA in locations) — affects D4 cross-border transfer weight
• BAA required (if PHI selected) — HIPAA Business Associate Agreement requirement
• PCI merchant level (if payment card selected) — Level 1/2/3

Bandit then infers: applicable frameworks (GDPR, HIPAA, CCPA, etc.), dimension weights, reassessment cadence, and escalation triggers — all shown for review before saving.

If no config exists, Bandit prompts you to run setup before the assessment starts. You can set up inline, skip it, or quit.

Show the vendor function profile for any vendor — what category it belongs to, weight modifiers that apply, and documents expected.

bandit profile "Salesforce"    # Detect and show profile
bandit profile --show          # List all cached profiles
bandit profile --unknown       # Show vendors with unknown classification

Bandit auto-detects vendor functions (HR, payments, AI/ML, healthcare, etc.) using a curated library of 330+ vendors. If detection confidence is below 0.6, you'll be prompted to confirm during bandit assess.

Assess a list of vendors from a text file. See vendors.txt format above.

Show the scoring rubric. Use --dim D1 through --dim D8 to see criteria for a specific dimension.

Every bandit assess run saves an HTML report to ./reports/<vendor>-<date>.html.

The report includes:

• Score summary — risk tier (LOW / MEDIUM / HIGH), weighted average, per-dimension scores
• Assessment scope notice — shows which document types were assessed. Currently: public privacy policy only. D8 (DPA Completeness) is marked "Requires DPA" and D2, D4, D5 are marked "Partially assessed" until a DPA is provided (v1.1 Google Drive integration)
• Per-dimension detail — evidence found (confirmed signals), gaps identified (missing signals), red flags triggered
• Evidence confidence — each dimension shows whether evidence is Confirmed (genuine score), Partially assessed (DPA would complete), or Requires DPA (cannot score from public policy)
• Profile header — active profile shown with industry, frameworks, and modified dimension weights
• Escalation banner — HIGH risk vendors with auto-escalation triggers show a prominent banner with specific reasons
• Vendor follow-up questions — 2–3 questions per gap, ready to send
• Contract recommendations — specific DPA/MSA redline language for scores ≤ 3
• Team summary — GRC decision, Legal contract checklist, Security posture (D5/D6/D8)
• Vendor email template — consolidated questions formatted as a ready-to-send email

Use --no-report to skip saving. Use --json to print raw JSON to stdout (report is still saved).

Bandit assesses public privacy policies and uploaded documents.

Different documents reveal different information:

Bandit supports public privacy policies, local document folders, and Google Drive, unlocking full scoring across all 8 dimensions.

# Single vendor
bandit assess "Salesforce" --docs ./vendor-docs/Salesforce/

# Batch with auto-matching
bandit batch vendors.txt --docs-root ./vendor-docs/

Folder structure:

vendor-docs/
├── Salesforce/
│   ├── dpa.pdf
│   ├── msa.pdf
│   └── soc2-2025.pdf
└── HubSpot/
    └── dpa.pdf

File names don't matter — Bandit auto-detects types. Supports: PDF · DOCX · HTML · TXT · MD · JSON

# One-time setup
bandit setup --drive

# Assess with Drive documents
bandit assess "Salesforce" --drive

# Batch with Drive
bandit batch vendors.txt --drive

First time with existing Drive folders:

bandit setup --drive           # configure credentials
bandit sync                    # discover, link, and pull docs
bandit assess "Vendor" --drive # run with Drive docs
bandit dashboard               # view portfolio

Full setup guide: docs/google-drive-setup.md

D6 and D8 are weighted 1.5× — AI/ML is the fastest-moving regulatory area and DPA quality sets the enforceability ceiling for D2, D5, and D7.

Weights are adjusted automatically when you run bandit setup. A healthcare company gets D5 weighted higher; an EU company gets D4 weighted higher.

Each dimension is scored 1–5. Risk tier:

See core/scoring/RUBRIC.md for full criteria, enforcement precedents, and red-flag phrase registry.

Override the model with --model:

bandit assess "Acme Corp" --model claude-opus-4-6
bandit assess "Acme Corp" --model gpt-4o

When given a company name or domain, Bandit locates the privacy policy through a staged fallback:

1. DDG search — queries DuckDuckGo for {vendor} privacy policy
2. TLD probe — tries common privacy paths (/privacy, /privacy-policy, etc.)
3. AI reasoning — asks the LLM to infer the most likely domain
4. Homepage scrape — fetches the homepage and looks for policy links
5. Manual flag — logs to ~/.bandit/manual-review.json if all stages fail

Discovered domain→URL mappings are cached in ~/.bandit/domain-cache.json.

ANTHROPIC_API_KEY not set — Export the key or pass --api-key sk-ant-....

Could not locate a privacy policy — Try passing the URL directly: bandit assess https://vendor.com/privacy. The vendor is logged to ~/.bandit/manual-review.json.

Sparse policy text — Bandit automatically retries via Jina Reader if the direct fetch returns too little text (JS-rendered pages). If both fail, the policy may require authentication.

Wrong policy found — Pass the full URL to bypass discovery entirely.

All dimensions still show "Requires DPA" after --docs Check the manifest output — the DPA may have failed to extract (scanned PDF) or been classified as UNKNOWN. Run with --verbose to see the full manifest. Rename the file to include "dpa" if classification failed.

Scanned PDF not readable Bandit requires PDFs with a text layer. Request a native PDF from your vendor. OCR support for scanned PDFs is coming in v1.2.

Google Drive: "Vendor folder not found" The subfolder name must match the vendor name. Check spelling and case. Example: folder "Salesforce" matches bandit assess "Salesforce".

Google Drive: token expired or "403 Insufficient Permission" Delete the token and re-authenticate:

rm ~/.bandit/google-token.json
bandit assess "YourVendor" --drive

Running bandit setup --drive alone does not always fix this — the token must be deleted so a fresh browser consent is triggered with the correct permissions.

Privacy Bandit · CLI · HTML reports · Setup profiles · Evidence confidence · Provider-agnostic

Local folder document sources · Google Drive integration · PDF/DOCX parsing · 47 document types · Full D8 scoring · Signal source attribution · Multi-document assessment

Legal Bandit · Full GDPR Art. 28(3) DPA checklist · MSA commercial data protection terms · SCC version check · Contract-based score updates · Legal redline brief HTML report

Vendor Intelligence · 12-question intake wizard · Tech stack integration · Assessment history per vendor · Intake context injected into assessments · Weight modifiers from intake data · IT notification queue · Google Drive profile sync

Portfolio dashboard · Reassessment schedule · TPRM register export (CSV / JSON / HTML) · IT notification sending · Unified data resolver

Full vendor onboarding workflow · Submission portal · Approval workflow · Vendor self-service · API

Each Bandit is a specialised agent with its own tool belt:

See CONTRIBUTING.md. The most impactful contributions:

• Rubric improvements — edit core/scoring/rubric.py (no AI expertise needed)
• New red-flag patterns — add enforcement-backed phrases to the signal registry
• Provider adapters — add a new LLM provider to core/llm/
• New agent implementations — build out a Bandit agent class in core/agents/

MIT — see LICENSE.