Contract Skill — A ready-to-use MOVA HITL workflow. Requires the openclaw-mova plugin.

MOVA Supply Chain Risk Analysis

Screen your supplier list against sanctions registries, PEP databases, ESG ratings, and financial stability indicators — with a per-supplier risk band, source citations, and a mandatory human procurement decision gate backed by a tamper-proof audit trail.

What it does

1. 1. Supplier ingestion — accepts a list of supplier names, IDs, countries, and procurement category
2. Multi-source screening — OFAC / EU / UN sanctions, PEP registries, ESG ratings, adverse media, financial stability
3. Risk report — per-supplier risk band (low / medium / high / critical) with source citations and finding details
4. Human gate — procurement manager reviews findings and chooses: approve all / approve clean only / reject all / escalate
5. Audit receipt — all data sources, query timestamps, screening results, and the human decision are logged for supply chain transparency audits

Mandatory escalation rules enforced by policy:

• - Sanctions hit on any supplier → immediate escalation, cannot approve batch
• Critical risk band (≥ 2 suppliers) → mandatory escalation to compliance team
• PEP flag with procurement value above threshold → escalate required

Requirements

Plugin: MOVA OpenClaw plugin must be installed in your OpenClaw workspace.

Data flows:

• - Supplier data + procurement category → api.mova-lab.eu (MOVA platform, EU-hosted)
• Supplier names/countries → sanctions & PEP screening (OFAC, EU, UN — read-only)
• Supplier IDs → ESG ratings and adverse media lookup (read-only)
• Supplier name/country → company registry and financial stability check (read-only)
• Audit journal → MOVA R2 storage, signed
• No data stored locally or sent to third parties beyond the above

Demo

Step 1 — Supplier batch submitted with screening request

Step 2 — AI screening: sanctions hit on SUP-002, ESG risk on SUP-003, mandatory escalation triggered

Step 3 — Audit receipt + signed decision log

Quick start

Say "screen these suppliers for procurement" and provide:

CODEBLOCK0

The agent submits the batch, shows the per-supplier risk report with sanctions and ESG findings, then asks for your procurement decision.

Why contract execution matters

• - Sanctions rules are policy, not prompts — any sanctions hit triggers mandatory escalation that cannot be bypassed
• Multi-source traceability — every finding is tagged with its source (OFAC / EU / UN / ESG / registry)
• Immutable audit trail — when a compliance officer or regulator asks "who cleared supplier SUP-002 and why?" — the answer is in the system
• EU Supply Chain Due Diligence / OFAC ready — procurement decisions require documented screening history, source citations, and human sign-off

What the user receives

Output	Description
Suppliers screened	Total count in batch
Critical / high / medium / low

Count per risk band | | Per-supplier risk band | low / medium / high / critical | | Sanctions result | OFAC / EU / UN hit or clear with match details | | PEP flag | PEP status and category | | ESG score | Rating and adverse media flags | | Financial stability | Registration status, insolvency signals | | Findings | Per-supplier structured list with source and severity | | Recommended action | AI-suggested decision | | Decision options | approveall / approveclean / reject_all / escalate | | Audit receipt ID | Permanent signed record of the procurement decision | | Compact journal | Full event log: screening → risk report → human decision |

When to trigger

Activate when the user:

• - Provides a supplier list (names, IDs, or CSV)
• Says "screen these vendors", "run supply chain check", "due diligence on supplier"
• Asks to prepare a procurement risk report before signing contracts

Before starting, confirm: "Screen [COUNT] suppliers for MOVA supply chain risk analysis?"

If supplier data is missing — ask once for: supplier names/IDs, country of registration, procurement category.

Step 1 — Submit supplier list for screening

Call tool mova_hitl_start_supply_chain with:

• - suppliers: array of objects with id, name, country (ISO 3166-1 alpha-2)
• INLINECODE7: raw_materials / logistics / technology / services
• INLINECODE8: employee ID of the procurement requestor

Step 2 — Show risk report and decision options

If status = "waiting_human" — show the screening summary:

CODEBLOCK1

Option	Description
INLINECODE10	Approve all screened suppliers
INLINECODE11

Approve only clean suppliers, block high-risk |
| reject_all | Block entire batch pending further review |
| escalate | Escalate to compliance team |

Call tool mova_hitl_decide with:

• - contract_id: from the response above — this is ctr-scr-xxxxxxxx, NOT a supplier ID
• INLINECODE17: chosen decision
• INLINECODE18: procurement manager reasoning (required for reject_all and escalate)

Step 3 — Show audit receipt

Call tool mova_hitl_audit with contract_id.
Call tool mova_hitl_audit_compact with contract_id for the full signed screening chain.

Connect your real screening systems

By default MOVA uses a sandbox mock. To route checks against your live infrastructure, call mova_list_connectors with keyword: "supply".

Relevant connectors:

Connector ID	What it covers
INLINECODE25	PEP & sanctions screening (OFAC, EU, UN)
INLINECODE26

ESG ratings and adverse media |
| connector.data.company_registry_v1 | Company registration status |
| connector.data.company_enrichment_v1 | Financial stability and enrichment data |

Call mova_register_connector with connector_id, endpoint, optional auth_header and auth_value.

Rules

• - NEVER make HTTP requests manually
• NEVER invent or simulate screening results — if a tool call fails, show the exact error
• Use MOVA plugin tools directly — do NOT use exec or shell
• CONTRACTID is ctr-scr-xxxxxxxx from the movahitlstartsupply_chain response — NOT a supplier ID