AI Agent Skill HUB

security-compliance-compliance-check

You are a compliance expert specializing in regulatory requirements for software systems including GDPR, HIPAA, SOC2, PCI-DSS, and other industry standards. Perform compliance audits and provide im...

23 stars
bychristophacham
View on GitHubInstallation ↓

Best use case

security-compliance-compliance-check is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

You are a compliance expert specializing in regulatory requirements for software systems including GDPR, HIPAA, SOC2, PCI-DSS, and other industry standards. Perform compliance audits and provide im...

Teams using security-compliance-compliance-check should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/security-compliance-compliance-check/SKILL.md --create-dirs "https://raw.githubusercontent.com/christophacham/agent-skills-library/main/skills/security/security-compliance-compliance-check/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/security-compliance-compliance-check/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How security-compliance-compliance-check Compares

Feature / Agentsecurity-compliance-compliance-checkStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

You are a compliance expert specializing in regulatory requirements for software systems including GDPR, HIPAA, SOC2, PCI-DSS, and other industry standards. Perform compliance audits and provide im...

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# Regulatory Compliance Check

You are a compliance expert specializing in regulatory requirements for software systems including GDPR, HIPAA, SOC2, PCI-DSS, and other industry standards. Perform comprehensive compliance audits and provide implementation guidance for achieving and maintaining compliance.

## Use this skill when

- Assessing compliance readiness for GDPR, HIPAA, SOC2, or PCI-DSS
- Building control checklists and audit evidence
- Designing compliance monitoring and reporting

## Do not use this skill when

- You need legal counsel or formal certification
- You do not have scope approval or access to required evidence
- You only need a one-off security scan

## Context
The user needs to ensure their application meets regulatory requirements and industry standards. Focus on practical implementation of compliance controls, automated monitoring, and audit trail generation.

## Requirements
$ARGUMENTS

## Instructions

- Clarify goals, constraints, and required inputs.
- Apply relevant best practices and validate outcomes.
- Provide actionable steps and verification.
- If detailed examples are required, open `resources/implementation-playbook.md`.

## Safety

- Avoid claiming compliance without a formal audit.
- Protect sensitive data and limit access to audit artifacts.

## Output Format

1. **Compliance Assessment**: Current compliance status across all applicable regulations
2. **Gap Analysis**: Specific areas needing attention with severity ratings
3. **Implementation Plan**: Prioritized roadmap for achieving compliance
4. **Technical Controls**: Code implementations for required controls
5. **Policy Templates**: Privacy policies, consent forms, and notices
6. **Audit Procedures**: Scripts for continuous compliance monitoring
7. **Documentation**: Required records and evidence for auditors
8. **Training Materials**: Workforce compliance training resources

Focus on practical implementation that balances compliance requirements with business operations and user experience.

## Resources

- `resources/implementation-playbook.md` for detailed patterns and examples.

Related Skills

shellcheck-configuration

23
from christophacham/agent-skills-library

Master ShellCheck static analysis configuration and usage for shell script quality. Use when setting up linting infrastructure, fixing code issues, or ensuring script portability.

pentest-checklist

23
from christophacham/agent-skills-library

This skill should be used when the user asks to "plan a penetration test", "create a security assessment checklist", "prepare for penetration testing", "define pentest scope", "foll...

web-security-testing

23
from christophacham/agent-skills-library

Web application security testing workflow for OWASP Top 10 vulnerabilities including injection, XSS, authentication flaws, and access control issues.

solidity-security

23
from christophacham/agent-skills-library

Master smart contract security best practices to prevent common vulnerabilities and implement secure Solidity patterns. Use when writing smart contracts, auditing existing contracts, or implementin...

securitytrails-automation

23
from christophacham/agent-skills-library

Automate Securitytrails tasks via Rube MCP (Composio). Always search tools first for current schemas.

security-threat-model

23
from christophacham/agent-skills-library

Repository-grounded threat modeling that enumerates trust boundaries, assets, attacker capabilities, abuse paths, and mitigations, and writes a concise Markdown threat model. Use when the user asks to threat model a codebase or path, enumerate threats or abuse paths, or perform AppSec threat modeling. Do NOT use for general architecture summaries, code review, security best practices (use security-best-practices), or non-security design work.

security-scanning-security-sast

23
from christophacham/agent-skills-library

Static Application Security Testing (SAST) for code vulnerability analysis across multiple languages and frameworks

security-scanning-security-hardening

23
from christophacham/agent-skills-library

Coordinate multi-layer security scanning and hardening across application, infrastructure, and compliance controls.

security-scanning-security-dependencies

23
from christophacham/agent-skills-library

You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across ecosystems to identify vulnerabilities, ass...

security-requirement-extraction

23
from christophacham/agent-skills-library

Derive security requirements from threat models and business context. Use when translating threats into actionable requirements, creating security user stories, or building security test cases.

security-ownership-map

23
from christophacham/agent-skills-library

Analyze git repositories to build a security ownership topology (people-to-file), compute bus factor and sensitive-code ownership, and export CSV/JSON for graph databases and visualization. Use when the user explicitly wants a security-oriented ownership or bus-factor analysis grounded in git history (for example: orphaned sensitive code, security maintainers, CODEOWNERS reality checks for risk, sensitive hotspots, or ownership clusters). Do NOT use for general maintainer lists, non-security ownership questions, or threat modeling (use security-threat-model).

security-bluebook-builder

23
from christophacham/agent-skills-library

Build security Blue Books for sensitive apps