Loading...
Loading...
Found 18 Skills
Implement secure payments using Clerk Billing and Stripe without ever touching card data. Use this skill when you need to set up subscription payments, handle webhooks, implement payment gating, understand PCI-DSS compliance, or integrate Stripe Checkout. Triggers include "payment", "Stripe", "Clerk Billing", "subscription", "PCI-DSS", "credit card", "payment security", "checkout", "webhook", "billing".
Conduct comprehensive security compliance audits for SOC 2, GDPR, HIPAA, PCI-DSS, and ISO 27001. Use when preparing for certification, annual audits, or compliance validation.
Ensure regulatory compliance. Use when implementing GDPR, HIPAA, PCI-DSS, or SOC2 requirements. Covers compliance frameworks and controls.
Regulatory compliance testing for GDPR, CCPA, HIPAA, SOC2, PCI-DSS and industry-specific regulations. Use when ensuring legal compliance, preparing for audits, or handling sensitive data.
Compliance review and testing: evaluate your application against HIPAA, SOC 2, PCI-DSS, and GDPR technical requirements with browser-based validation and YAML regression tests for continuous compliance.
Compliance expert for SOC 2, GDPR, HIPAA, PCI-DSS, and security frameworks
Use this skill when preparing for SOC 2, HIPAA, or PCI-DSS compliance, conducting audits, or implementing security controls. Triggers on SOC 2, HIPAA, PCI-DSS, compliance audit, security controls, risk assessment, control frameworks, and any task requiring regulatory compliance planning or audit preparation.
Grafana Cloud private network connectivity — AWS PrivateLink, Azure Private Link, and GCP Private Service Connect. Send telemetry (metrics, logs, traces, profiles) to Grafana Cloud without traversing the public internet. Eliminates cloud egress costs, meets compliance requirements (PCI-DSS, HIPAA). Use when setting up secure private telemetry ingestion from AWS/Azure/GCP, reducing egress costs, or meeting data residency/compliance requirements.
Architecture reviews across 7 dimensions: structural integrity, scalability, enterprise readiness (SOC2/HIPAA/GDPR/PCI-DSS), performance, security, operational excellence, and data architecture. Produces scored reports with prioritized recommendations. Three modes: (1) Codebase review — evidence-based analysis of source code, configs, IaC; (2) Document review — risk-based analysis of design docs, RFCs, specs; (3) Hybrid — drift detection between intent and implementation. Triggers on: "review architecture", "critique design", "audit system", "evaluate codebase", "find design flaws", "assess scalability", "check security", "enterprise readiness", "architecture assessment", "technical due diligence", or when user provides a system design document or codebase and asks for feedback or improvements. For architecture diagrams, visuals, or topology drawings, use architecture-diagram instead.
Audits a codebase or business process for regulatory compliance across GDPR, HIPAA, SOC2, CCPA, and PCI-DSS. Scans for PII handling, data retention, encryption, access controls, audit logging, consent management, and data transfer issues. Generates a structured compliance report with findings, gap analysis, remediation steps, and evidence requirements.
Run Prowler for comprehensive cloud security posture assessment. Audits AWS, Azure, and GCP against CIS Benchmarks, PCI-DSS, HIPAA, GDPR, and other compliance frameworks.
Reviews Pull Requests that add or modify compliance frameworks. Trigger: When reviewing PRs with compliance framework changes, CIS/NIST/PCI-DSS additions, or compliance JSON files.