Loading...
Loading...
Found 821 Skills
Template for packaging financial products with pricing, underwriting, and compliance details.
Maps technical state to regulatory standards (SOC2, ISO27001, etc.). Generates real-time compliance scores and audit-ready evidence reports.
Conducts comprehensive requirements review including completeness validation, clarity assessment, consistency checking, testability evaluation, and standards compliance. Produces detailed review reports with findings, gaps, conflicts, and improvement recommendations. Use when reviewing requirements documents (BRD, SRS, user stories), validating acceptance criteria, assessing requirements quality, identifying gaps and conflicts, or ensuring standards compliance (IEEE 830, INVEST criteria). Trigger when users mention "review requirements", "validate requirements", "check requirements quality", "find requirement issues", or "assess BRD/SRS quality".
SOC 2 Type I and Type II compliance management. Use when conducting SOC 2 readiness assessments, performing gap analysis against Trust Services Criteria, collecting audit evidence, validating infrastructure security controls, preparing for CPA firm audits, managing the observation period, or building continuous compliance programs. Covers all TSC categories (CC1-CC9, A1, PI1, C1, P1) with infrastructure validation for cloud, DNS, TLS, endpoints, and CI/CD pipelines.
Expert knowledge for Azure Blueprints development including troubleshooting, architecture & design patterns, security, configuration, and integrations & coding patterns. Use when defining Azure Blueprints, mapping built-in compliance sets, automating via CLI/PowerShell/REST, or fixing assignment errors, and other Azure Blueprints related development tasks. Not for Azure Policy (use azure-policy), Azure Resource Manager (use azure-resource-manager), Azure Managed Applications (use azure-managed-applications), Azure Deployment Environments (use azure-deployment-environments).
Create OPA governance policies for Harness via MCP. Define policies that enforce compliance rules on pipelines, services, environments, feature flags, artifacts, code repositories, templates, SBOM, security tests, Terraform, GitOps, connectors, secrets, and more. Use when asked to create, write, fix, or explain an OPA policy, Rego rule, deny rule, governance policy, compliance rule, or policy-as-code for any Harness entity. Trigger phrases: create policy, OPA policy, governance policy, compliance rule, rego policy, deny rule, enforce policy, security policy, supply chain governance.
Verify changes follow nearest-scoped AGENTS.md rules: group changed files by nested scope, auto-fix formatting, run lint/tests, and report violations. Use when the user wants scoped compliance checks for changed files.
Maps high-level crypto crime categories, safe and ethical OSINT plus on-chain investigation workflow, and victim reporting posture. Use when the user asks about scam types, pig butchering, rug pulls, tracing stolen funds ethically, compliance-adjacent investigation, or how to document cases for authorities.
Educational map of transaction-centric compliance screening—transfer as the atomic unit, deposit vs withdrawal direction, single and CSV import, transaction list and detail views, per-transfer screening, rescreen, and STR-style exports. Use when the user asks how monitoring UIs treat tx hashes, directions, or regulatory reporting hooks—not for legal filing advice or evading reporting.
Points agents to the public Phalcon Compliance documentation portal for compliance-oriented blockchain investigation and monitoring workflows. Use when the user asks about Phalcon Compliance docs, transaction-monitoring-style tooling references, or where to read product documentation alongside crypto-investigation-compliance—not for legal advice or unsubstantiated vendor claims.
Use when assessing or reviewing Kubernetes workloads running on Amazon EKS for best practice compliance, including pod configuration, security posture, observability, networking, storage, image security, and CI/CD practices. Requires kubectl and awscli access to the target cluster. Triggers on "assess my EKS workloads", "check k8s best practices", "assess container workloads", "evaluate pod security", "workload compliance check", "EKS workload assessment", "检查 K8s 工作负载", "评估容器最佳实践", "审计 EKS 应用", "检查 Pod 配置", "容器安全评估", "工作负载合规检查".
Manage regulatory requirements, number bundles, supporting documents, and verified numbers for compliance. This skill provides JavaScript SDK examples.