Loading...
Loading...
Found 1,475 Skills
Security & compliance skill suite for OWASP scanning, CVE detection, GDPR/SOC2 audits, threat modeling, and incident response workflows
Entity compliance tracker — initialize, report upcoming deadlines, update status, run health audit, export to CSV. Maintains a compliance-tracker.yaml built from the entity table, calculates filing deadlines by entity and jurisdiction, and surfaces what's due in the next 30/60/90 days. Use when user says "entity compliance", "filing deadlines", "annual reports due", "entity tracker", "what filings are due", "entity health", or "good standing".
When the user wants to build or improve a sales bot's ability to avoid making claims that create liability. Also use when the user mentions "compliance," "legal risk," "claim avoidance," "regulated industries," or "liability prevention."
Philosophy compliance guardian - ensures code aligns with amplihack's ruthless simplicity, brick philosophy, and Zen-like minimalism through systematic review
This skill should be used when the user asks to "GRC", "governance", "risk", "compliance", "audit", "policy", "control", "risk assessment", "SOX", "GDPR", or any ServiceNow GRC development.
SOC 2 Type I and Type II compliance management. Use when conducting SOC 2 readiness assessments, performing gap analysis against Trust Services Criteria, collecting audit evidence, validating infrastructure security controls, preparing for CPA firm audits, managing the observation period, or building continuous compliance programs. Covers all TSC categories (CC1-CC9, A1, PI1, C1, P1) with infrastructure validation for cloud, DNS, TLS, endpoints, and CI/CD pipelines.
Guide the design and implementation of automated pre-trade compliance systems that validate orders before execution. Use when building a compliance rule engine for an RIA or broker-dealer, configuring hard blocks and soft blocks, maintaining restricted and watch lists including MNPI-driven restrictions, setting concentration limits at security/sector/issuer level, implementing position limits or short selling controls, enforcing wash sale detection or free-riding prevention or pattern day trader identification, applying client-specific ESG screens or legal constraints, designing compliance override workflows with authorization and documentation, backtesting compliance rules, or evaluating compliance check latency impact on execution quality.
Generate comprehensive compliance reports for security standards. Use when creating compliance documentation. Trigger with 'generate compliance report', 'compliance status', or 'audit compliance'.
Audit automatique de conformité au design system Hexagone (PrimeVue 4 + Tailwind CSS 4 + tokens Hexagone). Analyse le code source et l'UI rendue d'une page ou d'un composant, détecte les violations, corrige automatiquement et produit un rapport — le tout sans intervention de l'utilisateur.
Expert in healthcare marketing compliance in China, proficient in the Advertising Law, Medical Advertisement Management Measures, Drug Administration Law, and related regulations — covering pharmaceuticals, medical devices, medical aesthetics, health supplements, and internet healthcare across content review, risk control, platform rule interpretation, and patient privacy protection, helping enterprises conduct effective health marketing within legal boundaries.
Israeli Privacy Protection Law compliance guidance including Amendment 13 (effective August 14, 2025), database registration, consent requirements, data security, cross-border transfers, breach notification, privacy protection officer appointment, and AI governance. Use when user asks about Israeli privacy law, "haganat pratiut", "tikun 13", data protection in Israel, GDPR compliance for Israeli companies, privacy policy requirements, or database registration. Covers the Privacy Protection Law 1981, Amendment 13, and 2017 Security Regulations. Do NOT use for EU GDPR-only questions without Israeli context.
Review an implementation against task file requirements. Checks every spec scenario and Done When criterion, identifies gaps, and reports them. Use when the user says "task compliance", "check compliance", "review against the task", or to verify implementation completeness before shipping.