Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

casemark/audit-summary

Name: audit-summary
Author: casemark

skills/legal/audit-summary/SKILL.md

npx skillsauth add casemark/skills audit-summary

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Legal Audit Summary

Distill audit findings into a prioritized compliance roadmap with risk-scored findings, remediation actions, and governance follow-up.

Prerequisites

Complete audit materials: reports, checklists, evidence, interviews, exhibits.
Jurisdictional scope and governing authorities per audit domain.
Applicable statutes, regulations, standards, or guidance.
Organizational context: business units, systems, and processes in scope.
Point of contact for ownership and timeline validation.

Output Structure / Process

Intake and scope confirmation.
Executive Overview.
Findings Summary (aggregated).
Detailed Findings (per issue).
Remediation Roadmap.
Governance and Follow-Up.
Appendix (sources, assumptions, limitations).

Executive Overview Template

Overall Compliance Posture: {concise assessment}
Total Findings: Critical {#} | High {#} | Medium {#} | Low {#}
Top Risk Areas: {domain 1}, {domain 2}, {domain 3}
Immediate Actions (0–60 days): {1–3 items}
Near-Term Actions (61–180 days): {1–3 items}
Long-Term Actions (181+ days): {1–3 items}

Findings Summary Table

| ID | Domain | Requirement | Deficiency | Risk | Likelihood | Impact | Consequence | Owner | |---|---|---|---|---|---|---|---|---| | F-01 | {Domain} | {Citation} | {Gap} | {C/H/M/L} | {H/M/L} | {H/M/L} | {Penalty/License/Reputation} | {Dept} |

Risk Rating Criteria

| Rating | Criteria | |---|---| | Critical | Criminal exposure, license loss, business continuity threat, severe penalties | | High | Material civil penalties, regulatory sanctions, major reputational harm | | Medium | Noticeable compliance gap with moderate enforcement or cost exposure | | Low | Minor gap, low enforcement likelihood, limited impact |

Detailed Finding Template

Finding ID: F-##
Domain: {e.g., Data Privacy}
Requirement: {Statute/Regulation/Guidance + citation}
Issue: {What is missing or deficient}
Facts/Evidence: {Key facts supporting gap}
Risk Assessment:
  Likelihood: {H/M/L} | Impact: {H/M/L}
  Rationale: {brief, evidence-based}
Consequences: {Regulatory, civil, operational, reputational}
Recommendation:
  Action: {specific corrective action}
  Timeline: {date or days}
  Owner: {department/role}
  Resources: {budget, tools, external counsel, vendors}

Financial Exposure

Provide ranges when exact penalties are unknown.
Cite penalty provisions; use [VERIFY] where uncertain.
Separate direct costs (fines, sanctions) from indirect costs (monitoring, remediation, litigation).

Remediation Roadmap

| Workstream | Actions | Priority | Dependencies | Timeline | Owner | Status Metric | |---|---|---|---|---|---|---| | {Domain} | {Action list} | {C/H/M/L} | {Upstream items} | {dates} | {Dept} | {KPI} |

Governance and Follow-Up

Recommend compliance task force with reporting cadence.
Include audit re-check schedule and validation approach.

Privilege Legend (if applicable)

Attorney–Client Privileged / Attorney Work Product
Confidential — Prepared at the Direction of Counsel

Guidelines

Use objective, non-admissions language; describe gaps as risks or deficiencies.
Prioritize by risk; list Critical and High first.
Keep citations accurate; add [VERIFY] for any uncertain authority.
Provide concrete actions with owners and timelines, not generic recommendations.
State interpretive uncertainty and propose mitigation steps.
Avoid legal jargon; keep executive readability high.
Ensure scope and limitations are explicit in the Appendix.

casemark/audit-summary

skills/legal/audit-summary/SKILL.md

Produces structured U.S. legal audit summaries that distill compliance findings into executive-ready risk prioritization and remediation plans, covering likelihood/impact scoring, consequence analysis, and corrective actions with timelines and owners. Use for legal audits, compliance audits, regulatory audits, compliance gap analyses, risk assessments, audit report summaries, or remediation roadmaps. Trigger keywords: audit summary, compliance findings, audit report, risk prioritization, remediation plan, regulatory exposure, corrective action plan.

21 stars

testing

Updated May 25, 2026

$ install --global

skillsauth

npx skillsauth add casemark/skills audit-summary

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: May 25, 2026, 3:29 AM23.3s1 file scanned

SKILL.md

name:: audit-summary
language:: en
description:: >-
summaries, or remediation roadmaps. Trigger keywords:: audit summary,

Legal Audit Summary

Distill audit findings into a prioritized compliance roadmap with risk-scored findings, remediation actions, and governance follow-up.

Prerequisites

Complete audit materials: reports, checklists, evidence, interviews, exhibits.
Jurisdictional scope and governing authorities per audit domain.
Applicable statutes, regulations, standards, or guidance.
Organizational context: business units, systems, and processes in scope.
Point of contact for ownership and timeline validation.

Output Structure / Process

Intake and scope confirmation.
Executive Overview.
Findings Summary (aggregated).
Detailed Findings (per issue).
Remediation Roadmap.
Governance and Follow-Up.
Appendix (sources, assumptions, limitations).

Executive Overview Template

Overall Compliance Posture: {concise assessment}
Total Findings: Critical {#} | High {#} | Medium {#} | Low {#}
Top Risk Areas: {domain 1}, {domain 2}, {domain 3}
Immediate Actions (0–60 days): {1–3 items}
Near-Term Actions (61–180 days): {1–3 items}
Long-Term Actions (181+ days): {1–3 items}

Findings Summary Table

Risk Rating Criteria

Detailed Finding Template

Finding ID: F-##
Domain: {e.g., Data Privacy}
Requirement: {Statute/Regulation/Guidance + citation}
Issue: {What is missing or deficient}
Facts/Evidence: {Key facts supporting gap}
Risk Assessment:
  Likelihood: {H/M/L} | Impact: {H/M/L}
  Rationale: {brief, evidence-based}
Consequences: {Regulatory, civil, operational, reputational}
Recommendation:
  Action: {specific corrective action}
  Timeline: {date or days}
  Owner: {department/role}
  Resources: {budget, tools, external counsel, vendors}

Financial Exposure

Provide ranges when exact penalties are unknown.
Cite penalty provisions; use [VERIFY] where uncertain.
Separate direct costs (fines, sanctions) from indirect costs (monitoring, remediation, litigation).

Remediation Roadmap

Governance and Follow-Up

Recommend compliance task force with reporting cadence.
Include audit re-check schedule and validation approach.

Privilege Legend (if applicable)

Attorney–Client Privileged / Attorney Work Product
Confidential — Prepared at the Direction of Counsel

Guidelines

Use objective, non-admissions language; describe gaps as risks or deficiencies.
Prioritize by risk; list Critical and High first.
Keep citations accurate; add [VERIFY] for any uncertain authority.
Provide concrete actions with owners and timelines, not generic recommendations.
State interpretive uncertainty and propose mitigation steps.
Avoid legal jargon; keep executive readability high.
Ensure scope and limitations are explicit in the Appendix.

Related Skills

casemark/skills/legal/automated-contract-summary

development

VerifiedTrustedCommunity

name: automated-contract-summary language: en description: Generates structured executive summaries of contracts using ML — captures key terms, party obligations, risk allocations, and compliance requirements in a standardized format. Optimized for high-volume review where speed and consistency matter. tags: - summarization - agreement - corporate --- # Automated Contract Summarization Produces standardized executive summaries of contracts using machine learning, capturing essential term

21SKILL.mdUpdated May 26, 2026

casemark/skills/legal/automated-contract-summary

casemark/obligation-mapping

tools

VerifiedTrustedCommunity

Extracts regulatory obligations from dense regulations across jurisdictions. Breaks down multi-level regulations into clear article-level obligations, classifies applicability to a business, and prioritizes by risk level. Use when translating regulations into actionable compliance requirements.

21SKILL.mdUpdated May 25, 2026

casemark/obligation-mapping

casemark/horizon-scanning

development

VerifiedTrustedCommunity

Continuously monitors regulatory landscapes for changes relevant to a specific business. Ingests global regulatory updates, filters by relevance, summarizes impact, and produces an actionable change advisory. Use when tracking regulatory developments affecting a particular product or market.

21SKILL.mdUpdated May 25, 2026

casemark/horizon-scanning

casemark/gap-analysis

testing

VerifiedTrustedCommunity

Compares an organization's existing compliance controls, policies, and procedures against extracted regulatory obligations to identify coverage gaps. Produces a remediation plan with prioritized actions. Use when assessing compliance maturity or preparing for regulatory audits.

21SKILL.mdUpdated May 25, 2026

casemark/gap-analysis

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/casemark/skills.git

# Copy into Claude Code skills folder (global)
cp -r skills/skills/legal/audit-summary ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

casemark/skills

21 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT