grailautomation/compliance-tracking
operations/skills/compliance-tracking/SKILL.md
Track compliance requirements and audit readiness. Trigger with "compliance", "audit prep", "SOC 2", "ISO 27001", "GDPR", "regulatory requirement", or when the user needs help tracking, preparing for, or documenting compliance activities.
testing
Updated May 15, 2026
$ install --global
skillsauthnpx skillsauth add grailautomation/claude-plugins compliance-trackingInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Error
VirusTotalMulti-engine malware detection
70%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 25, 2026, 9:37 PM46.7s1 file scanned
SKILL.md
- name:
- compliance-tracking
- description:
- Track compliance requirements and audit readiness. Trigger with "compliance", "audit prep", "SOC 2", "ISO 27001", "GDPR", "regulatory requirement", or when the user needs help tracking, preparing for, or documenting compliance activities.
Compliance Tracking
Help track compliance requirements, prepare for audits, and maintain regulatory readiness.
Common Frameworks
| Framework | Focus | Key Requirements | |-----------|-------|-----------------| | SOC 2 | Service organizations | Security, availability, processing integrity, confidentiality, privacy | | ISO 27001 | Information security | Risk assessment, security controls, continuous improvement | | GDPR | Data privacy (EU) | Consent, data rights, breach notification, DPO | | HIPAA | Healthcare data (US) | PHI protection, access controls, audit trails | | PCI DSS | Payment card data | Encryption, access control, vulnerability management |
Compliance Tracking Components
Control Inventory
- Map controls to framework requirements
- Document control owners and evidence
- Track control effectiveness
Audit Calendar
- Upcoming audit dates and deadlines
- Evidence collection timelines
- Remediation deadlines
Evidence Management
- What evidence is needed for each control
- Where evidence is stored
- When evidence was last collected
Gap Analysis
- Requirements vs. current state
- Prioritized remediation plan
- Timeline to compliance
Output
Produce compliance status dashboards, gap analyses, audit prep checklists, and evidence collection plans.
Related Skills
grailautomation/write-spec
documentation
VerifiedTrustedCommunity
Write a feature spec or PRD from a problem statement or feature idea
SKILL.mdUpdated May 15, 2026
grailautomation/user-research-synthesis
development
VerifiedTrustedCommunity
Synthesize qualitative and quantitative user research into structured insights and opportunity areas. Use when analyzing interview notes, survey responses, support tickets, or behavioral data to identify themes, build personas, or prioritize opportunities.
SKILL.mdUpdated May 15, 2026
grailautomation/synthesize-research
research
VerifiedTrustedCommunity
Synthesize user research from interviews, surveys, and feedback into structured insights
SKILL.mdUpdated May 15, 2026
grailautomation/stakeholder-update
data-ai
VerifiedTrustedCommunity
Generate a stakeholder update tailored to audience and cadence
SKILL.mdUpdated May 15, 2026