mmahalwy/compliance-tracking
.agents/skills/compliance-tracking/SKILL.md
Track compliance requirements and audit readiness. Trigger with "compliance", "audit prep", "SOC 2", "ISO 27001", "GDPR", "regulatory requirement", or when the user needs help tracking, preparing for, or documenting compliance activities.
testing
Updated Apr 16, 2026
$ install --global
skillsauthnpx skillsauth add mmahalwy/cooper compliance-trackingInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Error
VirusTotalMulti-engine malware detection
70%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 25, 2026, 9:37 PM46.7s1 file scanned
SKILL.md
- name:
- compliance-tracking
- description:
- Track compliance requirements and audit readiness. Trigger with "compliance", "audit prep", "SOC 2", "ISO 27001", "GDPR", "regulatory requirement", or when the user needs help tracking, preparing for, or documenting compliance activities.
Compliance Tracking
Help track compliance requirements, prepare for audits, and maintain regulatory readiness.
Common Frameworks
| Framework | Focus | Key Requirements | |-----------|-------|-----------------| | SOC 2 | Service organizations | Security, availability, processing integrity, confidentiality, privacy | | ISO 27001 | Information security | Risk assessment, security controls, continuous improvement | | GDPR | Data privacy (EU) | Consent, data rights, breach notification, DPO | | HIPAA | Healthcare data (US) | PHI protection, access controls, audit trails | | PCI DSS | Payment card data | Encryption, access control, vulnerability management |
Compliance Tracking Components
Control Inventory
- Map controls to framework requirements
- Document control owners and evidence
- Track control effectiveness
Audit Calendar
- Upcoming audit dates and deadlines
- Evidence collection timelines
- Remediation deadlines
Evidence Management
- What evidence is needed for each control
- Where evidence is stored
- When evidence was last collected
Gap Analysis
- Requirements vs. current state
- Prioritized remediation plan
- Timeline to compliance
Output
Produce compliance status dashboards, gap analyses, audit prep checklists, and evidence collection plans.
Related Skills
mmahalwy/xlsx
development
VerifiedTrustedCommunity
Use this skill any time a spreadsheet file is the primary input or output. This means any task where the user wants to: open, read, edit, or fix an existing .xlsx, .xlsm, .csv, or .tsv file (e.g., adding columns, computing formulas, formatting, charting, cleaning messy data); create a new spreadsheet from scratch or from other data sources; or convert between tabular file formats. Trigger especially when the user references a spreadsheet file by name or path — even casually (like "the xlsx in my downloads") — and wants something done to it or produced from it. Also trigger for cleaning or restructuring messy tabular data files (malformed rows, misplaced headers, junk data) into proper spreadsheets. The deliverable must be a spreadsheet file. Do NOT trigger when the primary deliverable is a Word document, HTML report, standalone Python script, database pipeline, or Google Sheets API integration, even if tabular data is involved.
SKILL.mdUpdated Apr 17, 2026
mmahalwy/view-pdf
content-media
VerifiedTrustedCommunity
Interactive PDF viewer. Use when the user wants to open, show, or view a PDF and collaborate on it visually — annotate, highlight, stamp, fill form fields, place signature/initials, or review markup together. Not for summarization or text extraction (use native Read instead).
SKILL.mdUpdated Apr 17, 2026
mmahalwy/ux-copy
documentation
VerifiedTrustedCommunity
Write or review UX copy — microcopy, error messages, empty states, CTAs. Trigger with "write copy for", "what should this button say?", "review this error message", or when naming a CTA, wording a confirmation dialog, filling an empty state, or writing onboarding text.
SKILL.mdUpdated Apr 17, 2026
mmahalwy/triage-nda
development
VerifiedTrustedCommunity
Rapidly triage an incoming NDA and classify it as GREEN (standard approval), YELLOW (counsel review), or RED (full legal review). Use when a new NDA arrives from sales or business development, when screening for embedded non-solicits, non-competes, or missing carveouts, or when deciding whether an NDA can be signed under standard delegation.
SKILL.mdUpdated Apr 17, 2026