By sickn33
Run compliance-driven security audits across code, architecture, and infrastructure for PCI DSS, GDPR, and Singapore MAS TRM. Identifies authentication vulnerabilities, data privacy gaps, and produces audit-ready remediation for regulated financial and EU personal data systems.
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
This skill ensures all code follows security best practices and identifies potential vulnerabilities. Use when implementing authentication or authorization, handling user input or file uploads, or creating new API endpoints.
Maps code, architecture, and infrastructure changes to specific control IDs in PCI-DSS v4.0 and MAS TRM (Singapore financial regulator), producing an audit-traceable findings report with per-control remediation.
Practical implementation guide for GDPR-compliant data processing, consent management, and privacy controls.
Master PCI DSS (Payment Card Industry Data Security Standard) compliance for secure payment processing and handling of cardholder data.
Use when building apps that collect user data. Ensures privacy protections are built in from the start—data minimization, consent, encryption.
Local, deterministic skill-stack composition for coding agents—from an explicit project profile to a reviewable plan before any target change.
Current release: V15.0.0. This release includes AAS Core under the Agent-First Preview claim for local search, inspection, recommendation, manifest validation, planning, and diagnosis. Apply and recovery remain experimental and outside the supported preview path.
Codex or Claude inspects your project using its own capabilities; AAS does not scan it. The agent sends the local, read-only AAS MCP an explicit project profile. AAS Core evaluates that profile and your policy against a verified local catalog, returns an explainable recommendation, and lets the agent propose aas-stack.json. The aas CLI validates that desired state and creates an immutable per-target plan before any skill changes are made.
Read the AAS Core preview guide →
Project
-> inspected by Codex or Claude (not by AAS)
-> explicit, allowlisted project profile
-> AAS MCP (local stdio, read-only)
-> deterministic AAS Core + verified local catalog
-> recommendation with evidence, exclusions, coverage, and unknowns
-> agent proposes aas-stack.json
-> AAS CLI validate + immutable plan preview
-> human review (optionally in Workbench)
The 1,967+ reusable SKILL.md playbooks, specialized plugins, bundles, workflows, and direct installers remain important. They are the content, curation, distribution, and compatibility layers around AAS Core—not competing primary products.
This is an independent community project. It is not affiliated with, sponsored by, endorsed by, or authorized by Google. Google, Antigravity, Gemini, and related product names are referenced only to describe compatibility and install targets. The GitHub repository is canonical; the hosted catalog and browser-local Workbench are companion discovery and review surfaces, not a hosted control plane.
The agent composes. You control. AAS keeps the stack reproducible.
AAS Core gives the repository one product model:
search_skills, get_skill, recommend_stack, inspect_stack, and diff_stack; it does not install skills, scan source files, call a remote model, or write to the project.aas-stack.json. The manifest pins catalog identity, targets, goals, policy, and exact skill IDs without storing repository source or model reasoning.aas stack validate checks the proposal, while aas stack plan produces an immutable, per-target plan without applying it.npx claudepluginhub sickn33/agentic-awesome-skills --plugin agentic-bundle-aas-privacy-compliance-engineeringEditorial "AAS Agent & MCP Builder" bundle for Claude Code from Agentic Awesome Skills.
Editorial "AAS API Platform Builder" bundle for Claude Code from Agentic Awesome Skills.
Editorial "Security Developer" bundle for Claude Code from Agentic Awesome Skills.
Editorial "DDD & Evented Architecture" bundle for Claude Code from Agentic Awesome Skills.
Editorial "Mobile Developer" bundle for Claude Code from Agentic Awesome Skills.
Compliance and security skills for HIPAA, GDPR, SOC2, PCI-DSS audits, infrastructure hardening, incident planning, and secrets management.
Regulatory compliance verification for GDPR, SOC2, and HIPAA
SOC2, HIPAA, and GDPR compliance validation, secrets scanning, compliance checklists, and regulatory documentation
Check HIPAA compliance
DevsForge Enterprise Compliance Automation Architect delivering comprehensive compliance engineering methodologies, regulatory automation frameworks, and governance optimization strategies that transform compliance management from operational burden into strategic business value creation and trust catalyst
Compliance and governance including regulatory mapping, security policies, audit readiness, GDPR, SOC2, and PCI-DSS compliance.