Skill

compliance-assessment

Regulatory and standards compliance assessment — GDPR, SOX, PCI-DSS, HIPAA, ISO 27001 patterns in code. Use when user asks to "assess compliance".

From sovereign-architect

Install

Run in your terminal

npx claudepluginhub javimontano/mao-sovereign-architect

Tool Access

This skill is limited to using the following tools:

ReadWriteEditGlobGrepBashAgent

Supporting Assets

View in Repository

evals/evals.json

examples/sample-output.md

prompts/use-case-prompts.md

references/body-of-knowledge.md

Skill Content

Compliance Assessment

Regulatory and standards compliance assessment — GDPR, SOX, PCI-DSS, HIPAA, ISO 27001 patterns in code.

Guiding Principle

"Compliance is not a checkbox — it is a continuous property of the system"

Procedure

Step 1 — Discovery

Scan existing codebase for relevant patterns and conventions
Identify constraints, requirements, and existing infrastructure
Classify findings: [HECHO], [INFERENCIA], [SUPUESTO]

Step 2 — Analysis

Apply assessment framework appropriate to the domain
Score against established criteria and benchmarks
Identify gaps, risks, and improvement opportunities

Step 3 — Recommendations

Prioritize findings by impact and effort (P0/P1/P2)
Design improvement roadmap with phased approach
Document trade-offs and alternative approaches

Step 4 — Delivery

Generate assessment report with evidence tags
Include visual artifacts (Mermaid diagrams, matrices)
Present actionable next steps with clear ownership

Quality Criteria

Every finding tagged with evidence classification
Assessment uses established industry frameworks
Recommendations are prioritized and actionable
Trade-offs are explicitly documented
Report includes executive summary and detailed findings

Anti-Patterns

Treating compliance as a one-time audit instead of continuous monitoring
Not mapping regulatory requirements to specific code patterns
Ignoring data residency requirements in cloud deployments

Similar Skills

agent-harness-construction

Designs and optimizes AI agent action spaces, tool definitions, observation formats, error recovery, and context for higher task completion rates.

everything-claude-code

138.0k

agent-payment-x402

Enables AI agents to execute x402 payments with per-task budgets, spending controls, and non-custodial wallets via MCP tools. Use when agents pay for APIs, services, or other agents.

everything-claude-code

138.0k

agent-eval

Compares coding agents like Claude Code and Aider on custom YAML-defined codebase tasks using git worktrees, measuring pass rate, cost, time, and consistency.

everything-claude-code

138.0k

Stats

Stars0

Forks0

Last CommitMar 28, 2026

Actions

View Source View Plugin View on GitHub View README

Procedure

Step 1 — Discovery

Scan existing codebase for relevant patterns and conventions

Identify constraints, requirements, and existing infrastructure

Classify findings: [HECHO], [INFERENCIA], [SUPUESTO]

Step 2 — Analysis

Apply assessment framework appropriate to the domain

Score against established criteria and benchmarks

Identify gaps, risks, and improvement opportunities

Step 3 — Recommendations

Prioritize findings by impact and effort (P0/P1/P2)

Design improvement roadmap with phased approach

Document trade-offs and alternative approaches

Step 4 — Delivery

Generate assessment report with evidence tags

Include visual artifacts (Mermaid diagrams, matrices)

Present actionable next steps with clear ownership