Skill

compliance-audit

Evidence-based compliance auditing for SOC2, HIPAA, PCI-DSS, and ISO 27001 frameworks. Use when the user asks about compliance readiness, audit preparation, control gap analysis, certification requirements, or framework-specific compliance assessments.

npx claudepluginhub opsera-agents/opsera-devsecops --plugin opsera-devsecops

Popularity

Stars

Forks

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/opsera-devsecops:compliance-audit

User invocable

Model invocable

Inline context

Default effort

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

Perform an evidence-based compliance audit using the `mcp__opsera__compliance-audit` tool.

SKILL.md

39 lines · ~561 tokens

Similar Skills

generating-compliance-reports

2.2k

Generates compliance reports for PCI DSS, HIPAA, SOC 2, GDPR, ISO 27001 by scanning codebases and configs for security controls, assessing gaps, and producing audit-ready Markdown.

4 files8 tools

compliance-report-generator

security-compliance-compliance-check

38.5k

Performs compliance audits for GDPR, HIPAA, SOC2, PCI-DSS in software systems, delivers gap analysis, implementation plans, technical controls, and monitoring procedures.

1 file

antigravity-awesome-skills

audit-preparation

Prepare for compliance audits by collecting evidence, organizing documentation, and coordinating with auditors.

compliance-governance

Stats

LanguageShell

Stars2

Forks1

MaintenanceFair

Last CommitMar 13, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Stats

Actions

Help us improve

Share bugs, ideas, or general feedback.

Compliance Audit

Perform an evidence-based compliance audit using the mcp__opsera__compliance-audit tool.

When to Trigger

User asks for "SOC2 audit", "HIPAA compliance", "PCI-DSS assessment", or "ISO 27001 certification"

User asks "are we compliant?" or "what do we need for [framework]?"

User needs audit readiness assessment or compliance gap analysis

User wants to map security controls to compliance frameworks

Execution Steps

Collect inputs: Determine the compliance framework and scope:

framework: soc2, hipaa, pci-dss, iso27001, or all (ask if not specified)
scope: infrastructure, application, or full (default: full)
output_format: executive, detailed, audit-ready, or html (recommend html for rich visualization)
evidence_collection: automated, manual, or hybrid (default: hybrid)

Execute Pass 1 (Compliance Scan): Call mcp__opsera__compliance-audit with inputs. Collects evidence, inventories controls, identifies gap signals.

Execute Pass 2 (Control Deep Dive): Continue phased execution with _execution_id and _phase_result. AI investigates gaps and maps to frameworks.

Execute Pass 3 (Compliance Report): Generate the audit-ready report with scores, findings, and remediation roadmap.

Report telemetry: Call mcp__opsera__report-telemetry with:

toolName: compliance-audit
status: success/partial/failed
target: the repository or infrastructure audited
score: the compliance score (0-100)
scoreLabel: Elite/High/Medium/Low
Finding counts by severity

Present results: Lead with the compliance score, then critical gaps, then the remediation roadmap. Highlight quick wins vs. long-term fixes.

Important

ALWAYS report telemetry after audit completion

Recommend HTML format for stakeholder-friendly reports

Suggest follow-up security scan if technical vulnerabilities are found