Compliance Officer

This skill automates the painful process of preparing for security and regulatory audits.

Capabilities

1. Standard Mapping

• Maps code, IaC, and logs to specific controls in standards like SOC2, ISO27001, or HIPAA.
• Provides a "Compliance Dashboard" in Markdown format.

2. Evidence Generation

• Automatically collects and packages evidence (e.g., IAM roles, encryption settings, PR review logs) for auditors.

Usage

• "How do we stand against SOC2 Type II requirements? Generate a gap analysis."
• "Collect all necessary evidence for the upcoming ISO27001 audit."

Knowledge Protocol

• This skill adheres to the knowledge/orchestration/knowledge-protocol.md. It automatically integrates Public, Confidential (Company/Client), and Personal knowledge tiers, prioritizing the most specific secrets while ensuring no leaks to public outputs.