Agent skill
compliance-tracking
Track compliance requirements and audit readiness. Trigger with "compliance", "audit prep", "SOC 2", "ISO 27001", "GDPR", "regulatory requirement", or when the user needs help tracking, preparing for, or documenting compliance activities.
Install this agent skill to your Project
npx add-skill https://github.com/anthropics/knowledge-work-plugins/tree/main/operations/skills/compliance-tracking
SKILL.md
Compliance Tracking
Help track compliance requirements, prepare for audits, and maintain regulatory readiness.
Common Frameworks
| Framework | Focus | Key Requirements |
|---|---|---|
| SOC 2 | Service organizations | Security, availability, processing integrity, confidentiality, privacy |
| ISO 27001 | Information security | Risk assessment, security controls, continuous improvement |
| GDPR | Data privacy (EU) | Consent, data rights, breach notification, DPO |
| HIPAA | Healthcare data (US) | PHI protection, access controls, audit trails |
| PCI DSS | Payment card data | Encryption, access control, vulnerability management |
Compliance Tracking Components
Control Inventory
- Map controls to framework requirements
- Document control owners and evidence
- Track control effectiveness
Audit Calendar
- Upcoming audit dates and deadlines
- Evidence collection timelines
- Remediation deadlines
Evidence Management
- What evidence is needed for each control
- Where evidence is stored
- When evidence was last collected
Gap Analysis
- Requirements vs. current state
- Prioritized remediation plan
- Timeline to compliance
Output
Produce compliance status dashboards, gap analyses, audit prep checklists, and evidence collection plans.
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
view-pdf
Interactive PDF viewer. Use when the user wants to open, show, or view a PDF and collaborate on it visually — annotate, highlight, stamp, fill form fields, place signature/initials, or review markup together. Not for summarization or text extraction (use native Read instead).
signature-request
Prepare and route a document for e-signature — run a pre-signature checklist, configure signing order, and send for execution. Use when a contract is finalized and ready to sign, when verifying entity names, exhibits, and signature blocks before sending, or when setting up an envelope with sequential or parallel signers.
brief
Generate contextual briefings for legal work — daily summary, topic research, or incident response. Use when starting your day and need a scan of legal-relevant items across email, calendar, and contracts, when researching a specific legal question across internal sources, or when a developing situation (data breach, litigation threat, regulatory inquiry) needs rapid context.
legal-risk-assessment
Assess and classify legal risks using a severity-by-likelihood framework with escalation criteria. Use when evaluating contract risk, assessing deal exposure, classifying issues by severity, or determining whether a matter needs senior counsel or outside legal review.
triage-nda
Rapidly triage an incoming NDA and classify it as GREEN (standard approval), YELLOW (counsel review), or RED (full legal review). Use when a new NDA arrives from sales or business development, when screening for embedded non-solicits, non-competes, or missing carveouts, or when deciding whether an NDA can be signed under standard delegation.
compliance-check
Run a compliance check on a proposed action, product feature, or business initiative, surfacing applicable regulations, required approvals, and risk areas. Use when launching a feature that touches personal data, when marketing or product proposes something with regulatory implications, or when you need to know which approvals and jurisdictional requirements apply before proceeding.
Didn't find tool you were looking for?