Claude Code Skills·Claude Skills·The open SKILL.md registry for Claude
ClaudSkillsAuthors › mukul975

mukul975

@mukul975 on GitHub →

146 Claude Code skills authored by mukul975.

updated 2026-07-06 · showing 1–60 of 146 by quality score

Average Pro QualityScore: 79.9/100

For the full experience including quality scoring and one-click install features for each skill — upgrade to Pro.

Guides SOC 2 Type II Privacy Trust Services Criteria preparation and audit execution. Covers AICPA TSP Section 100 Privacy criteria P1-P8 including notice, choice/consent,…
Manages retention exception workflows including request-approval processes, duration limits, periodic review cycles, documentation requirements, and audit trail maintenance.
Manages backup and archive data under retention schedules and erasure obligations. Covers the technical infeasibility exception for backup deletion, backup cycle alignment with…
Guides comprehensive controller self-assessment covering GDPR Articles 5-49 with scoring methodology and reporting format.
Decision framework for choosing between consent and legitimate interest as the lawful basis for processing.
Guides privacy program effectiveness measurement including leading and lagging indicators, KPI definition, benchmarking methodology, executive reporting formats, board-level…
Guides compliance with South Korea''s Personal Information Protection Act (PIPA, 개인정보 보호법). Covers pseudonymisation framework, notification requirements, PIPC enforcement, consent…
Implements data lineage tracking for privacy compliance including origin tracking, transformation logging, access auditing, deletion verification, and cross-system lineage graphs.
Implements AWS Nitro Enclave-based confidential computing environments with cryptographic attestation, KMS policy
Implement the Kantara Initiative consent receipt specification including machine-readable receipt structure, JWT-based verification mechanisms, receipt lifecycle management, and…
Handles GDPR Article 18 right to restriction of processing requests, covering the four grounds for restriction (accuracy contest, unlawful processing, erasure opposition,…
Implements data subject rights mechanisms for AI systems including right to explanation of AI decisions, contestation procedures, human review, model output correction, and…
Provides GDPR Article 14 information for personal data obtained from sources other than the data subject, covering timing requirements (within reasonable period, max one month),…
Pre-contract vendor privacy due diligence per GDPR Article 28(1). Covers risk questionnaires, technical controls assessment, certification review, data flow analysis, and…
GDPR-compliant Data Processing Agreement drafting per Article 28(3). Covers all 8 mandatory provisions including subject matter, duration, nature and purpose, data types,…
Classifies personal vs non-personal data per GDPR Art. 4(1) definition test with decision tree for borderline cases.
Provides a structured risk scoring methodology for Data Protection Impact Assessments aligned with ENISA threat taxonomy and ISO 29134.
Deploys remote browser isolation (RBI) as a core component of a Zero Trust architecture. Implements isolation
Maintains the GDPR Article 33(5) breach register documenting all personal data breaches regardless of whether supervisory authority notification was required.
Guides compliance with Canada''s Personal Information Protection and Electronic Documents Act (PIPEDA, S.C. 2000, c. 5).
GDPR Article 28(2) sub-processor approval workflow management. Covers prior specific and general authorization mechanisms, change notification procedures, objection windows,…
Guides APEC Cross-Border Privacy Rules system certification process including self-assessment against the APEC Privacy Framework principles, accountability agent selection, intake…
Executes Atomic Red Team tests mapped to MITRE ATT&CK techniques, performs coverage gap analysis across the
Implements email and internet monitoring compliance in the workplace per Barbulescu v Romania (ECHR Grand Chamber), EDPB guidance, and national labour law.
Monitors Certificate Transparency (CT) logs to detect unauthorized certificate issuance, discover subdomains
Detects and prevents code injection attacks targeting serverless functions (AWS Lambda, Azure Functions, Google
Guides the GDPR Article 56 one-stop-shop mechanism for determining lead supervisory authority in cross-border processing. Covers main establishment identification and cooperation.
Classifies data as pseudonymised or anonymised using Recital 26 reasonably likely test, Breyer ruling C-582/14, motivated intruder test, and WP29 Opinion 05/2014 on anonymisation…
Applying the ePrivacy Directive Article 5(3) strictly necessary exemption to classify cookies that do not require consent.
Automates GDPR Data Subject Access Request (DSAR) workflows including identity verification, PII discovery across
Creates GDPR Article 30(1) Records of Processing Activities (RoPA) for data controllers with all seven mandatory fields: controller identity and contact details, processing…
Implements HIPAA Security Rule technical safeguards under 45 CFR §164.312 for electronic protected health information.
Conducts pre-DPIA threshold screening to determine whether a full Data Protection Impact Assessment is required under GDPR Article 35.
Texas Data Privacy and Security Act (TDPSA) compliance. No revenue threshold applies to all businesses.
Performs firmware image extraction and analysis using binwalk to identify embedded filesystems, compressed archives,
Implements input and output validation guardrails for LLM-powered applications to prevent prompt injection,
Implements eBPF-based security monitoring using Cilium Tetragon for real-time process execution tracking, network
Uses AWS Athena to query CloudTrail, VPC Flow Logs, S3 access logs, and ALB logs for forensic investigation.
Pre-deployment privacy compliance checklist for AI/ML systems covering DPIA completion, lawful basis verification, transparency notices, human oversight mechanisms, bias testing,…
Implements CCPA Section 1798.105 right to delete and CPRA amendments including service provider obligations, statutory exceptions for legal, security, and internal uses, consumer…
Guide for obtaining explicit consent for international data transfers under GDPR Article 49(1)(a). Covers informed consent requirements including risks of transfers without…
Implements telehealth privacy compliance covering HIPAA requirements for virtual care, state licensing and recording consent laws, platform security with BAA requirements for…
Nigeria Data Protection Regulation (NDPR) and Nigeria Data Protection Act (NDPA) 2023 compliance. Covers lawful basis for processing, data subject rights, cross-border transfer…
Implements the right to be forgotten in search engines under GDPR Article 17 and the CJEU Google Spain ruling (C-131/12).
Detects prompt injection attacks targeting LLM-based applications using a multi-layered defense combining regex
Maps the US federal privacy landscape including sectoral laws (HIPAA, GLBA, FERPA, COPPA, FCRA, ECPA, VPPA), FTC Section 5 enforcement, proposed federal comprehensive legislation,…
Implements HIPAA Privacy Rule requirements for research uses of protected health information under 45 CFR §164.512(i).
On-site and remote vendor audit procedures per GDPR Article 28(3)(h). Covers audit planning, evidence collection methodologies, finding classification, remediation tracking, and…
Analyses the limitations on consent as a lawful basis for processing employee data under Art. 88 GDPR and WP29 Opinion 2/2017.
Detects command-and-control (C2) communications tunneled through DNS protocol including DNS tunneling tools
Implements compliance with Turkey''s Personal Data Protection Law (Kisisel Verilerin Korunmasi Kanunu, KVKK, Law No. 6698).
Kentucky Consumer Privacy Protection Act (KPPA) compliance. Effective January 1, 2026. Covers consumer rights, controller thresholds at 100,000 consumers, sensitive data…
Guides DPIA for marketing profiling, behavioural targeting, cross-device tracking, and advertising analytics. Covers ePrivacy Directive Art.
Manages coordinated breach notification across multiple legal jurisdictions including EU member states (72-hour GDPR deadline), US state breach notification laws (varying…
Implements HIPAA minimum necessary standard under 45 CFR §164.502(b). Covers role-based access policies per workforce member category, routine vs non-routine disclosure protocols,…
Guides preparation for supervisory authority (DPA) inspections and investigations including document readiness checklists, interview preparation for key personnel, technical…
Detects and analyzes Bluetooth Low Energy (BLE) security attacks including sniffing, replay attacks, GATT enumeration
Implements compliance with the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (UAE PDP Law) and its Executive Regulations.
Guides the establishment and management of joint controller arrangements under GDPR Article 26, including determination of joint controllership, allocation of responsibilities,…
Guides the GDPR Article 36 prior consultation process with supervisory authorities when a DPIA indicates high residual risk.
Search all 146 skills by mukul975 →