Act as a research ethics committee — stress-test a protocol the way an IRB / REC / HREC would. Reviews informed consent, risk-benefit balance, vulnerable populations, data…
Analyseert cloud-architecturen op digitale soevereiniteitsrisico's, met focus op de Amerikaanse CLOUD Act, FISA 702, en extraterritoriale jurisdictie.
HIPAA security and privacy compliance automation for ePHI protection, safeguards assessment, and audit preparation
Single-pass codebase analysis leveraging Opus 4.6 1M context for comprehensive security scanning, architecture review, and dependency auditing.
Comprehensive audit capabilities for security, code quality, module structure, compliance, and performance analysis.
모든 사용자 발화·agent 행동·phase 전환·gate 판정을 ISO 8601 타임스탬프와 함께 감사 로그에 기록한다. 사용자 입력은 축약·요약 없이 verbatim blockquote로 보존하며, SOC2·ISMS-P 감사 요구사항에 매핑되는 보존 정책(30·90·365일)을 프로젝트별로 선택한다.
Use this skill to verify milestone achievement against its definition of done, checking requirements coverage, cross-phase integration, and end-to-end flows.
Analyzes a single web page URL for SEO quality, identifying issues with title tags, meta descriptions, heading structure, and content.
Validate code against HIPAA policy: PHI exposure, missing audit logging, unencrypted transmission/storage, access control gaps, temp file exposure, and missing BAA references
Launch a comprehensive website audit. Specify a URL or audit the current codebase. Optionally specify categories: seo, accessibility, performance, security, mobile, content,…
Verifies financial data against source documents, bank statements, contracts
Generates audit trail infrastructure for entities. Implements IAuditable interface, EF Core SaveChanges interceptor, and automatic population of CreatedAt, UpdatedAt, CreatedBy,…
Audits security and supply-chain risk between two git refs with Codex cross-validation. 预发布安全审计(含 Codex 交叉验证)。Use when performing pre-release security audits, supply-chain…
Apply HIPAA-compliant security practices for Abridge clinical AI integrations. Use when securing PHI in transit/at rest, configuring access controls, implementing audit logging,…
Redact PII before it reaches Agentforce prompts, models, and logs. Trigger keywords: agentforce pii, pii redaction, data masking llm, einstein trust layer, prompt pii filter,…
Website Audit mit 230+ Rules für SEO, Performance, Security, Technical und Content Issues. LLM-optimierte Reports mit Health Scores und Handlungsempfehlungen.
Ensure every project remains compliant with these standards, use the built-in `linter` tool. It scans codebase for violations of the architecture rules using AST parsing.
Security patterns for Astro lead generation websites on Cloudflare. Forms, headers, bot protection, GDPR. Use for any production lead gen site.
Enables ultra-granular, line-by-line code analysis to build deep architectural context before vulnerability or bug finding.
Enables ultra-granular, line-by-line code analysis to build deep architectural context before vulnerability or bug finding.
Inspect and flush staged audit-trail entries to the remote trail repository. Use when the user asks to "flush audit trail", "show what's pending in audit trail", "dry-run audit…
Expert security auditor for AI Skills and Bundles. Performs non-intrusive static analysis to identify malicious patterns, data leaks, system stability risks, and obfuscated…
Audit Trail Helper - Auto-activating skill for Enterprise Workflows. Triggers on: audit trail helper, audit trail helper Part of the Enterprise Workflows skill category.
Fuehrt das Audit-Trail-Protokoll des Wuerfels — jeder Reviewlauf jede Prompt-Aenderung jede Pruefer-Abnahme jeder Cache-Treffer jede Hash-Pruefung wird unveraenderlich…
Comprehensive guide to implementing audit trails and logging for AI agents including tracing, observability, compliance, and debugging
Audit websites for SEO, technical, content, and security issues using squirrelscan CLI. Returns LLM-optimized reports with health scores, broken links, meta tag analysis, and…
Audit access control implementations for security vulnerabilities and misconfigurations. Use when reviewing authentication and authorization.
Use right after `board-superpowers:classifying-actions` returns a decision, every time a board-superpowers skill is recording what it is about to do or what it just did.
Systematically audit AWS S3 bucket permissions to identify publicly accessible buckets, overly permissive ACLs,
Auditing and updating npm dependencies to prevent security vulnerabilities in TypeScript projects
Audits the fit between a model's reasoning capability and the complexity of the context it receives. Use when an AI system is underperforming despite good retrieval, when teams…
Audits notification permission request flows. Use when reviewing or improving permission prompts, settings paths, or denial handling.
Audits the project for consistency issues that may arise from manual editing. Checks package scripts, tsconfig paths, README tables, and other conventions.
Use when reviewing website copy, SEO titles/descriptions, marketing content, or public messaging - applies Anil Dash's shareability framework to ensure others can authentically…
Use when running a technical SEO audit, debugging Core Web Vitals regressions, checking indexability, validating schema and sitemaps, diagnosing why a site isn't ranking, or…
Auditing Terraform infrastructure-as-code for security misconfigurations using Checkov, tfsec, Terrascan, and
Use when checking if beads-superpowers is outdated, before a plugin release, or when auditing for missing capabilities — covers upstream drift, test execution, documentation,…
Audit wallet security by analyzing token approvals, permissions, and transaction patterns. Use when checking wallet security, reviewing approvals, or assessing risk exposure.
Cross-cutting best practices enforcement across code, templates, skills, prompts, scripts, documentation, pages, and design.
CSA CCM expert for cloud security. Deep knowledge of Cloud Security Alliance Cloud Controls Matrix including 197 controls, 17 domains, CAIQ questionnaire, cloud service models…
Check HIPAA compliance for healthcare data security requirements. Use when auditing healthcare applications.
Security leadership for growth-stage companies. Risk quantification in dollars, compliance roadmap (SOC 2/ISO 27001/HIPAA/GDPR), security architecture strategy, incident response…
Use when a board-superpowers SKILL is about to perform a mutating action — changing card status, editing card body, pushing a claim branch, opening or merging a PR, writing…
Handle data lifecycle in ClickHouse — TTL expiration, data deletion (GDPR), column-level encryption, and audit logging with real ClickHouse SQL.
Security-focused code review for OpenSite/Toastability platform. Use when reviewing PRs for security issues, auditing new API endpoints, checking for HIPAA/SOC2 compliance…
Automated compliance auditing for SOC2, HIPAA, GDPR, and PCI-DSS. Activates for compliance checks, security audits, regulatory requirements, and compliance automation.
Provides a checklist framework for surfacing potentially applicable application-compliance obligations across declared jurisdictions (Japan / EU / US-CA / platform stores).
Runs a 4-phase compliance pipeline: security scan, GDPR audit, dependency vulnerability check, and penetration test, producing a unified pass/fail compliance report.
Provides compliance, governance, and supply chain security guidance for cloud-native systems. Covers OPA Rego policies, Kyverno cluster policies, SBOM generation, SLSA provenance,…
Runs a 5-phase enterprise compliance and security hardening pipeline: regulatory review, GDPR audit, SOC 2 evaluation, dependency scan, and penetration test with cross-framework…
Validate compliance during migration with rule checking, audit trails, and security control validation
Apply Customer.io security best practices. Use when implementing secure credential storage, PII handling, webhook signature verification, or GDPR/CCPA compliance.
Pre-breach impact analysis: inventories sensitive data (PII, PHI, PCI-DSS, credentials), traces data flows, scores exposure vectors, and produces a regulatory blast radius report…
Understanding and managing what digital services collect, store, share, and infer about you. Covers password security and entropy, multi-factor authentication, privacy settings,…
Expert guidance for designing, optimizing, and maintaining database schemas for SQL and NoSQL systems.
Record and query the decision log for a project. Activate when user mentions "audit", "trail", "log decisions", "decision history", "why was this decided", "ADR", "architecture…
22 production-ready AI agents with database-driven orchestration for security reviews, code quality analysis, deployment validation, infrastructure checks, and compliance.
Senior FDA consultant and specialist for medical device companies including HIPAA compliance and requirement management.
FDA regulatory consultant for medical device companies. Provides 510(k)/PMA/De Novo pathway guidance, QSR (21 CFR 820) compliance, HIPAA assessments, and device cybersecurity.
Salesforce Shield Field Audit Trail: configuration, retention policies, querying archived field data, compliance requirements.