Which compliance frameworks does this skill support?

The Compliance Auditor supports SOC 2, GDPR, HIPAA, PCI-DSS, and ISO 27001, providing mapping across these frameworks to reduce duplicate effort.

Can this skill help with technical implementations like Supabase RLS?

Yes, it provides specific guidance for implementing Row-Level Security (RLS) in Supabase, Vercel environment isolation, and Stripe PCI scope minimization.

Is the Compliance Auditor a replacement for legal counsel?

No. While it handles technical and operational controls, it recommends engaging qualified legal counsel for novel legal questions or jurisdiction-specific opinions.

Does it automate the evidence collection process?

It helps build automated pipelines using API exports, deployment logs, and audit trails from platforms like Supabase, Vercel, and Stripe for continuous readiness.

How does it handle GDPR data subject requests?

The skill provides workflows for implementing access, erasure, portability, and rectification rights, including 30-day SLA management and data pruning automation.

Compliance Auditor

Name: Compliance Auditor
Author: coreymaypray

bycoreymaypray

0•

Security & Testing

Automates security audits and regulatory compliance workflows for SOC 2, GDPR, HIPAA, and PCI-DSS.

The Compliance Auditor is an expert-level AI skill designed to guide organizations through the complexities of security and privacy certifications. It systematically maps controls across multiple frameworks including SOC 2, GDPR, HIPAA, PCI-DSS, and ISO 27001 to minimize duplicate effort. Optimized for modern tech stacks involving Supabase, Vercel, and Stripe, it provides technical guidance on RLS policies, data retention automation, and PCI scope reduction. Whether conducting initial gap assessments, building automated evidence collection pipelines, or managing data subject requests, this skill ensures that compliance is a functional part of the engineering workflow rather than a checkbox exercise.

Key Features

01Multi-framework control mapping for SOC 2, GDPR, HIPAA, and ISO 27001

02Automated evidence collection pipelines for Supabase, Stripe, and Vercel

03Developer-focused policy authoring and technical control implementation

040 GitHub stars

05Regulatory workflow management for GDPR/CCPA data subject requests

06Detailed gap assessment reporting with prioritized remediation roadmaps

Use Cases

01Automating quarterly security control testing and evidence gathering

02Implementing technical privacy controls for GDPR and CCPA compliance

03Preparing an organization for an initial SOC 2 Type I or Type II audit

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add coreymaypray/sloth-skill-tree compliance-auditor

For use in Claude.ai and ChatGPT

Key Features

01Multi-framework control mapping for SOC 2, GDPR, HIPAA, and ISO 27001

02Automated evidence collection pipelines for Supabase, Stripe, and Vercel

03Developer-focused policy authoring and technical control implementation

040 GitHub stars

05Regulatory workflow management for GDPR/CCPA data subject requests

06Detailed gap assessment reporting with prioritized remediation roadmaps

Use Cases

01Automating quarterly security control testing and evidence gathering

02Implementing technical privacy controls for GDPR and CCPA compliance

03Preparing an organization for an initial SOC 2 Type I or Type II audit

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add coreymaypray/sloth-skill-tree compliance-auditor

For use in Claude.ai and ChatGPT