What regulations does this skill support?

The Compliance Manager Guardian provides specific guardrails for PCI-DSS, GDPR, PSD2, SOX, and HIPAA standards.

How does it handle sensitive credit card data?

It enforces strict masking rules (showing only the first 6 and last 4 digits) and explicitly prohibits the logging or storage of CVV, PINs, or magnetic stripe data.

Does it track modifications for auditing?

Yes, it enforces a required pattern for creating and persisting audit entries for every sensitive operation, ensuring a compliant audit trail.

Can I bypass the compliance checks for debugging?

No, the skill's non-negotiable rules strictly prohibit adding bypass flags, debug modes that skip compliance, or weakening validation rules for trusted sources.

What encryption standard does this skill mandate?

The skill requires the use of AES-256-GCM for all sensitive data encryption, ensuring authenticated encryption with associated data (AAD).

Compliance Manager Guardian

Name: Compliance Manager Guardian
Author: thefixer3x

bythefixer3x

0•

Security & Testing

Enforces strict regulatory guardrails for PCI, GDPR, PSD2, and HIPAA compliance during core security file modifications.

The Compliance Manager Guardian is a specialized skill designed to protect sensitive security and compliance logic within the Onasis Gateway. It prevents the accidental bypassing of critical validators and ensures that every code edit maintains rigorous standards for data masking, AES-256-GCM encryption, Strong Customer Authentication (SCA), and immutable audit logging. By providing automated checks for global regulations like PCI-DSS, GDPR, and HIPAA, this skill acts as a safety net for developers working on core security infrastructure, ensuring that security fixes are never rolled back and sensitive data is never exposed in logs.

Key Features

01Automated PCI-DSS card data masking and field protection

02GDPR-compliant consent management and pseudonymization enforcement

030 GitHub stars

04PSD2 Strong Customer Authentication (SCA) multi-factor validation

05Immutable audit trail generation for all compliance-sensitive operations

06Mandatory AES-256-GCM encryption patterns for sensitive data storage

Use Cases

01Updating payment processing logic while ensuring CVV and PIN data are never logged or stored

02Implementing high-value transaction monitoring that requires PSD2-compliant multi-factor authentication

03Modifying user data handling to meet GDPR data minimization and consent requirements

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add thefixer3x/onasis-gateway compliance-manager

For use in Claude.ai and ChatGPT

Download Skill