Does it work with specific tech stacks?

Yes, it is specifically optimized for applications built using Supabase, Stripe, Vercel, and Expo.

Can this skill replace a licensed attorney?

No, this skill provides operational guidance and compliance analysis but is not a substitute for professional legal advice or jurisdiction-specific legal opinions.

Can it assist with SOC2 audits?

Yes, it provides readiness checks for security controls, including MFA enforcement, RLS auditing, and data isolation verification.

Which regulatory frameworks are supported?

It primarily supports GDPR (EU/UK), CCPA (California), PCI-DSS for payment handling, and SOC2 Type II Trust Service Criteria.

How does it handle user data deletion requests?

It implements a multi-step workflow that deactivates auth records, anonymizes PII in database tables, removes storage objects, and updates Stripe subscriptions.

Legal Compliance

Name: Legal Compliance
Author: coreymaypray

bycoreymaypray

0•

Security & Testing

Audits and maintains GDPR, SOC2, and data privacy compliance for SaaS products and client data handling practices.

The Legal Compliance skill acts as a specialized regulatory sentinel for the Maycrest Group, providing structured oversight for the TIE Platform and client-facing applications. It streamlines the complex requirements of GDPR, CCPA, SOC2 Type II, and PCI-DSS by integrating compliance logic directly into the development workflow. Optimized for stacks involving Supabase, Stripe, and Vercel, this skill helps developers implement data minimization, manage user rights requests, and maintain rigorous audit trails to ensure global regulatory standards are met without compromising velocity.

Key Features

01PCI-DSS scope management and security audits for Stripe integrations

02SOC2 Type II readiness checklists covering security, availability, and privacy

030 GitHub stars

04Automated GDPR and CCPA gap analysis for Supabase-backed applications

05Standardized workflows for Data Subject Access Requests (DSAR) and the Right to Erasure

06Generation of professional compliance assessment reports and remediation plans

Use Cases

01Preparing SOC2 evidence for Row Level Security (RLS) and infrastructure access controls

02Conducting a comprehensive GDPR audit before launching new SaaS features

03Executing end-to-end data deletion requests across databases and third-party providers

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add coreymaypray/sloth-skill-tree legal-compliance

For use in Claude.ai and ChatGPT

Key Features

01PCI-DSS scope management and security audits for Stripe integrations

02SOC2 Type II readiness checklists covering security, availability, and privacy

030 GitHub stars

04Automated GDPR and CCPA gap analysis for Supabase-backed applications

05Standardized workflows for Data Subject Access Requests (DSAR) and the Right to Erasure

06Generation of professional compliance assessment reports and remediation plans

Use Cases

01Preparing SOC2 evidence for Row Level Security (RLS) and infrastructure access controls

02Conducting a comprehensive GDPR audit before launching new SaaS features

03Executing end-to-end data deletion requests across databases and third-party providers

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add coreymaypray/sloth-skill-tree legal-compliance

For use in Claude.ai and ChatGPT