📋 Compliance & GRC AI Skills

Audit an iOS app repo (Swift/Xcode or React Native/Expo) for App Store compliance and release readiness; output a pass/warn/fail report and publish checklist.

Safely triage and remediate GitHub dependency hygiene issues with explicit guardrails. Use when Dependabot PRs fail, pnpm lockfiles break, transitive vulnerabilities appear (e.g., glob/lodash/brace-expansion), or CI/Vercel fails due to dependency resolution. Prioritize low-risk fixes, branch+PR workflow, and plain-English explanations.

ISO 13485 internal audit expertise for medical device QMS. Covers audit planning, execution, nonconformity classification, and CAPA verification. Use for int...

Information Security Management System (ISMS) audit expert for ISO 27001 compliance verification, security control assessment, and certification support. Use...

Local-first, event-driven RAG for commercial real estate audit & investigation case folders. Index a case directory named like "项目问题编号__标题" (with stage subfolders such as 01_policy_basis/02_process/04_settlement_payment) and query it with citations (file:// links + PDF

Smart dependency health check — security audit, outdated detection, unused deps, and prioritized update plan

Manage and enforce least-privilege execution, approval-based elevation, port and egress monitoring, and ISO 27001/NIST compliance reporting for OpenClaw secu...

Expert fintech engineer specializing in financial systems, regulatory compliance, and secure transaction processing. Masters banking integrations, payment systems, and building scalable financial technology that meets stringent regulatory requirement

Audits Reddit Devvit apps for environment, config, compliance, and documentation to ensure readiness before server upload.

Audit project dependencies for known vulnerabilities (CVEs). Supports npm, pip, Cargo, and Go. Zero API keys required. Safe-by-default: report-only mode, fix...

AI-native GRC (Governance, Risk, and Compliance) for OpenClaw. 97 actions across 13 frameworks including SOC 2, ISO 27001, HIPAA, GDPR, NIST CSF, PCI DSS, CI...

Prioritize vulnerability remediation using KEV-style exploitation context plus asset criticality. Use for CVE triage, patch order decisions, and remediation...

CVE vulnerability lookup via NIST NVD, CISA KEV, EPSS scores, and MITRE ATT&CK. 7 tools for real-time cybersecurity intelligence.

Assess data privacy compliance across 20 control areas with 63 controls covering governance, consent, security, breach response, vendor management, and cross...

Drata integration. Manage Controls, Standards, Objectives, Reports, Persons, Risks and more. Use when the user wants to interact with Drata data.

Automatically collect and publish security guidelines and guides from KISA and Boho (보호나라) to Notion. Use when you need to (1) collect new security guideline...

基于 UCAP 平台接口，检测文本或指定中国政府网站 URL 中的敏感信息，支持多类型自定义检测并保障访问安全。

Automatically collect and publish security guidelines and guides from KISA and Boho (보호나라) to Notion. Use when you need to (1) collect new security guideline...

Deep risk assessment workflow—identifying risks, likelihood and impact, mitigation plans, owners, residual risk acceptance, and tracking. Use when assessing...

Use when building or updating vulnerability pattern Skills from multiple sources: GitHub Security Advisories (GHSA), HackerOne Hacktivity, or NVD. Triggers o...

Screen suppliers against sanctions lists, PEP registries, ESG ratings, and financial stability data via MOVA HITL, then route findings through a human procur...

舆情风险预诊工具。单段文本快速风险评估，输出风险评分 (1-10)、风险等级 (蓝/黄/橙/红/黑)、传播力×危害力矩阵。适用于客服筛查、社交媒体预检。

当用户或上层系统需要判断聊天记录中的说话者是否可能是未成年人、青少年、中学生、高中生，或需要对单会话、多会话历史做年龄倾向、校园倾向、学生画像、未成年人风险与证据分析时使用此技能。即使用户没有直接说“未成年人识别”，但需求本质上是判断“像不像未成年用户”、输出未成年人概率、画像、趋势、风险等级或结构化证据，也应激...

军用电机质量检验助手 | 根据GJB标准生成检验规程，覆盖来料检验、过程检验、成品检验、出厂检验全流程