⚠️Install with caution. This skill has very few installs. Always review the source and verify it on clawhub.ai before installing. Community-built skills run with agent permissions — only install ones you trust.

🔐 Security & Audit

Chief Information Security Officerv1.0.0

Name: Chief Information Security Officer
Author: ivangdavila

ciso

ivangdavila

Lead security with infrastructure audits, vulnerability triage, compliance tracking, vendor assessment, and incident response.

securitysecurity-scan

Download Package View on ClawHub

Installs (all time)

Installs (current)

Downloads

575

Stars

CreatedFeb 13, 2026

UpdatedFeb 26, 2026

Install & Quick Start

Install via ClawdBot CLI:

clawdbot install ivangdavila/ciso

Skill Package5 files

📋SKILL.mdmarkdown

Failed to load file.

Quality Score

B50/100

Grade Fair — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.

Market Validation5/35

· No tracked installs (may still have manual users)
· 575 downloads (moderate demand)
· 2 stars

Documentation14/25

· SKILL.md present
· Moderate documentation (≥1500 chars)
· Detailed summary

Package Completeness6/15

· skillAssets present (4 files)

💡

Usage Guide

Generated Mar 21, 2026

Chief Technology OfficersSecurity EngineersCompliance Managersintermediate

💡 Application Scenarios

Cloud Infrastructure Security AuditTechnology/SaaS

A SaaS startup needs to audit its AWS cloud configurations and Docker containers for security misconfigurations before a SOC 2 audit. The agent reviews firewall rules, SSL/TLS settings, and access controls to identify vulnerabilities.

Vendor Security Assessment for ComplianceHealthcare

A healthcare company must assess third-party vendors handling patient data to meet HIPAA compliance. The agent parses security questionnaires, reviews SOC 2 reports, and flags risks in vendor security practices.

Incident Response CoordinationFinance/Fintech

A fintech firm experiences a suspected data breach and needs to execute incident response playbooks. The agent helps coordinate containment, draft post-mortems, and monitor for credential leaks on the dark web.

Vulnerability Triage and PrioritizationRetail/E-commerce

An e-commerce platform faces numerous CVEs in its tech stack and needs to filter noise to prioritize fixes based on real impact. The agent matches vulnerabilities against actual assets and recommends actionable patches.

Secrets Management SetupTechnology/Startups

A growth-stage startup lacks proper secrets management and needs to implement rotation schedules and vault setup. The agent guides the process without exposing credentials, ensuring secure handling of API keys and passwords.

💼 Business Models

SaaS SubscriptionRecurring monthly/annual subscriptions

Companies offering cloud-based software with recurring revenue, requiring strong security for customer data and compliance with frameworks like SOC 2. This model benefits from regular infrastructure audits and vendor assessments.

E-commerce PlatformSales revenue from product transactions

Businesses selling goods online, handling payment data and customer information, necessitating PCI-DSS compliance and incident response plans. Security focuses on protecting transactions and managing third-party risks.

Healthcare ProviderService fees from healthcare services

Organizations managing patient health records, requiring strict HIPAA compliance and robust access controls. Security efforts center on data protection, vendor assessments, and audit trails for regulatory adherence.

💬 Integration Tip

Integrate this skill with existing security tools like vulnerability scanners and compliance platforms to automate audits and streamline incident response workflows.