control-assessmentEvaluate individual framework controls against organizational documentation with evidence extraction, severity classification, and remediation recommendations.
Install via ClawdBot CLI:
clawdbot install Dangsllc/control-assessmentGrade Fair — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Generated Mar 21, 2026
A hospital needs to assess its policies against HIPAA Security Rule controls (e.g., 164.312(a)(1) for access control) to prepare for an external audit. This skill extracts evidence from security policies and procedures to demonstrate compliance and identify gaps in administrative safeguards.
A bank must evaluate its information security program against NIST 800-53 controls (e.g., AC-2 for account management) for regulatory reporting. The skill maps internal documentation to control requirements, classifying gaps by severity to prioritize remediation efforts.
A cloud service provider is preparing for a SOC 2 Type II audit and needs to assess controls related to security and availability. This skill analyzes security policies against relevant trust services criteria, extracting specific evidence and recommending actions to address partial coverage.
An industrial manufacturer aims to achieve ISO 27001 certification and must evaluate its ISMS documentation against Annex A controls. The skill helps map procedures to controls like A.9.2 for user access management, identifying gaps in implementation details for remediation.
A federal agency requires continuous monitoring of its systems against FISMA-mandated NIST controls. This skill assesses system security plans and policies, extracting evidence for controls like SI-4 for monitoring, and classifying gaps to meet reporting deadlines.
Offer subscription-based compliance assessment services using this skill to automate control evaluations for clients. Revenue is generated through monthly or annual fees, with tiered pricing based on the number of controls or documents assessed.
Provide expert compliance consulting where this skill is used as a tool to enhance audit readiness and gap analysis for clients. Revenue comes from project-based fees or hourly rates for assessments and remediation planning.
Integrate this skill into GRC (Governance, Risk, and Compliance) platforms as a feature for automated control mapping. Revenue is generated through licensing fees to software vendors or per-user subscriptions within the platform.
💬 Integration Tip
Ensure the skill has access to well-structured document repositories and pre-defined control frameworks to optimize mapping accuracy and evidence extraction.
Scored Apr 19, 2026
Manage Trello boards, lists, and cards via the Trello REST API.
Query and manage Linear issues, projects, and team workflows.
Use when the user mentions Jira issues (e.g., "PROJ-123"), asks about tickets, wants to create/view/update issues, check sprint status, or manage their Jira...
Monday.com API integration with managed OAuth. Manage boards, items, columns, groups, and workspaces using GraphQL. Use this skill when users want to create, update, or query Monday.com boards and items, manage tasks, or automate workflows. For other third party apps, use the api-gateway skill (https://clawhub.ai/byungkyu/api-gateway). Requires network access and valid Maton API key.
Manage TickTick tasks and projects from the command line with OAuth2 auth, batch operations, and rate limit handling.
Run the Model Context Protocol (MCP) Atlassian server in Docker, enabling integration with Jira, Confluence, and other Atlassian products. Use when you need to query Jira issues, search Confluence, or interact with Atlassian services programmatically. Requires Docker and valid Jira API credentials.