compliance-audit
Audits codebases for compliance with frameworks like SOC2 and HIPAA, generating detailed markdown reports with code references.
Install this skill
or
68/100
Security score
The compliance-audit skill was audited on Mar 3, 2026 and we found 8 security issues across 2 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
medium line 30
Access to hidden dotfiles in home directory
SourceSKILL.md
| 30 | _On startup, use Read to load `~/.claude/skills/compliance-audit/preferences.md`. If it does not exist, treat as "no preferences set"._ |
medium line 48
Access to hidden dotfiles in home directory
SourceSKILL.md
| 48 | - **`reset`** → delete `~/.claude/skills/compliance-audit/preferences.md`, confirm, stop |
low line 79
Access to hidden dotfiles in home directory
SourceSKILL.md
| 79 | (read from ~/.claude/skills/compliance-audit/preferences.md) |
medium line 90
Access to hidden dotfiles in home directory
SourceSKILL.md
| 90 | Save to `~/.claude/skills/compliance-audit/preferences.md`. |
medium line 94
Access to hidden dotfiles in home directory
SourceSKILL.md
| 94 | Delete `~/.claude/skills/compliance-audit/preferences.md` and confirm: "Preferences cleared. Using defaults." |
medium line 38
Access to .env file
SourceSKILL.md
| 38 | 4. _Tech stacks present: look for package.json, requirements.txt, Cargo.toml, go.mod, Dockerfile, .env files, etc._ |
medium line 125
Access to .env file
SourceSKILL.md
| 125 | - `package.json` (Node/JS/TS), `requirements.txt`/`pyproject.toml` (Python), `Cargo.toml` (Rust), `go.mod` (Go), `Dockerfile`, `docker-compose.yml`, `.env`/`.env.example`, CI configs |
low line 158
External URL reference
SourceSKILL.md
| 158 | - For git repos with remote: `[file:line](https://remote-url/blob/branch/file#Lline)` |
Scanned on Mar 3, 2026
View Security DashboardInstall this skill with one command
/learn @mostafa-drz/compliance-auditGitHub Stars 1
Rate this skill
Categorylegal
UpdatedMarch 29, 2026
claude-codeapicompliance-officersecurity-engineerqa-engineerdevops-sredata-analystlegaldevelopmentdata analytics
mostafa-drz/claude-skills