compliance-evidence-assembler
把审计所需证据整理成目录、清单和缺失项,便于后续评审。;use for compliance, evidence, audit workflows;do not use for 伪造证据, 替代正式审计结论.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/52yuanchangxing/compliance-evidence-assemblerWhat This Skill Does
The 'compliance-evidence-assembler' is a specialized AI agent skill designed to streamline the audit preparation process. It acts as a structural assistant that organizes raw documents, evidence, and control mappings into a coherent, audit-ready package. By transforming unstructured data into a standardized format, this skill ensures that organizations can quickly identify what evidence is available, verify it against specific control requirements, and transparently document any missing gaps. It bridges the gap between raw data collection and the formal review stage, ensuring the audit trail remains organized and logically sound.
Installation
To integrate this skill into your environment, run the following command in your terminal:
clawhub install openclaw/skills/skills/52yuanchangxing/compliance-evidence-assembler
Use Cases
- Audit Preparation: Automatically organize collected file assets into a formal evidence directory structure based on regulatory requirements.
- Gap Analysis: Compare current project documentation against a provided
spec.jsonto generate a report on missing evidence. - Evidence Tracking: Maintain a persistent list of evidence deliverables and their status, helping project leads prioritize remaining documentation tasks.
- Regulatory Readiness: Generate standardized summary reports for internal stakeholders to ensure compliance workflows are consistent and ready for external review.
Example Prompts
- "I have a folder of security logs and policy documents. Please organize them based on the ISO 27001 evidence requirements specified in the resources directory and tell me what is missing."
- "Review the provided evidence manifest. Based on the
spec.jsonstandards, draft a priority list for the team to complete the remaining audit evidence." - "Summarize the current state of our GDPR compliance evidence. Focus on identifying which control mappings are fully documented and which ones are currently lacking supporting files."
Tips & Limitations
- Data Integrity: This tool is designed strictly for organizational assistance. It will not, under any circumstances, create, edit, or falsify evidence to meet audit requirements. Doing so undermines the integrity of the audit process.
- Scope of Automation: The skill performs read-only analysis. When using the available scripting hooks, ensure all outputs are reviewed by a human auditor before being submitted to any external compliance platform.
- Dependencies: For optimal results, ensure your
{baseDir}/resources/directory is updated with the latest regulatory spec files. When uncertain about a file's intent, the skill will explicitly mark it as a 'pending confirmation' item rather than guessing its category.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-52yuanchangxing-compliance-evidence-assembler": {
"enabled": true,
"auto_update": true
}
}
}Tags
Flags: file-read
Related Skills
evidence-gap-mapper
在报告、方案或演示稿中定位结论先行但证据不足的位置,并给出补证优先级。;use for evidence, gap-analysis, research workflows;do not use for 伪造数据支撑结论, 忽略高风险假设.
securityvitals
Security vitals checker for OpenClaw. Scans your installation, scores your setup, and shows you exactly what to fix. First scan in seconds.
sealvera
Tamper-evident audit trail for AI agent decisions. Use when logging LLM decisions, setting up AI compliance, auditing agents for EU AI Act, HIPAA, GDPR or SOC 2, or when a user asks about AI decision audit trails, explainability, or SealVera.
doc-gap-finder
扫描文档目录、标题结构与文件分布,找缺失章节、重复内容和过时区域。;use for docs, audit, knowledge workflows;do not use for 读取无权限目录, 直接修改原文档.
cron-job-guardian
检查 cron 或 timer 配置中的频率、幂等、重试、日志与并发风险。;use for cron, timer, ops workflows;do not use for 直接启停生产任务, 替代真正监控.