compliance-architecture
Enterprise compliance architecture for SOC 2, HIPAA, GDPR, and PCI-DSS regulated systems. Use when designing compliant systems, preparing for audits, or implementing regulatory requirements. Covers compliance checklists, data protection controls, audit evidence collection, and security policies.
Why use this skill?
Master enterprise compliance with our expert architecture skill. Get guided support for SOC 2, HIPAA, and GDPR audit preparation and secure system design.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/anton-abyzov/sw-compliance-architectureWhat This Skill Does
The Compliance Architecture skill is an enterprise-grade toolkit for architects, DevOps engineers, and security teams tasked with building systems that adhere to stringent regulatory frameworks. It acts as an expert consultant for navigating the complexities of SOC 2, HIPAA, GDPR, and PCI-DSS. The skill provides detailed guidance on infrastructure design, encryption standards, IAM policy construction, and audit evidence collection. By leveraging this tool, users can design cloud environments that meet industry "gold standards" for security and compliance, ensuring that serverless deployments, data storage, and CI/CD pipelines align with regulatory requirements before they face an audit.
Installation
To install this skill, run the following command in your terminal:
clawhub install openclaw/skills/skills/anton-abyzov/sw-compliance-architecture
Use Cases
- Audit Preparation: Generate lists of required evidence for auditors, such as access logs, change management records, and encryption schemas.
- Architecture Design: Build serverless AWS, Azure, or GCP environments that satisfy HIPAA requirements, including the mandatory BAA prerequisites and customer-managed key implementation.
- Policy Enforcement: Receive guidance on crafting IAM policies that enforce the principle of least privilege, eliminating wildcard permissions across production environments.
- GDPR Compliance: Identify critical data protection controls needed for European data sovereignty, including right-to-erasure and data minimization workflows.
Example Prompts
- "I am deploying a healthcare application on AWS. Walk me through the necessary steps to ensure HIPAA compliance, specifically regarding encryption at rest and BAA requirements."
- "Review my current IAM role configuration for my production DynamoDB tables. What changes are needed to satisfy SOC 2 Type II controls for access management?"
- "Generate a checklist for a PCI-DSS compliance audit for a payment processing service using serverless functions."
Tips & Limitations
This skill is advisory. While it provides accurate industry standard practices, compliance is ultimately a holistic organizational responsibility involving legal, HR, and technical stakeholders. Always ensure that the specific configuration recommended is reviewed by your organization's internal security or legal team. Remember that "out of the box" cloud settings are rarely compliant by default; always verify your specific environment settings against these benchmarks.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-anton-abyzov-sw-compliance-architecture": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Related Skills
network-engineer
Cloud network architect for VPC design, service mesh, zero-trust networking, load balancers, and CDN optimization. Use for network troubleshooting or connectivity issues.
jira-multi-project-mapper
Expert in mapping SpecWeave specs to multiple JIRA projects with intelligent project detection and cross-project coordination. Use when syncing to multiple JIRA projects (project-per-team, component-based), or managing bidirectional sync across team boundaries.
helm-chart-scaffolding
Design, organize, and manage Helm charts for templating and packaging Kubernetes applications with reusable configurations. Use when creating Helm charts, packaging Kubernetes applications, or implementing templated deployments.
performance-optimization
React Native performance with Hermes V1, FlashList, expo-image v2, concurrent rendering. Use for slow app, memory leaks, or FPS issues.
release-strategy-advisor
Release strategy advisor - detects brownfield patterns (tags, CI/CD, changelogs), recommends versioning strategy based on architecture. Creates release-strategy.md.