How does this skill help with SOC 2 audits?

It provides specific checklists for encryption, access logging, and change management, helping you collect necessary evidence and configure your cloud environment to meet audit standards.

What security misconfigurations does it check for?

It flags common issues such as public S3 buckets, overly permissive IAM policies, hardcoded secrets, and unencrypted databases.

Is this skill specific to a single cloud provider?

No, it covers general compliance principles while providing specific implementation patterns for AWS, Azure, and Google Cloud Platform.

Can it help with HIPAA-compliant serverless deployments?

Yes, it outlines mandatory requirements like Business Associate Agreements (BAAs), network isolation, and PHI encryption standards for major cloud providers.

Does it cover GDPR data residency?

Absolutely. It offers guidance on data localization, residency controls within EU regions, and implementing features like the 'Right to Erasure'.

Compliance Architecture Expert

Name: Compliance Architecture Expert
Author: Microck

byMicrock

•

Security & Testing

Designs enterprise-grade cloud architectures compliant with SOC 2, HIPAA, GDPR, and PCI-DSS standards.

This skill transforms Claude into a specialized consultant for regulatory compliance and security architecture. It provides detailed implementation patterns, security control checklists, and audit preparation guidance specifically tailored for serverless and cloud-native environments. Whether you are handling sensitive healthcare data (PHI), payment information, or European user data, this skill ensures your infrastructure meets rigorous standards like HIPAA, GDPR, and SOC 2 Type II while maintaining operational efficiency through automation and security best practices.

Key Features

01Security misconfiguration detection for cloud and serverless resources

0281 GitHub stars

03Standardized compliance checklists for SOC 2, HIPAA, GDPR, and PCI-DSS

04Guided audit preparation and evidence collection workflows

05Step-by-step remediation for public buckets and permissive IAM policies

06Infrastructure-as-Code best practices for encrypted and isolated environments

Use Cases

01Implementing GDPR-compliant data residency and 'right to erasure' workflows

02Designing a HIPAA-compliant backend for a healthcare application on AWS or Azure

03Preparing a SaaS platform's infrastructure and logging for a SOC 2 Type II audit

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add microck/ordinary-claude-skills compliance-architecture

For use in Claude.ai and ChatGPT

Download Skill