soc2-gap-analysis
This skill should be used when the user asks to "prepare for SOC 2", "run a SOC 2 gap analysis", "check our audit readiness", "map our controls", "what controls are missing", "review us for SOC 2 Type I", "review us for SOC 2 Type II", or mentions SOC 2, trust service criteria, control gaps, auditor prep, trust center readiness, or remediation planning.
Complete plugin installation is recommended so this skill keeps its agents, hooks, commands, and runtime context.
- PUBLISHER
- b-open-io
- RELATIONSHIP
- authored
- VERSION
- 0.1.0
- BENCHMARK
- unknown
Install product-skills
The complete plugin is the supported path. It preserves everything the publisher designed to work alongside this skill.
Install only this skill
Use this narrower path only when you intentionally want the portable SKILL.md without the plugin’s surrounding capabilities.
Skills CLI
VERIFIED- Installs only the portable skill; it omits plugin hooks, agents, commands, apps/MCP configuration, and unlisted companion skills.
Trace it to the source.
- DISTRIBUTED SOURCE
- skills/soc2-gap-analysis/SKILL.md ↗
- UPSTREAM SOURCE
- No separate upstream declared
- DISTRIBUTED DIGEST
- sha256:2ae613f1b0e34e77e1124470611bc41ed5a8a3b0c02933c6ac9ff42ca5fe2d72
- LOCK HASH
- Not applicable
Related skills
ALL PRODUCT-SKILLS SKILLS →ai-seo-optimization
This skill should be used when the user asks to audit a website for SEO, improve search rankings, optimize content for AI search (ChatGPT, Perplexity, Google AI Overviews), implement schema markup, build entity recognition, analyze keyword opportunities, improve E-E-A-T signals, create an SEO strategy, or when they mention 'SEO', 'search optimization', 'rankings', 'schema', 'structured data', 'AI search', 'featured snippets', or 'knowledge graph'. Provides modern SEO workflows for the AI-powered search era including entity-based optimization, multi-platform visibility (Google, ChatGPT, Perplexity, Gemini), and technical SEO for 2025.
legal-compliance
This skill should be used when the user asks to draft a privacy policy, terms of service, cookie policy, or data processing agreement; when they ask about GDPR, CCPA, HIPAA, or other privacy regulations; when they need a compliance audit, legal gap analysis, or regulatory guidance; when they ask about employment law, IP rights, open source licensing, or contract review; when they mention 'legal', 'compliance', 'regulation', 'liability', 'terms', 'privacy', or 'lawsuit'. This skill also applies to crypto and digital asset questions: token classification (Howey test), security token offerings, stablecoins, GENIUS Act, DeFi compliance, CFTC jurisdiction, DAO liability, IRS crypto tax, AML/FinCEN MSB registration, tokenization of real-world assets, UCC Article 8, and smart contract legal review. Also use for designing or building agentic legal workflows, multi-agent compliance pipelines, and legal AI system architecture using Vercel AI SDK or CrewAI.
soc2-evidence-collection
This skill should be used when the user asks to "collect SOC 2 evidence", "build an evidence register", "prepare evidence for the auditor", "what artifacts do we need", "organize our control evidence", "respond to an auditor request list", or mentions evidence gathering, control artifacts, audit requests, screenshots, exports, or testing records for SOC 2.
soc2-policy-drafting
This skill should be used when the user asks to "draft a SOC 2 policy", "write an access control policy", "write an incident response policy", "create security policies for audit", "prepare policy documents for SOC 2", "draft our control narratives", or mentions policy drafting, approval cadence, review frequency, governance language, or auditor-facing policy documentation for SOC 2.
