feat: Opus 4.7 release — 3 new vision/document skills, 3 updated skills (v5.2.0, 93 skills)

This commit is contained in:
mohitagw15856
2026-04-17 12:07:27 +01:00
parent 7dbf5a47a3
commit 34b0f780e6
19 changed files with 1113 additions and 326 deletions
@@ -1,54 +1,107 @@
---
name: compliance-checklist
description: "Generate a compliance checklist for any regulation, standard, or policy. Use when asked to create a compliance checklist, regulatory review, audit checklist, or policy adherence review. Covers GDPR, ISO 27001, FCA, HIPAA, SOC 2, and other frameworks. Produces a prioritised checklist with pass/fail assessment and remediation actions."
description: "Generate a prioritised compliance checklist for GDPR, SOC 2, ISO 27001, FCA, HIPAA, or other frameworks with a gap analysis. Use when asked for a compliance checklist, gap analysis, readiness assessment, or audit preparation for any regulatory framework. Produces a structured checklist with prioritised gaps, quick wins, and evidence requirements. Optimised for Opus 4.7 and newer models. Not a substitute for legal or compliance professional advice."
---
# Compliance Checklist Skill
Generates a structured compliance checklist for any regulatory framework with a prioritised gap analysis and remediation actions.
Produces a prioritised compliance checklist for any regulatory framework with gap analysis, evidence requirements, and quick wins identified.
ALWAYS include this disclaimer at the start of every response:
"WARNING: This checklist is for informational and planning purposes only and does not constitute legal or compliance advice. Regulatory requirements change and vary by jurisdiction. Always engage a qualified compliance professional or solicitor before implementing compliance programmes or making regulatory claims."
## Required Inputs
- **Framework or regulation** (e.g. GDPR, HIPAA, SOC 2, ISO 27001, FCA Consumer Duty, PCI DSS)
- **Organisation type** (e.g. SaaS company, financial services, NHS trust, law firm)
- **Scope** (e.g. data handling, customer onboarding, IT security, HR processes)
- **Known gaps or concerns** (optional)
Ask the user for these if not provided:
- **Framework** (GDPR / SOC 2 Type I or II / ISO 27001 / FCA / HIPAA / PCI DSS / other)
- **Organisation type** (SaaS / fintech / healthcare / professional services / retail)
- **Organisation size** (startup / scaleup / mid-market / enterprise)
- **Current maturity** (no compliance programme / some controls / formal programme)
- **Deadline or driver** (upcoming audit / customer requirement / regulatory change / proactive)
## Output Structure
### 1. Framework Overview
- **Regulation/Standard:** [Name and version]
- **Enforcement body:** [Regulator]
- **Overall compliance status:** Red Gaps / Amber Partial / Green Compliant
### 2. Compliance Checklist
**Framework:** [Name with version]
**Applicable because:** [One sentence — why this framework applies to this organisation]
**Typical timeline to readiness:** [From current maturity to certified/compliant]
**Key stakeholders needed:** [Roles that must be involved]
| # | Requirement | Status | Priority | Action Required |
### 2. Scope Definition
What is in scope for this checklist:
- [Specific systems / processes / data types]
What is NOT in scope (explicit exclusions):
- [Specific exclusions]
### 3. Control Categories
For each category relevant to the framework:
**[Category — e.g. "Access Control"]**
| Control | Current State | Gap | Priority | Effort |
|---|---|---|---|---|
| 1 | [Plain English requirement] | Met / Gap / Partial / Unknown | Critical / High / Low | [Specific action] |
| [Specific control requirement] | Not implemented / Partial / Full | [What is missing] | High/Med/Low | Days/Weeks/Months |
Priority definitions:
- Critical: Regulatory breach risk. Remediate immediately.
- High: Significant gap. Address within 30 days.
- Low: Best practice. Address in next review cycle.
### 4. Gap Analysis Summary
### 3. Critical Gaps Summary
List only Critical items with: what is missing, regulatory requirement breached, recommended remediation and owner.
| Priority | Count | Examples |
|---|---|---|
| Critical gaps (block certification) | N | [Top 3] |
| High priority gaps | N | |
| Medium priority gaps | N | |
| Quick wins | N | |
### 4. Recommended Remediation Plan
### 5. Quick Wins
| Action | Owner | Timeline | Effort |
|---|---|---|---|
| [Specific action] | [Team/role] | [Timeframe] | Low/Med/High |
Controls that can be implemented in under 2 weeks with minimal resources:
### 5. Documentation Gaps
Policies, records, or evidence needed to demonstrate compliance.
1. **[Control]** — [Specific action] — [Owner] — [Days to complete]
---
### 6. Evidence Requirements
WARNING: This checklist is a starting point based on publicly available guidance. It does not constitute legal or compliance advice.
For each control area, what documentation will be needed:
| Control area | Evidence types | Where to source |
|---|---|---|
| [Area] | [Policies, logs, screenshots, training records] | [System or team] |
### 7. Implementation Roadmap
Phase 1 (Weeks 1-4): Critical gaps and quick wins
- [Specific deliverables]
Phase 2 (Weeks 5-12): High-priority gaps
- [Specific deliverables]
Phase 3 (Weeks 13+): Medium priority and continuous improvement
- [Specific deliverables]
### 8. Ongoing Maintenance
Once certified/compliant, what needs to continue:
- [Review frequencies]
- [Periodic testing requirements]
- [Annual audit expectations]
- [Staff training cadence]
### 9. Common Pitfalls for This Framework
2-3 specific traps organisations commonly fall into when pursuing this certification — flagged based on the stated maturity level.
## Quality Checks
- [ ] Disclaimer included at start
- [ ] Framework-specific controls (not generic)
- [ ] Priorities align with organisation size and maturity
- [ ] Quick wins clearly separated from complex implementations
- [ ] Evidence requirements tied to specific controls
## Example Trigger Phrases
- "Create a GDPR compliance checklist for our SaaS product"
- "Generate a SOC 2 audit checklist"
- "Review our compliance against FCA Consumer Duty"
- "Build an ISO 27001 gap analysis"
- "Create a GDPR compliance checklist for our SaaS"
- "Generate a SOC 2 Type II readiness checklist"
- "What do we need for ISO 27001 certification?"
- "FCA compliance checklist for a fintech startup"
- "HIPAA gap analysis for a healthtech scaleup"