CtrlK
BlogDocsLog inGet started
Tessl Logo

soc2-compliance-checker

Soc2 Compliance Checker - Auto-activating skill for Security Advanced. Triggers on: soc2 compliance checker, soc2 compliance checker Part of the Security Advanced skill category.

36

1.02x
Quality

3%

Does it follow best practices?

Impact

96%

1.02x

Average score across 3 eval scenarios

SecuritybySnyk

Passed

No known issues

Optimize this skill with Tessl

npx tessl skill review --optimize ./planned-skills/generated/04-security-advanced/soc2-compliance-checker/SKILL.md
SKILL.md
Quality
Evals
Security

Evaluation results

100%

SOC2 Compliance Audit: Internal API Service

Step-by-step SOC2 code audit

Criteria
Without context
With context

Step-by-step structure

100%

100%

SOC2 Trust Service Criteria reference

100%

100%

Standards validation annotation

100%

100%

Access control findings

100%

100%

Logging and monitoring gap

100%

100%

Encryption / data-in-transit gap

100%

100%

Input validation gap

100%

100%

Remediation recommendations

100%

100%

Severity / risk rating

100%

100%

Output written to file

100%

100%

No external dependencies required

100%

100%

97%

4%

Security Hardening Package for SOC2 Certification

Production-ready security configuration

Criteria
Without context
With context

Production-ready nginx config

100%

100%

TLS enforcement

100%

100%

Production-ready Docker/container config

100%

100%

Standards citation

100%

100%

GDPR coverage

100%

100%

Access control policy

100%

100%

Logging and monitoring policy

80%

100%

Incident response section

100%

100%

Validation annotation

37%

62%

No hardcoded secrets

100%

100%

Multiple output files

100%

100%

93%

2%

Threat Model and Compliance Review: Healthcare Data Platform

Multi-domain threat model and GDPR assessment

Criteria
Without context
With context

Step-by-step structure

100%

100%

SOC2 Trust Service Criteria mapping

100%

100%

GDPR article references

100%

100%

Threat categorization framework

100%

100%

Data flow diagram or asset inventory

100%

100%

Risk rating per threat

100%

100%

Mitigation recommendations

100%

100%

Penetration testing coverage

62%

50%

Validation against standards

100%

100%

Output written to file

100%

100%

Residual risk summary

25%

62%

Repository
jeremylongshore/claude-code-plugins-plus-skills
Commit

3e83543

Evaluated
Agent
Claude Code
Model
Claude Sonnet 4.6

Table of Contents

SOC2 Compliance Audit: Internal API ServiceSecurity Hardening Package for SOC2 CertificationThreat Model and Compliance Review: Healthcare Data Platform

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.

Claim skill