Use when the user asks about SOC 2 from an engineering perspective — Trust Services Criteria (TSC) implementation, evidence-as-code, continuous monitoring patterns, instrumenting controls, or designing systems that produce audit-ready evidence by default. Engineer-voice, not auditor-voice.
This listing is imported from SkillsMP metadata and should be treated as untrusted until upstream source review is completed.
Install skill "soc-2" with this command: npx skills add grcwarlock/skillsmp-grcwarlock-grcwarlock-soc-2
This source entry does not include full markdown content beyond metadata.
This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.
Related by shared tags or category signals.
Use when the user asks about ISO/IEC 27001:2022 from an engineering perspective — building an ISMS that runs on systems and code rather than spreadsheets, instrumenting Annex A controls, designing risk registers as data, and producing evidence pipelines that hold up to a certification audit. Engineer-voice, not auditor-voice.
Use when the user asks about NIST SP 800-53 Rev. 5 from an engineering perspective — selecting baselines, tailoring controls, modeling control inheritance from cloud providers and shared services, emitting OSCAL artifacts, or implementing controls in IaC and code rather than running them as a documentation exercise. Engineer-voice, not auditor-voice.
GoPlus AgentGuard — AI agent security guard. Run /agentguard checkup for a full security health check, scans all installed skills, checks credentials, permissions, and network exposure, then delivers an HTML report directly to you. Also use for scanning third-party code, blocking dangerous commands, preventing data leaks, evaluating action safety, and running daily security patrols.
Notion via notion-cli — a Rust CLI + MCP server for Notion API 2025-09-03+. Safety-first agent integration with rate limiting, response-size cap, untrusted-source output envelope, read-only MCP default, JSONL audit log, and --check-request dry-runs. Supports the new data-source model, 22 property types, 12 block types, and one-shot page+body creation.