compliance-auditor
AdvisoryAudited by Static analysis on May 8, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If users paste real personal, health, or payment-card details, that information may appear in the conversation and audit output.
The skill is meant to support compliance audits involving sensitive personal, health, and payment-card data. This is purpose-aligned, and the artifacts do not show persistence or exfiltration, but users may place sensitive data into chat context or generated reports.
Data Types: [PII, PHI, PCI, etc.]
Use redacted examples, schemas, control descriptions, or summaries where possible, and avoid sharing unnecessary raw regulated data.
Users could over-rely on generated compliance guidance as if it were an official audit or legal opinion.
This is an authority-style claim that may increase user trust. It does not show deception or unsafe behavior, but the artifacts do not establish certification, affiliation, or legal authority.
using proven patterns from production AI systems (Oracle, IBM Watson Governance)
Treat outputs as draft checklists or analysis aids and have qualified legal, privacy, or compliance professionals review decisions.