playbooks

home / skills / a5c-ai / babysitter / compliance-validator

compliance-validator skill

/plugins/babysitter/skills/babysit/process/specializations/code-migration-modernization/skills/compliance-validator

This skill validates migration compliance across rules, audits, and security controls to ensure policy enforcement and evidence generation.

npx playbooks add skill a5c-ai/babysitter --skill compliance-validator

Review the files below or copy the command above to add this skill to your agents.

Files (2)
SKILL.md
2.4 KB
---
name: compliance-validator
description: Validate compliance during migration with rule checking, audit trails, and security control validation
allowed-tools: ["Bash", "Read", "Write", "Grep", "Glob", "Edit"]
---

# Compliance Validator Skill

Validates compliance requirements during migration activities, checking rules, generating audit trails, and verifying security controls.

## Purpose

Enable compliance verification for:
- Compliance rule checking
- Audit trail generation
- Security control validation
- Policy enforcement
- Gap analysis

## Capabilities

### 1. Compliance Rule Checking
- Check against frameworks (SOC2, HIPAA, PCI)
- Verify organizational policies
- Validate technical controls
- Flag violations

### 2. Audit Trail Generation
- Log migration activities
- Track changes
- Document approvals
- Preserve evidence

### 3. Security Control Validation
- Verify encryption
- Check access controls
- Validate logging
- Test security measures

### 4. Policy Enforcement
- Apply security policies
- Enforce standards
- Block violations
- Alert on issues

### 5. Compliance Report Generation
- Generate audit reports
- Document controls
- Track remediation
- Produce evidence

### 6. Gap Analysis
- Identify compliance gaps
- Prioritize remediation
- Track closure
- Report progress

## Tool Integrations

| Tool | Purpose | Integration Method |
|------|---------|-------------------|
| AWS Config | AWS compliance | API |
| Azure Policy | Azure compliance | API |
| Chef InSpec | Infrastructure testing | CLI |
| OPA | Policy as code | CLI |
| Prowler | Security auditing | CLI |
| ScoutSuite | Multi-cloud audit | CLI |

## Output Schema

```json
{
  "validationId": "string",
  "timestamp": "ISO8601",
  "frameworks": ["SOC2", "HIPAA"],
  "results": {
    "passed": "number",
    "failed": "number",
    "notApplicable": "number"
  },
  "controls": [
    {
      "id": "string",
      "framework": "string",
      "status": "passed|failed|na",
      "evidence": "string",
      "remediation": "string"
    }
  ],
  "auditTrail": {
    "location": "string",
    "entries": "number"
  }
}
```

## Integration with Migration Processes

- **cloud-migration**: Cloud compliance
- **security-remediation-migration**: Security compliance

## Related Skills

- `vulnerability-scanner`: Security scanning

## Related Agents

- `compliance-migration-agent`: Compliance orchestration
- `security-vulnerability-assessor`: Security assessment

Overview

This skill validates compliance during migrations by checking rules, producing audit trails, and verifying security controls. It helps teams enforce frameworks like SOC2, HIPAA, and PCI while preserving evidence and tracking remediation. The goal is deterministic, auditable validation that fits into automated migration workflows.

How this skill works

The skill runs rule checks against selected frameworks and organizational policies, using configured integrations (AWS Config, Azure Policy, Chef InSpec, OPA, Prowler, ScoutSuite) to collect control data. It records migration actions and findings into an audit trail, classifies controls as passed/failed/na, and generates structured validation reports including remediation guidance. Alerts and enforcement actions can block or flag migration steps when violations are detected.

When to use it

  • During cloud or platform migrations to verify compliance posture
  • Before and after security remediation tasks to confirm control effectiveness
  • When demonstrating evidence for audits or regulators
  • To perform gap analysis and prioritize remediation during migration planning
  • When integrating compliance checks into CI/CD migration pipelines

Best practices

  • Map target frameworks and organizational policies before running validations
  • Use native cloud integrations (AWS Config, Azure Policy) for authoritative state data
  • Automate evidence collection and store audit trails in immutable storage
  • Run incremental validations during staged migrations to catch regressions early
  • Prioritize failed controls by business risk and track closure in the tool

Example use cases

  • Run SOC2 control checks during a cloud migration and generate an audit report for stakeholders
  • Validate encryption and access controls after a lift-and-shift to ensure data protection
  • Automate pre-cutover compliance gates that block migration if critical controls fail
  • Produce a gap analysis report listing missing controls and prioritized remediation tasks
  • Integrate with Chef InSpec and OPA to enforce policy-as-code during infrastructure provisioning

FAQ

Which compliance frameworks are supported?

Out of the box it targets common frameworks like SOC2, HIPAA, and PCI; additional frameworks can be mapped via policy definitions.

How are audit trails preserved?

All migration activities and validation results are logged with timestamps and stored to a configured audit location, intended for immutable storage or long-term retention.

Can it block migration steps automatically?

Yes—policy enforcement can be configured to block or pause migration tasks when critical violations are detected, or to only alert depending on your policy.