KiloClawPowered by OpenClaw
Back to Cookbook

Infrastructure Compliance Evidence Generator

aka “Audit Armor

Generate SOC2 evidence in minutes, not weeks

Runs infrastructure compliance checks using open-source tools (checkov, tfsec, kube-bench, prowler) and generates formatted evidence mapped to compliance framework controls. Turns weeks of screenshot-taking into an automated evidence package.

House RecipeWork5 min
Try in KiloClawFree 7-day trial

INGREDIENTS

🐙GitHub💬Slack

PROMPT

Create a skill called "Audit Armor". Run compliance checks and generate audit evidence: 1. Run infrastructure scanning tools: - `checkov -d .` on Terraform code - `tfsec .` for Terraform security - `prowler` for AWS CIS benchmarks - `kube-bench` for Kubernetes CIS benchmarks 2. Map findings to compliance framework controls (SOC2, HIPAA, PCI, or CIS — ask me which) 3. For each control, document: - Control description - Evidence gathered (command output, config snippets) - Pass/Fail status - Remediation steps if failing 4. Generate a gap analysis summary: % passing, top failing controls, prioritized remediation plan 5. Export as a structured report I can share with auditors Focus on actionable output — auditors want specific evidence, not summaries.

How It Works

Compliance audits demand evidence that specific controls are in place —

encryption at rest, logging enabled, access controls configured. This

skill gathers that evidence programmatically from your infrastructure.

What You Get

  • Infrastructure scanning via checkov, tfsec, prowler, and kube-bench
  • Findings mapped to compliance framework controls (SOC2, HIPAA, PCI-DSS, CIS)
  • Evidence package: formatted documentation of each control with proof
  • Gap analysis: what's passing, what's failing, what's not covered
  • Remediation plans for failing controls with IaC code snippets
  • Exportable report for auditors

Setup Steps

  1. Tell your Claw which compliance framework you're targeting
  2. Provide access to your Terraform code and/or cloud CLIs
  3. Run the scan and review the gap analysis
  4. Follow remediation steps for failing controls
  5. Export the evidence package for your auditor

Tips

  • Start with CIS benchmarks — they map to most compliance frameworks
  • prowler covers AWS-specific checks that general tools miss
  • kube-bench checks Kubernetes CIS benchmarks specifically
  • Run before the audit, not during — give yourself time to remediate
  • Keep the evidence package in version control for audit trail
Tags:#compliance#security#audit#devops

Related Recipes

Access Auditor

Find the 200 orphaned accounts with admin privileges nobody knew about

Audits user accounts, service accounts, and access keys across your cloud and identity providers. Finds orphaned accounts, unused access keys, over-privileged service accounts, and users who left months ago but still have access.

Work5 min

Dep Wrangler

Tame the Dependabot PR flood — auto-merge the safe ones, flag the risky ones

Reviews dependency update PRs by reading changelogs, checking for breaking changes, running tests, and auto-merging patch updates that pass CI. Turns 50 Dependabot PRs per week into 3 that need your attention.

Work3 min

CLE Tracker

Never scramble for credits at the last minute again

Tracks your CLE credits by jurisdiction and category, monitors email for completion certificates, calculates remaining requirements, and sends alerts as deadlines approach. Multi-state lawyers get a unified dashboard across all bars.

Personal5 min setup

Bar Compliance Dashboard

Every bar obligation across every state — one view

Tracks all bar-related obligations for lawyers admitted in multiple jurisdictions — registration dues, CLE requirements, trust account certifications, pro bono reporting, insurance disclosures, and specialty certifications. Prevents administrative suspension.

Personal10 min setup