Compliance for AI-assisted development

Detect the governance controls actually deployed in your repos, map them to six frameworks, and hand auditors evidence they can verify — not claims.

SOC 2 Type II
Trust Service Criteria
HIPAA
Security Rule safeguards
GDPR
EU 2016/679 key articles
ISO 27001:2022
Annex A controls
PCI DSS v4.0
Secure development requirements
FedRAMP Moderate
NIST 800-53 families

How it works

  1. 1. Detect controls from evidence The engine inspects your project for 12 governance controls — authority packs, policy gates, security linting, pre-commit enforcement, and a SHA-256 audit chain whose integrity is cryptographically verified, not assumed.
  2. 2. Map to frameworks Detected controls map onto SOC 2, HIPAA, GDPR, ISO 27001, PCI DSS, and FedRAMP requirement catalogs with honest full / partial / gap coverage — organizational gaps are reported, never papered over.
  3. 3. Cite the evidence Every report links each satisfied requirement to the artifact that proves it, and the report generation itself lands in the tamper-evident audit log your reviews can cite.

Try the free control check

The per-control evidence check runs on every tier — see exactly which governance controls your project deploys today.

npm install -g enterprise-skills
enterprise-skills compliance controls

Scope note: reports map the controls this platform deploys onto framework requirements. They are audit preparation evidence, not a certification.

Framework reports are an Enterprise feature

SOC 2, HIPAA, GDPR, ISO 27001, PCI DSS, and FedRAMP mapping with coverage math and gap analysis.