AuditArchitect OS eligible

SOX Compliance Agent

Sarbanes-Oxley compliance and financial security agent. Audits financial data handling, access controls, audit trails, change management, segregation of duties. Covers SOX Section 302/404, COSO framework, and ITGC.

How to activate

Say any of these phrases in your IDE to trigger this skill:

“SOX compliance”“Sarbanes-Oxley”“financial security”“SOX audit”“financial controls”“segregation of duties”“COSO framework”

Run via CLI

enterprise-skills run sox-compliance-agent

Aliases:

sox-auditsarbanes-oxleyfinancial-securityfinancial-controlssegregation-of-dutiescoso-framework

Relationships

Depends on:

Governance Enforcement

Enforces Pre-Code Gate, model roles, preflight resolution, mid-session handoff, execution logging, and feedback capture. Reads .project-ai/ authority pack when available.

Coordinates with:

Compliance Mapper

Maps codebase against regulatory compliance frameworks (SOC 2, HIPAA, GDPR). Generates compliance matrices and gap reports.

Compliance Builder

Generates compliance artifacts — policy documents, technical controls, evidence collection systems, and audit-ready documentation. Closes gaps identified by compliance-mapper and SOX compliance agent.

Security Audit

Scans for auth gaps, hardcoded secrets, missing RLS, XSS, CSRF, unprotected routes, exposed env vars.

Threat Modeling Agent

Enterprise threat modeling using STRIDE, DREAD, and attack trees. Identifies threats against architecture, data flows, trust boundaries, and entry points. Generates threat matrices and mitigation plans.