checking-infrastructure-compliance

Quick Review

This compliance checking skill has a generic template structure that doesn't match its specific domain. The description is vague ('work with compliance checking'), making it unclear when to invoke. While it references useful scripts (compliance_scan.sh, remediation_suggestions.py, compliance_rules.json) that provide domain-specific task knowledge, the main SKILL.md contains boilerplate content ('compliance-checker' instead of 'infrastructure-compliance') with generic 5-step implementation guidance rather than compliance-specific workflows. The structure is reasonable with separated scripts, but the SKILL.md doesn't effectively index or explain them. Novelty is limited—basic compliance scanning and reporting could be accomplished by a CLI agent with standard tools, though the remediation suggestions and rule-based validation add some value. The skill needs compliance-specific guidance (e.g., 'scan infrastructure against CIS benchmarks', 'validate policy violations', 'generate audit reports') rather than generic DevOps steps.