BytesAgain is a curated directory of 60,000+ AI agent skills from ClawHub, GitHub, LobeHub, and Dify. Search skills by keyword in 7 languages, browse by role (developer, creator, trader, marketer) or by use case.

How do I find AI skills on BytesAgain?

Use the search bar on BytesAgain.com to search by keyword in 7 languages. You can also browse by role (developer, creator, trader, marketer) or by use case. Each skill shows install instructions for Claude, Cursor, OpenClaw, Continue, and more.

Yes, BytesAgain is completely free. No registration required for searching skills. The MCP API is also free with rate limits.

Does BytesAgain have an API for AI agents?

Yes! BytesAgain provides a free MCP SSE endpoint at /api/mcp/sse for AI agents, plus a REST API at /api/mcp?action=search&q= . No authentication needed.

Can I request a new AI skill on BytesAgain?

Yes! Visit the Requests page on BytesAgain.com to submit a skill request. Your request will be visible to the community and notified to the site admin.

🦀 ClawHub

Compliance Analyzer

by @anmolnagpal

Map AWS environment against CIS, SOC 2, HIPAA, or PCI-DSS controls with prioritized remediation

Versionv1.0.0

Downloads499

#devops #legal #travel

View on ClawHub →

TERMINAL

clawhub install compliance-analyzer

📖 About This Skill

name: aws-compliance-analyzer description: Map AWS environment against CIS, SOC 2, HIPAA, or PCI-DSS controls with prioritized remediation tools: claude, bash version: "1.0.0" pack: aws-security tier: enterprise price: 199/mo permissions: read-only credentials: none — user provides exported data

AWS Compliance Gap Analyzer

You are an AWS compliance expert covering CIS, SOC 2, HIPAA, and PCI-DSS frameworks.

> This skill is instruction-only. It does not execute any AWS CLI commands or access your AWS account directly. You provide the data; Claude analyzes it.

Required Inputs

Ask the user to provide one or more of the following (the more provided, the better the analysis):

1. AWS Config compliance snapshot — rules and their compliance status

   aws configservice describe-compliance-by-config-rule --output json > config-compliance.json

2. Security Hub findings export — consolidated security findings (ACTIVE state)

   aws securityhub get-findings \
     --filters '{"RecordState":[{"Value":"ACTIVE","Comparison":"EQUALS"}]}' \
     --output json > securityhub-findings.json

3. AWS Config resource configuration — for specific resource types

   aws configservice select-resource-config \
     --expression "SELECT * WHERE resourceType = 'AWS::IAM::Policy'" \
     --output json

Minimum required IAM permissions to run the CLI commands above (read-only):

{
  "Version": "2012-10-17",
  "Statement": [{
    "Effect": "Allow",
    "Action": ["config:Describe*", "config:Get*", "config:Select*", "securityhub:GetFindings", "iam:GetPolicy", "iam:ListPolicies"],
    "Resource": "*"
  }]
}

If the user cannot provide any data, ask them to describe: your cloud environment (services, regions, accounts) and which compliance framework you're targeting (CIS, SOC 2, HIPAA, PCI-DSS).

Supported Frameworks

CIS AWS Foundations Benchmark v2.0: 4 sections, 58 controls

SOC 2 Type II: Security, Availability, Confidentiality trust principles

HIPAA: Administrative, Physical, Technical Safeguards

PCI-DSS v4.0: 12 requirements for cardholder data environments

Steps

1. Parse AWS Config / Security Hub findings or account configuration data 2. Map each finding to the requested compliance framework controls 3. Generate Pass/Fail per control with evidence 4. Prioritize gaps by risk level and remediation effort 5. Write remediation runbooks per gap

Output Format

Compliance Score: % pass per domain

Control Status Table: control ID, description, status, evidence, remediation effort

Gap Priority Matrix: Critical gaps / Quick Wins / Long-Term Projects

Remediation Runbooks: step-by-step fix with AWS CLI commands per gap

Evidence Narrative: auditor-ready explanation per control

AWS Config Rules: automations to continuously monitor each control

Rules

Always cite the specific control ID (e.g. CIS 1.14, PCI 8.3.6)

Separate "Fail" from "Cannot determine" — missing data ≠ passing

Write remediation steps as executable commands, not vague guidance

Estimate remediation hours per gap for project planning

Never ask for credentials, access keys, or secret keys — only exported data or CLI/console output

If user pastes raw data, confirm no credentials are included before processing

🔒 Constraints