I built a Claude skill for PII detection - I work at a compliance company so I already had the logic sitting around
We build compliance automation software. SOC 2, ISO 27001, GDPR and GRC etc - that's the product. so the rules around what counts as PII, how to classify it, which regulation covers what all that knowledge already existed. it lived in our internal docs and in the product itself.
i'm in growth, not engineering. so full disclosure: this took longer than it should and there's probably stuff in here a real developer would do differently. but the logic was already written. i just had to translate it.
what it does:
the skill fires automatically during planning, code generation, and repo audits — without being asked. covers CCPA, HIPAA, PCI-DSS, COPPA, GLBA, BIPA, FERPA, FTC Act across data models, auth, API, frontend, transit, lifecycle, testing, and legal & consent layers.
install:
claude skills add gosprinto/compliance-skills/pii-detector
the part that stuck with me: we had all this compliance knowledge already documented. turning it into a skill was mostly just translation work. which made me think, there's a lot more sitting in those docs.
next one we're thinking is GDPR-specific. data residency signals, lawful basis flags, cross-border transfer detection. curious what compliance surface would actually be useful to people here as a skill , let me know in comments. I have taken a challenge to publish 5 skills in next 30 days