Execute qualquer Skill no Manus
com um clique

Execute qualquer Skill no Manus com um clique

prowler-compliance-review

Reviews Pull Requests that add or modify compliance frameworks. Trigger: When reviewing PRs with compliance framework changes, CIS/NIST/PCI-DSS additions, or compliance JSON files.

Executar no Manus

Estrelas14.009

Forks2.189

Atualizado27 de maio de 2026 às 14:42

Fonte

prowler-cloud

prowler-cloud/prowler

Abrir repositório GitHub Ver repositórios do creator

Comando de instalação

Download

Executar no Manus

Ocupações relacionadasSOC

Baseado na classificação ocupacional SOC

Desenvolvedores de softwareInformática e Matemática·SOC 15-1252

Explorador de arquivos

3 arquivos

SKILL.md

readonly

Mais deste repositório

mesmo repositório

prowler-tour

prowler-cloud/prowler

Keeps product-tour definitions aligned with the UI features they describe. Trigger: When modifying UI components that have associated tours, editing tour definition files, or renaming data-tour-id attributes.

2026-06-1514.0k

django-drf

prowler-cloud/prowler

Django REST Framework patterns. Trigger: When implementing generic DRF APIs (ViewSets, serializers, routers, permissions, filtersets). For Prowler API specifics (RLS/RBAC/Providers), also use prowler-api.

2026-05-2714.0k

django-migration-psql

prowler-cloud/prowler

Reviews Django migration files for PostgreSQL best practices specific to Prowler. Trigger: When creating migrations, running makemigrations/pgmakemigrations, reviewing migration PRs, adding indexes or constraints to database tables, modifying existing migration files, or writing data backfill migrations. Always use this skill when you see AddIndex, CreateModel, AddConstraint, RunPython, bulk_create, bulk_update, or backfill operations in migration files.

2026-05-2714.0k

gh-aw

prowler-cloud/prowler

Create and maintain GitHub Agentic Workflows (gh-aw) for Prowler. Trigger: When creating agentic workflows, modifying gh-aw frontmatter, configuring safe-outputs, setting up MCP servers in workflows, importing Copilot Custom Agents, or debugging gh-aw compilation.

2026-05-2714.0k

jsonapi

prowler-cloud/prowler

Strict JSON:API v1.1 specification compliance. Trigger: When creating or modifying API endpoints, reviewing API responses, or validating JSON:API compliance.

2026-05-2714.0k

nextjs-16

prowler-cloud/prowler

Next.js 16 App Router patterns. Trigger: When working in Next.js App Router (app/), Server Components vs Client Components, Server Actions, Route Handlers, proxy.ts, caching/revalidation, Cache Components, and streaming/Suspense.

2026-05-2714.0k

Check

Command/Method

Pass Criteria

JSON Valid

python3 -m json.tool file.json

No syntax errors

All Checks Exist

Run validation script

0 missing checks

No Duplicate IDs

Run validation script

0 duplicate requirement IDs

CHANGELOG Entry

Manual review

Present under correct version

Dashboard File

Compare with existing

Follows established pattern

Framework Metadata

Manual review

All required fields populated

# 1. Validate JSON syntax python3 -m json.tool prowler/compliance/{provider}/{framework}.json > /dev/null \ && echo "Valid JSON" || echo "INVALID JSON" # 2. Run full validation script python3 skills/prowler-compliance-review/assets/validate_compliance.py \ prowler/compliance/{provider}/{framework}.json # 3. Compare dashboard with existing (find similar framework) diff dashboard/compliance/{new_framework}.py \ dashboard/compliance/{existing_framework}.py

JSON Valid? ├── No → FAIL: Fix JSON syntax errors └── Yes ↓ All Checks Exist in Codebase? ├── Missing checks → FAIL: Add missing checks or remove from framework └── All exist ↓ Duplicate Requirement IDs? ├── Yes → FAIL: Fix duplicate IDs └── No ↓ CHANGELOG Entry Present? ├── No → REQUEST CHANGES: Add CHANGELOG entry └── Yes ↓ Dashboard File Follows Pattern? ├── No → REQUEST CHANGES: Fix dashboard pattern └── Yes ↓ Framework Metadata Complete? ├── No → REQUEST CHANGES: Add missing metadata └── Yes → APPROVE

{ "Framework": "CIS", "Name": "CIS Provider Benchmark vX.Y.Z", "Version": "X.Y", "Provider": "AWS|Azure|GCP|...", "Description": "Framework description...", "Requirements": [ { "Id": "1.1", "Description": "Requirement description", "Checks": ["check_name_1", "check_name_2"], "Attributes": [ { "Section": "1 Section Name", "SubSection": "1.1 Subsection (optional)", "Profile": "Level 1|Level 2", "AssessmentStatus": "Automated|Manual", "Description": "...", "RationaleStatement": "...", "ImpactStatement": "...", "RemediationProcedure": "...", "AuditProcedure": "...", "AdditionalInformation": "...", "References": "...", "DefaultValue": "..." } ] } ] }

Issue

How to Detect

Resolution

Missing checks

Validation script reports missing

Add check implementation or remove from Checks array

Duplicate IDs

Validation script reports duplicates

Ensure each requirement has unique ID

Empty Checks for Automated

AssessmentStatus is Automated but Checks is empty

Add checks or change to Manual

Wrong file location

Framework not in prowler/compliance/{provider}/

Move to correct directory

Missing dashboard file

No corresponding dashboard/compliance/{framework}.py

Create dashboard file following pattern

CHANGELOG missing

Not under correct version section

Add entry to prowler/CHANGELOG.md

import warnings from dashboard.common_methods import get_section_containers_cis warnings.filterwarnings("ignore") def get_table(data): aux = data[ [ "REQUIREMENTS_ID", "REQUIREMENTS_DESCRIPTION", "REQUIREMENTS_ATTRIBUTES_SECTION", "CHECKID", "STATUS", "REGION", "ACCOUNTID", "RESOURCEID", ] ].copy() return get_section_containers_cis( aux, "REQUIREMENTS_ID", "REQUIREMENTS_ATTRIBUTES_SECTION" )

# Verify framework is detected uv run python prowler-cli.py {provider} --list-compliance | grep {framework} # Run a quick test with a single check from the framework uv run python prowler-cli.py {provider} --compliance {framework} --check {check_name} # Run full compliance scan (dry-run with limited checks) uv run python prowler-cli.py {provider} --compliance {framework} --checks-limit 5 # Generate compliance report in multiple formats uv run python prowler-cli.py {provider} --compliance {framework} -M csv json html

Check

Command/Method

Pass Criteria

JSON Valid

python3 -m json.tool file.json

No syntax errors

All Checks Exist

Run validation script

0 missing checks

No Duplicate IDs

Run validation script

0 duplicate requirement IDs

CHANGELOG Entry

Manual review

Present under correct version

Dashboard File

Compare with existing

Follows established pattern

Framework Metadata

Manual review

All required fields populated

Issue

How to Detect

Resolution

Missing checks

Validation script reports missing

Add check implementation or remove from Checks array

Duplicate IDs

Validation script reports duplicates

Ensure each requirement has unique ID

Empty Checks for Automated

AssessmentStatus is Automated but Checks is empty

Add checks or change to Manual

Wrong file location

Framework not in prowler/compliance/{provider}/

Move to correct directory

Missing dashboard file

No corresponding dashboard/compliance/{framework}.py

Create dashboard file following pattern

CHANGELOG missing

Not under correct version section

Add entry to prowler/CHANGELOG.md

prowler-compliance-review

When to Use

Review Checklist (Critical)

Commands

Decision Tree

Framework Structure Reference

Common Issues

Dashboard File Pattern

Testing the Compliance Framework

Resources

When to Use

Review Checklist (Critical)

Commands

Decision Tree

Framework Structure Reference

Common Issues

Dashboard File Pattern

Testing the Compliance Framework

Resources

name	prowler-compliance-review
description	Reviews Pull Requests that add or modify compliance frameworks. Trigger: When reviewing PRs with compliance framework changes, CIS/NIST/PCI-DSS additions, or compliance JSON files.
license	Apache-2.0
metadata	{"author":"prowler-cloud","version":"1.0","scope":["root","sdk"],"auto_invoke":"Reviewing compliance framework PRs"}
allowed-tools	Read, Edit, Write, Glob, Grep, Bash, WebFetch, WebSearch, Task