SA
SkillAvatars
ā† Back to Skills

Security

prowler-compliance-review - Claude MCP Skill

Reviews Pull Requests that add or modify compliance frameworks. Trigger: When reviewing PRs with compliance framework changes, CIS/NIST/PCI-DSS additions, or compliance JSON files.

SEO Guide: Enhance your AI agent with the prowler-compliance-review tool. This Model Context Protocol (MCP) server allows Claude Desktop and other LLMs to reviews pull requests that add or modify compliance frameworks. trigger: when reviewing prs with com... Download and configure this skill to unlock new capabilities for your AI workflow.

šŸŒŸ391 stars ā€¢ 2035 forks
šŸ“„0 downloads
PythonTestingAWS
View on GitHubšŸ”— Claude Servers

Documentation

SKILL.md
## When to Use

- Reviewing PRs that add new compliance frameworks
- Reviewing PRs that modify existing compliance frameworks
- Validating compliance framework JSON structure before merge

---

## Review Checklist (Critical)

| Check | Command/Method | Pass Criteria |
|-------|----------------|---------------|
| JSON Valid | `python3 -m json.tool file.json` | No syntax errors |
| All Checks Exist | Run validation script | 0 missing checks |
| No Duplicate IDs | Run validation script | 0 duplicate requirement IDs |
| CHANGELOG Entry | Manual review | Present under correct version |
| Dashboard File | Compare with existing | Follows established pattern |
| Framework Metadata | Manual review | All required fields populated |

---

## Commands

```bash
# 1. Validate JSON syntax
python3 -m json.tool prowler/compliance/{provider}/{framework}.json > /dev/null \
  && echo "Valid JSON" || echo "INVALID JSON"

# 2. Run full validation script
python3 skills/prowler-compliance-review/assets/validate_compliance.py \
  prowler/compliance/{provider}/{framework}.json

# 3. Compare dashboard with existing (find similar framework)
diff dashboard/compliance/{new_framework}.py \
     dashboard/compliance/{existing_framework}.py
```

---

## Decision Tree

```
JSON Valid?
ā”œā”€ā”€ No ā†’ FAIL: Fix JSON syntax errors
ā””ā”€ā”€ Yes ā†“
    All Checks Exist in Codebase?
    ā”œā”€ā”€ Missing checks ā†’ FAIL: Add missing checks or remove from framework
    ā””ā”€ā”€ All exist ā†“
        Duplicate Requirement IDs?
        ā”œā”€ā”€ Yes ā†’ FAIL: Fix duplicate IDs
        ā””ā”€ā”€ No ā†“
            CHANGELOG Entry Present?
            ā”œā”€ā”€ No ā†’ REQUEST CHANGES: Add CHANGELOG entry
            ā””ā”€ā”€ Yes ā†“
                Dashboard File Follows Pattern?
                ā”œā”€ā”€ No ā†’ REQUEST CHANGES: Fix dashboard pattern
                ā””ā”€ā”€ Yes ā†“
                    Framework Metadata Complete?
                    ā”œā”€ā”€ No ā†’ REQUEST CHANGES: Add missing metadata
                    ā””ā”€ā”€ Yes ā†’ APPROVE
```

---

## Framework Structure Reference

Compliance frameworks are JSON files in: `prowler/compliance/{provider}/{framework}.json`

```json
{
  "Framework": "CIS",
  "Name": "CIS Provider Benchmark vX.Y.Z",
  "Version": "X.Y",
  "Provider": "AWS|Azure|GCP|...",
  "Description": "Framework description...",
  "Requirements": [
    {
      "Id": "1.1",
      "Description": "Requirement description",
      "Checks": ["check_name_1", "check_name_2"],
      "Attributes": [
        {
          "Section": "1 Section Name",
          "SubSection": "1.1 Subsection (optional)",
          "Profile": "Level 1|Level 2",
          "AssessmentStatus": "Automated|Manual",
          "Description": "...",
          "RationaleStatement": "...",
          "ImpactStatement": "...",
          "RemediationProcedure": "...",
          "AuditProcedure": "...",
          "AdditionalInformation": "...",
          "References": "...",
          "DefaultValue": "..."
        }
      ]
    }
  ]
}
```

---

## Common Issues

| Issue | How to Detect | Resolution |
|-------|---------------|------------|
| Missing checks | Validation script reports missing | Add check implementation or remove from Checks array |
| Duplicate IDs | Validation script reports duplicates | Ensure each requirement has unique ID |
| Empty Checks for Automated | AssessmentStatus is Automated but Checks is empty | Add checks or change to Manual |
| Wrong file location | Framework not in `prowler/compliance/{provider}/` | Move to correct directory |
| Missing dashboard file | No corresponding `dashboard/compliance/{framework}.py` | Create dashboard file following pattern |
| CHANGELOG missing | Not under correct version section | Add entry to prowler/CHANGELOG.md |

---

## Dashboard File Pattern

Dashboard files must be in `dashboard/compliance/` and follow this exact pattern:

```python
import warnings

from dashboard.common_methods import get_section_containers_cis

warnings.filterwarnings("ignore")


def get_table(data):

    aux = data[
        [
            "REQUIREMENTS_ID",
            "REQUIREMENTS_DESCRIPTION",
            "REQUIREMENTS_ATTRIBUTES_SECTION",
            "CHECKID",
            "STATUS",
            "REGION",
            "ACCOUNTID",
            "RESOURCEID",
        ]
    ].copy()

    return get_section_containers_cis(
        aux, "REQUIREMENTS_ID", "REQUIREMENTS_ATTRIBUTES_SECTION"
    )
```

---

## Testing the Compliance Framework

After validation passes, test the framework with Prowler:

```bash
# Verify framework is detected
poetry run python prowler-cli.py {provider} --list-compliance | grep {framework}

# Run a quick test with a single check from the framework
poetry run python prowler-cli.py {provider} --compliance {framework} --check {check_name}

# Run full compliance scan (dry-run with limited checks)
poetry run python prowler-cli.py {provider} --compliance {framework} --checks-limit 5

# Generate compliance report in multiple formats
poetry run python prowler-cli.py {provider} --compliance {framework} -M csv json html
```

---

## Resources

- **Validation Script**: See [assets/validate_compliance.py](assets/validate_compliance.py)
- **Related Skills**: See [prowler-compliance](../prowler-compliance/SKILL.md) for creating frameworks
- **Documentation**: See [references/review-checklist.md](references/review-checklist.md)

Signals

Avg ratingā­ 0.0
Reviews0
Favorites0

Information

Repository
prowler-cloud/prowler
Author
prowler-cloud
Last Sync
3/12/2026
Repo Updated
3/12/2026
Created
1/13/2026

Reviews (0)

No reviews yet. Be the first to review this skill!

Related Skills

upgrade-nodejs

Upgrading Bun's Self-Reported Node.js Version

ā­ 44050Has guide

cursorrules

CrewAI Development Rules

ā­ 43932Has guide

fastmcp-client-cli

Query and invoke tools on MCP servers using fastmcp list and fastmcp call. Use when you need to discover what tools a server offers, call tools, or integrate MCP servers into workflows.

ā­ 23594

Confidence Check

Pre-implementation confidence assessment (ā‰„90% required). Use before starting any implementation to verify readiness with duplicate check, architecture compliance, official docs verification, OSS references, and root cause identification.

ā­ 21379Has guide

Related Guides

Python Django Best Practices: A Comprehensive Guide to the Claude Skill

Learn how to use the python django best practices Claude skill. Complete guide with installation instructions and examples.

Mastering Python and TypeScript Development with the Claude Skill Guide

Learn how to use the python typescript guide Claude skill. Complete guide with installation instructions and examples.

Mastering Data Science with Claude: A Complete Guide to the Pandas Scikit-Learn Skill

Learn how to use the pandas scikit learn guide Claude skill. Complete guide with installation instructions and examples.