Skip to content

feat(skills): add prowler-compliance-review skill #9780

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
andoniaf wants to merge 3 commits into from
Closed

feat(skills): add prowler-compliance-review skill #9780

andoniaf wants to merge 3 commits into from

Conversation

@andoniaf
Copy link
Member

@andoniaf andoniaf commented Jan 13, 2026

Summary

Add new Agent Skill for reviewing PRs that add or modify compliance frameworks. This skill provides a standardized review process that can be followed by team members manually or used by AI agents.

What's Included

  • SKILL.md: Review checklist, decision tree, and patterns for reviewing compliance framework PRs
  • validate_compliance.py: Validation script that checks:
    • JSON syntax validity
    • All referenced checks exist in the codebase
    • No duplicate requirement IDs
    • Assessment status consistency
  • review-checklist.md: References to related docs and PR review template

Why This Skill?

This skill complements the existing prowler-compliance skill (which creates frameworks) by focusing on the review/validation process. It standardizes how we review compliance framework PRs and ensures consistency.

Usage

Manual review:

# Run validation script
python3 skills/prowler-compliance-review/assets/validate_compliance.py \
  prowler/compliance/azure/cis_5.0_azure.json

AI-assisted review:
The skill can be loaded by AI agents when reviewing compliance PRs, providing them with the checklist and decision tree to follow.

Test Results

Tested against existing frameworks:

  • CIS 4.0 Azure: 139 requirements, 91 checks - PASS
  • CIS 3.0 AWS: 62 requirements, 67 checks - PASS

Checklist

  • Review checklist and decision tree
  • Validation script tested
  • Skill registered in AGENTS.md
  • Follows agentskills.io specification pattern

@andoniaf
feat(skills): add prowler-compliance-review skill
6997b36 
Add new Agent Skill for reviewing PRs that add or modify compliance
frameworks. This skill provides:

- Review checklist with pass/fail criteria
- Validation script to verify check existence and JSON validity
- Decision tree for review recommendations
- Dashboard file pattern reference

The skill complements prowler-compliance (creates frameworks) by
focusing on the review/validation process.
@andoniaf andoniaf requested a review from a team as a code owner January 13, 2026 08:23
@github-actions
Copy link
Contributor

github-actions bot commented Jan 13, 2026
edited
Loading

Conflict Markers Resolved

All conflict markers have been successfully resolved in this pull request.

@github-actions
Copy link
Contributor

github-actions bot commented Jan 13, 2026
edited
Loading

✅ All necessary CHANGELOG.md files have been updated.

@andoniaf
fix(skills): align prowler-compliance-review with repo patterns
fcfe347 
- Rename "Validation Commands" to "Commands"
- Replace "Agent Integration" with "Testing the Compliance Framework"
@andoniaf
fix(skills): use consistent command style in prowler-compliance-review
996a429
pedrooot
pedrooot previously approved these changes Jan 13, 2026
View reviewed changes
Copy link
Member

@pedrooot pedrooot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We needed this!! 🔝 thanks a lot mate

@github-actions
Copy link
Contributor

github-actions bot commented Jan 13, 2026
edited
Loading

🔒 Container Security Scan

Image: prowler:c591c1c
Last scan: 2026-01-13 08:41:11 UTC

📊 Vulnerability Summary

Severity Count
🔴 Critical 3
Total 3

3 package(s) affected

⚠️ Action Required

Critical severity vulnerabilities detected. These should be addressed before merging:

  • Review the detailed scan results
  • Update affected packages to patched versions
  • Consider using a different base image if updates are unavailable

📋 Resources:

@andoniaf andoniaf changed the base branch from master to feat/ai-skills-sync-agents-md January 13, 2026 09:23
@andoniaf andoniaf requested review from a team as code owners January 13, 2026 09:23
@andoniaf andoniaf changed the base branch from feat/ai-skills-sync-agents-md to master January 13, 2026 09:23
@andoniaf andoniaf dismissed pedrooot’s stale review January 13, 2026 09:23

The base branch was changed.

@andoniaf
Copy link
Member Author

andoniaf commented Jan 13, 2026

Manually merged into #9751

@andoniaf andoniaf closed this Jan 13, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pedrooot pedrooot pedrooot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@andoniaf @pedrooot