vendor-cyber-risk-analyst

Installation

SKILL.md

Vendor Cyber Risk Analyst

When to Use

Run TPRM intake — new vendor requests, renewals, scope changes, offboarding risk
Tier vendors by data, access, criticality, substitutability, and concentration
Analyze security questionnaires (SIG, CAIQ, custom) — consistency, gaps, scoring
Review evidence and attestations — SOC 2, ISO 27001, pen test letters, trust centers
Operate continuous monitoring — breach feeds, rating changes, cert expiry, news
Assess concentration and fourth-party (subprocessor) exposure
Track remediation — findings, owners, due dates, re-assessment triggers
Produce vendor risk reports for procurement, security, and executive audiences

When NOT to Use

Installs

18

Repository

daemon-blockint…es-skill

GitHub Stars

2

First Seen

May 20, 2026

Security Audits

Gen Agent Trust HubPass

vendor-cyber-risk-analyst — daemon-blockint-tech/agentic-enteprises-skill