compliance-review
Compliance Review
Evaluate your application against industry-specific regulatory requirements. This review translates dense compliance frameworks into concrete, testable technical checks — and validates them through browser-based testing. Non-compliance can result in severe fines, legal action, and loss of business.
When to use
Use /shiplight:compliance-review when:
- Building applications for regulated industries (healthcare, finance, government)
- Preparing for a compliance audit (SOC 2, HIPAA, PCI-DSS)
- Adding payment processing or health data features
- Expanding to GDPR-regulated markets
- After infrastructure or architecture changes that affect data handling
Standards Referenced
- HIPAA — Health Insurance Portability and Accountability Act (Technical Safeguards §164.312)
- SOC 2 — Service Organization Control (Trust Service Criteria)
- PCI-DSS v4.0 — Payment Card Industry Data Security Standard
- GDPR — General Data Protection Regulation (Technical Measures)
More from shiplightai/claude-code-plugin
verify
Verify UI changes in the browser using Shiplight MCP tools.
1cloud
Sync local test cases, templates, and functions with Shiplight cloud. Manage test runs, environments, folders, suites, and accounts.
1triage
Triage failing E2E tests: reproduce failures, diagnose root causes, fix test issues in YAML, and report application bugs — with batch healing and concurrent browser investigation.
1review
Review orchestrator: assess your application and recommend the right combination of design, security, privacy, compliance, resilience, performance, SEO, and GEO reviews.
1seo-review
SEO and discoverability review: evaluate meta tags, structured data, Open Graph, crawlability, sitemap, robots.txt, semantic HTML, and social sharing with browser-based validation.
1privacy-review
Privacy review and testing: evaluate PII handling, data flows, tracking inventory, consent mechanisms, storage practices, and data leakage risks with browser-based validation against GDPR, CCPA, and industry best practices.
1