SecurityPROPRO REQUIREDFC-SEC-017
SOC 2 Claw
soc2-claw
SOC 2 compliance preparation: trust criteria mapping, evidence collection, and gap remediation.
SOC2 Claw maps SOC 2 trust criteria to organizational controls, collects compliance evidence, and identifies remediation gaps for audit readiness.
OpenClaw
Hermes
Claude Code
Codex
Cursor
Windsurf
Aider
OllamaPRIMARY ACTION
Unlock with ProCOMPATIBLE WITH
OpenClawHermesClaude CodeCodex+4
OpenClaw is the default target. Cursor example below.
When to Use
- Detect leaked secrets and exposed routes
- Audit permissions and auth boundaries
- Review insecure defaults and configs
- Produce auditable security findings
Compatible Frameworks
OpenClawHermesClaude CodeCodexCursorWindsurfAiderOllama8 TOOLS
Quality Gates
No explicit gate list for this agent in the current dataset.
4 GATES DEFINED
Expected Outputs
Native exports per tool
OpenClaw10 files
openclaw/AGENTS.mdopenclaw/SOUL.mdopenclaw/TOOLS.md+7 moreHermes5 files
hermes/skills/flickclaw/soc2-claw/SKILL.mdhermes/skills/flickclaw/soc2-claw/references/workflow.mdhermes/skills/flickclaw/soc2-claw/references/quality-gates.md+2 moreClaude Code6 files
claude-code/CLAUDE.mdclaude-code/.claude/skills/soc2-claw/SKILL.mdclaude-code/.claude/skills/soc2-claw/references/workflow.md+3 moreCodex5 files
codex/AGENTS.mdcodex/.flickclaw/agents/soc2-claw/codex.mdcodex/.flickclaw/agents/soc2-claw/workflow.md+2 moreCursor3 files
cursor/.cursor/rules/flickclaw-soc2-claw.mdccursor/.cursor/rules/flickclaw-soc2-claw-workflow.mdccursor/.cursor/rules/flickclaw-soc2-claw-quality-gates.mdcWindsurf3 files
windsurf/.windsurf/rules/flickclaw-soc2-claw.mdwindsurf/.windsurf/rules/flickclaw-soc2-claw-workflow.mdwindsurf/.windsurf/rules/flickclaw-soc2-claw-quality-gates.mdAider3 files
aider/CONVENTIONS.mdaider/aider.mdaider/.aider.conf.ymlOllama4 files
ollama/Modelfileollama/system-prompt.mdollama/template.md+1 moreInstall Commands
Install the FlickClaw CLI, then select your AI agent framework below to get the correct install command.
Step 1: Install CLI (one-time)
npm install -g @flickclaw/cli@latestStep 2: Select Framework
OpenClaw
npm exec --yes @flickclaw/cli@latest -- install soc2-claw --target openclawDownload as ZIP
Example Prompt
Try this prompt with SOC 2 Claw to see what it can do:
Audit this project for security vulnerabilities. Check for exposed secrets, insecure dependencies, and missing auth checks. Produce with severity ratings.Example Output
IllustrativeWhat a typical SOC 2 Claw report looks like:
# SOC 2 Claw — Assessment Report **Project**: payment-api **Context**: a payment processing API handling card data and webhooks **Generated**: 2026-05-26 ## Executive Summary The SOC 2 Claw completed its review of payment-api (a payment processing API handling card data and webhooks). 3 findings were identified with concrete remediation steps. All quality gates were verified before delivery. ## Findings | # | Severity | Area | Finding | Recommended Action | |---|----------|------|---------|-------------------| | 1 | **P0** | PCI | Card data logged in plain text | Enable log redaction for PAN and CVV fields | | 2 | **P1** | Auth | Rate limiting absent on checkout endpoint | Add 10 req/s per IP with 429 responses | | 3 | **P1** | Secrets | Stripe webhook secret in source | Move to secrets manager, rotate immediately | ## Quality Gates - [✓] no_fake_claims - [✓] trust_criteria_mapped - [✓] evidence_collected ## Outputs Generated ## Validation - [x] All quality gates passed (3/3) - [x] 3 findings documented with severity and remediation - [x] 0 output sections generated - [x] Evidence collected and referenced --- *This is an illustrative example output from FlickClaw. Results vary based on project context.*