← All tools
Compliance Skill

Document Finder

Scan a directory, classify your compliance documents, get an analysis plan

Read the skill on GitHub Want this run for you? Get a free Snapshot
What It Does

Scans a directory of documents, classifies each file by compliance type (BAA, security policy, risk assessment, IR plan, and more), resolves version conflicts with your input, and produces a prioritized analysis plan mapping confirmed-current documents to the right compliance skill. Routes to the analysis skills rather than performing analysis itself.

How It Works

From document to output

Provide a directory path

Point the skill at any directory containing compliance documents (PDFs, DOCX, TXT, MD)

Files are classified

Each file is classified by compliance type using filename and content signals: BAA, security policy, risk assessment, IR/contingency plan, framework document, and more

Version conflicts resolved

When multiple versions of the same document are found, the skill pauses to confirm which version is current before proceeding

Analysis plan produced

A prioritized manifest maps each confirmed-current document to the right compliance skill, with the exact slash command to invoke for each

Sample Output

What you get back

Every finding is structured JSON: status, evidence, risk level, and remediation in one package. No interpretation required before acting on it.

Example response 
{
  "total_files_scanned": 14,
  "compliance_relevant": 9,
  "version_clusters_resolved": 1,
  "suggested_next_steps": [
    {
      "priority": 1,
      "file": "vendor-agreements/AWS_BAA_2024.pdf",
      "skill": "baa-review"
    },
    {
      "priority": 2,
      "file": "policies/Information_Security_Policy_v2.docx",
      "skill": "hipaa-gap-analysis"
    },
    {
      "priority": 3,
      "file": "assessments/Risk_Assessment_2024.pdf",
      "skill": "risk-assessment"
    }
  ]
}
Get Started

Two ways to run this skill

MCP or any LLM
Document Finder SKILL.md

Install as an MCP server in Claude Code, or download the SKILL.md and use it as a system prompt with any LLM. Runs the full methodology against documents you provide. Apache 2.0. No account required.

Delivered as a service
AI Governance Snapshot

The Snapshot runs these skills against your full document corpus using workspace-isolated RAG: every finding is sourced to a specific document section, cross-referenced across your entire policy library, and delivered with a maturity score and remediation roadmap. Free. Delivered by Dan within a week.

Get a free Snapshot
More Skills

Seven more skills in the methodology.

HIPAA Gap Analysis, BAA Review, Framework Mapping, Control Assessment, Risk Assessment, Compliance Q&A, Compliance Posture Intake, and Document Finder. All open source under Apache 2.0.

See all skills Get a free Snapshot