Bidirectional mapping between document sections and compliance framework controls (NIST CSF 2.0, ISO 27001, SOC 2, HIPAA). Produces per-section mappings and per-control coverage summaries with confidence scores.

From document to output

Provide your document

Paste your security policy, procedures manual, or compliance documentation

Choose a framework

NIST CSF 2.0, HIPAA, ISO 27001, SOC 2, or upload a custom framework

Sections are mapped

Each document section is mapped to relevant controls with relevance scores

Coverage is summarized

Per-control view shows which controls are covered, partial, or gaps

What you get back

Every finding is structured JSON: status, evidence, risk level, and remediation in one package. No interpretation required before acting on it.

Example response
{
  "section_id": "5.3",
  "section_title": "User Account Lifecycle",
  "control_mappings": [
    {
      "control_id": "AC-2",
      "framework": "NIST CSF 2.0",
      "relevance_score": 0.92,
      "coverage_type": "primary"
    }
  ]
}

Two ways to run this skill

Install on ClawHub

One-click install for Claude and Cowork users. The skill runs as a native tool in your Claude environment — no configuration, no MCP setup. Apache 2.0.

Get on ClawHub →
Framework Mapping SKILL.md

Install as an MCP server in Claude Code, or download the SKILL.md and use it as a system prompt with any LLM. Runs the full methodology against documents you provide. Apache 2.0. No account required.

Seven more skills in the methodology.

HIPAA Gap Analysis, BAA Review, Framework Mapping, Control Assessment, Risk Assessment, Compliance Q&A, Compliance Posture Intake, and Document Finder. All open source under Apache 2.0.