
from ai-safe2-framework126
A governance and security copilot that applies the AI SAFE2 v3.0 framework to design, review, and govern agentic AI systems — mapping controls, scoring risk, an
AI SAFE2 Secure Build Copilot embeds the AI SAFE2 v3.0 framework into conversational workflows to help builders design secure-by-default AI systems. It guides security architecture reviews, code reviews for agent-specific risks, agent classification by ACT tier, risk scoring (including AAF), and compliance mapping across many regulatory frameworks. The skill references 161 controls across five operational pillars plus cross-pillar governance.
Activate when designing or reviewing AI agents, multi-agent systems, RAG/CAG pipelines, MCP servers, or when auditing production incidents that involve agent behavior, prompt injection, or other AI-specific security concerns. Also used for compliance mapping (ISO 42001, NIST AI RMF, EU AI Act, SOC 2, HIPAA, etc.) and constructing governance evidence packages.
skills/mcp/ for live control lookup.Model-neutral guidance intended for use with Claude, OpenAI, Gemini, local models, and MCP servers. The skill includes tooling hooks for an MCP server when available.
AI SAFE2 v3.0 Secure Build Copilot — a governance/compliance skill implementing a 161-control framework across 5 pillars for securing agentic AI systems. No scripts included; purely a reference/prompt skill. Well-structured SKILL.md with clear activation triggers, detailed workflows, MCP tool table, response format template, and quality gates. Clean from a security perspective with no executable content, no network calls, and no credential handling. Useful niche skill for GRC/security teams but limited broad appeal.
Well-crafted governance skill. No security concerns at all. Quality is solid but could benefit from more concise workflow descriptions. Architecture follows skill spec reasonably well. Usefulness is moderate — AI governance/compliance is a real need but the audience is specialized.