⚠️ Model Risk Register Generator
Generate the model and vendor risk register a security lead asks for the morning after a model gets switched off. It scans your codebase for every model and provider, merges in the owner and data-residency notes you supply, and renders a register with provider, model, where it's used, fallback status, and an availability-risk rating per dependency. Markdown by default, CSV with a flag. Continuity-focused, not a compliance assessment.
- Automate AI audits for SOC2 or ISO 27001 compliance rituals.
- Identify single points of failure in model dependencies across microservices.
- Generate CSV exports of AI vendors for procurement and legal reviews.
$12
· or 60 creditsSecure checkout via Stripe
Included in download
- Identify single points of failure in model dependencies across microservices.
- Generate CSV exports of AI vendors for procurement and legal reviews.
- terminal, file_read, file_write automation included
- Ready for Cursor
Sample input
Generate a model risk register for this repository including fallback status and availability risks.
Sample output
| Provider | Model | Where Used | Fallback | Risk | | :--- | :--- | :--- | :--- | :--- | | OpenAI | gpt-4o | src/api/chat.py | None | High (Single Point) | | Anthropic | claude-3-haiku | src/workers/sum.py | GPT-3.5 | Low (Redundant) | | Pinecone | serverless-v1 | src/db/vector.py | N/A | Med (Vendor lock) |
Generate the model and vendor risk register a security lead asks for the morning after a model gets switched off. It scans your codebase for every model and provider, merges in the owner and data-residency notes you supply, and renders a register with provider, model, where it's used, fallback status, and an availability-risk rating per dependency. Markdown by default, CSV with a flag. Continuity-focused, not a compliance assessment.
$12
· or 60 creditsSecure checkout via Stripe
Included in download
- Identify single points of failure in model dependencies across microservices.
- Generate CSV exports of AI vendors for procurement and legal reviews.
- terminal, file_read, file_write automation included
- Ready for Cursor
- Instant install
Sample input
Generate a model risk register for this repository including fallback status and availability risks.
Sample output
| Provider | Model | Where Used | Fallback | Risk | | :--- | :--- | :--- | :--- | :--- | | OpenAI | gpt-4o | src/api/chat.py | None | High (Single Point) | | Anthropic | claude-3-haiku | src/workers/sum.py | GPT-3.5 | Low (Redundant) | | Pinecone | serverless-v1 | src/db/vector.py | N/A | Med (Vendor lock) |
About This Skill
Secure Your AI Supply Chain
Modern applications are increasingly dependent on a complex web of AI providers and models. The Model Risk Register Generator automates the tedious process of auditing your codebase to identify every AI dependency, from LLM providers to specialized embedding models.
What it does
This skill performs static analysis on your repository to map out your AI footprint. It identifies:
- Providers: Companies like OpenAI, Anthropic, or HuggingFace.
- Models: Specific versions used (e.g., gpt-4o, claude-3-5-sonnet).
- Usage Context: Exactly where in your code these models are invoked.
- Risk Profiles: Availability risks, fallback status, and data residency considerations.
Why use this skill?
Instead of manually hunting for API calls or outdated configuration strings, this skill provides a structured, developer-centric view of your AI infrastructure. It bridges the gap between raw source code and compliance-ready documentation. By integrating owner notes and fallback strategies, you transform a simple code scan into a robust business continuity artifact.
Output Formats
The skill generates clean, professional Markdown tables for documentation or CSV files for integration into GRC (Governance, Risk, and Compliance) platforms and spreadsheets.
Use Cases
- Automate AI audits for SOC2 or ISO 27001 compliance rituals.
- Identify single points of failure in model dependencies across microservices.
- Generate CSV exports of AI vendors for procurement and legal reviews.
- Map data residency and ownership for every AI model used in production.
Known Limitations
It generates the register from what it can detect in your code plus what you provide in the config. It does not assess legal or regulatory compliance or verify a vendor's claims. It is a continuity and availability artifact, not a compliance audit.
How to Install
mkdir -p ~/.claude/skills && curl -sL https://www.agensi.io/api/install/model-risk-register-generator -o /tmp/model-risk-register-generator.zip && unzip -o /tmp/model-risk-register-generator.zip -d ~/.claude/skills && rm /tmp/model-risk-register-generator.zipFree skills install directly. Paid skills require purchase - use the download button above after buying.
Reviews
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
Early access skill
Be the first to review this skill.
Only users who have downloaded or purchased this skill can leave a review.
Security Scanned
Passed automated security review
Permissions
Allowed Hosts
File Scopes
Prints Markdown to stdout by default; --csv renders CSV. The owner and data-residency values come from your register-config.json. It references API keys only by env-var name and reads no environment variables.
Works with any agent that can read a repo and run a local Python script (Claude Code, Cursor, Codex CLI, and other SKILL.md-compatible agents). Standard library only, no install step.
Creator
JustHandled Labs builds focused agent skills for the work nobody wants to do by hand. Each one is a single repeatable job done well: catching the security and data mistakes that quietly ship, keeping docs and tests honest, gating the commands an agent is about to run, sharpening writing, and handling the founder chores around launches, outreach, and brand setup. Not generic AI productivity. Specific workflows that are easy to run, review, and repeat. Maintained by H.J. Westerfield, with a background in communications, editing, project coordination, customer support, and practical AI systems. Tools for people who want useful automation without theatrical complexity.
Frequently Asked Questions
Learn More About AI Agent Skills
More Premium Skills
Multi-Agent Orchestration Master Library
Transform Claude Code into a coordinated multi-agent system. Battle-tested tmux orchestration patterns, YAML task queues, event-driven communication, and parallel worker management for 8+ agents.
PII & Data-Leak Scanner
Scan your schemas, seed data, config, and logs for personal data before it leaks. Detects PII-indicating column and key names (email, ssn, phone, address) across SQL, CSV, and JSON, plus PII in the data itself: email addresses, SSN-like numbers, credit-card-like numbers, phone numbers, and PII written into log files. Each finding is flagged with its location and a GDPR-style review note. Heuristic by design: it surfaces what to review, not a compliance guarantee.
Legacy Code Modernization Planner for AI Coding Agents
Creates safe modernization roadmaps for old, messy, undocumented, or fragile codebases, including risk audits, refactor phases, dependency reviews, testing plans, migration steps, and AI coding prompts.
designing-hybrid-context-layers
Architects the right retrieval strategy for every query — teaching your agent when to use RAG, a knowledge graph, or a temporal index instead of defaulting to vector search for everything.