risk-assessment
$
npx mdskill add anthropics/knowledge-work-plugins/risk-assessmentSystematically identifies, assesses, and plans mitigations for operational risks in projects, vendors, processes, or decisions.
- Helps users evaluate and manage risks across categories like operational, financial, compliance, strategic, reputational, and security.
- Integrates with a risk assessment matrix to categorize risks based on likelihood and impact levels.
- Decides recommendations by analyzing risk descriptions, likelihood, impact, and applying a standardized risk register format.
- Presents results using a structured risk register with details like mitigation plans, owners, and statuses.
SKILL.md
.github/skills/risk-assessmentView on GitHub ↗
--- name: risk-assessment description: Identify, assess, and mitigate operational risks. Trigger with "what are the risks", "risk assessment", "risk register", "what could go wrong", or when the user is evaluating risks associated with a project, vendor, process, or decision. --- # Risk Assessment Systematically identify, assess, and plan mitigations for operational risks. ## Risk Assessment Matrix | | Low Impact | Medium Impact | High Impact | |---|-----------|---------------|-------------| | **High Likelihood** | Medium | High | Critical | | **Medium Likelihood** | Low | Medium | High | | **Low Likelihood** | Low | Low | Medium | ## Risk Categories - **Operational**: Process failures, staffing gaps, system outages - **Financial**: Budget overruns, vendor cost increases, revenue impact - **Compliance**: Regulatory violations, audit findings, policy breaches - **Strategic**: Market changes, competitive threats, technology shifts - **Reputational**: Customer impact, public perception, partner relationships - **Security**: Data breaches, access control failures, third-party vulnerabilities ## Risk Register Format For each risk, document: - **Description**: What could happen - **Likelihood**: High / Medium / Low - **Impact**: High / Medium / Low - **Risk Level**: Critical / High / Medium / Low - **Mitigation**: What we're doing to reduce likelihood or impact - **Owner**: Who is responsible for managing this risk - **Status**: Open / Mitigated / Accepted / Closed ## Output Produce a prioritized risk register with specific, actionable mitigations. Focus on risks that are controllable and material.
More from anthropics/knowledge-work-plugins
- accessibility-reviewRun a WCAG 2.1 AA accessibility audit on a design or page. Trigger with "audit accessibility", "check a11y", "is this accessible?", or when reviewing a design for color contrast, keyboard navigation, touch target size, or screen reader behavior before handoff.
- account-research"Research a company using Common Room data. Triggers on 'research [company]', 'tell me about [domain]', 'pull up signals for [account]', 'what's going on with [company]', or any account-level question."
- analyzeAnswer data questions -- from quick lookups to full analyses. Use when looking up a single metric, investigating what's driving a trend or drop, comparing segments over time, or preparing a formal data report for stakeholders.
- architectureCreate or evaluate an architecture decision record (ADR). Use when choosing between technologies (e.g., Kafka vs SQS), documenting a design decision with trade-offs and consequences, reviewing a system design proposal, or designing a new component from requirements and constraints.
- audit-supportSupport SOX 404 compliance with control testing methodology, sample selection, and documentation standards. Use when generating testing workpapers, selecting audit samples, classifying control deficiencies, or preparing for internal or external audits.
- brand-reviewReview content against your brand voice, style guide, and messaging pillars, flagging deviations by severity with specific before/after fixes. Use when checking a draft before it ships, when auditing copy for voice consistency and terminology, or when screening for unsubstantiated claims, missing disclaimers, and other legal flags.
- brand-voice-enforcement>
- briefGenerate contextual briefings for legal work — daily summary, topic research, or incident response. Use when starting your day and need a scan of legal-relevant items across email, calendar, and contracts, when researching a specific legal question across internal sources, or when a developing situation (data breach, litigation threat, regulatory inquiry) needs rapid context.
- build-dashboardBuild an interactive HTML dashboard with charts, filters, and tables. Use when creating an executive overview with KPI cards, turning query results into a shareable self-contained report, building a team monitoring snapshot, or needing multiple charts with filters in one browser-openable file.
- build-zoom-botBuild a Zoom meeting bot, recorder, or real-time media workflow. Use when joining meetings programmatically, processing live media or transcripts, or combining Meeting SDK, RTMS, and backend services.