GRC (Governance, Risk, and Compliance) plugin for Claude Code
npx claudepluginhub mlunato47/claude-grc-pluginGRC (Governance, Risk, and Compliance) domain knowledge — frameworks, controls, audits, evidence, ConMon, cross-framework mappings, document review, and operational workflows. Cloud-agnostic.
Claude Code marketplace entries for the plugin-safe Antigravity Awesome Skills library and its compatible editorial bundles.
Production-ready workflow orchestration with 79 focused plugins, 184 specialized agents, and 150 skills - optimized for granular installation and minimal token usage
Curated collection of 141 specialized Claude Code subagents organized into 10 focused categories
A plugin that turns your AI coding agent into a senior GRC (Governance, Risk, and Compliance) analyst. 72+ reference files covering 15 frameworks, 24 slash commands, and deep domain knowledge for federal and commercial compliance work.
Works with: Claude Code, OpenCode
Load this plugin and Claude gains expertise in:
It cites specific control IDs, knows baseline assignments, understands assessment procedures, and speaks the language of auditors, ISSOs, and compliance engineers.
Add the marketplace and install:
/plugin marketplace add mlunato47/claude-grc-plugin
/plugin install grc@mlunato47
Or from the CLI:
claude plugin install grc@mlunato47
You can install at different scopes:
claude plugin install grc@mlunato47 # User scope (all projects)
claude plugin install grc@mlunato47 --scope project # Project scope (shared via git)
claude plugin install grc@mlunato47 --scope local # Local only
Clone the repo and load directly:
git clone https://github.com/mlunato47/claude-grc-plugin.git
claude --plugin-dir ./grc-plugin/grc
Or load alongside other plugins:
claude --plugin-dir ./grc-plugin/grc --plugin-dir ./other-plugin
Once loaded, type /grc: to see all available commands.
You can ask OpenCode to self-install by telling it:
Fetch and follow the instructions at https://raw.githubusercontent.com/mlunato47/claude-grc-plugin/main/.opencode/INSTALL.md
Or install manually:
# Clone
git clone https://github.com/mlunato47/claude-grc-plugin.git ~/.config/opencode/grc
# Symlink plugin, skills, and commands
mkdir -p ~/.config/opencode/plugins ~/.config/opencode/skills ~/.config/opencode/commands
ln -s ~/.config/opencode/grc/.opencode/plugins/grc.js ~/.config/opencode/plugins/grc.js
ln -s ~/.config/opencode/grc/grc/skills/grc-knowledge ~/.config/opencode/skills/grc-knowledge
for cmd in ~/.config/opencode/grc/grc/commands/*.md; do
ln -s "$cmd" ~/.config/opencode/commands/$(basename "$cmd")
done
Restart OpenCode. Commands are available as /grc-control-lookup, /grc-map-controls, etc.
Note: In Claude Code, commands use
/grc:command-name. In OpenCode, commands use/grc-command-name.
| Command | Purpose |
|---|---|
/grc:control-lookup | Look up controls by framework and ID or keyword |
/grc:map-controls | Map controls between any two frameworks |
/grc:conmon-guide | Continuous monitoring guidance by topic |
/grc:audit-prep | Audit preparation checklists by audit type |
/grc:poam-help | POA&M creation, templates, and metrics |
/grc:gap-analysis | Structured gap analysis worksheets |
/grc:ssp-section | Draft SSP narrative language by control family |
/grc:deviation-request | Draft deviation/risk acceptance documentation |
| Command | Purpose |
|---|---|
/grc:review-narrative | Review SSP control narratives — Five W's, ODPs, 0-5 maturity score |
/grc:review-ssp | Validate SSP structure against FedRAMP template |
/grc:review-poam | Check POA&M entries for field completeness and SLA compliance |
/grc:review-policy | Review policy structure, control coverage, and language quality |
/grc:review-crm | Review CRM coverage, responsibility clarity, and common gaps |
/grc:score-maturity | Score control implementation maturity 0-5 with next-level guidance |
/grc:evidence-checklist | Generate audit evidence prep checklists (no user content needed) |