By abnejllc
GRC Engineering Plugin - Maps IaC to compliance controls, generates policies, collects evidence, reviews PRs for compliance, and transforms risks to Jira tickets
npx claudepluginhub abnejllc/grc --plugin grc-engineerGenerate scripts to collect audit evidence
Identify conflicting requirements across frameworks
List every SCF-mapped framework (249) and show which have a dedicated plugin
Aggregate connector findings, map to requested frameworks via SCF crosswalk, and produce a prioritized gap report with remediation links.
Generate implementation code for a security control
Generate policy-as-code from natural language requirements
Map infrastructure code to compliance framework controls
Map a control across all compliance frameworks
Set up continuous compliance monitoring and alerting
Optimize implementation across multiple compliance frameworks
Summarize every configured connector — auth validity, cache freshness, last-run counts — so operators can see the data-pipeline state at a glance.
Write automation coverage metric snapshots into grc-data/metrics
Review pull requests for compliance regressions
Scaffold a new framework plugin from the SCF crosswalk (Stub or Reference depth)
Scan Infrastructure as Code for compliance violations
Test security control effectiveness with automated validation
Transform risk assessments into Jira tickets
Reviews pull requests for compliance regressions. Scans code diffs for security and compliance violations, flags issues, and suggests fixes aligned with frameworks like SOC 2, ISO 27001, NIST 800-53.
Maps infrastructure code (Terraform, Kubernetes, CloudFormation) to compliance controls (ISO 27001, SOC 2, NIST 800-53). Analyzes IaC files and generates compliance evidence mappings showing which controls are satisfied.
Generates CLI commands and API scripts to collect point-in-time evidence for audit controls. Automates evidence gathering from cloud providers (AWS, Azure, GCP) and outputs formatted reports.
Converts natural language compliance requirements into executable policies (OPA Rego, AWS Config Rules, Sentinel, Terraform). Standardizes governance by making it part of the build process.
Converts unstructured risk assessments into structured Jira tickets. Extracts Likelihood, Impact, Mitigation from natural language and generates JSON formatted for Jira API with clear Definition of Done criteria.
Team-oriented workflow plugin with role agents, 27 specialist agents, ECC-inspired commands, layered rules, and hooks skeleton.
Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.
Upstash Context7 MCP server for up-to-date documentation lookup. Pull version-specific documentation and code examples directly from source repositories into your LLM context.
Comprehensive startup business analysis with market sizing (TAM/SAM/SOM), financial modeling, team planning, and strategic research
Comprehensive .NET development skills for modern C#, ASP.NET, MAUI, Blazor, Aspire, EF Core, Native AOT, testing, security, performance optimization, CI/CD, and cloud-native applications
Semantic search for Claude Code conversations. Remember past discussions, decisions, and patterns.