By GRCEngClub
Assess and implement CIS Controls v8 cybersecurity baseline with IG1/IG2/IG3 implementation groups, including compliance checks, safeguard verification, evidence checklist generation with cloud/OS collection commands, and implementation group determination based on organization profile.
CIS Controls v8 compliance assessment by Implementation Group level
Verify specific CIS Control implementation from 18 controls
Generates comprehensive evidence collection checklists for CIS Controls v8 safeguards, organized by Implementation Group (IG1, IG2, IG3) with automated and manual collection guidance.
Determine appropriate CIS Controls Implementation Group (IG1/IG2/IG3)
List applicable CIS Controls v8 safeguards by Implementation Group
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
Deploy a serverless trust center to publish your company's compliance posture. Supports AWS deployment with S3, CloudFront, Lambda, DynamoDB, Cognito, and WAF.
CSA CCM Plugin - Cloud Security Alliance Cloud Controls Matrix with 197 controls and CAIQ support
US Export Controls Plugin - ITAR and EAR compliance for defense and dual-use technologies
ISO 27001 Plugin - Annex A controls, ISMS implementation guidance, and certification support
FedRAMP Rev 5 Plugin - Traditional authorization path with SSP/SAP/SAR/POA&M documentation and NIST 800-53 Rev 5 control mapping
npx claudepluginhub grcengclub/claude-grc-engineering --plugin cis-controlsEssential 8 Plugin - Australian Cyber Security Centre mitigation strategies with 3 maturity levels
GRC (Governance, Risk, and Compliance) domain knowledge — frameworks, controls, audits, evidence, ConMon, cross-framework mappings, document review, and operational workflows. Cloud-agnostic.
Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.
Harness-native ECC plugin for engineering teams - 67 agents, 278 skills, 94 legacy command shims, reusable hooks, rules, MCP conventions, and operator workflows for Claude Code plus adjacent agent harnesses
Upstash Context7 MCP server for up-to-date documentation lookup. Pull version-specific documentation and code examples directly from source repositories into your LLM context.
Consult multiple AI coding agents (Gemini, OpenAI, Grok, Perplexity, plus codex, antigravity, and grok CLIs when installed) to get diverse perspectives on coding problems