By GRCEngClub
Evaluates GitHub repositories against SCF, SOC 2, and GRC compliance controls by scanning branch protection, secret scanning, Dependabot alerts, and code scanning, then emits structured JSON findings per repository.
Query GitHub for compliance-relevant configuration and emit findings conforming to the v1 contract.
Verify the github-inspector connector's prerequisites and write its config. Idempotent.
Report configuration state, auth validity, and last-run freshness for the github-inspector connector.
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
npx claudepluginhub grcengclub/claude-grc-engineering --plugin github-inspectorDeploy a serverless trust center to publish your company's compliance posture. Supports AWS deployment with S3, CloudFront, Lambda, DynamoDB, Cognito, and WAF.
FedRAMP Rev 5 Plugin - Traditional authorization path with SSP/SAP/SAR/POA&M documentation and NIST 800-53 Rev 5 control mapping
CSA CCM Plugin - Cloud Security Alliance Cloud Controls Matrix with 197 controls and CAIQ support
US Export Controls Plugin - ITAR and EAR compliance for defense and dual-use technologies
SOC 2 Compliance Plugin - Trust Service Criteria expertise, Type I/II assessment support, and control mapping
GRC Engineering Plugin - Maps IaC to compliance controls, generates policies, collects evidence, reviews PRs for compliance, and transforms risks to Jira tickets
GRC (Governance, Risk, and Compliance) domain knowledge — frameworks, controls, audits, evidence, ConMon, cross-framework mappings, document review, and operational workflows. Cloud-agnostic.
SOC2, HIPAA, and GDPR compliance validation, secrets scanning, compliance checklists, and regulatory documentation
Security scanning for Claude Code projects: /security:quick and /security:scan (gitleaks + pip-audit orchestration around the native scanner), /security:deep git-history scans, /security:explain finding explanations, /security:permissions risk-graded permission audits.
Check infrastructure compliance (SOC2, HIPAA, PCI-DSS)
Compliance and security skills for HIPAA, GDPR, SOC2, PCI-DSS audits, infrastructure hardening, incident planning, and secrets management.