By GRCEngClub
Guides cloud service providers through StateRAMP compliance for state and local government — assess readiness, determine impact level, generate ATO package docs (SSP, SAP, SAR, POA&M), produce NIST 800-53 evidence checklists, and look up state-specific requirements.
StateRAMP authorization readiness assessment
StateRAMP ATO package documentation guidance (SSP, SAP, SAR, POA&M)
Generates comprehensive evidence collection checklists for StateRAMP (State Risk and Authorization Management Program) authorization with state-level compliance requirements.
Determine appropriate StateRAMP impact level (Low vs Moderate)
State-by-state variations in StateRAMP requirements
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
Deploy a serverless trust center to publish your company's compliance posture. Supports AWS deployment with S3, CloudFront, Lambda, DynamoDB, Cognito, and WAF.
FedRAMP Rev 5 Plugin - Traditional authorization path with SSP/SAP/SAR/POA&M documentation and NIST 800-53 Rev 5 control mapping
CSA CCM Plugin - Cloud Security Alliance Cloud Controls Matrix with 197 controls and CAIQ support
US Export Controls Plugin - ITAR and EAR compliance for defense and dual-use technologies
SOC 2 Compliance Plugin - Trust Service Criteria expertise, Type I/II assessment support, and control mapping
npx claudepluginhub grcengclub/claude-grc-engineering --plugin staterampGRC Engineering Plugin - Maps IaC to compliance controls, generates policies, collects evidence, reviews PRs for compliance, and transforms risks to Jira tickets
GRC (Governance, Risk, and Compliance) domain knowledge — frameworks, controls, audits, evidence, ConMon, cross-framework mappings, document review, and operational workflows. Cloud-agnostic.
End-to-end FedRAMP authorization guidance — readiness assessments, SSP narratives, POA&M management, NIST 800-53 Rev 5 control mapping, and ConMon support.
Harness-native ECC plugin for engineering teams - 67 agents, 278 skills, 94 legacy command shims, reusable hooks, rules, MCP conventions, and operator workflows for Claude Code plus adjacent agent harnesses
Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.
Comprehensive .NET development skills for modern C#, ASP.NET, MAUI, Blazor, Aspire, EF Core, Native AOT, testing, security, performance optimization, CI/CD, and cloud-native applications