By GRCEngClub
Assess and ensure compliance with US ITAR and EAR export controls for defense and dual-use technologies, including jurisdiction determination, data residency verification, encryption requirements, and denied party screening.
Unified ITAR and EAR compliance assessment
ITAR vs EAR compliance requirements crosswalk
Verify data residency requirements for ITAR and EAR
EAR-specific compliance assessment for dual-use commercial items
ITAR-specific compliance assessment for defense articles
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
npx claudepluginhub grcengclub/claude-grc-engineering --plugin us-exportDeploy a serverless trust center to publish your company's compliance posture. Supports AWS deployment with S3, CloudFront, Lambda, DynamoDB, Cognito, and WAF.
FedRAMP Rev 5 Plugin - Traditional authorization path with SSP/SAP/SAR/POA&M documentation and NIST 800-53 Rev 5 control mapping
CSA CCM Plugin - Cloud Security Alliance Cloud Controls Matrix with 197 controls and CAIQ support
ISO 27001 Plugin - Annex A controls, ISMS implementation guidance, and certification support
SOC 2 Compliance Plugin - Trust Service Criteria expertise, Type I/II assessment support, and control mapping
DORA Plugin - EU Digital Operational Resilience Act for financial entities with ICT risk management (effective January 2025)
GRC (Governance, Risk, and Compliance) domain knowledge — frameworks, controls, audits, evidence, ConMon, cross-framework mappings, document review, and operational workflows. Cloud-agnostic.
Expert EU Cyber Resilience Act (CRA) advisor for Regulation (EU) 2024/2847. Covers product classification (Default/Class I/Class II), Annex I essential requirements gap analysis, conformity assessment (self-assessment vs Notified Body), CE marking, SBOM, vulnerability handling, 24/72-hour ENISA reporting, support period obligations, and manufacturer/importer/distributor duties. Full application: December 11, 2027.
Ultra-compressed communication mode. Cuts 65% of output tokens (measured) while keeping full technical accuracy by speaking like a caveman.
Comprehensive UI/UX design plugin for mobile (iOS, Android, React Native) and web applications with design systems, accessibility, and modern patterns
Standalone image generation plugin using Nano Banana MCP server. Generates and edits images, icons, diagrams, patterns, and visual assets via Gemini image models. No Gemini CLI dependency required.