By mrcodechef
GRC connector wrapping testssl.sh. Scans HTTPS endpoints for protocol/cipher posture, certificate issues, and known TLS CVEs (Heartbleed, ROBOT, POODLE, FREAK, LOGJAM, SWEET32, ...). Emits findings conforming to schemas/finding.schema.json v1, anchored on SCF CRY-01/CRY-03/CRY-05/CRY-08/NET-09/VPM-01/VPM-06/WEB-03 and fanned out at scan time via SCF crosswalks to SOC 2 TSC 2017, NIST 800-53 r5, PCI DSS 4.0.1, and ISO 27002:2022.
Locate testssl.sh (native install or Docker), record version, and write default targets to the connector config.
Run testssl.sh against one or more HTTPS endpoints and emit v1 Findings mapped to SOC 2, NIST 800-53, PCI DSS 4.0.1, ISO 27001, and SCF controls.
Show configured testssl runner, version, target count, and recent scans on disk.
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
npx claudepluginhub mrcodechef/claude-grc-engineering --plugin testssl-inspectorTeach-me - get up to speed on a framework, control, or GRC role. Socratic primer + drill plugin built for new-to-GRC practitioners and career transitioners. Closes #61.
Ralph-loop mechanism specialized for GRC iteration patterns: gap-remediation burndown and quarterly evidence sweeps. Each loop drives /grc-engineer:* commands until a completion criterion fires.
GRC Engineering Plugin - Maps IaC to compliance controls, generates policies, collects evidence, reviews PRs for compliance, and transforms risks to Jira tickets
GRC Auditor Plugin - Evidence review, control validation, and audit workpaper generation for external auditors and assessors
GRC Internal Plugin - Policy management, risk registers, and compliance tracking for internal GRC teams
Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.
Complete creative writing suite with 10 specialized agents covering the full writing process: research gathering, character development, story architecture, world-building, dialogue coaching, editing/review, outlining, content strategy, believability auditing, and prose style/voice analysis. Includes genre-specific guides, templates, and quality checklists.
Develop, test, build, and deploy Godot 4.x games with Claude Code. Includes GdUnit4 testing, web/desktop exports, CI/CD pipelines, and deployment to Vercel/GitHub Pages/itch.io.
A growing collection of Claude-compatible academic workflow bundles. Covers scientific figures, manuscript writing and polishing, reviewer assessment, citation retrieval, data availability, paper reading, literature search, response letters, paper-to-PPTX conversion, and evidence-grounded Chinese invention patent drafting. Rules are organized as reusable skill folders with explicit workflows and quality checks.
Comprehensive PR review agents specializing in comments, tests, error handling, type design, code quality, and code simplification
Comprehensive feature development workflow with specialized agents for codebase exploration, architecture design, and quality review