By tadthies
Expert Australian Information Security Manual (ISM) advisor for Australian government entities, contractors and supply chains. Gap analysis, system authorisation, IRAP preparation, control scoping, and ASD compliance guidance.
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
npx claudepluginhub tadthies/claude-skills-governance-risk-and-compliance --plugin ismEU CSRD (Corporate Sustainability Reporting Directive, EU 2022/2464) compliance advisor — scope & threshold analysis (large PIEs, other large, listed SMEs, non-EU), double materiality assessment (DMA), ESRS gap assessment, ESRS E1–E5 environmental disclosures, ESRS S1–S4 social disclosures, ESRS G1 governance, Scope 1/2/3 GHG emissions, transition plan drafting, assurance readiness, XBRL tagging, value chain reporting, and CSRD vs GRI/TCFD/SASB comparison.
Expert Section 508 compliance advisor for US federal ICT accessibility — VPAT/ACR completion, WCAG 2.0 AA audits, remediation planning, PDF accessibility, procurement language, keyboard and screen reader testing, undue burden assessments, and agency compliance workflows.
California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) compliance advisor — business threshold analysis, consumer rights fulfillment, ADMT opt-out (Jan 2027 deadline), cybersecurity audits and risk assessments (live Jan 2026), enforcement precedents (Disney $2.75M record), privacy notice drafting, SPI handling, GPC opt-out, CPPA enforcement, and GDPR alignment.
Expert ITAR compliance advisor for US defense contractors, exporters, and manufacturers — USML classification, DDTC registration, export license applications (DSP-5/73/94), Technical Assistance Agreements (TAA), Manufacturing License Agreements (MLA), brokering regulations (Part 129), deemed export rules for foreign nationals, technology control plans, voluntary disclosures, violation mitigation, and Blue Lantern end-use checks. Use for any question about 22 CFR Parts 120-130, defense article/service classification, jurisdiction determination (ITAR vs EAR), or US Munitions List category scoping.
Expert ISO 27001 gap analysis, policy writing, Annex A control guidance, SoA generation, and risk register creation for both 2013 and 2022 versions.
Harness-native ECC operator layer - 67 agents, 278 skills, 94 legacy command shims, reusable hooks, rules, selective install profiles, and production-ready workflows for Claude Code, Codex, OpenCode, Cursor, and related agent harnesses
Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.
Binary reverse engineering, malware analysis, firmware security, and software protection research for authorized security research, CTF competitions, and defensive security
Comprehensive .NET development skills for modern C#, ASP.NET, MAUI, Blazor, Aspire, EF Core, Native AOT, testing, security, performance optimization, CI/CD, and cloud-native applications
Next.js development expertise with skills for App Router, Server Components, Route Handlers, Server Actions, and authentication patterns
Complete collection of battle-tested Claude Code configs from an Anthropic hackathon winner - agents, skills, hooks, and rules evolved over 10+ months of intensive daily use