By tractorjuice
Author US federal civilian compliance documentation and risk assessments for FedRAMP, NIST 800-53, CISA Zero Trust, AI RMF, and EO 14028 SBOM requirements.
[COMMUNITY] Determine whether an AI system is rights-impacting or safety-impacting under OMB M-24-10 and document the minimum risk-management practices, M-25-21 acquisition controls, and public disclosure obligations.
[COMMUNITY] Conduct a NIST AI Risk Management Framework 1.0 assessment (Govern / Map / Measure / Manage) of an AI system, including the Generative AI Profile (NIST AI 600-1) where applicable.
[COMMUNITY] Produce a 3PAO-style Readiness Assessment Report for a FedRAMP authorization β capability statement, gap register, evidence inventory, and recommended ATO path (Agency vs JAB).
[COMMUNITY] Draft a FedRAMP System Security Plan (Moderate / High baseline) aligned to the current FedRAMP SSP template structure β system identification, boundary, types of users, interconnections, control implementations, continuous monitoring.
[COMMUNITY] Generate FIPS 199 system categorization (Low/Moderate/High water-mark) for a US federal civilian information system, mapping information types to NIST SP 800-60 Vol 2 and recording the CIA impact matrix.
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
Build better enterprise architecture through structured strategy, design, delivery, and assurance workflows.
ArcKit is a toolkit for enterprise architects that transforms architecture governance from scattered documents into a systematic, AI-assisted workflow for:
[DOC-CN] markers with source quotes)Claude Code (premier experience) β install the ArcKit plugin (requires v2.1.200+):
First, make sure Claude Code is on the latest version:
claude install latest
Then in Claude Code:
/plugin marketplace add tractorjuice/arckit-claude
Then install from the Discover tab, or via CLI. The marketplace ships 15 plugins β install only the overlays you need:
# Core (75 commands β UK Government civilian + generic enterprise)
claude plugin install arckit@arckit-claude
# Core + UAE federal
claude plugin install arckit arckit-uae
# Broad overlay set (UK + UAE + FR + CA + EU + AT + AU + US + UK-NHS + UK-GCloud)
claude plugin install arckit arckit-{uae,fr,ca,eu,at,au,us,uk-nhs,uk-gcloud}
# Enterprise architecture and AI agent governance overlays
claude plugin install arckit arckit-togaf-adm arckit-agent-architecture
The standalone tractorjuice/arckit-claude marketplace hosts all Claude Code plugins: the arckit core plugin, regional overlays, sector overlays, the TOGAF ADM and AI agent architecture overlays, the arckit-fde tooling plugin, and the public-but-proprietary arckit-uk-gcloud supplier overlay. The 13 community plugins (arckit-uae, arckit-fr, arckit-ca, arckit-eu, arckit-at, arckit-au, arckit-au-energy, arckit-us, arckit-uk-finance, arckit-uk-nhs, arckit-uk-gcloud, arckit-togaf-adm, arckit-agent-architecture) require the arckit core plugin. arckit-au-energy (sector) additionally requires arckit-au (jurisdiction), which it composes β install with claude plugin install arckit arckit-au arckit-au-energy. arckit-uk-gcloud is a proprietary, Claude Code only supplier-side G-Cloud bid-authoring overlay β it is public for installation and inspection, but not MIT licensed and not distributed to the non-Claude extension formats. One tooling plugin β arckit-fde β is a lean, Claude Code only plugin with one command, /arckit-fde:create, that generates a brandable (white-label) Forward Deploy Engineering consulting website into docs/ (GitHub Pages ready), with UK Public Sector and Generic market presets; no dependencies, not converted to non-Claude formats, no governance doc-types.
Austrian Overlay for ArcKit β 3 commands for DSG/DSGVO, NISG, and Bundesvergabegesetz public procurement. Requires arckit core plugin.
French Public Sector Overlay for ArcKit β 12 commands for DINUM, ANSSI, RGPD/CNIL, EBIOS, PSSI, SecNumCloud, Diffusion Restreinte, public procurement, and ANSSI cartography. Requires arckit core plugin.
Canadian Federal Overlay for ArcKit β 12 commands for AIA, ATIP, ITSG-33, GC Digital Standards, OCAP, OLA, and federal cloud residency. Requires arckit core plugin.
EU Overlay for ArcKit β 7 commands for GDPR, AI Act, DSA, DORA, Data Act, NIS2, and CRA. Requires arckit core plugin.
UK G-Cloud Supplier Bid-Authoring Overlay for ArcKit β 11 supplier-side commands that drive a G-Cloud 14 Digital Marketplace submission end to end: supplier profile, service design, Service Definition Documents (Lots 1/2/3), supplier declaration, pricing, NCSC Cloud Security Principles assertions, competitor benchmark, submission review, and CCS submission packaging. Recipe: uk-gcloud-submission. Requires arckit core plugin. PROPRIETARY β not covered by the repository MIT licence. EXPERIMENTAL.
npx claudepluginhub lllc-lllc/arc-kit --plugin arckit-usCanadian Federal Overlay for ArcKit β 12 commands for AIA, ATIP, ITSG-33, GC Digital Standards, OCAP, OLA, and federal cloud residency. Requires arckit core plugin.
GRC (Governance, Risk, and Compliance) domain knowledge β frameworks, controls, audits, evidence, ConMon, cross-framework mappings, document review, and operational workflows. Cloud-agnostic.
Expert EU Cyber Resilience Act (CRA) advisor for Regulation (EU) 2024/2847. Covers product classification (Default/Class I/Class II), Annex I essential requirements gap analysis, conformity assessment (self-assessment vs Notified Body), CE marking, SBOM, vulnerability handling, 24/72-hour ENISA reporting, support period obligations, and manufacturer/importer/distributor duties. Full application: December 11, 2027.
Establish architecture governance, design fitness functions, manage tech debt, and ensure compliance. Build sustainable architecture practices.
ποΈ Enterprise Architecture Strategist β Enterprise Architecture Strategist + TOGAF ADM Navigator + C-Suite Technology Translator
US Export Controls Plugin - ITAR and EAR compliance for defense and dual-use technologies