Stats
Actions
Tags
'%20stop-opacity%3D'0.16'%2F%3E%3Cstop%20offset%3D'1'%20stop-color%3D'rgb(200%2C90%2C60)'%20stop-opacity%3D'0.03'%2F%3E%3C%2FlinearGradient%3E%3C%2Fdefs%3E%3Crect%20width%3D'320'%20height%3D'200'%20fill%3D'url(%23g)'%2F%3E%3Ccircle%20cx%3D'250'%20cy%3D'56'%20r%3D'92'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.06'%2F%3E%3Ccircle%20cx%3D'64'%20cy%3D'172'%20r%3D'58'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.05'%2F%3E%3C%2Fsvg%3E)
From grc-engineer
Maps infrastructure code (Terraform, Kubernetes, CloudFormation) to compliance controls (ISO 27001, SOC 2, NIST 800-53). Analyzes IaC files and generates compliance evidence mappings showing which controls are satisfied.
How this skill is triggered — by the user, by Claude, or both
Slash command
/grc-engineer:code-to-control-mapperThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Maps infrastructure-as-code (IaC) files to specific compliance framework controls. Translates technical implementations into audit-ready compliance evidence.
Maps infrastructure-as-code (IaC) files to specific compliance framework controls. Translates technical implementations into audit-ready compliance evidence.
Map a Terraform file to SOC 2:
node scripts/map-control.js main.tf SOC2
Map Kubernetes manifests to ISO 27001:
node scripts/map-control.js k8s/deployment.yaml ISO27001
Map CloudFormation template to NIST 800-53:
node scripts/map-control.js template.yaml NIST80053
Generates markdown reports with:
# Compliance Mapping Report
## SOC 2 - CC6.1: Logical and Physical Access Controls
**Status:** ✅ Satisfied
**Evidence:**
- `main.tf:45` - `aws_db_instance` with `storage_encrypted = true`
- `main.tf:52` - IAM role with least privilege policy
**Mapping:** Data at rest encryption via AWS KMS satisfies encryption requirements.
npx claudepluginhub abnejllc/grc --plugin grc-engineerOffers UI/UX design guidance for web and mobile with 50+ styles, 161 color palettes, 57 font pairings, and 99 UX guidelines across 10 stacks. Use for designing pages, components, color systems, or reviewing UI code.
Fetches up-to-date documentation from Context7 for libraries and frameworks like React, Next.js, Prisma. Use for setup questions, API references, and code examples.
2plugins reuse this skill
First indexed Apr 26, 2026