Skill

evidence-artifact-collector

Generates CLI commands and API scripts to collect point-in-time evidence for audit controls. Automates evidence gathering from cloud providers (AWS, Azure, GCP) and outputs formatted reports.

Install

npx claudepluginhub abnejllc/grc --plugin grc-engineer

Tool Access

This skill is limited to using the following tools:

BashReadGlobWriteEdit

Preview

Generates scripts to collect audit evidence from cloud infrastructure. Automates the most labor-intensive part of compliance - evidence gathering.

SKILL.md

Similar Skills

design-system

Generates design tokens/docs from CSS/Tailwind/styled-components codebases, audits visual consistency across 10 dimensions, detects AI slop in UI.

team-skills-platform

167.4k

ui-demo

Records polished WebM UI demo videos of web apps using Playwright with cursor overlay, natural pacing, and three-phase scripting. Activates for demo, walkthrough, screen recording, or tutorial requests.

team-skills-platform

167.4k

kotlin-patterns

Delivers idiomatic Kotlin patterns for null safety, immutability, sealed classes, coroutines, Flows, extensions, DSL builders, and Gradle DSL. Use when writing, reviewing, refactoring, or designing Kotlin code.

team-skills-platform

167.4k

Stats

Parent Repo Stars0

Parent Repo Forks0

Last CommitApr 18, 2026

Used By2 plugins

Actions

View Source View Plugin View on GitHub View README

Evidence Artifact Collector

Generates scripts to collect audit evidence from cloud infrastructure. Automates the most labor-intensive part of compliance - evidence gathering.

Quick Commands

Generate AWS evidence script:

node scripts/collect-evidence.js "MFA for all root users" aws

Generate Azure evidence script:

node scripts/collect-evidence.js "All storage accounts encrypted" azure

Generate GCP evidence script:

node scripts/collect-evidence.js "IAM bindings audit" gcp

Supported Providers

aws - AWS CLI and boto3 scripts
azure - Azure CLI and Python SDK scripts
gcp - gcloud CLI and Python SDK scripts
kubernetes - kubectl commands
terraform - Terraform state queries

Output Formats

python - Python script with boto3/azure-sdk/google-cloud
bash - Shell script with CLI commands
json - Direct API query results
markdown - Formatted evidence report
pdf - PDF report (requires additional dependencies)

Example Controls

"MFA for all root users"
"All S3 buckets encrypted"
"CloudTrail logging enabled"
"Security groups restrict access"
"IAM policies follow least privilege"
"Database encryption at rest"
"Network ACLs configured"

Generated Script Features

Point-in-time evidence collection
Timestamped results
Multiple output formats
Error handling and validation
Ready-to-run commands

Example Output

#!/usr/bin/env python3
"""
Evidence Collection Script
Control: MFA for all root users
Provider: AWS
Generated: 2025-01-15T10:30:00Z
"""

import boto3
import json
from datetime import datetime

iam = boto3.client('iam')

def collect_mfa_evidence():
    """Collect evidence for MFA requirement on root users."""
    evidence = {
        "control": "MFA for all root users",
        "timestamp": datetime.utcnow().isoformat(),
        "results": []
    }
    
    # Get account summary
    summary = iam.get_account_summary()
    mfa_enabled = summary['SummaryMap'].get('AccountMFAEnabled', 0)
    
    evidence["results"].append({
        "check": "Root account MFA status",
        "status": "PASS" if mfa_enabled == 1 else "FAIL",
        "details": f"MFA Enabled: {mfa_enabled == 1}"
    })
    
    return evidence

if __name__ == "__main__":
    result = collect_mfa_evidence()
    print(json.dumps(result, indent=2))

Prerequisites

Control description or control ID
Optional: Cloud provider (defaults to aws)
Optional: Output format (defaults to python)