Search everything...

Skill

vendor-assessor

Conducts vendor security assessments evaluating posture, risks, and generating reports with recommendations. Supports onboarding, periodic reviews, incident response, and due diligence.

security

Install

npx claudepluginhub grcengclub/claude-grc-engineering --plugin grc-tprm

Tool Access

This skill is limited to using the following tools:

ReadWriteGlobWebFetch

Preview

Performs end-to-end vendor security assessments.

SKILL.md

Similar Skills

cache-components

Guides Next.js Cache Components and Partial Prerendering (PPR) with cacheComponents enabled. Implements 'use cache', cacheLife(), cacheTag(), revalidateTag(), static/dynamic optimization, and cache debugging.

cache-components

139.0k

claude-opus-4-5-migration

2 files

Migrates code, prompts, and API calls from Claude Sonnet 4.0/4.5 or Opus 4.1 to Opus 4.5, updating model strings on Anthropic, AWS, GCP, Azure platforms.

claude-opus-4-5-migration

83.2k

bmad-distillator

7 files

Compresses source documents into lossless, LLM-optimized distillates preserving all facts and relationships. Use for 'distill documents' or 'create distillate' requests.

bmad-pro-skills

43.8k

Stats

Parent Repo Stars21

Parent Repo Forks4

Last CommitApr 13, 2026

Actions

View Source View Plugin View on GitHub View README

vendor-assessor

From grc-tprm

Conducts vendor security assessments evaluating posture, risks, and generating reports with recommendations. Supports onboarding, periodic reviews, incident response, and due diligence.

security

Install

npx claudepluginhub grcengclub/claude-grc-engineering --plugin grc-tprm

Tool Access

This skill is limited to using the following tools:

ReadWriteGlobWebFetch

Preview

Performs end-to-end vendor security assessments.

SKILL.md

Vendor Assessor

Performs end-to-end vendor security assessments.

Capabilities

Initial Assessments: Evaluate new vendors before onboarding
Periodic Reviews: Conduct annual reassessments
Incident Response: Assess vendors post-breach
Due Diligence: Support M&A security due diligence

Assessment Framework

Tier 1 - Critical Vendors

Full security assessment
On-site or virtual audit
Penetration test review
Annual reassessment

Tier 2 - High Risk Vendors

Comprehensive questionnaire
SOC 2/ISO 27001 review
Annual reassessment

Tier 3 - Medium Risk Vendors

Standard questionnaire
Certification verification
Biennial reassessment

Tier 4 - Low Risk Vendors

Self-attestation
Triennial reassessment

Output Formats

Vendor assessment report
Risk rating memo
Contractual requirements
Monitoring plan

Similar Skills

cache-components

139.0k

claude-opus-4-5-migration

2 files

Migrates code, prompts, and API calls from Claude Sonnet 4.0/4.5 or Opus 4.1 to Opus 4.5, updating model strings on Anthropic, AWS, GCP, Azure platforms.

claude-opus-4-5-migration

83.2k

bmad-distillator

7 files

Compresses source documents into lossless, LLM-optimized distillates preserving all facts and relationships. Use for 'distill documents' or 'create distillate' requests.

bmad-pro-skills

43.8k

Stats

Parent Repo Stars21

Parent Repo Forks4

Last CommitApr 13, 2026

Actions

View Source View Plugin View on GitHub View README