Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From grc-tprm
Conducts vendor security assessments evaluating posture, risks, and generating reports with recommendations. Supports onboarding, periodic reviews, incident response, and due diligence.
npx claudepluginhub grcengclub/claude-grc-engineering --plugin grc-tprmHow this skill is triggered — by the user, by Claude, or both
Slash command
/grc-tprm:vendor-assessorThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Performs end-to-end vendor security assessments.
Calculates vendor risk scores using inherent (data sensitivity, access level) and residual (certifications, audits) factors. Assigns Critical/High/Medium/Low ratings with comparisons, trends, and recommendations.
Analyzes Abnormal Security VendorBase for vendor risk scores, compromised detection, domain analysis, and supply chain email threats. For MSP analysts investigating third-party vendor risks.
Scores vendor privacy risks with weighted factors: data volume, sensitivity, transfer locations, certifications, breach history, control maturity. Assigns tiers for processor oversight under GDPR.
Share bugs, ideas, or general feedback.
Performs end-to-end vendor security assessments.