Search everything...

Stats

Actions

Available In

sentinel-stack

Name: sentinel-stack
Author: aadityaparab

By aadityaparab

AI governance toolkit — DLP scanning, data guardrails, risk register, compliance evidence, audit trail, and EU AI Act classification embedded in your workflow.

npx claudepluginhub aadityaparab/sentinel-stack --plugin sentinel-stack

Popularity

Stars

Above avg

Med: 0·Avg: 285

Installs

Med: 0·Avg: 1

What's Inside

Skills12

ai-governance

/ai-governance

AI risk classification and governance skill. Classifies AI use cases by EU AI Act risk tier (Unacceptable/High/Limited/Minimal), enforces organizational AI acceptable use policies, determines transparency and human oversight requirements, tracks data lineage for AI-assisted outputs, and generates compliance artifacts for model governance. Use when evaluating AI use cases, building AI workflows, or assessing regulatory compliance.

audit-trail

/audit-trail

Compliance audit log generator. Creates structured, immutable audit records (JSON-lines format) for guardrail decisions, DLP scans, 4-eyes review workflows, and AI-assisted outputs in regulated categories. Designed for SIEM and GRC platform ingestion with built-in retention governance per GDPR, SOC 2, and HIPAA. Use when you need audit logs, compliance trails, or interaction history.

caveman

/caveman

Token-efficient communication mode. Compresses conversational prose (~65-75% output token savings) while keeping code, commands, and compliance artifacts untouched at full fidelity. Use when the user asks for "caveman mode", "brief mode", "less tokens", or when long sessions risk context pressure. Adapted from github.com/JuliusBrussee/caveman with sentinel-stack governance carve-outs.

compliance-evidence

/compliance-evidence

Compliance artifact generator. Auto-generates audit evidence from guardrail detections, 4-eyes review gates, and DLP scans. Maps control evidence to SOC 2 Type II, ISO 27001, NIST CSF, and GDPR Article 30. Generates evidence packages on demand for auditors and tracks control effectiveness over time. Use for audit preparation, compliance evidence collection, or SOC 2/ISO 27001 artifact generation.

decision-audit

/decision-audit

Governance decision validation skill. Reviews decisions for logical consistency, evidence quality, bias indicators, and completeness. Checks that decisions reference appropriate policies and have proper authorization. Outputs audit findings with severity ratings. Use for quality assurance of governance decisions or investigating concerns.

Stats

Version1.1.0

LanguageShell

Stars3

MaintenanceExcellent

LicenseMIT

Last CommitApr 13, 2026

AddedApr 14, 2026

Actions

View on GitHub View README Plugin Marketplace JSON

Own this plugin?

Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).

Available In

sentinel-stack3

README

Sentinel Stack

Open-source AI governance for every LLM.

10 specialized agents that embed DLP, EU AI Act compliance, and real-time audit evidence into your AI workflows — so compliance happens automatically, not after the fact.

Works with Claude, GPT-4, Gemini, Copilot, Cursor, and any model that reads markdown.

"Compliance isn't something you do separately. It's a byproduct of doing your work through guardrails."

The Problem

Every company using AI is sitting on a ticking compliance clock.

The EU AI Act is enforceable. High-risk AI systems need risk classification, human oversight documentation, and transparency disclosures.
SOC 2 auditors are asking about AI controls for the first time — and most companies don't have answers.
CISOs want to know what data is flowing into which models. GRC analysts are drowning in spreadsheets documenting it all after the fact.
Nobody wants to slow down. Teams are shipping with AI and compliance is chasing them with a clipboard.

The Approach

Sentinel Stack takes a fundamentally different approach: governance is embedded in the workflow, not bolted on after.

Every AI interaction passes through a DLP engine and compliance guardrails. Every blocked request automatically becomes audit evidence that your controls work. Every 4-eyes review gate becomes segregation-of-duties proof. Every scan — even the clean ones — becomes evidence that your monitoring is active.

You don't "do GRC" separately. It happens because your AI workflows run through Sentinel Stack.

The 11 Skills

Always-On Protection

Skill	What it does
guardrails	Scans every prompt and file for sensitive data before processing. Hard blocks on client data and financial identifiers. Soft blocks with clarification for ambiguous cases. Enforces GDPR/privacy handling. Appends 4-eyes review gates to high-stakes outputs. Emits compliance signals on every decision.
dlp-engine	3-tier sensitivity scoring engine. Tier 1: regex pattern matching (SSNs, API keys, credentials). Tier 2: industry classifiers (private markets, healthcare, fintech, legal). Tier 3: behavioral baselines (anomalous request size, off-hours, new provider). Produces a 0-100 score → allow / log / alert / redact / block.

AI Governance

Skill	What it does
ai-governance	Classifies AI use cases by EU AI Act risk tier (Unacceptable / High / Limited / Minimal). Enforces your AI acceptable use policy. Determines transparency obligations — when must users know they're interacting with AI? Specifies meaningful human oversight requirements for high-risk systems. Tags AI-generated content with data lineage metadata.
vendor-ai-risk	Evaluates third-party AI tools across 5 dimensions: security, privacy, AI-specific risks (bias, hallucination, transparency), contractual requirements (DPA, liability, SLAs), and regulatory compliance. Quick triage mode (5 min) and deep assessment mode (full due diligence). Produces a scored risk card with go/no-go recommendation.

Compliance Automation

Skill	What it does
compliance-evidence	Auto-generates framework-mapped evidence from normal guardrail operations. Every DLP block → Data Classification control evidence. Every 4-eyes gate → Segregation of Duties proof. Maps to SOC 2 Type II, ISO 27001, NIST CSF, and GDPR Article 30. Generates evidence packages on demand for auditors.
risk-register	Living risk register that auto-populates from guardrail detections. Every hard block, soft block, and behavioral anomaly becomes a risk entry. 5×5 likelihood-impact scoring. Categorizes across Data Privacy, AI Ethics, Regulatory, Operational, Reputational, Financial. Tracks treatment (accept/mitigate/transfer/avoid) with owner assignment. Trend analysis and board-ready reports.
audit-trail	Structured JSON-lines logs from every guardrail decision, DLP scan, 4-eyes review, and AI-assisted output. Ready for SIEM ingestion (Splunk, ELK, Datadog). Retention guidance by regulation (GDPR, SOC 2, HIPAA). Generates audit reports by time period, framework, or event type.
policy-drafter	Drafts organizational AI policies: Acceptable Use, Data Handling, Third-Party AI Vendor, and Incident Response. Pre-fills with sensible defaults based on your industry and jurisdiction. Flags sections that must be customized. Includes version control, review cadence, and approval workflow.

View full README on GitHub

sentinel-stack

Popularity

What's Inside

Confidence

README

Sentinel Stack

The Problem

The Approach

The 11 Skills

Always-On Protection

AI Governance

Compliance Automation

Similar Plugins

ai-governance-legal

privacy-impact-assessment-skills

iso42001

ai-ethics-officer

agt-governance

grc

Sentinel Stack

The Problem

The Approach

The 11 Skills

Always-On Protection

AI Governance

Compliance Automation

Popularity

Health & Quality

Similar Plugins

ai-governance-legal

privacy-impact-assessment-skills

iso42001

ai-ethics-officer

agt-governance

grc