kompliance-x

Kompliance-X Plugin for Claude Code

An intelligent Claude Code plugin that automatically audits your software projects for compliance with major regulatory frameworks including GDPR, HIPAA, PCI-DSS, CCPA/CPRA, and SOC 2.

Features

✨ Smart Framework Detection - Automatically determines which compliance frameworks apply to your project based on codebase analysis

📊 Tiered Reporting - Provides both executive summaries and detailed technical reports

🎯 Risk-Based Prioritization - Categorizes findings by severity (Critical, High, Medium, Low)

🔍 Thorough Analysis - Examines code, databases, APIs, third-party integrations, and documentation

📋 Actionable Recommendations - Provides specific implementation guidance without writing code

🚀 Easy to Use - Just ask Claude to audit your project for compliance

Supported Frameworks

• GDPR (General Data Protection Regulation) - EU data protection
• HIPAA (Health Insurance Portability and Accountability Act) - US healthcare data
• PCI-DSS (Payment Card Industry Data Security Standard) - Payment card data
• CCPA/CPRA (California Consumer Privacy Act/Privacy Rights Act) - California privacy
• SOC 2 (Service Organization Control 2) - SaaS security and privacy

Installation

Option 1: From GitHub (Recommended)

Install directly from the GitHub repository:

# Add this repository as a marketplace
/plugin marketplace add disruptica/claude-plugins

# Install the plugin
/plugin install kompliance-x@disruptica-plugins

Option 2: Manual Installation

If you prefer not to use the plugin system, you can install the skill manually:

For a specific project:

# Clone the repository
git clone https://github.com/disruptica/claude-plugins.git

# Copy the skill to your project
cp -r claude-plugins/skills/kompliance-x /path/to/your/project/.claude/skills/

For all your projects:

# Clone the repository
git clone https://github.com/disruptica/claude-plugins.git

# Copy to your global skills directory
cp -r claude-plugins/skills/kompliance-x ~/.claude/skills/

Usage

Simply ask Claude Code to audit your project for compliance:

"Can you audit my project for compliance?"

"Check if my application complies with GDPR"

"Perform a compliance audit for data protection regulations"

How It Works

1. Analysis - Claude analyzes your codebase, database schemas, API endpoints, and dependencies

2. Detection - Based on what it finds, Claude determines which compliance frameworks likely apply

   • Finds health data → HIPAA
   • Sees payment processing → PCI-DSS
   • Detects user data + EU presence → GDPR
   • US-based with users → CCPA
   • B2B SaaS platform → SOC 2

3. Confirmation - Claude asks you targeted questions to confirm applicability:

   • "Does your application serve users in the European Union?"
   • "Do you handle Protected Health Information (PHI)?"
   • etc.

4. Audit - Claude performs a thorough audit against the relevant frameworks

5. Executive Summary - You receive a high-level report with:

   • Compliance scores for each framework
   • Critical gaps requiring immediate attention
   • High-priority improvements
   • Actionable roadmap with timeline

6. Detailed Report (optional) - Request in-depth technical analysis for specific frameworks with:

   • Requirement-by-requirement breakdown
   • Specific file paths and code locations
   • Implementation recommendations
   • Effort estimates

Example Output

Executive Summary

# Compliance Audit Executive Summary

**Project:** Your App
**Frameworks Assessed:** GDPR, CCPA

## Overall Compliance Scores
- GDPR: 45% compliant (28 gaps found)
- CCPA: 52% compliant (19 gaps found)

## Critical Gaps (Immediate Action Required)
1. No Data Deletion Mechanism - GDPR Art. 17 & CCPA §1798.105
   - Risk: Potential fines up to €20M (GDPR) or $7,500/violation (CCPA)
   - Action: Implement account deletion API
   - Effort: 3-4 days

[... more findings ...]

## Recommended Roadmap
Phase 1 (Weeks 1-2): Critical Gaps
Phase 2 (Weeks 3-6): High-Priority Improvements
[...]

Plugin Structure