Plan regulatory compliance and governance before development by assessing GDPR, HIPAA, PCI-DSS, EU AI Act, NIST AI RMF, ISO 27001, SOC 2; generate gap analyses, remediation roadmaps, SBOMs, license scans, data classifications, and framework mappings for audit readiness.
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
PROACTIVELY use when assessing compliance requirements. Evaluates regulatory frameworks (GDPR, HIPAA, PCI-DSS), identifies gaps, and provides remediation roadmaps.
PROACTIVELY use when evaluating data privacy requirements. Assesses DPIAs, data subject rights, privacy-by-design implementation, and international data transfers.
PROACTIVELY use when reviewing security framework alignment. Assesses control effectiveness and audit readiness for ISO 27001, SOC 2, NIST CSF, and CIS Controls.
AI governance and responsible AI planning including EU AI Act classification, NIST AI RMF, and AI ethics frameworks
Conduct an AI governance and responsible AI assessment using EU AI Act and NIST AI RMF.
Conduct a GDPR compliance assessment for a system or processing activity.
Conduct a HIPAA compliance assessment for healthcare systems handling PHI.
Conduct a PCI-DSS scope assessment and compliance review for payment card handling.
Plugins for Claude Code: documentation management, code quality, and ecosystem support.
fnm (Fast Node Manager) is the recommended Node.js version manager for this project. It:
Install fnm:
# Windows (PowerShell as Admin)
winget install Schniz.fnm
# macOS/Linux
curl -fsSL https://fnm.vercel.app/install | bash
Configure for Git Bash (add to ~/.bashrc):
eval "$(fnm env --use-on-cd --shell bash)"
Or source the setup script which includes fnm initialization:
source "/path/to/claude-code-plugins/setup/bashrc-claude.sh"
Install Node:
fnm install 24
fnm default 24
npm install
npm run lint:md # Check for errors
npm run lint:md:fix # Auto-fix errors
Markdown linting runs automatically on PRs via GitHub Actions. The same rules apply locally and in CI.
/plugin install claude-ecosystem@claude-code-plugins
/plugin install code-quality@claude-code-plugins
/plugin install google-ecosystem@claude-code-plugins
This repo expects Codex CLI configuration to live in user scope under ~/.codex.
See .codex/README.md for the canonical locations.
| Plugin | Purpose |
|---|---|
| atlassian | Atlassian MCP server: Jira, Confluence, Compass integration |
| browser-automation | Browser automation MCP servers: Chrome DevTools, Playwright |
| business-analysis | BABOK techniques: capability mapping, stakeholder analysis, value streams, journey mapping |
| ci-cd | CI/CD pipelines: GitHub Actions, deployment automation, release management |
| claude-code-observability | Event logging, metrics, session diagnostics |
| claude-ecosystem | Claude Code docs, meta-skills, hooks, observability, auditors |
| code-quality | Code review, markdown linting, debugging, CI/CD templates |
| compliance-planning | Regulatory compliance: GDPR, HIPAA, PCI-DSS, AI governance, ISO 27001 |
| content-management-system | Headless CMS architecture: content modeling, taxonomies, media, theming |
| cursor-ecosystem | Cursor IDE docs, CLI, agent, keyword-based search |
| documentation-standards | Technical docs: arc42, C4 model, ADRs, RFC process, docs-as-code |
| dotnet | .NET 10+ automation: build, clean, SDK/tool install, version upgrades, Aspire MCP |
| duende-ecosystem | Duende IdentityServer, BFF, IdentityModel docs |
| enterprise-architecture | TOGAF, Zachman, ADRs, cloud alignment |
| event-modeling | Event-driven design: Event Modeling, Event Storming, CQRS, sagas |
| figma | Figma MCP server: design context, code generation, design tokens |
| formal-specification | Formal methods: UML/SysML, TLA+, OpenAPI/AsyncAPI, state machines |
| git | Git config, GPG signing, hooks, GitHub issues, history exploration |
| google-ecosystem | Gemini CLI docs, Claude-to-Gemini integration, configuration management |
| melodic-software | Developer onboarding, environment setup, commit workflows |
| microsoft | Microsoft MCP servers: Microsoft Learn, Azure, NuGet, Azure DevOps |
| milan-jovanovic | Milan Jovanovic .NET patterns: Clean Architecture, DDD, CQRS, EF Core |
| openai-ecosystem | OpenAI Codex CLI docs |
| requirements-elicitation | Requirements gathering: LLMREI interviews, gap analysis, prioritization |
| research | Research workflows: MCP integration, multi-source synthesis, structured output |
| response-quality | Response quality standards, source citations |
| security | Security: OWASP, authentication, cryptography, DevSecOps, threat modeling, 12 skills |
| soft-skills | Career progression, interviews, communication, professional visibility |
npx claudepluginhub melodic-software/claude-code-plugins --plugin compliance-planningComprehensive security plugin: OWASP Top 10, authentication patterns, cryptography, API security, secrets management, supply chain security, DevSecOps, container security, zero trust, and threat modeling.
melodic-softwareComprehensive Claude Code ecosystem plugin with official documentation management, meta-skills, development guidance, event logging, and observability hooks. Provides keyword-based doc discovery, doc_id resolution, token-optimized subsection extraction, authoritative knowledge hubs for hooks, memory, skills, MCP, configuration, security, subagents, plugins, and more. Includes comprehensive hook event logging, date/time injection, and file validation.
melodic-softwareDiagrams-as-code tools for visualizing code, data, and systems using Mermaid and PlantUML
melodic-softwareOpenAI Codex CLI ecosystem plugin with documentation management, scraping, indexing, and search capabilities
melodic-softwareTactical Agentic Coding course content by @IndyDevDan - Master agentic coding tactics to scale engineering and build self-operating codebases
melodic-softwareCompliance and governance including regulatory mapping, security policies, audit readiness, GDPR, SOC2, and PCI-DSS compliance.
sethdfordGDPR compliance assistant — code and system audits, privacy notice drafting, DPAs, DPIAs, data flow reviews, and authoritative article-cited Q&A.
SushegaadRegulatory compliance verification for GDPR, SOC2, and HIPAA
rohitg00DevsForge Enterprise Compliance Automation Architect delivering comprehensive compliance engineering methodologies, regulatory automation frameworks, and governance optimization strategies that transform compliance management from operational burden into strategic business value creation and trust catalyst
devsforgeGDPR Plugin - EU General Data Protection Regulation with DPIA, data subject rights, and 72-hour breach notification
GRCEngClubGRC (Governance, Risk, and Compliance) domain knowledge — frameworks, controls, audits, evidence, ConMon, cross-framework mappings, document review, and operational workflows. Cloud-agnostic.
mlunato47