From 18f5177e8d6d38c63460d9645ef2c20956a30fc6 Mon Sep 17 00:00:00 2001 From: Zhongwei Li Date: Sun, 30 Nov 2025 08:22:11 +0800 Subject: [PATCH] Initial commit --- .claude-plugin/plugin.json | 15 +++++ README.md | 3 + commands/scan-gdpr.md | 8 +++ plugin.lock.json | 61 +++++++++++++++++++ skills/gdpr-compliance-scanner/SKILL.md | 56 +++++++++++++++++ .../gdpr-compliance-scanner/assets/README.md | 7 +++ .../references/README.md | 9 +++ .../gdpr-compliance-scanner/scripts/README.md | 7 +++ 8 files changed, 166 insertions(+) create mode 100644 .claude-plugin/plugin.json create mode 100644 README.md create mode 100644 commands/scan-gdpr.md create mode 100644 plugin.lock.json create mode 100644 skills/gdpr-compliance-scanner/SKILL.md create mode 100644 skills/gdpr-compliance-scanner/assets/README.md create mode 100644 skills/gdpr-compliance-scanner/references/README.md create mode 100644 skills/gdpr-compliance-scanner/scripts/README.md diff --git a/.claude-plugin/plugin.json b/.claude-plugin/plugin.json new file mode 100644 index 0000000..7ab7790 --- /dev/null +++ b/.claude-plugin/plugin.json @@ -0,0 +1,15 @@ +{ + "name": "gdpr-compliance-scanner", + "description": "Scan for GDPR compliance issues", + "version": "1.0.0", + "author": { + "name": "Jeremy Longshore", + "email": "[email protected]" + }, + "skills": [ + "./skills" + ], + "commands": [ + "./commands" + ] +} \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..223d64f --- /dev/null +++ b/README.md @@ -0,0 +1,3 @@ +# gdpr-compliance-scanner + +Scan for GDPR compliance issues diff --git a/commands/scan-gdpr.md b/commands/scan-gdpr.md new file mode 100644 index 0000000..205880e --- /dev/null +++ b/commands/scan-gdpr.md @@ -0,0 +1,8 @@ +--- +description: DESCRIPTION_PLACEHOLDER +shortcut: SHORTCUT_PLACEHOLDER +--- + +# TITLE_PLACEHOLDER + +CONTENT_PLACEHOLDER diff --git a/plugin.lock.json b/plugin.lock.json new file mode 100644 index 0000000..2eaff54 --- /dev/null +++ b/plugin.lock.json @@ -0,0 +1,61 @@ +{ + "$schema": "internal://schemas/plugin.lock.v1.json", + "pluginId": "gh:jeremylongshore/claude-code-plugins-plus:plugins/security/gdpr-compliance-scanner", + "normalized": { + "repo": null, + "ref": "refs/tags/v20251128.0", + "commit": "999b5dbff6e5201ace5aa746e584bf99b88267f2", + "treeHash": "e2a26b4b26797ff1c11d89999120841ab9bbe3868beafdcf255afc3cf535fbea", + "generatedAt": "2025-11-28T10:18:28.545347Z", + "toolVersion": "publish_plugins.py@0.2.0" + }, + "origin": { + "remote": "git@github.com:zhongweili/42plugin-data.git", + "branch": "master", + "commit": "aa1497ed0949fd50e99e70d6324a29c5b34f9390", + "repoRoot": "/Users/zhongweili/projects/openmind/42plugin-data" + }, + "manifest": { + "name": "gdpr-compliance-scanner", + "description": "Scan for GDPR compliance issues", + "version": "1.0.0" + }, + "content": { + "files": [ + { + "path": "README.md", + "sha256": "f011646d531f5582a71c2f0e31ff238a2c81940d28a0102b674247316d1ba46e" + }, + { + "path": ".claude-plugin/plugin.json", + "sha256": "30ea2cd62824af43836d3d5be9e3e2d41e70f39779d8879f8ff1a853b6540742" + }, + { + "path": "commands/scan-gdpr.md", + "sha256": "26981dafecd0bda9d89082c091325c9fdc3ac197318243e952dde0b1a38f4088" + }, + { + "path": "skills/gdpr-compliance-scanner/SKILL.md", + "sha256": "7b7918b3c269250f072a4f60c4aac9dfa4d59300694e974d1e986a6ce9019128" + }, + { + "path": "skills/gdpr-compliance-scanner/references/README.md", + "sha256": "93a00bf8573ed977ec9611e97600d25a9948af8a3524d32f5db774b0da5337c1" + }, + { + "path": "skills/gdpr-compliance-scanner/scripts/README.md", + "sha256": "d32172241fa726a5cc14543a59f28a25fb1f5304f5fe4a207e3709b1ff1d82b5" + }, + { + "path": "skills/gdpr-compliance-scanner/assets/README.md", + "sha256": "9c9a9ba5dc21f8fd0b36d735843650ff16ccb3c7f67ba3fb8b8784a1d0a8fecb" + } + ], + "dirSha256": "e2a26b4b26797ff1c11d89999120841ab9bbe3868beafdcf255afc3cf535fbea" + }, + "security": { + "scannedAt": null, + "scannerVersion": null, + "flags": [] + } +} \ No newline at end of file diff --git a/skills/gdpr-compliance-scanner/SKILL.md b/skills/gdpr-compliance-scanner/SKILL.md new file mode 100644 index 0000000..1a27861 --- /dev/null +++ b/skills/gdpr-compliance-scanner/SKILL.md @@ -0,0 +1,56 @@ +--- +name: scanning-for-gdpr-compliance +description: | + This skill enables Claude to scan applications and data systems for GDPR compliance issues. It identifies potential violations related to data protection, privacy rights, consent management, and other regulatory requirements. Use this skill when the user asks to "scan for GDPR compliance", check "GDPR compliance", or audit for "data privacy". The skill leverages the `gdpr-compliance-scanner` plugin to perform a comprehensive assessment and generate a detailed report. +allowed-tools: Read, Write, Edit, Grep, Glob, Bash +version: 1.0.0 +--- + +## Overview + +This skill allows Claude to automatically assess an application's GDPR compliance posture. It provides a comprehensive scan, identifying potential violations and offering actionable recommendations to improve compliance. The skill simplifies the complex process of GDPR auditing, making it easier to identify and address critical gaps. + +## How It Works + +1. **Initiate Scan**: The user requests a GDPR compliance scan using natural language. +2. **Plugin Activation**: Claude activates the `gdpr-compliance-scanner` plugin. +3. **Compliance Assessment**: The plugin scans the application or system based on GDPR requirements. +4. **Report Generation**: A detailed report is generated, highlighting compliance scores, critical gaps, and recommended actions. + +## When to Use This Skill + +This skill activates when you need to: +- Assess an application's GDPR compliance. +- Identify potential GDPR violations. +- Generate a report outlining compliance gaps and recommendations. +- Audit data processing activities for adherence to GDPR principles. + +## Examples + +### Example 1: Assess GDPR Compliance of a Web Application + +User request: "Scan my web application for GDPR compliance." + +The skill will: +1. Activate the `gdpr-compliance-scanner` plugin. +2. Scan the web application for GDPR compliance issues related to data collection, storage, and processing. +3. Generate a report highlighting compliance scores, critical gaps such as missing cookie consent mechanisms, and actionable recommendations like implementing a cookie consent banner. + +### Example 2: Audit Data Processing Activities + +User request: "Check our data processing activities for GDPR compliance." + +The skill will: +1. Activate the `gdpr-compliance-scanner` plugin. +2. Analyze data processing activities, including data collection methods, storage practices, and security measures. +3. Generate a report identifying potential violations, such as inadequate data encryption or missing data processing agreements, along with recommendations for remediation. + +## Best Practices + +- **Specificity**: Provide as much context as possible about the application or system being scanned to improve the accuracy of the assessment. +- **Regularity**: Schedule regular GDPR compliance scans to ensure ongoing adherence to regulatory requirements. +- **Actionable Insights**: Prioritize addressing the critical gaps identified in the report to mitigate potential risks. + +## Integration + +This skill can be integrated with other security and compliance tools to provide a holistic view of an application's security posture. It can also be used in conjunction with code generation tools to automatically implement recommended changes and improve GDPR compliance. \ No newline at end of file diff --git a/skills/gdpr-compliance-scanner/assets/README.md b/skills/gdpr-compliance-scanner/assets/README.md new file mode 100644 index 0000000..7c9ad3b --- /dev/null +++ b/skills/gdpr-compliance-scanner/assets/README.md @@ -0,0 +1,7 @@ +# Assets + +Bundled resources for gdpr-compliance-scanner skill + +- [ ] compliance_report_template.docx: A template for generating GDPR compliance reports in a standardized format. +- [ ] consent_form_template.docx: A template for creating GDPR-compliant consent forms. +- [ ] privacy_policy_template.docx: A template for generating GDPR-compliant privacy policies. diff --git a/skills/gdpr-compliance-scanner/references/README.md b/skills/gdpr-compliance-scanner/references/README.md new file mode 100644 index 0000000..492f3cf --- /dev/null +++ b/skills/gdpr-compliance-scanner/references/README.md @@ -0,0 +1,9 @@ +# References + +Bundled resources for gdpr-compliance-scanner skill + +- [ ] gdpr_article_6.md: Detailed explanation of Article 6 (Lawfulness of processing) of the GDPR. +- [ ] gdpr_articles_12_23.md: Comprehensive overview of Articles 12-23 (Data Subject Rights) of the GDPR. +- [ ] gdpr_article_32.md: In-depth guide to Article 32 (Security of processing) of the GDPR. +- [ ] gdpr_compliance_checklist.md: A checklist of key compliance requirements based on GDPR articles. +- [ ] example_dpia_template.md: A template for conducting a Data Protection Impact Assessment (DPIA). diff --git a/skills/gdpr-compliance-scanner/scripts/README.md b/skills/gdpr-compliance-scanner/scripts/README.md new file mode 100644 index 0000000..2ca2cd0 --- /dev/null +++ b/skills/gdpr-compliance-scanner/scripts/README.md @@ -0,0 +1,7 @@ +# Scripts + +Bundled resources for gdpr-compliance-scanner skill + +- [ ] gdpr_scan.sh: Executes the core GDPR compliance scan, taking parameters for target application/system and output format. +- [ ] report_generator.py: Generates a detailed compliance report from the scan results, including identified violations and recommended remediations. +- [ ] consent_check.py: Verifies consent management practices, checking for proper consent collection, storage, and revocation mechanisms.