Initial commit

.claude-plugin/plugin.json

@@ -0,0 +1,15 @@
+{
+  "name": "pci-dss-validator",
+  "description": "Validate PCI DSS compliance",
+  "version": "1.0.0",
+  "author": {
+    "name": "Jeremy Longshore",
+    "email": "[email protected]"
+  },
+  "skills": [
+    "./skills"
+  ],
+  "commands": [
+    "./commands"
+  ]
+}

README.md

@@ -0,0 +1,3 @@
+# pci-dss-validator
+
+Validate PCI DSS compliance

commands/validate-pci.md

@@ -0,0 +1,8 @@
+---
+description: DESCRIPTION_PLACEHOLDER
+shortcut: SHORTCUT_PLACEHOLDER
+---
+
+# TITLE_PLACEHOLDER
+
+CONTENT_PLACEHOLDER

plugin.lock.json

@@ -0,0 +1,61 @@
+{
+  "$schema": "internal://schemas/plugin.lock.v1.json",
+  "pluginId": "gh:jeremylongshore/claude-code-plugins-plus:plugins/security/pci-dss-validator",
+  "normalized": {
+    "repo": null,
+    "ref": "refs/tags/v20251128.0",
+    "commit": "3d71a809163a1c59301c8de8399461a4bb27e20f",
+    "treeHash": "917d34b2a61a10cffceec08d4be80afce9420f35152b0d81cd97531ab3dccf95",
+    "generatedAt": "2025-11-28T10:18:39.022252Z",
+    "toolVersion": "publish_plugins.py@0.2.0"
+  },
+  "origin": {
+    "remote": "git@github.com:zhongweili/42plugin-data.git",
+    "branch": "master",
+    "commit": "aa1497ed0949fd50e99e70d6324a29c5b34f9390",
+    "repoRoot": "/Users/zhongweili/projects/openmind/42plugin-data"
+  },
+  "manifest": {
+    "name": "pci-dss-validator",
+    "description": "Validate PCI DSS compliance",
+    "version": "1.0.0"
+  },
+  "content": {
+    "files": [
+      {
+        "path": "README.md",
+        "sha256": "24ede0585ede2739abad1e36af4ff2aedadde6fde3d31d0aa4a4875cd2f8f2c7"
+      },
+      {
+        "path": ".claude-plugin/plugin.json",
+        "sha256": "ce265e3ea2b5bcdc5db046f23bba979a58b33a07d31d226807a89baea47692a9"
+      },
+      {
+        "path": "commands/validate-pci.md",
+        "sha256": "26981dafecd0bda9d89082c091325c9fdc3ac197318243e952dde0b1a38f4088"
+      },
+      {
+        "path": "skills/pci-dss-validator/SKILL.md",
+        "sha256": "fa44e1c6894da8b07b893cbf7fbbefdaaa729cf99e0b63c7ae1c5b5892dbb025"
+      },
+      {
+        "path": "skills/pci-dss-validator/references/README.md",
+        "sha256": "da7c83db70a57a4e9b57002072d992dd093f4e2429a318a9715aaadc7574be6c"
+      },
+      {
+        "path": "skills/pci-dss-validator/scripts/README.md",
+        "sha256": "5ee22a574646a1a2419b3356511abbcfdcf95d030027819ac621cc56b8d29eb9"
+      },
+      {
+        "path": "skills/pci-dss-validator/assets/README.md",
+        "sha256": "7e00e9c8cbd9e95bd1b271a1e3e06a30380b121081e99ff7edd60529054bd014"
+      }
+    ],
+    "dirSha256": "917d34b2a61a10cffceec08d4be80afce9420f35152b0d81cd97531ab3dccf95"
+  },
+  "security": {
+    "scannedAt": null,
+    "scannerVersion": null,
+    "flags": []
+  }
+}

skills/pci-dss-validator/SKILL.md

@@ -0,0 +1,54 @@
+---
+name: validating-pci-dss-compliance
+description: |
+  This skill uses the pci-dss-validator plugin to assess codebases and infrastructure configurations for compliance with the Payment Card Industry Data Security Standard (PCI DSS). It identifies potential vulnerabilities and deviations from PCI DSS requirements. Use this skill when the user requests to "validate PCI compliance", "check PCI DSS", "assess PCI security", or "review PCI standards" for a given project or configuration. It helps ensure that systems handling cardholder data meet the necessary security controls.
+allowed-tools: Read, Write, Edit, Grep, Glob, Bash
+version: 1.0.0
+---
+
+## Overview
+
+This skill streamlines PCI DSS compliance checks by automatically analyzing code and configurations. It flags potential issues, allowing for proactive remediation and improved security posture. It is particularly useful for developers, security engineers, and compliance officers.
+
+## How It Works
+
+1. **Analyze the Target**: The skill identifies the codebase, configuration files, or infrastructure resources to be evaluated.
+2. **Run PCI DSS Validation**: The pci-dss-validator plugin scans the target for potential PCI DSS violations.
+3. **Generate Report**: The skill compiles a report detailing any identified vulnerabilities or non-compliant configurations, along with remediation recommendations.
+
+## When to Use This Skill
+
+This skill activates when you need to:
+- Evaluate a new application or system for PCI DSS compliance before deployment.
+- Periodically assess existing systems to maintain PCI DSS compliance.
+- Investigate potential security vulnerabilities related to PCI DSS.
+
+## Examples
+
+### Example 1: Validating a Web Application
+
+User request: "Validate PCI compliance for my e-commerce web application."
+
+The skill will:
+1. Identify the source code repository for the web application.
+2. Run the pci-dss-validator plugin against the codebase.
+3. Generate a report highlighting any PCI DSS violations found in the code.
+
+### Example 2: Checking Infrastructure Configuration
+
+User request: "Check PCI DSS compliance of my AWS infrastructure."
+
+The skill will:
+1. Access the AWS configuration files (e.g., Terraform, CloudFormation).
+2. Execute the pci-dss-validator plugin against the infrastructure configuration.
+3. Produce a report outlining any non-compliant configurations in the AWS environment.
+
+## Best Practices
+
+- **Scope Definition**: Clearly define the scope of the PCI DSS assessment to ensure accurate and relevant results.
+- **Regular Assessments**: Conduct regular PCI DSS assessments to maintain continuous compliance.
+- **Remediation Tracking**: Track and document all remediation efforts to demonstrate ongoing commitment to security.
+
+## Integration
+
+This skill can be integrated with other security tools and plugins to provide a comprehensive security assessment. For example, it can be used in conjunction with static analysis tools to identify vulnerabilities in code before it is deployed. It can also be integrated with infrastructure-as-code tools to ensure that infrastructure is compliant with PCI DSS from the start.

skills/pci-dss-validator/assets/README.md

@@ -0,0 +1,7 @@
+# Assets
+
+Bundled resources for pci-dss-validator skill
+
+- [ ] report_template.html: An HTML template for generating PCI DSS compliance reports. This allows for consistent and professional-looking reports.
+- [ ] example_scan_output.json: Example JSON output from the pci_dss_scan.py script. This helps Claude understand the structure of the scan results.
+- [ ] remediation_template.md: A template for generating remediation suggestions. This helps to ensure that the suggestions are clear, concise, and actionable.

skills/pci-dss-validator/references/README.md

@@ -0,0 +1,8 @@
+# References
+
+Bundled resources for pci-dss-validator skill
+
+- [ ] pci_dss_standard.md: A simplified and easily searchable version of the relevant PCI DSS requirements. This allows Claude to quickly reference the specific standards being checked.
+- [ ] plugin_api_docs.md: Detailed documentation of the pci-dss-validator plugin's API, including available functions, parameters, and return values.  This is crucial for Claude to effectively use the plugin.
+- [ ] example_configurations.md: Examples of compliant and non-compliant configurations for common infrastructure components (e.g., firewalls, databases).
+- [ ] common_vulnerabilities.md: A list of common vulnerabilities related to PCI DSS compliance, along with explanations and mitigation strategies.

skills/pci-dss-validator/scripts/README.md

@@ -0,0 +1,7 @@
+# Scripts
+
+Bundled resources for pci-dss-validator skill
+
+- [ ] pci_dss_scan.py: Script to automate PCI DSS compliance scans using the plugin's functionalities.  It should take a codebase or configuration file as input and output a detailed report of compliance issues.
+- [ ] generate_report.py: Script to generate a formatted report (e.g., HTML, PDF) from the scan results. This allows for easy sharing and documentation of compliance status.
+- [ ] remediation_suggestions.py: Script that provides automated remediation suggestions for identified PCI DSS violations.  This could involve code snippets or configuration changes.