@grc-claw/integration-marketplace 0.8.0

package/dist/connectors/RabbitMQConnector.js

@@ -0,0 +1,69 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "rabbitmq-queues",
+        name: "Queue Configurations",
+        description: "Fetch RabbitMQ queue definitions, bindings, and message rates",
+        evidenceCategories: ["data_protection", "monitoring"],
+    },
+    {
+        id: "rabbitmq-security",
+        name: "Access Controls",
+        description: "Fetch RabbitMQ user permissions, vhost policies, and TLS settings",
+        evidenceCategories: ["access_control", "encryption"],
+    },
+    {
+        id: "rabbitmq-health",
+        name: "Cluster Health",
+        description: "Fetch RabbitMQ cluster health, node status, and memory usage",
+        evidenceCategories: ["monitoring", "availability"],
+    },
+];
+export class RabbitMQConnector {
+    id = "rabbitmq";
+    name = "RabbitMQ";
+    category = "data_warehouse";
+    authType = "api_key";
+    capabilities = capabilities;
+    frameworks = ["SOC2", "ISO27001", "NIST_CSF"];
+    async fetchApi(config, endpoint) {
+        const base = config.baseUrl || "https://api.rabbitmq.example.com/api";
+        const resp = await fetch(`${base}${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                "Content-Type": "application/json",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`RabbitMQ API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            await this.fetchApi(config, "/overview");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const overview = await this.fetchApi(config, "/overview").catch(() => ({}));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "rabbitmq-health",
+            timestamp: now,
+            hash: hashEvidence(overview),
+            framework: "SOC2",
+            controlId: "CC6.6",
+            source: "rabbitmq/overview",
+            status: "unknown",
+            data: { connected: true },
+            metadata: {},
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/RadwareConnector.d.ts

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class RadwareConnector implements IntegrationConnector {
+    readonly id = "radware";
+    readonly name = "Radware";
+    readonly category: "cloud_provider";
+    readonly authType: "api_key";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/RadwareConnector.js

@@ -0,0 +1,94 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "radware-waf",
+        name: "Radware WAF",
+        description: "Fetch WAF profiles and policy configurations",
+        evidenceCategories: ["vulnerability_management", "configuration"],
+    },
+    {
+        id: "radware-ddos",
+        name: "DDoS Mitigation",
+        description: "Fetch DDoS protection profiles and attack logs",
+        evidenceCategories: ["vulnerability_management", "monitoring"],
+    },
+    {
+        id: "radware-bot",
+        name: "Bot Management",
+        description: "Fetch bot detection and mitigation policies",
+        evidenceCategories: ["access_control", "monitoring"],
+    },
+    {
+        id: "radware-api",
+        name: "API Protection",
+        description: "Fetch API security profiles and rate limiting",
+        evidenceCategories: ["access_control", "data_protection"],
+    },
+];
+export class RadwareConnector {
+    id = "radware";
+    name = "Radware";
+    category = "cloud_provider";
+    authType = "api_key";
+    capabilities = capabilities;
+    frameworks = [
+        "SOC2",
+        "ISO27001",
+        "NIST_CSF",
+        "PCI_DSS",
+    ];
+    async fetchApi(config, endpoint) {
+        const base = config.baseUrl || "https://radware-cloud.example.com";
+        const resp = await fetch(`${base}/api${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                "Content-Type": "application/json",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`Radware API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            await this.fetchApi(config, "/wafProfiles");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const profiles = await this.fetchApi(config, "/wafProfiles").catch(() => ({ profiles: [] }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "radware-waf",
+            timestamp: now,
+            hash: hashEvidence(profiles),
+            framework: "SOC2",
+            controlId: "CC6.1",
+            source: "radware/waf-profiles",
+            status: profiles.profiles?.length > 0 ? "compliant" : "unknown",
+            data: { wafProfiles: profiles.profiles?.length || 0 },
+            metadata: {},
+        });
+        const ddos = await this.fetchApi(config, "/ddos/profiles").catch(() => ({ profiles: [] }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "radware-ddos",
+            timestamp: now,
+            hash: hashEvidence(ddos),
+            framework: "ISO27001",
+            controlId: "A.12.2.1",
+            source: "radware/ddos-profiles",
+            status: ddos.profiles?.length > 0 ? "compliant" : "non_compliant",
+            data: { ddosProfiles: ddos.profiles?.length || 0 },
+            metadata: {},
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/RedisCloudConnector.d.ts

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class RedisCloudConnector implements IntegrationConnector {
+    readonly id = "redis-cloud";
+    readonly name = "Redis Cloud";
+    readonly category: "data_warehouse";
+    readonly authType: "api_key";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/RedisCloudConnector.js

@@ -0,0 +1,70 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "rediscloud-databases",
+        name: "Redis Databases",
+        description: "Fetch Redis Cloud database configurations and memory usage",
+        evidenceCategories: ["data_protection", "cloud_configuration"],
+    },
+    {
+        id: "rediscloud-security",
+        name: "Security Configurations",
+        description: "Fetch TLS enforcement, ACL configurations, and network security rules",
+        evidenceCategories: ["access_control", "encryption"],
+    },
+    {
+        id: "rediscloud-metrics",
+        name: "Performance Metrics",
+        description: "Fetch Redis Cloud performance metrics and connection statistics",
+        evidenceCategories: ["monitoring", "performance"],
+    },
+];
+export class RedisCloudConnector {
+    id = "redis-cloud";
+    name = "Redis Cloud";
+    category = "data_warehouse";
+    authType = "api_key";
+    capabilities = capabilities;
+    frameworks = ["SOC2", "ISO27001", "NIST_CSF"];
+    async fetchApi(config, endpoint) {
+        const base = config.baseUrl || "https://api.redislabs.com/v1";
+        const resp = await fetch(`${base}${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                "Content-Type": "application/json",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`Redis Cloud API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            await this.fetchApi(config, "/subscriptions");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const subscriptions = await this.fetchApi(config, "/subscriptions").catch(() => ({ subscriptions: [] }));
+        const subList = (subscriptions.subscriptions || []);
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "rediscloud-databases",
+            timestamp: now,
+            hash: hashEvidence({ subscriptionCount: subList.length }),
+            framework: "SOC2",
+            controlId: "CC6.1",
+            source: "redis-cloud/subscriptions",
+            status: subList.length > 0 ? "compliant" : "unknown",
+            data: { subscriptionCount: subList.length },
+            metadata: {},
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/RingCentralConnector.d.ts

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class RingCentralConnector implements IntegrationConnector {
+    readonly id = "ringcentral";
+    readonly name = "RingCentral";
+    readonly category: "communication";
+    readonly authType: "oauth2";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/RingCentralConnector.js

@@ -0,0 +1,94 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "ringcentral-users",
+        name: "User Management",
+        description: "Fetch user accounts, roles, and extension assignments",
+        evidenceCategories: ["access_control", "configuration"],
+    },
+    {
+        id: "ringcentral-policies",
+        name: "Phone System Policies",
+        description: "Fetch call handling, IVR, and routing policies",
+        evidenceCategories: ["configuration", "access_control"],
+    },
+    {
+        id: "ringcentral-recording",
+        name: "Call Recording",
+        description: "Fetch call recording settings and compliance configurations",
+        evidenceCategories: ["data_protection", "compliance"],
+    },
+    {
+        id: "ringcentral-audit",
+        name: "Audit Logs",
+        description: "Fetch admin and user activity audit logs",
+        evidenceCategories: ["monitoring", "access_control"],
+    },
+];
+export class RingCentralConnector {
+    id = "ringcentral";
+    name = "RingCentral";
+    category = "communication";
+    authType = "oauth2";
+    capabilities = capabilities;
+    frameworks = [
+        "SOC2",
+        "ISO27001",
+        "NIST_CSF",
+        "HIPAA",
+    ];
+    async fetchApi(config, endpoint) {
+        const base = config.baseUrl || "https://platform.ringcentral.com";
+        const resp = await fetch(`${base}${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                "Content-Type": "application/json",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`RingCentral API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            await this.fetchApi(config, "/restapi/v1.0/account/~/extension");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const extensions = await this.fetchApi(config, "/restapi/v1.0/account/~/extension?type=Employee&status=Enabled&perPage=100").catch(() => ({ records: [] }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "ringcentral-users",
+            timestamp: now,
+            hash: hashEvidence(extensions),
+            framework: "SOC2",
+            controlId: "CC6.1",
+            source: "ringcentral/extensions",
+            status: extensions.records?.length > 0 ? "compliant" : "unknown",
+            data: { activeExtensions: extensions.records?.length || 0 },
+            metadata: {},
+        });
+        const recording = await this.fetchApi(config, "/restapi/v1.0/account/~/answering-rule").catch(() => ({ records: [] }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "ringcentral-recording",
+            timestamp: now,
+            hash: hashEvidence(recording),
+            framework: "HIPAA",
+            controlId: "164.312",
+            source: "ringcentral/answering-rules",
+            status: recording.records?.length > 0 ? "compliant" : "non_compliant",
+            data: { answeringRules: recording.records?.length || 0 },
+            metadata: {},
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/SAPSuccessFactorsConnector.d.ts

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class SAPSuccessFactorsConnector implements IntegrationConnector {
+    readonly id = "sap-successfactors";
+    readonly name = "SAP SuccessFactors";
+    readonly category: "hr";
+    readonly authType: "api_key";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/SAPSuccessFactorsConnector.js

@@ -0,0 +1,103 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "successfactors-employees",
+        name: "Employee Central",
+        description: "Fetch employee records and organizational data",
+        evidenceCategories: ["access_control", "data_protection"],
+    },
+    {
+        id: "successfactors-governance",
+        name: "Governance Risk",
+        description: "Fetch risk assessment and policy compliance status",
+        evidenceCategories: ["compliance", "monitoring"],
+    },
+    {
+        id: "successfactors-access",
+        name: "Role Management",
+        description: "Fetch role assignments and permission configurations",
+        evidenceCategories: ["access_control", "configuration"],
+    },
+    {
+        id: "successfactors-audit",
+        name: "Audit Trail",
+        description: "Fetch employee data change audit logs",
+        evidenceCategories: ["monitoring", "access_control"],
+    },
+];
+export class SAPSuccessFactorsConnector {
+    id = "sap-successfactors";
+    name = "SAP SuccessFactors";
+    category = "hr";
+    authType = "api_key";
+    capabilities = capabilities;
+    frameworks = [
+        "SOC2",
+        "ISO27001",
+        "NIST_CSF",
+        "GDPR",
+    ];
+    async fetchApi(config, endpoint) {
+        const base = config.baseUrl || "https://api.successfactors.com";
+        const resp = await fetch(`${base}/odata/v2${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                "Content-Type": "application/json",
+                Accept: "application/json",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`SAP SuccessFactors API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            await this.fetchApi(config, "/User?$top=1");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const users = await this.fetchApi(config, "/User?$top=100&$select=userId,status").catch(() => ({ d: { results: [] } }));
+        const userData = users;
+        const userD = userData.d || {};
+        const userResults = userD.results || [];
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "successfactors-employees",
+            timestamp: now,
+            hash: hashEvidence(users),
+            framework: "SOC2",
+            controlId: "CC6.1",
+            source: "successfactors/users",
+            status: userResults.length > 0 ? "compliant" : "unknown",
+            data: { userCount: userResults.length },
+            metadata: {},
+        });
+        const roles = await this.fetchApi(config, "/RoleManagement/Roles").catch(() => ({
+            d: { results: [] },
+        }));
+        const roleData = roles;
+        const roleD = roleData.d || {};
+        const roleResults = roleD.results || [];
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "successfactors-access",
+            timestamp: now,
+            hash: hashEvidence(roles),
+            framework: "ISO27001",
+            controlId: "A.6.2.1",
+            source: "successfactors/roles",
+            status: roleResults.length > 0 ? "compliant" : "non_compliant",
+            data: { roleCount: roleResults.length },
+            metadata: {},
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/SailPointConnector.d.ts

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class SailPointConnector implements IntegrationConnector {
+    readonly id = "sailpoint";
+    readonly name = "SailPoint";
+    readonly category: "identity";
+    readonly authType: "api_key";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/SailPointConnector.js

@@ -0,0 +1,97 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "sailpoint-identity",
+        name: "Identity Governance",
+        description: "Fetch identity lifecycle and access certification campaigns",
+        evidenceCategories: ["access_control", "compliance"],
+    },
+    {
+        id: "sailpoint-provisioning",
+        name: "Provisioning",
+        description: "Fetch automated provisioning and deprovisioning policies",
+        evidenceCategories: ["access_control", "change_management"],
+    },
+    {
+        id: "sailpoint-access",
+        name: "Access Reviews",
+        description: "Fetch access review campaigns and certification results",
+        evidenceCategories: ["access_control", "monitoring"],
+    },
+    {
+        id: "sailpoint-compliance",
+        name: "Compliance Score",
+        description: "Fetch compliance scores and policy violations",
+        evidenceCategories: ["compliance", "monitoring"],
+    },
+];
+export class SailPointConnector {
+    id = "sailpoint";
+    name = "SailPoint";
+    category = "identity";
+    authType = "api_key";
+    capabilities = capabilities;
+    frameworks = [
+        "SOC2",
+        "ISO27001",
+        "NIST_CSF",
+        "HIPAA",
+        "PCI_DSS",
+    ];
+    async fetchApi(config, endpoint) {
+        const base = config.baseUrl || "https://sailpoint.example.com";
+        const resp = await fetch(`${base}/v3${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                "Content-Type": "application/json",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`SailPoint API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            await this.fetchApi(config, "/accounts?limit=1");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const accounts = await this.fetchApi(config, "/accounts?limit=100").catch(() => ({ items: [] }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "sailpoint-identity",
+            timestamp: now,
+            hash: hashEvidence(accounts),
+            framework: "SOC2",
+            controlId: "CC6.1",
+            source: "sailpoint/accounts",
+            status: accounts.items?.length > 0 ? "compliant" : "unknown",
+            data: { identityCount: accounts.items?.length || 0 },
+            metadata: {},
+        });
+        const campaigns = await this.fetchApi(config, "/certifications?limit=10").catch(() => ({
+            items: [],
+        }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "sailpoint-access",
+            timestamp: now,
+            hash: hashEvidence(campaigns),
+            framework: "ISO27001",
+            controlId: "A.6.2.1",
+            source: "sailpoint/certifications",
+            status: campaigns.items?.length > 0 ? "compliant" : "non_compliant",
+            data: { activeCampaigns: campaigns.items?.length || 0 },
+            metadata: {},
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/SalesforceConnector.d.ts

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class SalesforceConnector implements IntegrationConnector {
+    readonly id = "salesforce";
+    readonly name = "Salesforce";
+    readonly category: "hr";
+    readonly authType: "oauth2";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private getAccessToken;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}