@grc-claw/integration-marketplace 0.8.0

package/dist/connectors/WizConnector.js

@@ -0,0 +1,172 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "wiz-issues",
+        name: "Security Issues",
+        description: "Fetch Wiz security issues with severity and blast radius",
+        evidenceCategories: ["vulnerability_management", "cloud_security"],
+    },
+    {
+        id: "wiz-vulnerabilities",
+        name: "Vulnerability Findings",
+        description: "Fetch Wiz vulnerability scan results across cloud resources",
+        evidenceCategories: ["vulnerability_management", "asset_management"],
+    },
+    {
+        id: "wiz-misconfigs",
+        name: "Misconfigurations",
+        description: "Fetch cloud misconfiguration findings and compliance gaps",
+        evidenceCategories: ["compliance", "configuration"],
+    },
+    {
+        id: "wiz-iam",
+        name: "IAM Analysis",
+        description: "Fetch identity and access management security findings",
+        evidenceCategories: ["access_control", "identity_verification"],
+    },
+];
+export class WizConnector {
+    id = "wiz";
+    name = "Wiz";
+    category = "cloud_provider";
+    authType = "oauth2";
+    capabilities = capabilities;
+    frameworks = [
+        "SOC2",
+        "ISO27001",
+        "NIST_CSF",
+        "PCI_DSS",
+        "CIS",
+    ];
+    async getToken(config) {
+        const base = config.baseUrl || "https://api.us1.app.wiz.io";
+        const resp = await fetch(`${base}/graphql/token`, {
+            method: "POST",
+            headers: { "Content-Type": "application/json" },
+            body: JSON.stringify({
+                query: `mutation { createServiceAccountToken(input: { clientId: "${config.clientId}", clientSecret: "${config.clientSecret}" }) { token } }`,
+            }),
+        });
+        const data = (await resp.json());
+        const authData = data.data;
+        const createToken = authData?.createServiceAccountToken;
+        return createToken?.token || "";
+    }
+    async testConnection(config) {
+        try {
+            const token = await this.getToken(config);
+            const base = config.baseUrl || "https://api.us1.app.wiz.io";
+            const resp = await fetch(`${base}/graphql`, {
+                method: "POST",
+                headers: {
+                    Authorization: `Bearer ${token}`,
+                    "Content-Type": "application/json",
+                },
+                body: JSON.stringify({ query: "{ projects(first: 1) { nodes { id } } }" }),
+            });
+            return resp.ok;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const token = await this.getToken(config);
+        const base = config.baseUrl || "https://api.us1.app.wiz.io";
+        const headers = {
+            Authorization: `Bearer ${token}`,
+            "Content-Type": "application/json",
+        };
+        const issuesQuery = `query { issues(first: 100, filterBy: {severity: [CRITICAL, HIGH]}) { nodes { id severity title } } }`;
+        const issues = await fetch(`${base}/graphql`, {
+            method: "POST",
+            headers,
+            body: JSON.stringify({ query: issuesQuery }),
+        })
+            .then((r) => r.json())
+            .catch(() => ({ data: { issues: { nodes: [] } } }));
+        const issueNodes = issues.data?.issues?.nodes || [];
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "wiz-issues",
+            timestamp: now,
+            hash: hashEvidence({ count: issueNodes.length }),
+            framework: "SOC2",
+            controlId: "CC7.2",
+            source: "wiz/security-issues",
+            status: issueNodes.length === 0 ? "compliant" : "non_compliant",
+            data: { criticalHighIssues: issueNodes.length },
+            metadata: {},
+        });
+        const vulnQuery = `query { vulnerabilities(first: 100, filterBy: {severity: [CRITICAL, HIGH]}) { nodes { id severity name cveId } } }`;
+        const vulns = await fetch(`${base}/graphql`, {
+            method: "POST",
+            headers,
+            body: JSON.stringify({ query: vulnQuery }),
+        })
+            .then((r) => r.json())
+            .catch(() => ({ data: { vulnerabilities: { nodes: [] } } }));
+        const vulnNodes = vulns.data?.vulnerabilities?.nodes || [];
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "wiz-vulnerabilities",
+            timestamp: now,
+            hash: hashEvidence({ count: vulnNodes.length }),
+            framework: "NIST_CSF",
+            controlId: "ID.RA",
+            source: "wiz/vulnerabilities",
+            status: vulnNodes.length === 0 ? "compliant" : "non_compliant",
+            data: { vulnerabilities: vulnNodes.length },
+            metadata: {},
+        });
+        const misconfigQuery = `query { misconfigurations(first: 100) { nodes { id severity title cloudPlatform } } }`;
+        const misconfigs = await fetch(`${base}/graphql`, {
+            method: "POST",
+            headers,
+            body: JSON.stringify({ query: misconfigQuery }),
+        })
+            .then((r) => r.json())
+            .catch(() => ({ data: { misconfigurations: { nodes: [] } } }));
+        const misconfigNodes = misconfigs.data?.misconfigurations?.nodes || [];
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "wiz-misconfigs",
+            timestamp: now,
+            hash: hashEvidence({ count: misconfigNodes.length }),
+            framework: "ISO27001",
+            controlId: "A.12.1.1",
+            source: "wiz/misconfigurations",
+            status: misconfigNodes.length === 0 ? "compliant" : "non_compliant",
+            data: { misconfigurations: misconfigNodes.length },
+            metadata: {},
+        });
+        const iamQuery = `query { iamFindings(first: 50) { nodes { id severity entityType findingType } } }`;
+        const iam = await fetch(`${base}/graphql`, {
+            method: "POST",
+            headers,
+            body: JSON.stringify({ query: iamQuery }),
+        })
+            .then((r) => r.json())
+            .catch(() => ({ data: { iamFindings: { nodes: [] } } }));
+        const iamNodes = iam.data?.iamFindings?.nodes || [];
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "wiz-iam",
+            timestamp: now,
+            hash: hashEvidence({ count: iamNodes.length }),
+            framework: "CIS",
+            controlId: "1.16",
+            source: "wiz/iam-analysis",
+            status: iamNodes.length === 0 ? "compliant" : "non_compliant",
+            data: { iamFindings: iamNodes.length },
+            metadata: {},
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/WorkdayConnector.d.ts

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class WorkdayConnector implements IntegrationConnector {
+    readonly id = "workday";
+    readonly name = "Workday";
+    readonly category: "hr";
+    readonly authType: "api_key";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/WorkdayConnector.js

@@ -0,0 +1,100 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "workday-employees",
+        name: "Employee Data",
+        description: "Fetch employee records, org hierarchy, and status",
+        evidenceCategories: ["access_control", "data_protection"],
+    },
+    {
+        id: "workday-access",
+        name: "Access Reviews",
+        description: "Fetch role-based access and access certification status",
+        evidenceCategories: ["access_control", "compliance"],
+    },
+    {
+        id: "workday-compliance",
+        name: "Compliance Tasks",
+        description: "Fetch policy compliance assignments and completion status",
+        evidenceCategories: ["compliance", "monitoring"],
+    },
+    {
+        id: "workday-separation",
+        name: "Segregation of Duties",
+        description: "Fetch SoD conflict detection and mitigation status",
+        evidenceCategories: ["access_control", "compliance"],
+    },
+];
+export class WorkdayConnector {
+    id = "workday";
+    name = "Workday";
+    category = "hr";
+    authType = "api_key";
+    capabilities = capabilities;
+    frameworks = [
+        "SOC2",
+        "ISO27001",
+        "NIST_CSF",
+        "HIPAA",
+        "GDPR",
+    ];
+    async fetchApi(config, endpoint) {
+        const base = config.baseUrl || "https://www.workday.com";
+        const tenant = config.extra?.tenant || "wd1";
+        const resp = await fetch(`${base}/api/v1/${tenant}${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                "Content-Type": "application/json",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`Workday API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            await this.fetchApi(config, "/me");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const employees = await this.fetchApi(config, "/workers?limit=100").catch(() => ({
+            data: [],
+        }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "workday-employees",
+            timestamp: now,
+            hash: hashEvidence(employees),
+            framework: "SOC2",
+            controlId: "CC6.1",
+            source: "workday/workers",
+            status: employees.data?.length > 0 ? "compliant" : "unknown",
+            data: { employeeCount: employees.data?.length || 0 },
+            metadata: {},
+        });
+        const accessReviews = await this.fetchApi(config, "/access-reviews").catch(() => ({
+            data: [],
+        }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "workday-access",
+            timestamp: now,
+            hash: hashEvidence(accessReviews),
+            framework: "ISO27001",
+            controlId: "A.6.2.1",
+            source: "workday/access-reviews",
+            status: accessReviews.data?.length > 0 ? "compliant" : "non_compliant",
+            data: { activeReviews: accessReviews.data?.length || 0 },
+            metadata: {},
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/XeroConnector.d.ts

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class XeroConnector implements IntegrationConnector {
+    readonly id = "xero";
+    readonly name = "Xero";
+    readonly category: "finance";
+    readonly authType: "oauth2";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/XeroConnector.js

@@ -0,0 +1,96 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "xero-users",
+        name: "User Access",
+        description: "Fetch Xero user roles and organisation permissions",
+        evidenceCategories: ["access_control", "configuration"],
+    },
+    {
+        id: "xero-contacts",
+        name: "Contact Management",
+        description: "Fetch contact access controls and sharing settings",
+        evidenceCategories: ["access_control", "data_protection"],
+    },
+    {
+        id: "xero-approvals",
+        name: "Approval Workflows",
+        description: "Fetch purchase order and invoice approval rules",
+        evidenceCategories: ["change_management", "compliance"],
+    },
+    {
+        id: "xero-audit",
+        name: "Audit Trail",
+        description: "Fetch change history and user activity logs",
+        evidenceCategories: ["monitoring", "access_control"],
+    },
+];
+export class XeroConnector {
+    id = "xero";
+    name = "Xero";
+    category = "finance";
+    authType = "oauth2";
+    capabilities = capabilities;
+    frameworks = [
+        "SOC2",
+        "ISO27001",
+        "NIST_CSF",
+        "GDPR",
+    ];
+    async fetchApi(config, endpoint) {
+        const base = config.baseUrl || "https://api.xero.com";
+        const resp = await fetch(`${base}${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                "Content-Type": "application/json",
+                Accept: "application/json",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`Xero API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            await this.fetchApi(config, "/connections");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const tenantId = config.extra?.tenantId || "";
+        const users = await this.fetchApi(config, `/api.xro/2.0/users`).catch(() => ({ Users: [] }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "xero-users",
+            timestamp: now,
+            hash: hashEvidence(users),
+            framework: "SOC2",
+            controlId: "CC6.1",
+            source: `xero/${tenantId}/users`,
+            status: users.Users?.length > 0 ? "compliant" : "unknown",
+            data: { userCount: users.Users?.length || 0 },
+            metadata: { tenantId },
+        });
+        const org = await this.fetchApi(config, `/api.xro/2.0/organisation`).catch(() => ({ Organisations: [] }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "xero-approvals",
+            timestamp: now,
+            hash: hashEvidence(org),
+            framework: "ISO27001",
+            controlId: "A.6.2.1",
+            source: `xero/${tenantId}/organisation`,
+            status: "partial",
+            data: org,
+            metadata: { tenantId },
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/ZapierConnector.d.ts

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class ZapierConnector implements IntegrationConnector {
+    readonly id = "zapier";
+    readonly name = "Zapier";
+    readonly category: "ci_cd";
+    readonly authType: "api_key";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/ZapierConnector.js

@@ -0,0 +1,70 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "zapier-zaps",
+        name: "Zap Workflows",
+        description: "Fetch Zapier zap configurations, task history, and error rates",
+        evidenceCategories: ["automation", "configuration"],
+    },
+    {
+        id: "zapier-connections",
+        name: "App Connections",
+        description: "Fetch connected app credentials and OAuth token status",
+        evidenceCategories: ["access_control", "secret_management"],
+    },
+    {
+        id: "zapier-audit",
+        name: "Task Audit Log",
+        description: "Fetch Zapier task execution history and failure audit events",
+        evidenceCategories: ["monitoring", "audit"],
+    },
+];
+export class ZapierConnector {
+    id = "zapier";
+    name = "Zapier";
+    category = "ci_cd";
+    authType = "api_key";
+    capabilities = capabilities;
+    frameworks = ["SOC2", "ISO27001"];
+    async fetchApi(config, endpoint) {
+        const base = config.baseUrl || "https://api.zapier.com/v1";
+        const resp = await fetch(`${base}${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                "Content-Type": "application/json",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`Zapier API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            await this.fetchApi(config, "/zaps?limit=1");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const zaps = await this.fetchApi(config, "/zaps?limit=100").catch(() => ({ items: [] }));
+        const zapList = (zaps.items || []);
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "zapier-zaps",
+            timestamp: now,
+            hash: hashEvidence({ zapCount: zapList.length }),
+            framework: "SOC2",
+            controlId: "CC8.1",
+            source: "zapier/zaps",
+            status: "unknown",
+            data: { zapCount: zapList.length },
+            metadata: {},
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/ZendeskConnector.d.ts

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class ZendeskConnector implements IntegrationConnector {
+    readonly id = "zendesk";
+    readonly name = "Zendesk";
+    readonly category: "incident_management";
+    readonly authType: "bearer_token";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/ZendeskConnector.js

@@ -0,0 +1,71 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "zendesk-tickets",
+        name: "Support Tickets",
+        description: "Fetch Zendesk ticket queue, SLA compliance, and resolution metrics",
+        evidenceCategories: ["incident_management", "monitoring"],
+    },
+    {
+        id: "zendesk-security",
+        name: "Security Settings",
+        description: "Fetch Zendesk SSO, 2FA enforcement, and API access controls",
+        evidenceCategories: ["access_control", "configuration"],
+    },
+    {
+        id: "zendesk-audit",
+        name: "Audit Logs",
+        description: "Fetch Zendesk audit log events for ticket and user changes",
+        evidenceCategories: ["audit", "change_management"],
+    },
+];
+export class ZendeskConnector {
+    id = "zendesk";
+    name = "Zendesk";
+    category = "incident_management";
+    authType = "bearer_token";
+    capabilities = capabilities;
+    frameworks = ["SOC2", "ISO27001"];
+    async fetchApi(config, endpoint) {
+        const subdomain = config.extra?.subdomain || "default";
+        const base = config.baseUrl || `https://${subdomain}.zendesk.com/api/v2`;
+        const resp = await fetch(`${base}${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                "Content-Type": "application/json",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`Zendesk API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            await this.fetchApi(config, "/users/me.json");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const tickets = await this.fetchApi(config, "/tickets.json?per_page=100&sort_by=created_at&sort_order=desc").catch(() => ({ tickets: [] }));
+        const ticketList = (tickets.tickets || []);
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "zendesk-tickets",
+            timestamp: now,
+            hash: hashEvidence({ ticketCount: ticketList.length }),
+            framework: "SOC2",
+            controlId: "CC7.3",
+            source: "zendesk/tickets",
+            status: "unknown",
+            data: { recentTickets: ticketList.length },
+            metadata: {},
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/ZenefitsConnector.d.ts

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class ZenefitsConnector implements IntegrationConnector {
+    readonly id = "zenefits";
+    readonly name = "Zenefits";
+    readonly category: "hr";
+    readonly authType: "api_key";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/ZenefitsConnector.js

@@ -0,0 +1,93 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "zenefits-employees",
+        name: "Employee Directory",
+        description: "Fetch employee profiles and organizational hierarchy",
+        evidenceCategories: ["access_control", "data_protection"],
+    },
+    {
+        id: "zenefits-policies",
+        name: "Benefits Policies",
+        description: "Fetch benefits enrollment and policy compliance",
+        evidenceCategories: ["compliance", "configuration"],
+    },
+    {
+        id: "zenefits-onboarding",
+        name: "Onboarding Compliance",
+        description: "Fetch new hire onboarding task completion status",
+        evidenceCategories: ["compliance", "change_management"],
+    },
+    {
+        id: "zenefits-timeoff",
+        name: "Time Off Policies",
+        description: "Fetch PTO policies and accrual compliance",
+        evidenceCategories: ["compliance", "monitoring"],
+    },
+];
+export class ZenefitsConnector {
+    id = "zenefits";
+    name = "Zenefits";
+    category = "hr";
+    authType = "api_key";
+    capabilities = capabilities;
+    frameworks = [
+        "SOC2",
+        "ISO27001",
+        "NIST_CSF",
+    ];
+    async fetchApi(config, endpoint) {
+        const base = config.baseUrl || "https://rest.zenefits.com";
+        const resp = await fetch(`${base}${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                "Content-Type": "application/json",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`Zenefits API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            await this.fetchApi(config, "/core/people");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const people = await this.fetchApi(config, "/core/people").catch(() => ({ data: [] }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "zenefits-employees",
+            timestamp: now,
+            hash: hashEvidence(people),
+            framework: "SOC2",
+            controlId: "CC6.1",
+            source: "zenefits/people",
+            status: people.data?.length > 0 ? "compliant" : "unknown",
+            data: { employeeCount: people.data?.length || 0 },
+            metadata: {},
+        });
+        const benefits = await this.fetchApi(config, "/benefits/plans").catch(() => ({ data: [] }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "zenefits-policies",
+            timestamp: now,
+            hash: hashEvidence(benefits),
+            framework: "ISO27001",
+            controlId: "A.6.2.1",
+            source: "zenefits/benefits",
+            status: benefits.data?.length > 0 ? "compliant" : "non_compliant",
+            data: { benefitPlans: benefits.data?.length || 0 },
+            metadata: {},
+        });
+        return artifacts;
+    }
+}