bmad-plus 0.9.0 → 0.9.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +36 -0
- package/LICENSE +21 -21
- package/README.md +106 -86
- package/osint-agent-package/README.md +88 -88
- package/osint-agent-package/SETUP_KEYS.md +108 -108
- package/osint-agent-package/agents/osint-investigator.md +80 -80
- package/osint-agent-package/install.ps1 +87 -87
- package/osint-agent-package/install.sh +76 -76
- package/osint-agent-package/skills/bmad-osint-investigate/SKILL.md +147 -147
- package/osint-agent-package/skills/bmad-osint-investigate/osint/references/enrichment-databases-fr.md +148 -148
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/_http.py +101 -101
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/apify.py +266 -266
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/brightdata.py +101 -101
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/diagnose.py +141 -141
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/exa.py +79 -79
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/jina.py +71 -71
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/parallel.py +85 -85
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/perplexity.py +102 -102
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/tavily.py +72 -72
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/volley.py +208 -208
- package/osint-agent-package/skills/bmad-osint-investigator/SKILL.md +15 -15
- package/package.json +30 -3
- package/readme-international/README.de.md +8 -3
- package/readme-international/README.es.md +8 -3
- package/readme-international/README.fr.md +8 -3
- package/src/bmad-plus/agents/agent-architect-dev/SKILL.md +96 -96
- package/src/bmad-plus/agents/agent-architect-dev/bmad-skill-manifest.yaml +13 -13
- package/src/bmad-plus/agents/agent-maker/SKILL.md +201 -201
- package/src/bmad-plus/agents/agent-maker/bmad-skill-manifest.yaml +13 -13
- package/src/bmad-plus/agents/agent-orchestrator/SKILL.md +137 -137
- package/src/bmad-plus/agents/agent-orchestrator/bmad-skill-manifest.yaml +13 -13
- package/src/bmad-plus/agents/agent-quality/SKILL.md +83 -83
- package/src/bmad-plus/agents/agent-quality/bmad-skill-manifest.yaml +13 -13
- package/src/bmad-plus/agents/agent-shadow/SKILL.md +71 -71
- package/src/bmad-plus/agents/agent-shadow/bmad-skill-manifest.yaml +13 -13
- package/src/bmad-plus/agents/agent-strategist/SKILL.md +80 -80
- package/src/bmad-plus/agents/agent-strategist/bmad-skill-manifest.yaml +13 -13
- package/src/bmad-plus/data/role-triggers.yaml +209 -209
- package/src/bmad-plus/module-help.csv +10 -10
- package/src/bmad-plus/packs/pack-memory/README.md +106 -106
- package/src/bmad-plus/packs/pack-memory/memory-orchestrator.md +79 -79
- package/src/bmad-plus/packs/pack-memory/shared/karpathy-guardrails.md +86 -86
- package/src/bmad-plus/packs/pack-memory/shared/memory-protocol.md +143 -143
- package/src/bmad-plus/packs/pack-memory/templates/context.md +39 -39
- package/src/bmad-plus/packs/pack-memory/templates/decisions.md +25 -25
- package/src/bmad-plus/packs/pack-memory/templates/identity.yaml +39 -39
- package/src/bmad-plus/packs/pack-memory/templates/lessons.md +31 -31
- package/src/bmad-plus/packs/pack-memory/templates/patterns.md +24 -24
- package/src/bmad-plus/packs/pack-memory/templates/session-handoff.md +25 -25
- package/src/bmad-plus/packs/pack-memory/zecher-agent.md +157 -157
- package/src/bmad-plus/packs/pack-seo/bmad-skill-manifest.yaml +13 -13
- package/src/bmad-plus/packs/pack-shield/README.md +110 -110
- package/src/bmad-plus/packs/pack-shield/SKILL.md +82 -82
- package/src/bmad-plus/packs/pack-shield/categories/accessibility-esg/csrd-agent.md +251 -251
- package/src/bmad-plus/packs/pack-shield/categories/accessibility-esg/section508-agent.md +168 -168
- package/src/bmad-plus/packs/pack-shield/categories/accessibility-esg/wcag-agent.md +190 -190
- package/src/bmad-plus/packs/pack-shield/categories/ai-governance/eu-ai-act-agent.md +86 -86
- package/src/bmad-plus/packs/pack-shield/categories/ai-governance/iso42001-agent.md +240 -240
- package/src/bmad-plus/packs/pack-shield/categories/ai-governance/nist-ai-rmf-agent.md +122 -122
- package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/cis-controls-agent.md +210 -210
- package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/ism-agent.md +139 -139
- package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/iso27001-agent.md +156 -156
- package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/nis2-agent.md +72 -72
- package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/nist-800-53-agent.md +239 -239
- package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/nist-csf-agent.md +207 -207
- package/src/bmad-plus/packs/pack-shield/categories/data-privacy/ccpa-agent.md +94 -94
- package/src/bmad-plus/packs/pack-shield/categories/data-privacy/dpdpa-agent.md +136 -136
- package/src/bmad-plus/packs/pack-shield/categories/data-privacy/gdpr-agent.md +296 -296
- package/src/bmad-plus/packs/pack-shield/categories/data-privacy/iso27701-agent.md +134 -134
- package/src/bmad-plus/packs/pack-shield/categories/data-privacy/lgpd-agent.md +129 -129
- package/src/bmad-plus/packs/pack-shield/categories/defense-export/cmmc-agent.md +116 -116
- package/src/bmad-plus/packs/pack-shield/categories/defense-export/ear-agent.md +261 -261
- package/src/bmad-plus/packs/pack-shield/categories/defense-export/itar-agent.md +191 -191
- package/src/bmad-plus/packs/pack-shield/categories/defense-export/tsa-agent.md +356 -356
- package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/dora-agent.md +499 -499
- package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/fedramp-agent.md +236 -236
- package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/hipaa-agent.md +162 -162
- package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/pci-dss-agent.md +228 -228
- package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/soc2-agent.md +255 -255
- package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/swift-csp-agent.md +153 -153
- package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-classifier.md +131 -131
- package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-fria.md +155 -155
- package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-incidents.md +187 -187
- package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-roles.md +113 -113
- package/src/bmad-plus/packs/pack-shield/categories/workflows/breach-sentinel.md +197 -197
- package/src/bmad-plus/packs/pack-shield/categories/workflows/cookie-policy-gen.md +180 -180
- package/src/bmad-plus/packs/pack-shield/categories/workflows/dpia-sentinel.md +235 -235
- package/src/bmad-plus/packs/pack-shield/categories/workflows/legitimate-interest.md +159 -159
- package/src/bmad-plus/packs/pack-shield/categories/workflows/privacy-advisor.md +133 -133
- package/src/bmad-plus/packs/pack-shield/categories/workflows/privacy-notice-gen.md +160 -160
- package/src/bmad-plus/packs/pack-shield/categories/workflows/privacy-policy-gen.md +135 -135
- package/src/bmad-plus/packs/pack-shield/references/ccpa/ccpa-gdpr-comparison.md +117 -117
- package/src/bmad-plus/packs/pack-shield/references/ccpa/consumer-rights-workflows.md +177 -177
- package/src/bmad-plus/packs/pack-shield/references/cis-controls/framework-mappings.md +162 -162
- package/src/bmad-plus/packs/pack-shield/references/cis-controls/implementation-guidance.md +235 -235
- package/src/bmad-plus/packs/pack-shield/references/cis-controls/safeguards-detail.md +252 -252
- package/src/bmad-plus/packs/pack-shield/references/cmmc/cmmc-assessment.md +170 -170
- package/src/bmad-plus/packs/pack-shield/references/cmmc/cmmc-levels.md +113 -113
- package/src/bmad-plus/packs/pack-shield/references/cmmc/cmmc-practices.md +211 -211
- package/src/bmad-plus/packs/pack-shield/references/csrd/compliance-program.md +281 -281
- package/src/bmad-plus/packs/pack-shield/references/csrd/double-materiality.md +253 -253
- package/src/bmad-plus/packs/pack-shield/references/csrd/esrs-standards.md +401 -401
- package/src/bmad-plus/packs/pack-shield/references/dora/article-reference.md +441 -441
- package/src/bmad-plus/packs/pack-shield/references/dora/incident-classification.md +297 -297
- package/src/bmad-plus/packs/pack-shield/references/dora/rts-its-guide.md +306 -306
- package/src/bmad-plus/packs/pack-shield/references/dora/third-party-risk.md +349 -349
- package/src/bmad-plus/packs/pack-shield/references/dpdpa/gdpr-comparison.md +173 -173
- package/src/bmad-plus/packs/pack-shield/references/dpdpa/rights-and-obligations.md +426 -426
- package/src/bmad-plus/packs/pack-shield/references/dpdpa/rules-2025.md +599 -599
- package/src/bmad-plus/packs/pack-shield/references/dpdpa/sections-reference.md +319 -319
- package/src/bmad-plus/packs/pack-shield/references/ear/ccl-eccn-guide.md +250 -250
- package/src/bmad-plus/packs/pack-shield/references/ear/compliance-program.md +280 -280
- package/src/bmad-plus/packs/pack-shield/references/ear/license-exceptions.md +207 -207
- package/src/bmad-plus/packs/pack-shield/references/eu-ai-act/gpai-governance.md +267 -267
- package/src/bmad-plus/packs/pack-shield/references/eu-ai-act/obligations-high-risk.md +287 -287
- package/src/bmad-plus/packs/pack-shield/references/eu-ai-act/risk-classification.md +182 -182
- package/src/bmad-plus/packs/pack-shield/references/fedramp/appendices-guide.md +209 -209
- package/src/bmad-plus/packs/pack-shield/references/fedramp/control-families.md +281 -281
- package/src/bmad-plus/packs/pack-shield/references/fedramp/poam-guide.md +93 -93
- package/src/bmad-plus/packs/pack-shield/references/fedramp/readiness-checklist.md +134 -134
- package/src/bmad-plus/packs/pack-shield/references/fedramp/sap-sar-guide.md +86 -86
- package/src/bmad-plus/packs/pack-shield/references/fedramp/ssp-guide.md +129 -129
- package/src/bmad-plus/packs/pack-shield/references/gdpr-compliance/documents.md +192 -192
- package/src/bmad-plus/packs/pack-shield/references/gdpr-compliance/dpa-template.md +121 -121
- package/src/bmad-plus/packs/pack-shield/references/gdpr-compliance/privacy-notice.md +87 -87
- package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/breach-notification.md +293 -293
- package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/privacy-rule.md +276 -276
- package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/security-rule.md +299 -299
- package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/templates.md +568 -568
- package/src/bmad-plus/packs/pack-shield/references/ism/control-applicability.md +181 -181
- package/src/bmad-plus/packs/pack-shield/references/ism/guidelines-overview.md +183 -183
- package/src/bmad-plus/packs/pack-shield/references/iso27001/annex-a-2013.md +203 -203
- package/src/bmad-plus/packs/pack-shield/references/iso27001/annex-a-2022.md +132 -132
- package/src/bmad-plus/packs/pack-shield/references/iso27001/control-mapping.md +153 -153
- package/src/bmad-plus/packs/pack-shield/references/iso27701/annex-a-controls.md +195 -195
- package/src/bmad-plus/packs/pack-shield/references/iso27701/regulatory-mapping.md +229 -229
- package/src/bmad-plus/packs/pack-shield/references/iso27701/transition-guide.md +219 -219
- package/src/bmad-plus/packs/pack-shield/references/iso42001/iso42001-ai-risk-assessment.md +258 -258
- package/src/bmad-plus/packs/pack-shield/references/iso42001/iso42001-clauses-requirements.md +279 -279
- package/src/bmad-plus/packs/pack-shield/references/iso42001/iso42001-controls-annex-a.md +155 -155
- package/src/bmad-plus/packs/pack-shield/references/itar/compliance-program.md +174 -174
- package/src/bmad-plus/packs/pack-shield/references/itar/licensing-guide.md +146 -146
- package/src/bmad-plus/packs/pack-shield/references/itar/usml-categories.md +93 -93
- package/src/bmad-plus/packs/pack-shield/references/lgpd/anpd-enforcement.md +147 -147
- package/src/bmad-plus/packs/pack-shield/references/lgpd/compliance-program.md +272 -272
- package/src/bmad-plus/packs/pack-shield/references/lgpd/lgpd-articles.md +271 -271
- package/src/bmad-plus/packs/pack-shield/references/nis2/article-21-measures.md +153 -153
- package/src/bmad-plus/packs/pack-shield/references/nis2/iso27001-nis2-mapping.md +68 -68
- package/src/bmad-plus/packs/pack-shield/references/nist-800-53/assessment-rmf.md +349 -349
- package/src/bmad-plus/packs/pack-shield/references/nist-800-53/baselines-tailoring.md +277 -277
- package/src/bmad-plus/packs/pack-shield/references/nist-800-53/control-families.md +450 -450
- package/src/bmad-plus/packs/pack-shield/references/nist-ai-rmf/rmf-core.md +361 -361
- package/src/bmad-plus/packs/pack-shield/references/nist-ai-rmf/rmf-profiles.md +192 -192
- package/src/bmad-plus/packs/pack-shield/references/nist-csf/csf-10-to-20-mapping.md +143 -143
- package/src/bmad-plus/packs/pack-shield/references/nist-csf/csf-20-functions-categories.md +278 -278
- package/src/bmad-plus/packs/pack-shield/references/nist-csf/csf-implementation-tiers.md +135 -135
- package/src/bmad-plus/packs/pack-shield/references/pci-compliance/pci-dss-requirements.md +366 -366
- package/src/bmad-plus/packs/pack-shield/references/pci-compliance/pci-dss-saq-guide.md +217 -217
- package/src/bmad-plus/packs/pack-shield/references/pci-compliance/pci-dss-v4-changes.md +190 -190
- package/src/bmad-plus/packs/pack-shield/references/section-508/wcag-mapping.md +160 -160
- package/src/bmad-plus/packs/pack-shield/references/soc2/controls.md +241 -241
- package/src/bmad-plus/packs/pack-shield/references/soc2/evidence.md +236 -236
- package/src/bmad-plus/packs/pack-shield/references/soc2/policies.md +254 -254
- package/src/bmad-plus/packs/pack-shield/references/soc2/vendor.md +276 -276
- package/src/bmad-plus/packs/pack-shield/references/swift-csp/swift-assessment.md +202 -202
- package/src/bmad-plus/packs/pack-shield/references/swift-csp/swift-controls.md +545 -545
- package/src/bmad-plus/packs/pack-shield/references/tsa-compliance/tsa-crmp-requirements.md +359 -359
- package/src/bmad-plus/packs/pack-shield/references/tsa-compliance/tsa-directives-overview.md +187 -187
- package/src/bmad-plus/packs/pack-shield/references/tsa-compliance/tsa-incident-reporting.md +187 -187
- package/src/bmad-plus/packs/pack-shield/references/wcag/criteria-detail.md +510 -510
- package/src/bmad-plus/packs/pack-shield/shared/audit-report-template.md +103 -103
- package/src/bmad-plus/packs/pack-shield/shared/cross-framework-mapper.md +103 -103
- package/src/bmad-plus/packs/pack-shield/shared/gap-analysis-template.md +83 -83
- package/src/bmad-plus/packs/pack-shield/shield-orchestrator.md +229 -229
- package/src/bmad-plus/packs/pack-shield/upstream-sync.yaml +68 -68
- package/src/bmad-plus/skills/bmad-plus-autopilot/SKILL.md +99 -99
- package/src/bmad-plus/skills/bmad-plus-parallel/SKILL.md +93 -93
- package/src/bmad-plus/skills/bmad-plus-sync/SKILL.md +69 -69
- package/tools/cli/bmad-plus-cli.js +5 -3
- package/tools/cli/commands/autoconfig.js +23 -59
- package/tools/cli/commands/doctor.js +14 -0
- package/tools/cli/commands/install.js +29 -128
- package/tools/cli/commands/memory.js +1 -0
- package/tools/cli/commands/scan.js +44 -42
- package/tools/cli/commands/uninstall.js +10 -5
- package/tools/cli/commands/update.js +21 -3
- package/tools/cli/lib/ide-config.js +259 -0
- package/tools/cli/lib/memory-init.js +0 -1
- package/tools/cli/lib/pack-copy.js +84 -84
- package/tools/cli/lib/packs.js +16 -8
- package/tools/cli/lib/stack-detect.js +102 -0
- package/tools/cli/lib/validate.js +50 -0
|
@@ -1,82 +1,82 @@
|
|
|
1
|
-
# Shield GRC Pack — SKILL
|
|
2
|
-
|
|
3
|
-
> **Pack:** Shield (GRC Audit)
|
|
4
|
-
> **Version:** 1.0.0
|
|
5
|
-
> **Created by:** Laurent Rochetta — https://github.com/lrochetta/BMAD-PLUS
|
|
6
|
-
|
|
7
|
-
## Overview
|
|
8
|
-
|
|
9
|
-
Shield transforms BMAD+ into a comprehensive GRC (Governance, Risk & Compliance) assistant. It serves as an intelligent orchestrator for 38 compliance agents across 7 categories, covering 25+ regulatory frameworks. Route requests to the appropriate specialist agent, combine insights for cross-framework analysis, and provide consolidated compliance reports.
|
|
10
|
-
|
|
11
|
-
## Capabilities
|
|
12
|
-
|
|
13
|
-
### Data Privacy (5 frameworks)
|
|
14
|
-
- **GDPR** (EU/EEA/UK) — General Data Protection Regulation
|
|
15
|
-
- **CCPA/CPRA** (California) — Consumer Privacy Act
|
|
16
|
-
- **LGPD** (Brazil) — Lei Geral de Protecao de Dados
|
|
17
|
-
- **DPDPA** (India) — Digital Personal Data Protection Act
|
|
18
|
-
- **ISO 27701** (International) — Privacy Information Management
|
|
19
|
-
|
|
20
|
-
### Cybersecurity (6 frameworks)
|
|
21
|
-
- **ISO 27001** — Information Security Management
|
|
22
|
-
- **NIST CSF 2.0** — Cybersecurity Framework
|
|
23
|
-
- **NIST 800-53 Rev. 5** — Federal Security Controls
|
|
24
|
-
- **CIS Controls v8** — Critical Security Controls
|
|
25
|
-
- **NIS2 Directive** — EU Cybersecurity
|
|
26
|
-
- **ISM** — Australian Information Security Manual
|
|
27
|
-
|
|
28
|
-
### Industry Compliance (6 frameworks)
|
|
29
|
-
- **SOC 2 Type I/II** — Service Organization Controls
|
|
30
|
-
- **PCI DSS v4.0** — Payment Card Industry
|
|
31
|
-
- **HIPAA** — Healthcare Privacy & Security
|
|
32
|
-
- **SWIFT CSP** — Banking Security
|
|
33
|
-
- **DORA** — EU Digital Operational Resilience
|
|
34
|
-
- **FedRAMP** — Federal Cloud Authorization
|
|
35
|
-
|
|
36
|
-
### Defense & Export Control (4 frameworks)
|
|
37
|
-
- **CMMC 2.0** — Cybersecurity Maturity Model Certification
|
|
38
|
-
- **ITAR** — International Traffic in Arms
|
|
39
|
-
- **EAR** — Export Administration Regulations
|
|
40
|
-
- **TSA** — Transportation Security Directives
|
|
41
|
-
|
|
42
|
-
### AI Governance (3 frameworks)
|
|
43
|
-
- **EU AI Act 2024/1689** — AI Regulation
|
|
44
|
-
- **ISO 42001:2023** — AI Management System
|
|
45
|
-
- **NIST AI RMF 1.0** — AI Risk Management
|
|
46
|
-
|
|
47
|
-
### Accessibility & ESG (3 frameworks)
|
|
48
|
-
- **WCAG 2.2** — Web Content Accessibility
|
|
49
|
-
- **Section 508** — US Federal Accessibility
|
|
50
|
-
- **CSRD** — Corporate Sustainability Reporting
|
|
51
|
-
|
|
52
|
-
### GDPR & AI Act Workflows (11 workflow agents)
|
|
53
|
-
- DPIA, Breach Response, Legitimate Interest Assessment
|
|
54
|
-
- Privacy Notice/Policy/Cookie Generators
|
|
55
|
-
- AI Act Classifier, Roles, FRIA, Incident Reporting
|
|
56
|
-
|
|
57
|
-
## Activation
|
|
58
|
-
|
|
59
|
-
To use Shield, include this pack in your BMAD+ installation:
|
|
60
|
-
|
|
61
|
-
```bash
|
|
62
|
-
npx bmad-plus install --pack shield
|
|
63
|
-
```
|
|
64
|
-
|
|
65
|
-
Then invoke the orchestrator from any conversation:
|
|
66
|
-
|
|
67
|
-
> "Shield, audit my app for GDPR compliance"
|
|
68
|
-
> "Shield, gap analysis ISO 27001 vs NIST CSF"
|
|
69
|
-
> "Shield, generate SOC 2 evidence checklist"
|
|
70
|
-
|
|
71
|
-
## Architecture
|
|
72
|
-
|
|
73
|
-
- `shield-orchestrator.md` — Intelligent routing entry point
|
|
74
|
-
- `categories/` — Framework-specific agent prompts
|
|
75
|
-
- `references/` — 85 regulatory reference files
|
|
76
|
-
- `shared/` — Cross-framework mapper, gap analysis & audit templates
|
|
77
|
-
|
|
78
|
-
## Attribution
|
|
79
|
-
|
|
80
|
-
Based on Claude Skills for GRC by Hemant Naik — MIT License.
|
|
81
|
-
GDPR and EU AI Act workflow agents enriched with insights from Lawve.ai.
|
|
82
|
-
Adapted for BMAD+ by Laurent Rochetta.
|
|
1
|
+
# Shield GRC Pack — SKILL
|
|
2
|
+
|
|
3
|
+
> **Pack:** Shield (GRC Audit)
|
|
4
|
+
> **Version:** 1.0.0
|
|
5
|
+
> **Created by:** Laurent Rochetta — https://github.com/lrochetta/BMAD-PLUS
|
|
6
|
+
|
|
7
|
+
## Overview
|
|
8
|
+
|
|
9
|
+
Shield transforms BMAD+ into a comprehensive GRC (Governance, Risk & Compliance) assistant. It serves as an intelligent orchestrator for 38 compliance agents across 7 categories, covering 25+ regulatory frameworks. Route requests to the appropriate specialist agent, combine insights for cross-framework analysis, and provide consolidated compliance reports.
|
|
10
|
+
|
|
11
|
+
## Capabilities
|
|
12
|
+
|
|
13
|
+
### Data Privacy (5 frameworks)
|
|
14
|
+
- **GDPR** (EU/EEA/UK) — General Data Protection Regulation
|
|
15
|
+
- **CCPA/CPRA** (California) — Consumer Privacy Act
|
|
16
|
+
- **LGPD** (Brazil) — Lei Geral de Protecao de Dados
|
|
17
|
+
- **DPDPA** (India) — Digital Personal Data Protection Act
|
|
18
|
+
- **ISO 27701** (International) — Privacy Information Management
|
|
19
|
+
|
|
20
|
+
### Cybersecurity (6 frameworks)
|
|
21
|
+
- **ISO 27001** — Information Security Management
|
|
22
|
+
- **NIST CSF 2.0** — Cybersecurity Framework
|
|
23
|
+
- **NIST 800-53 Rev. 5** — Federal Security Controls
|
|
24
|
+
- **CIS Controls v8** — Critical Security Controls
|
|
25
|
+
- **NIS2 Directive** — EU Cybersecurity
|
|
26
|
+
- **ISM** — Australian Information Security Manual
|
|
27
|
+
|
|
28
|
+
### Industry Compliance (6 frameworks)
|
|
29
|
+
- **SOC 2 Type I/II** — Service Organization Controls
|
|
30
|
+
- **PCI DSS v4.0** — Payment Card Industry
|
|
31
|
+
- **HIPAA** — Healthcare Privacy & Security
|
|
32
|
+
- **SWIFT CSP** — Banking Security
|
|
33
|
+
- **DORA** — EU Digital Operational Resilience
|
|
34
|
+
- **FedRAMP** — Federal Cloud Authorization
|
|
35
|
+
|
|
36
|
+
### Defense & Export Control (4 frameworks)
|
|
37
|
+
- **CMMC 2.0** — Cybersecurity Maturity Model Certification
|
|
38
|
+
- **ITAR** — International Traffic in Arms
|
|
39
|
+
- **EAR** — Export Administration Regulations
|
|
40
|
+
- **TSA** — Transportation Security Directives
|
|
41
|
+
|
|
42
|
+
### AI Governance (3 frameworks)
|
|
43
|
+
- **EU AI Act 2024/1689** — AI Regulation
|
|
44
|
+
- **ISO 42001:2023** — AI Management System
|
|
45
|
+
- **NIST AI RMF 1.0** — AI Risk Management
|
|
46
|
+
|
|
47
|
+
### Accessibility & ESG (3 frameworks)
|
|
48
|
+
- **WCAG 2.2** — Web Content Accessibility
|
|
49
|
+
- **Section 508** — US Federal Accessibility
|
|
50
|
+
- **CSRD** — Corporate Sustainability Reporting
|
|
51
|
+
|
|
52
|
+
### GDPR & AI Act Workflows (11 workflow agents)
|
|
53
|
+
- DPIA, Breach Response, Legitimate Interest Assessment
|
|
54
|
+
- Privacy Notice/Policy/Cookie Generators
|
|
55
|
+
- AI Act Classifier, Roles, FRIA, Incident Reporting
|
|
56
|
+
|
|
57
|
+
## Activation
|
|
58
|
+
|
|
59
|
+
To use Shield, include this pack in your BMAD+ installation:
|
|
60
|
+
|
|
61
|
+
```bash
|
|
62
|
+
npx bmad-plus install --pack shield
|
|
63
|
+
```
|
|
64
|
+
|
|
65
|
+
Then invoke the orchestrator from any conversation:
|
|
66
|
+
|
|
67
|
+
> "Shield, audit my app for GDPR compliance"
|
|
68
|
+
> "Shield, gap analysis ISO 27001 vs NIST CSF"
|
|
69
|
+
> "Shield, generate SOC 2 evidence checklist"
|
|
70
|
+
|
|
71
|
+
## Architecture
|
|
72
|
+
|
|
73
|
+
- `shield-orchestrator.md` — Intelligent routing entry point
|
|
74
|
+
- `categories/` — Framework-specific agent prompts
|
|
75
|
+
- `references/` — 85 regulatory reference files
|
|
76
|
+
- `shared/` — Cross-framework mapper, gap analysis & audit templates
|
|
77
|
+
|
|
78
|
+
## Attribution
|
|
79
|
+
|
|
80
|
+
Based on Claude Skills for GRC by Hemant Naik — MIT License.
|
|
81
|
+
GDPR and EU AI Act workflow agents enriched with insights from Lawve.ai.
|
|
82
|
+
Adapted for BMAD+ by Laurent Rochetta.
|