Skip to content

greenarmor/gesf

BranchesTags

Repository files navigation

🔰 Green Engineering Standard Framework (GESF)

Compliance-as-Code framework that automatically enforces GDPR, OWASP, NIST, and CIS engineering standards.

Install

npm install -g @greenarmor/ges

Usage

cd any-project
ges init
ges audit
ges score

MCP AI Assistant

GESF includes an MCP server that lets AI assistants (Claude, VS Code Copilot, Cursor, Crush, OpenCode, Windsurf) check compliance, list missing controls, and generate policies.

One-Click Install

Client Install
VS Code Install in VS Code
Smithery npx smithery add @greenarmor/ges-mcp-server

Quick Setup (CLI)

ges mcp setup              # Interactive — pick your client
ges mcp setup claude       # Claude Desktop
ges mcp setup vscode       # VS Code Copilot
ges mcp setup cursor       # Cursor
ges mcp setup opencode     # OpenCode
ges mcp setup crush        # Crush
ges mcp setup windsurf     # Windsurf
ges mcp setup all          # Configure all clients

Manual Configuration

Add this to your MCP client config:

{
  "mcpServers": {
    "gesf": {
      "command": "npx",
      "args": ["-y", "@greenarmor/ges-mcp-server"]
    }
  }
}

For VS Code, use "servers" instead of "mcpServers" and add "type": "stdio". For OpenCode/Crush, use "mcp" instead of "mcpServers" and add "type": "stdio".

Available Tools

Tool Description
check_compliance Check GDPR compliance status for a project
list_missing_controls Show missing compliance controls
generate_retention_policy Generate a data retention policy template
generate_incident_response Generate an incident response plan template
generate_risk_assessment Generate a risk assessment template
generate_dpa Generate a Data Processing Agreement template

Example Prompts

  • "Are we GDPR compliant?"
  • "Show missing controls for GDPR"
  • "Generate a retention policy for MyApp"
  • "Generate an incident response plan"
  • "Generate a risk assessment"

Architecture

packages/
├── cli/                    # CLI (@greenarmor/ges)
├── core/                   # Types, schemas, constants
├── audit-engine/           # Real source code scanning (6 scanners)
├── compliance-engine/      # GDPR Article 5/25/30/32/33/34 controls
├── policy-engine/          # 7 policy packs (GDPR, OWASP, AI, Blockchain, Gov, CIS, NIST)
├── rules-engine/           # Auth, encryption, secrets, logging standards
├── doc-generator/          # 14 compliance/security document templates
├── cicd-generator/         # GitHub Actions workflow generation
├── scoring-engine/         # Multi-framework compliance scoring
├── scanner-integration/    # External tool integration (Trivy, Gitleaks, Semgrep)
├── report-generator/       # Markdown/HTML report generation
└── mcp-server/             # MCP AI compliance assistant

License

MIT

About

Compliance-as-Code framework that automatically enforces GDPR, OWASP, NIST, and CIS engineering standards.

greenarmor.github.io/gesf/

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases 2

v0.3.1 — Stability & UX Improvements Latest
May 31, 2026
+ 1 release

Packages

 
 
 

Contributors

Languages