What is grclanker

grclanker is a terminal-first compliance tool built on Pi, plus a raw spec library for building GRC automation. CMVP certificate lookups, KEV and EPSS triage, official FedRAMP GitHub-grounded 20x and Rev5 lookups, FedRAMP readiness, ADS package planning, starter-bundle generation, portable public trust-center site generation, read-only Duo, Okta, GitHub, and Google Workspace compliance assessments, an optional Google Workspace CLI operator bridge for raw evidence collection, framework-mapped posture work, Vanta audit export, SCF lookups, and trestle-backed OSCAL helpers ship in the current release.

The project exists because compliance evidence is scattered across vendor dashboards, government feeds, and spreadsheets that nobody wants to maintain. grclanker pulls that evidence into one terminal session, maps it to controls, and keeps everything on your machine.

The spec library is the second half. Each spec is a structured build plan for a vendor-specific GRC tool — APIs, auth model, controls, mappings, architecture, CLI, and build sequence. Feed a spec to any agent and it has enough context to start building.

Specs cover FedRAMP Marketplace services across cloud infrastructure, identity, security tooling, vulnerability management, and monitoring. The raw files are agent-agnostic and URL-first — grab them from /specs.