docs(9-ai-sessions): add Compliance section for the lc-compliance plugin#229
Merged
steveatlc merged 1 commit intoMay 15, 2026
Merged
Conversation
Documents the `lc-compliance` Claude Code plugin shipping in refractionPOINT/lc-ai. The plugin has two halves and both are covered: - Case-reviewer agents (one per framework, D&R-driven AI Sessions) that classify in-scope cases against control citations on `case_created` events and write audit-grade documentation directly into the case. - Four interactive Claude Code skills (`compliance-lookup`, `compliance-gap`, `compliance-deploy`, `compliance-baseline-deploy`) for ad-hoc control lookups, gap analysis against live orgs, guided reviewer-agent deployment, and full rule-baseline deployment. Covered frameworks: CMMC v2, NIST SP 800-53 Rev 5, PCI DSS v4.0, HIPAA Security Rule, SOC 2, ISO/IEC 27001:2022, CIS Controls v8. ## New files `docs/9-ai-sessions/compliance/`: - index.md (overview, two-shape model, quickstart) - installation.md (plugin install, prerequisites, first-deploy sequence) - frameworks.md (per-framework citation formats, scope tags, verification levels, framework-specific skill args) - skills.md (full reference for all four skills with arguments and examples) - case-reviewer-agent.md (agent lifecycle, permissions, scope check, evidence model, classifications, customization) - gap-analysis.md (report anatomy, remediation paths, multi-tenant note) ## Nav Compliance is nested as a sub-section under AI Sessions (after API Reference), not promoted to a top-level tab. The case-reviewer agent is literally a D&R-driven AI Session and the four skills are Claude Code tooling, so the semantic fit is inside the existing AI Sessions group; this also keeps the top-level nav at 10 tabs. ## Cross-link surface (modified existing pages) To make the new section discoverable from natural parent contexts, seven existing pages get conservative additive edits — each adds one or two "See Also" / "Related" entries pointing at the relevant Compliance page: - `9-ai-sessions/index.md` — adds Compliance to D&R-driven use cases and the Documentation list. - `9-ai-sessions/dr-sessions.md` — new See Also section framing the case-reviewer agent as the canonical D&R-driven session example. - `5-integrations/extensions/limacharlie/cases.md` — two new See Also entries (compliance reviewer operates on cases). - `5-integrations/extensions/limacharlie/integrity.md` — two new Related Articles entries (FIM rules ship as part of every framework baseline). - `5-integrations/extensions/limacharlie/exfil.md` — new See Also section (exfil rules ship as part of every framework baseline). - `2-sensors-deployment/sensor-tags.md` — new See Also entry pointing at the per-framework scope-tag conventions on the Frameworks page. - `7-administration/config-hive/secrets.md` — new See Also section including the existing implicit adapter/output/AI Sessions references, with the Compliance installation step added. ## Validation - `mkdocs build` passes (also tried with --strict; only pre-existing use-case "not in nav" warnings). - `pymarkdown scan` passes on all changed files with the repo's standard rule disables (MD013, MD033, MD041, MD046, MD060, MD024). - 23 internal cross-link probes (every inbound and outbound compliance link) verified 200 against a local mkdocs serve. ## Source Content is generated from the public release at [refractionPOINT/lc-ai](https://github.com/refractionPOINT/lc-ai), specifically `marketplace/plugins/lc-compliance/`. Plugin version 1.0.2. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Documents the
lc-complianceClaude Code plugin shipping in refractionPOINT/lc-ai. The plugin has two halves and both are covered:case_createdevents and write audit-grade documentation directly into the case.compliance-lookup,compliance-gap,compliance-deploy,compliance-baseline-deploy) for ad-hoc control lookups, gap analysis against live orgs, guided reviewer-agent deployment, and full rule-baseline deployment.Covered frameworks: CMMC v2, NIST SP 800-53 Rev 5, PCI DSS v4.0, HIPAA Security Rule, SOC 2, ISO/IEC 27001:2022, CIS Controls v8.
What this PR contains
New files —
docs/9-ai-sessions/compliance/index.mdinstallation.mdframeworks.md--baselinefor NIST 800-53,--igfor CIS v8)skills.mdcase-reviewer-agent.mdgap-analysis.mdNav placement
Compliance is nested as a sub-section under AI Sessions (after API Reference), not promoted to a top-level tab:
The case-reviewer agent is literally a D&R-driven AI Session and the four skills are Claude Code tooling, so the semantic fit is inside the existing AI Sessions group; this also keeps the top-level nav at 10 tabs rather than worsening the existing horizontal-overflow situation.
Modified existing pages — cross-link surface
To make the new section discoverable from natural parent contexts, seven existing pages get conservative additive edits. Each adds one or two
See Also/Relatedentries pointing at the relevant Compliance page. No other prose changes; no deletions.9-ai-sessions/index.md9-ai-sessions/dr-sessions.md## See Alsosection framing the case-reviewer agent as a canonical D&R-driven session example.5-integrations/extensions/limacharlie/cases.md## See Also(the compliance reviewer operates on cases).5-integrations/extensions/limacharlie/integrity.md## Related Articles(FIM rules ship as part of every framework baseline).5-integrations/extensions/limacharlie/exfil.md## See Alsosection (exfil rules ship as part of every framework baseline).2-sensors-deployment/sensor-tags.md## See Alsopointing at the per-framework scope-tag conventions.7-administration/config-hive/secrets.md## See Alsosection. Surfaces previously-implicit cross-references to Adapters, Outputs, and AI Sessions alongside the new Compliance Installation reference.Validation
mkdocs buildandmkdocs build --strictboth pass.pymarkdown scanpasses on all changed files with the repo's standard rule disables (MD013, MD033, MD041, MD046, MD060, MD024).mkdocs serve.Out of scope (deliberate)
1-getting-started/use-cases/. Acompliance.mduse-case page could plausibly sit alongsideincident-response.md,mssp-msp-mdr.md,enterprises.md, etc., but writing one is content work distinct from this cross-linking pass. Flagged as future follow-up.docs/assets/images/. No new screenshots or diagrams beyond the inline Mermaid sequence already incase-reviewer-agent.md.mkdocs.ymlredirect entries. These pages have no Readme.io predecessors, soredirect_mapsdoesn't need updating.🤖 Generated with Claude Code