@greenarmor/ges-policy-engine
Advanced tools
Policy pack management and enforcement for the Green Engineering Standard Framework (GESF).
Manages compliance policy packs for GDPR, OWASP, NIST, CIS, AI systems, blockchain, and government projects. Each policy pack defines the controls and standards applicable to a specific compliance domain.
npm install @greenarmor/ges-policy-engine
| Function | Description |
|---|---|
getAllPacks() | Returns all available policy packs |
getPack(id) | Get a specific policy pack by ID |
getPacksForProjectType(type) | Get recommended packs for a project type |
listPackIds() | List all available pack identifiers |
createGDPRPolicyPack() | GDPR policy pack |
createOWASPPolicyPack() | OWASP ASVS policy pack |
createAIPolicyPack() | AI / LLM / MCP policy pack |
createBlockchainPolicyPack() | Blockchain / Wallet policy pack |
createGovernmentPolicyPack() | Government systems policy pack |
createCISPolicyPack() | CIS Controls policy pack |
createNISTPolicyPack() | NIST Cybersecurity Framework policy pack |
import { getAllPacks, getPacksForProjectType } from '@greenarmor/ges-policy-engine';
const allPacks = getAllPacks();
const aiPacks = getPacksForProjectType('ai-application');
allPacks.forEach(p => console.log(`${p.id}: ${p.name}`));
| Pack ID | Framework | Description |
|---|---|---|
gdpr | GDPR | EU General Data Protection Regulation controls |
owasp | OWASP ASVS | Application Security Verification Standard |
cis | CIS Controls | Center for Internet Security controls |
nist | NIST CSF 2.0 | NIST Cybersecurity Framework 2.0 (23 controls / 145 checks) |
ai | AI Policy | LLM, Agent, MCP, RAG security controls |
blockchain | Blockchain | Cryptographic signatures, key rotation, on-chain rules |
government | Government | Data sovereignty, chain of custody, tamper evidence |
@greenarmor/ges-core — Types and constants@greenarmor/ges-compliance-engine — Control evaluationMIT
FAQs
GESF Policy Engine - Policy packs management and enforcement
We found that @greenarmor/ges-policy-engine demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket MCP now lets AI assistants review org alerts, investigate threats using the Socket threat feed, and inspect package files in addition to dependency scoring.
Product
Socket Firewall blocks malicious VS Code and Open VSX extensions before install, protecting developers from compromised editor marketplaces.
Research
More than 140 Mastra npm packages were compromised in a supply chain attack that used a typosquatted dependency to deliver a cross-platform infostealer during installation.