Product
Introducing Repository Access Permissions and Custom Roles
Socket now supports Custom Roles and Repository Access Permissions so organizations can control who can access specific repositories and actions.
By Joe Werle - Jun 19, 2026
🚀 Socket Launch Week Day 4:Socket MCP Adds Org Alerts, Threat Feed Review, and Package Inspection.Learn more →
@greenarmor/ges
Advanced tools
@greenarmor/ges
Green Engineering Standard Framework - Compliance-as-Code CLI
Install
npm install -g @greenarmor/ges
Or use without installing:
npx @greenarmor/ges init
Quick Start
# Navigate to any project
cd my-project
# Initialize compliance framework
ges init
# Run security and compliance audit
ges audit
# View compliance score
ges score
# Generate reports
ges report
# Diagnose configuration
ges doctor
Commands
| Command | Description |
|---|---|
ges init | Initialize GESF in the current project |
ges audit | Scan source code for security and compliance issues |
ges score | Calculate and display compliance score |
ges report | Generate compliance reports (Markdown/HTML) |
ges doctor | Diagnose GESF configuration and health |
ges scan | Run external security scanners |
ges compliance | Show compliance status and installed packs |
ges validate | Validate GESF configuration |
ges generate | Regenerate documentation and workflows |
ges policy list | List available policy packs |
ges policy install <pack> | Install a policy pack |
ges policy remove <pack> | Remove a policy pack |
ges update | Check for updates |
What It Detects
- Secrets: Hardcoded passwords, API keys, connection strings, private keys, tokens
- Weak Crypto: MD5, SHA1, DES, AES-128, disabled TLS verification
- SQL Injection: String concatenation in SQL queries with user input
- XSS: innerHTML with user input, document.write, v-html, dangerouslySetInnerHTML
- Missing Auth: Routes without authentication middleware
- Missing Security: No helmet, no CORS config, no rate limiting, no MFA
- Config Issues: Secrets in .env without .gitignore, Docker as root, missing logging
- Database Issues: Missing audit columns, missing soft delete patterns
Supported Project Types
SaaS, AI Application, MCP Server, Blockchain, Wallet, Government System, Healthcare System, Event Platform, Photo Storage Platform, Vulnerability Scanner, Generic Web Application, API Backend, Mobile Application
Compliance Frameworks
GDPR, OWASP ASVS, CIS Controls, NIST CSF, ISO 27001, ISO 27701
FAQs
Green Engineering Standard Framework - Compliance-as-Code CLI
The npm package @greenarmor/ges receives a total of 1,504 weekly downloads. As such, @greenarmor/ges popularity was classified as popular.
We found that @greenarmor/ges demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 19 Jun 2026
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket MCP Adds Org Alerts, Threat Feed Review, and Package Inspection
Socket MCP now lets AI assistants review org alerts, investigate threats using the Socket threat feed, and inspect package files in addition to dependency scoring.
By John Tuckner - Jun 18, 2026
Product
Socket Firewall Now Blocks Malicious VS Code and Open VSX Extensions
Socket Firewall blocks malicious VS Code and Open VSX extensions before install, protecting developers from compromised editor marketplaces.
By John Tuckner - Jun 17, 2026