AIVory Claude Code Plugin
Comprehensive compliance validation plugin for Claude Code with support for 18+ compliance standards, AI-generated code detection, interactive remediation, and dashboard metrics.
- 18+ compliance standards including OWASP, GDPR, HIPAA, PCI-DSS, and more
- AI-generated code detection for enhanced security review
- Interactive remediation with AI-powered fix suggestions
- Dashboard integration for metrics and trend analysis
- Free tier available with no registration required
Quick Start
Get up and running with AIVory in under 2 minutes.
Installation
# Add AIVory marketplace
/plugin marketplace add aivorynet/claude-marketplace
# Install the plugin
/plugin install aiv
Initialize AIVory
# Run setup wizard
/aivory:init
Features
Supported Compliance Standards
Security
- OWASP Top 10
Healthcare
- HIPAA
Finance
- PCI-DSS, SOC 2, AML, DORA, Geldwäschegesetz
Privacy
- GDPR, CCPA, DSGVO
Information Security
- ISO 27001, ISO 27017, ISO 27018, TISAX
Regulatory
- NIS2, EU AI Act, Hinweisgeberschutzgesetz
Commands
Command Examples
Scanning
# Scan current directory
/aivory:scan
# Scan specific file
/aivory:scan src/UserService.java
# Scan with specific standards
/aivory:scan --standards=OWASP,GDPR
PR Review
# Review current PR
/aivory:review
# Review specific PR
/aivory:review 123
Fix & Dashboard
# Interactive fix
/aivory:fix
# View dashboard
/aivory:dashboard
How to Use AIVory with Claude
Recommended Workflow
When working with Claude Code, use prompts like:
"Please scan this code against AIVory compliance standards and fix any issues based on the feedback."
Or be more specific:
"Scan this file for OWASP and GDPR violations using AIVory, then fix the violations."
Why This Matters
Claude needs to be explicitly instructed to:
- Run the AIVory scan - Claude won’t automatically scan unless you ask
- Review the results - The scan returns detailed compliance feedback
- Apply the fixes - Claude should then fix the code based on AIVory’s recommendations
Example Usage
You: "I'm working on a user authentication system. Please scan it against
AIVory for OWASP compliance and fix any security issues."
Claude will:
1. Use AIVory MCP tools to scan your code
2. Analyze the compliance feedback
3. Suggest or implement fixes for violations found
4. Re-scan to verify the fixes work
Automatic Scanning with CLAUDE.md
Add this to your CLAUDE.md file in your project root:
## AIVory Compliance Scanning
When writing or modifying code:
1. Write the code as requested
2. Call /aiv:scan to check for compliance violations
3. Review the scan results and fix any violations found
4. Re-scan to verify fixes before completing the task
Always scan and fix violations before marking a task complete.
This ensures Claude automatically scans code it writes, reviews the compliance feedback from AIVory, and fixes violations before completing tasks.
Alternative: Per-Task Reminders
You can also remind Claude in each task:
Write this code, then scan it with /aiv:scan and fix any violations found.
Authentication & Limits
Specialized Agents
MCP Server Integration
The Claude Code plugin requires the AIVory Guard MCP server.
# Install MCP server (free tier)
claude mcp add --transport stdio aivory -- npx -y @aivorynet/guard
Authenticated Installation
For access to all compliance standards:
# With authentication (all standards)
claude mcp add \
--transport stdio \
--env AIVORY_API_KEY=your-api-key \
aivory \
-- npx -y @aivorynet/guard
Learn more about MCP integration →