// Builds the React/Vite site, syncs to S3, and invalidates CloudFront cache. Uses the plugin's bundled deploy.sh script.
Build and deploy a production-ready Trust Center for any company. Use this skill whenever someone asks to create a trust center, compliance portal, security page, or wants to publish their SOC 2/SOC 3/ISO 27001/HIPAA/compliance posture publicly. Also triggers when someone mentions gated document access for audit reports, NDA-based document sharing, or wants to replace paid trust center tools like Secureframe, Vanta, Drata, or SafeBase. Even if they just say "I need a place to share my SOC 2 with customers" — that's a trust center. Use this skill.
NIST Cybersecurity Framework v2.0 expert. Reference-depth knowledge of the six Functions (Govern, Identify, Protect, Detect, Respond, Recover), Categories and Subcategories, Profiles (Current vs Target), Tiers, Implementation Examples, and the practitioner workflow of using CSF as a board-readable cybersecurity outcomes language. Backed by the SCF crosswalk for control-by-control mechanics.
Verbatim reference for all 320 NIST 800-171A Rev 2 assessment objectives, plus the Rev 2 → Rev 3 control crosswalk. Use for AO-level lookups (e.g., 3.1.1[c]), evidence planning, and forward-mapping to Rev 3. Pairs with cmmc-expert.
CMMC v2.0 expert for DoD contractors. Covers NIST 800-171 Rev 2 (14 families, 110 controls), SPRS scoring, POA&M rules, 32 CFR Part 170, DFARS clauses, scoping, ESP/CSP, C3PAO assessment lifecycle, and Rev 2 → Rev 3 transition.
Interpret testssl-inspector normalized findings, recommend remediations, and tie evidence back to SCF anchor controls plus SOC 2 / NIST 800-53 r5 / PCI DSS 4.0.1 / ISO 27002:2022 equivalents derived from SCF crosswalks.
Scaffolds a complete React/Vite website project from site-config.json. Generates components, styles, and configuration based on the site type and plan data.
| name | website-deploy |
| description | Builds the React/Vite site, syncs to S3, and invalidates CloudFront cache. Uses the plugin's bundled deploy.sh script. |
| allowed-tools | Bash, Read, Write, Edit, Glob |
You are running the /grc-portfolio:deploy skill. Your job is to build the website and deploy it to the AWS infrastructure created by /grc-portfolio:infra.
Find site-config.json:
$ARGUMENTS for a project directory pathRead it and validate that status.infraDeployed === true. If not, tell the user to run /grc-portfolio:infra first.
Also validate that status.buildComplete === true. If not, tell the user to run /grc-portfolio:build first.
Extract needed values:
aws.bucketNameaws.distributionIdaws.profileaws.contactApiEndpoint (if contact form enabled)aws.cloudFrontUrlaws.domain (if custom domain)If features.contactForm is true and aws.contactApiEndpoint is set, ensure
.env in the project directory contains:
VITE_CONTACT_API_ENDPOINT=<aws.contactApiEndpoint>
Update the file non-destructively — do not overwrite an existing .env:
.env does not exist, create it with just this line..env exists and already has a VITE_CONTACT_API_ENDPOINT= line, replace only that line..env exists but does not contain VITE_CONTACT_API_ENDPOINT=, append the line.Preserve any other variables the user has set (e.g. VITE_GA_ID, analytics keys, feature flags).
cd <projectDir>
npm run build
Verify the dist/ directory was created and contains files.
If the build fails, diagnose and fix the issue.
Use the toolkit's deploy script:
$TOOLKIT_DIR/scripts/deploy.sh <aws.bucketName> <aws.distributionId> <aws.profile>
Run this from the project directory (it expects dist/ in the current working directory).
Wait a moment for CloudFront to propagate, then tell the user their site is live.
Provide the URL:
https://<aws.domain>https://<aws.cloudFrontUrl>Update site-config.json:
status.siteDeployed = trueTell the user:
/grc-portfolio:repo to create a GitHub repo (if not done)/grc-portfolio:cicd to set up automatic deployments on push$TOOLKIT_DIR = read from site-config.json toolkitDir field$ARGUMENTS = arguments passed after /deploy (expected: project directory path)