Claude Code Plugins

Community-maintained marketplace

Feedback

oscal-validator

@euCann/OSCAL-GRC-SKILLS
0
0

Validate OSCAL documents for structural integrity, schema compliance, and OSCAL-specific requirements. Use this skill to check if OSCAL documents are properly formatted and meet NIST OSCAL specifications before processing.

Install Skill

1Download skill
2Enable skills in Claude

Open claude.ai/settings/capabilities and find the "Skills" section

3Upload to Claude

Click "Upload skill" and select the downloaded ZIP file

Note: Please verify skill by going through its instructions before using it.

SKILL.md

name oscal-validator
description Validate OSCAL documents for structural integrity, schema compliance, and OSCAL-specific requirements. Use this skill to check if OSCAL documents are properly formatted and meet NIST OSCAL specifications before processing.

OSCAL Validator Skill

Validate OSCAL documents against NIST schemas and perform structural integrity checks to ensure compliance data quality.

When to Use This Skill

Use this skill when you need to:

  • Verify an OSCAL document is properly formatted
  • Check for missing required fields
  • Validate UUIDs and cross-references
  • Ensure metadata completeness
  • Identify structural issues before further processing

✅ Data Source Principle

This skill validates documents you provide against structural rules and OSCAL schema requirements. Validation logic is safe — it checks format and syntax, not compliance content.

Note: For baseline completeness validation (e.g., "does this SSP cover all FedRAMP Moderate controls?"), you must also provide the baseline profile/catalog.

Validation Severity Levels

Level Meaning Action Required
ERROR Document is invalid Must fix before use
WARNING Potential issues Should review
INFO Suggestions Optional improvements

Validation Rules

Structure Validation (STRUCT)

Rule Description
STRUCT-001 Document must not be empty or null
STRUCT-002 Document must have a root element
STRUCT-003 Root element must be a valid OSCAL model type

Metadata Validation (META)

Rule Description
META-001 Metadata section is required
META-002 Title is required
META-003 Last-modified timestamp is required
META-004 Version is required
META-005 OSCAL version should match current spec

UUID Validation (UUID)

Rule Description
UUID-001 Document UUID must be present
UUID-002 UUIDs must be valid RFC 4122 format
UUID-003 UUIDs must be unique within document

Reference Validation (REF)

Rule Description
REF-001 Internal references must resolve
REF-002 Control references must exist
REF-003 Party references must resolve

How to Validate an OSCAL Document

Step 1: Check Basic Structure

  1. Verify document is not empty
  2. Confirm root element exists
  3. Validate root element is a valid OSCAL type

Step 2: Validate Metadata

  1. Check for required metadata section
  2. Verify title is present and non-empty
  3. Confirm last-modified is valid ISO timestamp
  4. Check version is present
  5. Validate oscal-version matches expected format

Step 3: Validate UUIDs

  1. Check document-level UUID exists
  2. Validate UUID format (8-4-4-4-12 hexadecimal)
  3. Build list of all UUIDs
  4. Check for duplicates

Step 4: Validate References

  1. Find all internal references (e.g., #uuid-value)
  2. Verify each reference resolves to existing element
  3. Check control-id references against imported catalogs
  4. Validate party-uuid references

Step 5: Model-Specific Validation

For Catalogs:

  • Groups should have controls
  • Controls should have statements
  • Parameters should have values or selections

For SSPs:

  • Import-profile must reference valid profile
  • System-characteristics must include system-ids
  • Control-implementation must address all imported controls

For Component Definitions:

  • Components must have titles
  • Control implementations must reference valid controls

Validation Report Format

Provide validation results as:

VALIDATION REPORT
=================
Document: [filename]
Model Type: [type]
Valid: [YES/NO]

Issues Found:
- [SEVERITY] [RULE-ID]: [Message] at [location]

Summary:
- Errors: X
- Warnings: Y
- Info: Z

Common Issues and Fixes

Issue Cause Fix
Missing metadata Incomplete document Add required metadata section
Invalid UUID Malformed identifier Generate new RFC 4122 UUID
Unresolved reference Broken link Update reference or add target
Missing timestamp Incomplete metadata Add ISO 8601 timestamp

Example Usage

When asked "Validate this SSP for compliance":

  1. Parse the document
  2. Run all validation checks
  3. Collect issues by severity
  4. Report findings with specific locations
  5. Provide actionable fix recommendations