The ServiceNow/sdk repository's default branch is 'master' and there is
no 'main' branch. The pinned SHA (06adf37) is the current head of
'master'. Update the ref so future SHA bumps target the correct branch.
Scan Plugins is meant to gate every change to marketplace.json, but two
gaps made that unenforceable:
1. The bump workflow opens PRs with GITHUB_TOKEN, which GitHub exempts
from on:pull_request triggers. Weekly bump PRs (e.g. #1809) get no
scan check at all.
2. The workflow had a paths filter, so a required-check ruleset for
`scan` would block every PR that doesn't touch marketplace.json
(no check run = pending forever).
Fixes:
scan-plugins.yml
- Drop the paths filter; replace with a step-level `git diff --quiet`
early-exit on the same paths. The check now reports on every PR,
which makes it safe to require.
- Fail closed when ANTHROPIC_API_KEY is unset and a scan is needed.
The shared action no-ops gracefully in that case (right default for
community repos), but a required check that silently does nothing is
a rubber stamp.
bump-plugin-shas.yml
- After the action opens the bump PR, `gh workflow run scan-plugins.yml
--ref bump/plugin-shas`. workflow_dispatch is exempt from the
GITHUB_TOKEN recursion guard, and the resulting check run lands on
the branch HEAD (= PR head), so it satisfies the required check.
- Add `actions: write` so the dispatch is allowed.
Follow-up: add a repo ruleset on main requiring the `scan` check
(integration: github-actions) once this merges.
Adds the airtable marketplace entry. Sourced from Airtable/skills at
plugins/airtable, pinned to aaeb4f3e (latest main, tag 2026-05-06).
Bundles the official Airtable MCP server (mcp.airtable.com/mcp) plus
skills for the Airtable data model and filter syntax.
https://claude.ai/code/session_01Vom6RzMA4p6erqGiZxg8yE
Co-authored-by: Claude <noreply@anthropic.com>
The pinned version of anthropics/claude-plugins-community's
bump-plugin-shas action creates the bump commit with a local git commit,
which is unsigned and unmergeable under the required_signatures ruleset
on main. The new SHA creates the commit via the GraphQL
createCommitOnBranch mutation, which GitHub signs server-side, so weekly
bump PRs (e.g. #1809) become mergeable.
CAP CDS work as one cohesive unit, split out of #1616 to keep that PR
narrowly scoped to sap-hana-cli (which is currently held on an upstream
plugin.json fix).
- Adds new sap-cds-mcp entry alongside existing cds-mcp (additive,
non-breaking — both point to cap-js/mcp-server). Pinned at 8ce2e13a.
- Adds the unified SAP SE author block to existing cds-mcp.
Per the SAP namespace policy agreed with SAP (Tobin 2026-04-29 +
Florian/Klaus/Avital 2026-05-04 email).
Metadata-only refresh per the SAP namespace policy (Florian/Klaus/Avital,
2026-05-04). No slug renames, no new entries.
- sap-mdk-server: expand author from {"name":"SAP"} to the unified
SAP SE block with ospo@sap.com.
- ui5: add unified UI5 author block (openui5@sap.com per Florian's
carve-out for the SAPUI5/OpenUI5 brand).
- ui5-typescript-conversion: same UI5 author block as ui5.
Split out of #1616 to keep that PR scoped to sap-hana-cli only.
MCP server for SAP Fiori development tools — build and modify SAP Fiori
applications with AI assistance. Pinned at d9d4ab7e (latest main of
SAP/open-ux-tools).
* Tighten policy scan: hook scope, telemetry, disclosure; make blocking
policy/prompt.md — adds Part 2 (hook scope and disclosure):
- Enumerate every registered hook and read its source.
- Flag has_broad_scope_hooks when UserPromptSubmit/PreToolUse/
PostToolUse runs without a project-relevance gate, or any hook
reads user data beyond the plugin's stated scope — regardless of
whether it makes network calls.
- Flag has_undisclosed_telemetry when any hook or shipped code calls
a non-MCP host without explicit disclosure + opt-out.
- Flag description_matches_behavior=false when the install
description would not lead a reasonable user to expect the
hooks/telemetry/data-access found.
- passes=false when any of the above trip. Violations must cite the
specific hook/file and what the user wasn't told.
The bar is now "handles user data responsibly," not merely "isn't
malicious." A non-malicious plugin that observes more than its stated
purpose justifies will fail.
policy/schema.json — adds required hooks[], has_broad_scope_hooks,
has_undisclosed_telemetry, description_matches_behavior.
scan-plugins.yml:
- fail-on-findings: true (blocking — loosen later if FP rate too high)
- workflow_dispatch with scan_all input for full re-review of all
external entries
- timeout-minutes: 360 (full scan of 117 entries at ~96s each ≈ 3h)
- trigger on .github/policy/** so prompt edits get scanned
* Bump vercel SHA to test the tightened scan against it
* Adopt validate-plugins action suite; pin all external SHAs
Replaces the hand-rolled marketplace validator and bot-based bump
workflow with the shared composite actions (pinned at f846a0b).
marketplace.json:
- 62 external entries that were missing a `sha` are now pinned to
their current upstream HEAD (resolved via git ls-remote).
Workflows:
- validate-plugins.yml: invariants I1-I11 + claude plugin validate +
diff-gated clone-at-SHA validation of changed external entries.
SHA-pin (I5) is a hard error. I8/I11 stay warnings until the 15
known data issues (vendored dirs without manifests; one dotted
name) are cleaned up.
- bump-plugin-shas.yml: bot-free weekly refresh. Validates each new
SHA with claude plugin validate before opening one PR; works with
the default GITHUB_TOKEN (contents:write + pull-requests:write).
- scan-plugins.yml: Claude policy scan of changed external entries.
Non-blocking; graceful no-op if ANTHROPIC_API_KEY isn't set.
Removed:
- validate-marketplace.yml + the two TS helper scripts (superseded
by step 11/20 of validate-plugins).
validate-frontmatter.yml is kept — it's complementary (targeted
checks on agent/skill/command files for in-repo plugins).
* Remove 5 external entries that fail validation at HEAD
Step 30 (clone at pinned SHA + claude plugin validate) fails for
these at their current HEAD:
aiven Unrecognized key "logo" in plugin.json
atlassian-forge-skills skill YAML frontmatter parse error
sagemaker-ai skill YAML frontmatter parse error
speakai no plugin manifest at repo root
stagehand no plugin manifest at repo root
These can be re-added once the upstream repos are fixed.
* Wire scan-plugins to the detailed policy prompt
Adds .github/policy/prompt.md and schema.json (the full security
review rubric — malicious code, privacy, deception, safety
circumvention, exfiltration; plus network-call and software-install
flags) and points scan-plugins at it via the policy-prompt input.
With ANTHROPIC_API_KEY now configured on the repo, scan-plugins runs
the actual policy review on changed external entries instead of
no-op'ing.
* Bump scan-plugins action pin to include L11/L12 fixes
/maker-setup now falls back to GitHub's tarball endpoint when git isn't
on PATH, instead of detouring through a package-manager git install.
curl and tar ship with macOS, Linux, and Windows 10 1803+ out of the
box, so this is zero-install on every target platform — and a CwC
attendee just needs the files once to flash a device, not git history.
- maker-setup.md: git-clone fast path, curl|tar (Unix) / curl+tar+
Rename-Item (PowerShell) fallback, normalizes the -main suffix
- m5-onboard/SKILL.md: drop git from required deps + per-OS git
bootstrap block; keep Python bootstrap
- README: git now listed as optional
Linear: CC-1975
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
🏠 Remote-Dev: homespace
* Add cwc-makers plugin: /keep-thinking Cardputer onboarding
Packages the Code-with-Claude Makers (claude.com/cwc-makers) Cardputer
experience as a one-command flow for event attendees:
- commands/keep-thinking.md: user entry point — clones
moremas/build-with-claude and runs the m5-onboard provisioning flow
- skills/m5-onboard/SKILL.md: vendored from upstream onboard/SKILL.md;
Installation section replaced with clone-location note; explicit
'relay physical button steps to user' directive added
- skills/cardputer-buddy/SKILL.md: post-onboarding app iteration
All three are user-invocable; /keep-thinking is the intended entry
point. Skill content is Apache-2.0 from the upstream repo.
Linear: CC-1975
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
🏠 Remote-Dev: homespace
* Rename /keep-thinking → /start-making
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
🏠 Remote-Dev: homespace
* Rename /start-making → /maker-setup
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
🏠 Remote-Dev: homespace
