Compare commits

..

132 Commits

Author SHA1 Message Date
Morgan Lunt
4f49895abd code-modernization: assess writes the full quarantine ignore set
assess only added SECRETS.local.md to analysis/.gitignore, leaving
*.local.patch uncovered until harden's own Step 0 ran. Both patterns are
now written by whichever command runs first.
2026-06-09 08:47:34 -07:00
Morgan Lunt
9d49c4b135 code-modernization: close remaining credential-leak paths
A red-team pass found four ways credential values still reached
shareable artifacts after the initial redaction:

- the remediation patch: a diff removing a hardcoded secret carries the
  raw value on its '-' lines by construction. harden now splits output:
  non-credential hunks in the shareable security_remediation.patch,
  credential hunks in a gitignored security_remediation.local.patch
  with comment-only placeholders in the shareable file
- the other four agents had no secret-handling rules. legacy-analyst
  (hardcoded-config evidence in tech-debt findings),
  business-rules-extractor (credentials recorded as rule parameters),
  test-engineer (legacy literals becoming committed test fixtures), and
  architecture-critic (quoted code in notes files) now all mask values
  and cite file:line; assess's tech-debt prompt and ASSESSMENT.md
  masking now cover every section, not just Security Findings
- non-git projects: a .gitignore protects nothing under SVN/Mercurial.
  Both commands now refuse --show-secrets without git and write the
  quarantine file to ~/.modernize/<system>/ outside the project tree
- the patch-apply instruction was wrong in both documented layouts
  (symlinked legacy/ broke relative paths). Patches are now written
  with project-root-relative paths and applied from the project root

Also: --show-secrets is now position-independent in both commands, and
the README documents the full model.
2026-06-09 08:47:34 -07:00
Morgan Lunt
ff5feaeb7f code-modernization: never write discovered credential values into findings
Legacy systems often contain live credentials, and assessment/findings
files get committed and shared. Previously the security-auditor agent
reported hardcoded secrets verbatim into ASSESSMENT.md and
SECURITY_FINDINGS.md.

- security-auditor: mandatory secret-handling rules — mask all credential
  values (file:line + 2-4 char preview), redact secrets from echoed tool
  output, recommend rotation for anything that looks live
- assess/harden: gitignore-verified SECRETS.local.md quarantine file for
  the per-credential inventory; findings files get masked entries and a
  pointer only
- new --show-secrets flag opts into raw values in the quarantine file
  (and only there)
- README: document the behavior and advise users of earlier versions to
  check for already-committed findings and rotate
2026-06-09 08:47:33 -07:00
github-actions[bot]
bbbff6ab54 bump(qdrant-skills): 11df00a7 → 82337ccd (#2458)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:38:37 -05:00
github-actions[bot]
6105eea1c6 bump(sentry-cli): 329f5c5d → 9e9fe0fb (#2462)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:38:13 -05:00
github-actions[bot]
7a574ede07 bump(codspeed): 9793aaf9 → c6112f16 (#2451)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:37:48 -05:00
github-actions[bot]
50507ce03c bump(expo): 145a923c → c3886024 (#2452)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:37:24 -05:00
github-actions[bot]
9dbb38fff1 bump(oracle-ai-data-platform-workbench-spark-connectors): 04cc355f → 00cedef3 (#2456)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:36:45 -05:00
github-actions[bot]
0f2b68bec6 bump(sap-fiori-mcp-server): f6e9ae1f → fbfe8c32 (#2461)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:36:19 -05:00
github-actions[bot]
e408e54811 bump(aws-data-analytics): df13dea6 → 55b9acfe (#2445)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:35:53 -05:00
github-actions[bot]
7a5c13e654 bump(carta-cap-table): 0227331a → 9eb31290 (#2447)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:35:26 -05:00
github-actions[bot]
a0bf1eed49 bump(chrome-devtools-mcp): 7afd0167 → 702d3734 (#2450)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:34:57 -05:00
github-actions[bot]
e0825af81b bump(brightdata-plugin): 3e6d0838 → bd5bd76b (#2446)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:34:27 -05:00
github-actions[bot]
318f7c9674 bump(carta-crm): 0227331a → 9eb31290 (#2448)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:33:56 -05:00
github-actions[bot]
60706e7bc3 bump(carta-investors): 0227331a → 9eb31290 (#2449)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:33:27 -05:00
github-actions[bot]
f00d6d8005 bump(nvidia-skills): e29b3c65 → 0482ebce (#2455)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:32:56 -05:00
github-actions[bot]
48bbef8757 bump(hyperframes): 1fd1b316 → 25420bf4 (#2453)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:32:48 -05:00
github-actions[bot]
4d5ccd2968 bump(jfrog): 8324c7fc → 117febaa (#2454)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:32:16 -05:00
github-actions[bot]
aa6e8702bc bump(posthog): 9105eb4d → db4a8663 (#2457)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:31:43 -05:00
github-actions[bot]
36046dac80 bump(rc): b34f9beb → 473fd504 (#2459)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:31:12 -05:00
github-actions[bot]
19b7347f82 bump(aws-core): df13dea6 → 55b9acfe (#2444)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:30:47 -05:00
github-actions[bot]
d321de478d bump(revenuecat): b34f9beb → 473fd504 (#2460)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:30:38 -05:00
github-actions[bot]
4a501b5766 bump(aws-agents): df13dea6 → 55b9acfe (#2443)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:30:32 -05:00
github-actions[bot]
795d2ba506 bump(valtown): a3e88468 → 02631f99 (#2464)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:30:11 -05:00
github-actions[bot]
297568419b bump(wix): 8ed898ab → 188ed338 (#2465)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 13:30:01 -05:00
github-actions[bot]
ed3ff7abb3 bump(clickhouse-best-practices): 3a1ee115 → 544384f4 (#2436)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 08:15:22 -05:00
github-actions[bot]
6046414b87 bump(huggingface-skills): 504191c5 → d7223848 (#2438)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 08:15:10 -05:00
github-actions[bot]
a348b32801 bump(clickhouse): 1f30864b → ecbd4762 (#2435)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 08:14:53 -05:00
github-actions[bot]
c033853393 bump(dash0): 1e64ae2d → 5ff7aa5b (#2437)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 08:14:29 -05:00
github-actions[bot]
2b08b5b3ca bump(42crunch-api-security-testing): c2951754 → db2fb7e5 (#2433)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 08:13:49 -05:00
github-actions[bot]
0d0478adb9 bump(sap-fiori-mcp-server): 070cb3c2 → f6e9ae1f (#2440)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 08:13:25 -05:00
github-actions[bot]
e007f1b979 bump(chrome-devtools-mcp): f90f863d → 7afd0167 (#2434)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 08:12:57 -05:00
github-actions[bot]
3aa99bd279 bump(hyperframes): fc01717c → 1fd1b316 (#2439)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 08:12:48 -05:00
github-actions[bot]
f5962b8e64 bump(wix): 038e0c55 → 8ed898ab (#2441)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-08 08:12:14 -05:00
github-actions[bot]
1b46aa6d4a bump(hyperframes): 48fcf4ad → fc01717c (#2427)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-07 20:02:17 -05:00
github-actions[bot]
7cdfbb4cb2 bump(dataverse): ab906c96 → 2d50cf65 (#2426)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-07 20:01:41 -05:00
github-actions[bot]
13bb250718 bump(brightdata-plugin): 68651246 → 3e6d0838 (#2422)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-07 13:03:03 -05:00
github-actions[bot]
8f2f03a654 bump(hyperframes): 29d6f1ea → 48fcf4ad (#2423)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-07 13:02:41 -05:00
github-actions[bot]
e27e302c39 bump(wix): 3f8f2a68 → 038e0c55 (#2424)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-07 13:02:21 -05:00
github-actions[bot]
50d9d8775d bump(exa): ad888a18 → f0838825 (#2415)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-07 08:41:51 -05:00
github-actions[bot]
f13b8b9fb2 bump(railway): daa67716 → 1df604eb (#2417)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-07 08:41:29 -05:00
github-actions[bot]
84c2cdf3ad bump(hyperframes): dd956744 → 29d6f1ea (#2416)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-07 08:41:17 -05:00
github-actions[bot]
d136461a6c bump(wix): 29a68ecd → 3f8f2a68 (#2418)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-07 08:41:07 -05:00
github-actions[bot]
1fb8ee7628 bump(hyperframes): 731bc78f → dd956744 (#2413)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-06 19:02:51 -05:00
github-actions[bot]
093e91b259 bump(hyperframes): 16416734 → 731bc78f (#2412)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-06 15:30:43 -05:00
github-actions[bot]
fc4b52db22 bump(snowflake-cortex-code): dbd0d635 → 6a22eb1f (#2409)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-06 13:03:28 -05:00
github-actions[bot]
d447c246ca bump(wix): 9dca098f → 29a68ecd (#2410)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-06 13:03:07 -05:00
github-actions[bot]
6cf7e6331e bump(snowflake-cortex-code): 54760f12 → dbd0d635 (#2397)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-06 10:15:08 -05:00
github-actions[bot]
139e43d457 bump(ui5-typescript-conversion): 767ac53c → 9b3d7d80 (#2401)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-06 10:14:47 -05:00
github-actions[bot]
67f20b04f0 bump(carta-crm): 54602de6 → 0227331a (#2393)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-06 10:14:26 -05:00
github-actions[bot]
18ccde8c37 bump(carta-investors): 54602de6 → 0227331a (#2394)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-06 10:14:04 -05:00
github-actions[bot]
0ea0ddc5cc bump(nvidia-skills): bb0436fa → e29b3c65 (#2396)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-06 10:13:42 -05:00
github-actions[bot]
bc00d658e7 bump(teamcity-cli): 3cc3013c → 67e21f0b (#2398)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-06 10:13:19 -05:00
github-actions[bot]
5ca5306896 bump(togetherai-skills): 9772f2a2 → fb94cc14 (#2399)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-06 10:12:56 -05:00
github-actions[bot]
76d3c7ee37 bump(vibe-prospecting): 7ed0c4e2 → aa5903f5 (#2403)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-06 10:12:32 -05:00
github-actions[bot]
88afc50343 bump(hyperframes): bacfb175 → 16416734 (#2395)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-06 10:12:06 -05:00
github-actions[bot]
ed4e896219 bump(ui5): 767ac53c → 9b3d7d80 (#2400)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-06 10:11:41 -05:00
github-actions[bot]
ec38e7a881 bump(valtown): e01069e1 → a3e88468 (#2402)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-06 10:11:15 -05:00
github-actions[bot]
f1e2e3f1e4 bump(wix): f99715fc → 9dca098f (#2404)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-06 10:10:48 -05:00
github-actions[bot]
8b26e9f1c1 bump(carta-cap-table): 54602de6 → 0227331a (#2392)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-06 10:10:04 -05:00
github-actions[bot]
7562e052d5 bump(zapier): f34a7854 → 770167c5 (#2405)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-06 10:09:52 -05:00
github-actions[bot]
4b538d5d40 bump(zscaler): be37fb60 → f84ce4f0 (#2406)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-06 10:09:23 -05:00
github-actions[bot]
3d5017bc1d bump(sap-fiori-mcp-server): b326a9a5 → 070cb3c2 (#2384)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:41:21 -05:00
github-actions[bot]
d56b86d462 bump(carta-cap-table): 26056825 → 54602de6 (#2366)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:41:12 -05:00
github-actions[bot]
4fe9dd9b4b bump(aws-startup-advisor): ad7eadc8 → 1dd90935 (#2365)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:41:03 -05:00
github-actions[bot]
7dc4ed688f bump(chrome-devtools-mcp): 89718901 → f90f863d (#2369)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:40:53 -05:00
github-actions[bot]
65a01fafdc bump(datarobot-agent-skills): debe471c → b5a8f7a4 (#2372)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:40:44 -05:00
github-actions[bot]
dcc5a1a8b3 bump(migration-to-aws): ad7eadc8 → 1dd90935 (#2378)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:40:35 -05:00
github-actions[bot]
0278237073 bump(save-to-spotify): 35527660 → cd4ea681 (#2385)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:40:25 -05:00
github-actions[bot]
659f9f42ad bump(desktop-commander): f53f916f → 7a9b2ff0 (#2373)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:21:14 -05:00
github-actions[bot]
659d30b1f6 bump(huggingface-skills): 14cea99d → 504191c5 (#2374)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:21:05 -05:00
github-actions[bot]
c7ec509ba6 bump(qdrant-skills): 21c64d2e → 11df00a7 (#2381)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:20:40 -05:00
github-actions[bot]
317a14e25e bump(sentry-cli): 5b78ddaf → 329f5c5d (#2387)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:20:14 -05:00
github-actions[bot]
22bb99c414 bump(hunter): 3f8f3f5f → 494b0bd6 (#2375)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:19:48 -05:00
github-actions[bot]
7929ae4a4b bump(hyperframes): 4b51cc64 → bacfb175 (#2376)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:19:21 -05:00
github-actions[bot]
c422aeed0c bump(looker): ca53ea9d → e912c034 (#2377)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:18:54 -05:00
github-actions[bot]
a68871c83b bump(outputai): 5d7e612a → 2cc4685e (#2379)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:18:27 -05:00
github-actions[bot]
08a05826ce bump(posthog): d9d80933 → 9105eb4d (#2380)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:17:59 -05:00
github-actions[bot]
44fa671ac4 bump(railway): 831130cd → daa67716 (#2382)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:17:30 -05:00
github-actions[bot]
303bc792b4 bump(resend): 0f598ef5 → 0888546d (#2383)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:17:01 -05:00
github-actions[bot]
13882305d8 bump(42crunch-api-security-testing): 27815ced → c2951754 (#2362)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:16:16 -05:00
github-actions[bot]
3fdc816735 bump(shopify-ai-toolkit): 859be93b → a8e87a7c (#2388)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:16:08 -05:00
github-actions[bot]
f3a89dac7c bump(snowflake-cortex-code): c3f72002 → 54760f12 (#2389)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:15:36 -05:00
github-actions[bot]
330882bb53 bump(agentforce-adlc): 1db738be → fad761fc (#2363)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:15:05 -05:00
github-actions[bot]
6fa207be17 bump(carta-crm): 26056825 → 54602de6 (#2367)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:14:32 -05:00
github-actions[bot]
d50355a54d bump(carta-investors): 26056825 → 54602de6 (#2368)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:14:00 -05:00
github-actions[bot]
6658696d8f bump(auth0): beda869d → bdf0dc23 (#2364)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:13:53 -05:00
github-actions[bot]
71216eb7e0 bump(cloudflare): 60147cbb → c5b7b06b (#2370)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:13:19 -05:00
github-actions[bot]
b1e201e422 bump(codspeed): bfff1506 → 9793aaf9 (#2371)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:12:44 -05:00
github-actions[bot]
8bb44ef9b8 bump(sentry): 849303a8 → 030b01fb (#2386)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:12:35 -05:00
github-actions[bot]
9c0179fb60 bump(stripe): e27ee009 → b8f6adcb (#2390)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:11:58 -05:00
github-actions[bot]
f2c56408f8 bump(supabase): 3217ac03 → 2ed49769 (#2391)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 19:11:21 -05:00
Bryan Thompson
4230aea142 Add knowledge-catalog plugin (#2321) 2026-06-05 12:15:15 -07:00
Bryan Thompson
a60315ae16 Add alloydb-omni plugin (#2325) 2026-06-05 12:15:12 -07:00
Bryan Thompson
d46ebdd1eb Add cloud-sql-sqlserver plugin (#2322) 2026-06-05 12:14:55 -07:00
Bryan Thompson
30a7536d0f Add dataproc plugin (#2324) 2026-06-05 12:14:41 -07:00
Bryan Thompson
f0fc619c64 Add bigquery-data-analytics plugin (#2317) 2026-06-05 12:14:38 -07:00
Bryan Thompson
c770602299 Add cloud-sql-mysql plugin (#2323) 2026-06-05 12:14:18 -07:00
Bryan Thompson
89bc907203 Add oracledb plugin (#2319) 2026-06-05 12:14:13 -07:00
Bryan Thompson
948295e907 Add firestore-native plugin (#2320) 2026-06-05 12:14:10 -07:00
Bryan Thompson
9883cde440 Add looker plugin (#2318) 2026-06-05 12:13:55 -07:00
Bryan Thompson
96d59f53eb Add spanner plugin (#2316) 2026-06-05 12:13:52 -07:00
github-actions[bot]
e4fc76d71f bump(qdrant-skills): cace39df → 21c64d2e (#2354)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 11:16:56 -05:00
github-actions[bot]
ef7eea8a27 bump(carta-crm): ea02da68 → 26056825 (#2333)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 11:16:52 -05:00
github-actions[bot]
607793a939 bump(netlify-skills): cffaf74f → 5f777ba6 (#2348)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 11:16:36 -05:00
github-actions[bot]
2b019efea0 bump(nvidia-skills): e695a839 → bb0436fa (#2349)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 11:16:11 -05:00
github-actions[bot]
983f2789dc bump(carta-investors): ea02da68 → 26056825 (#2334)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 11:16:07 -05:00
github-actions[bot]
1f910e18c0 bump(azure): 58fd9094 → 02a614f6 (#2331)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 11:16:04 -05:00
github-actions[bot]
908c255afb bump(apollo-skills): 9ccf1347 → 60508910 (#2328)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 11:15:58 -05:00
github-actions[bot]
435820146b bump(codspeed): f79d57d2 → bfff1506 (#2336)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:58:09 -05:00
github-actions[bot]
c1f2ebd30c bump(expo): fdd3df12 → 145a923c (#2341)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:57:43 -05:00
github-actions[bot]
bfd6cc4453 bump(fullstory): 384555c3 → b20614e2 (#2343)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:57:16 -05:00
github-actions[bot]
90a522ac76 bump(hunter): 69c4e59e → 3f8f3f5f (#2344)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:56:49 -05:00
github-actions[bot]
e01bc27de9 bump(hyperframes): 8228932e → 4b51cc64 (#2345)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:56:21 -05:00
github-actions[bot]
0cc28d3f85 bump(outputai): d3c9b1f4 → 5d7e612a (#2351)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:55:52 -05:00
github-actions[bot]
2a2965bf7d bump(pigment): abf36e64 → f7bb2190 (#2352)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:55:23 -05:00
github-actions[bot]
2ee946660a bump(posthog): a4873114 → d9d80933 (#2353)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:54:54 -05:00
github-actions[bot]
2b0af2c713 bump(aws-startup-advisor): 30808e64 → ad7eadc8 (#2330)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:54:10 -05:00
github-actions[bot]
285c6086c8 bump(carta-cap-table): ea02da68 → 26056825 (#2332)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:53:39 -05:00
github-actions[bot]
64d2239ee3 bump(clickhouse-best-practices): 46ef08cc → 3a1ee115 (#2335)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:53:08 -05:00
github-actions[bot]
c5a851d162 bump(crowdstrike-falcon-foundry): b3f4ecb4 → c542c932 (#2337)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:52:36 -05:00
github-actions[bot]
00e70ff764 bump(datarobot-agent-skills): 90a33c0c → debe471c (#2339)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:52:04 -05:00
github-actions[bot]
f76697f228 bump(migration-to-aws): 30808e64 → ad7eadc8 (#2347)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:51:32 -05:00
github-actions[bot]
7e7fd1e19f bump(desktop-commander): cf857bf0 → f53f916f (#2340)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:51:24 -05:00
github-actions[bot]
1084105a18 bump(forge-skills): 2014fae5 → 02103cca (#2342)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:50:50 -05:00
github-actions[bot]
636410d7b4 bump(mcp-apps): a9907802 → ca1d2989 (#2346)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:50:15 -05:00
github-actions[bot]
fa09cccba0 bump(quarkus-agent): 01847d5d → e711107a (#2355)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:50:07 -05:00
github-actions[bot]
b41c121fef bump(auth0): 9d93554c → beda869d (#2329)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:49:31 -05:00
github-actions[bot]
58d3bf4a70 bump(oracle-ai-data-platform-workbench-spark-connectors): dcd5a5a1 → 04cc355f (#2350)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:49:06 -05:00
github-actions[bot]
e5483762ee bump(dash0): 8801a219 → 1e64ae2d (#2338)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:48:48 -05:00
github-actions[bot]
94d4566c99 bump(42crunch-api-security-testing): 1db60984 → 27815ced (#2327)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:48:22 -05:00
github-actions[bot]
2346b18566 bump(sanity): 7e049737 → 66f0ec5d (#2356)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-06-05 08:47:59 -05:00
10 changed files with 360 additions and 85 deletions

View File

@@ -19,7 +19,7 @@
"url": "https://github.com/42Crunch-AI/claude-plugins.git", "url": "https://github.com/42Crunch-AI/claude-plugins.git",
"path": "plugins/api-security-testing", "path": "plugins/api-security-testing",
"ref": "v1.5.5", "ref": "v1.5.5",
"sha": "1db609845441d4fa8862019191e4138e61f77e67" "sha": "db2fb7e53e3d93a863930b6f6b7895be5ee01f21"
}, },
"homepage": "https://42crunch.com" "homepage": "https://42crunch.com"
}, },
@@ -57,7 +57,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/SalesforceAIResearch/agentforce-adlc.git", "url": "https://github.com/SalesforceAIResearch/agentforce-adlc.git",
"sha": "1db738befed88c2ee6d068482cfd64a10c97e2ef" "sha": "fad761fce6cba119d23792b3a96a3bf33e23c566"
}, },
"homepage": "https://github.com/SalesforceAIResearch/agentforce-adlc" "homepage": "https://github.com/SalesforceAIResearch/agentforce-adlc"
}, },
@@ -127,6 +127,20 @@
}, },
"homepage": "https://cloud.google.com/alloydb" "homepage": "https://cloud.google.com/alloydb"
}, },
{
"name": "alloydb-omni",
"description": "Create, connect, and interact with an AlloyDB Omni database and data.",
"author": {
"name": "Google LLC"
},
"category": "database",
"source": {
"source": "url",
"url": "https://github.com/gemini-cli-extensions/alloydb-omni.git",
"sha": "fbf2476630629f32ce0029bbd62d225950fdfd6d"
},
"homepage": "https://github.com/gemini-cli-extensions/alloydb-omni"
},
{ {
"name": "amazon-location-service", "name": "amazon-location-service",
"description": "Guide developers through adding maps, places search, geocoding, routing, and other geospatial features with Amazon Location Service, including authentication setup, SDK integration, and best practices.", "description": "Guide developers through adding maps, places search, geocoding, routing, and other geospatial features with Amazon Location Service, including authentication setup, SDK integration, and best practices.",
@@ -177,7 +191,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/apollographql/skills.git", "url": "https://github.com/apollographql/skills.git",
"sha": "9ccf13477e116ec095ba9b606212492ffbd42926" "sha": "605089108a198e412f7f0c1926c91eb94a6d1727"
}, },
"homepage": "https://www.apollographql.com" "homepage": "https://www.apollographql.com"
}, },
@@ -261,7 +275,7 @@
"url": "https://github.com/auth0/agent-skills.git", "url": "https://github.com/auth0/agent-skills.git",
"path": "plugins/auth0", "path": "plugins/auth0",
"ref": "main", "ref": "main",
"sha": "9d93554c5d91bd087a46f4d6825f80c3eb981945" "sha": "bdf0dc23f8b17446b2c94bc9f2e5a58d3f1bc114"
}, },
"homepage": "https://auth0.com/docs/quickstart/agent-skills" "homepage": "https://auth0.com/docs/quickstart/agent-skills"
}, },
@@ -277,7 +291,7 @@
"url": "https://github.com/aws/agent-toolkit-for-aws.git", "url": "https://github.com/aws/agent-toolkit-for-aws.git",
"path": "plugins/aws-agents", "path": "plugins/aws-agents",
"ref": "main", "ref": "main",
"sha": "df13dea64baaa1b7031b25d1b2f380756131efec" "sha": "55b9acfefdcf0866b6bc6cc56c16e6e18e65bd2b"
}, },
"homepage": "https://github.com/aws/agent-toolkit-for-aws" "homepage": "https://github.com/aws/agent-toolkit-for-aws"
}, },
@@ -306,7 +320,7 @@
"url": "https://github.com/aws/agent-toolkit-for-aws.git", "url": "https://github.com/aws/agent-toolkit-for-aws.git",
"path": "plugins/aws-core", "path": "plugins/aws-core",
"ref": "main", "ref": "main",
"sha": "df13dea64baaa1b7031b25d1b2f380756131efec" "sha": "55b9acfefdcf0866b6bc6cc56c16e6e18e65bd2b"
}, },
"homepage": "https://github.com/aws/agent-toolkit-for-aws" "homepage": "https://github.com/aws/agent-toolkit-for-aws"
}, },
@@ -322,7 +336,7 @@
"url": "https://github.com/aws/agent-toolkit-for-aws.git", "url": "https://github.com/aws/agent-toolkit-for-aws.git",
"path": "plugins/aws-data-analytics", "path": "plugins/aws-data-analytics",
"ref": "main", "ref": "main",
"sha": "df13dea64baaa1b7031b25d1b2f380756131efec" "sha": "55b9acfefdcf0866b6bc6cc56c16e6e18e65bd2b"
}, },
"homepage": "https://github.com/aws/agent-toolkit-for-aws" "homepage": "https://github.com/aws/agent-toolkit-for-aws"
}, },
@@ -367,7 +381,7 @@
"url": "https://github.com/awslabs/startups.git", "url": "https://github.com/awslabs/startups.git",
"path": "advisor/plugins/aws-startup-advisor", "path": "advisor/plugins/aws-startup-advisor",
"ref": "main", "ref": "main",
"sha": "30808e64b08ba13aedcecade5a27bfbff06dba09" "sha": "1dd909352dc228f978c2685724cb38e64efe6be4"
}, },
"homepage": "https://github.com/awslabs/startups" "homepage": "https://github.com/awslabs/startups"
}, },
@@ -378,7 +392,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/microsoft/azure-skills.git", "url": "https://github.com/microsoft/azure-skills.git",
"sha": "58fd90942ab5045481bf1632fa0c2d7746367e13" "sha": "02a614f6ee1f052826f834d65c61e430ad152c8e"
}, },
"homepage": "https://github.com/microsoft/azure-skills" "homepage": "https://github.com/microsoft/azure-skills"
}, },
@@ -420,6 +434,20 @@
}, },
"homepage": "https://docs.bigdata.com" "homepage": "https://docs.bigdata.com"
}, },
{
"name": "bigquery-data-analytics",
"description": "Connect, query, and generate data insights for BigQuery datasets and data.",
"author": {
"name": "Google LLC"
},
"category": "database",
"source": {
"source": "url",
"url": "https://github.com/gemini-cli-extensions/bigquery-data-analytics.git",
"sha": "9cee2a03105d74648231ed3a5c4a63c4f194790d"
},
"homepage": "https://github.com/gemini-cli-extensions/bigquery-data-analytics"
},
{ {
"name": "box", "name": "box",
"description": "Work with your Box content directly from Claude Code — search files, organize folders, collaborate with your team, and use Box AI to answer questions, summarize documents, and extract data without leaving your workflow.", "description": "Work with your Box content directly from Claude Code — search files, organize folders, collaborate with your team, and use Box AI to answer questions, summarize documents, and extract data without leaving your workflow.",
@@ -444,7 +472,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/brightdata/skills.git", "url": "https://github.com/brightdata/skills.git",
"sha": "68651246ad1819b98a1fc15ce10239e55406ff37" "sha": "bd5bd76bc889f54b744bab3db3cbd42751a1e5b0"
}, },
"homepage": "https://docs.brightdata.com" "homepage": "https://docs.brightdata.com"
}, },
@@ -474,7 +502,7 @@
"url": "https://github.com/carta/plugins.git", "url": "https://github.com/carta/plugins.git",
"path": "plugins/carta-cap-table", "path": "plugins/carta-cap-table",
"ref": "main", "ref": "main",
"sha": "ea02da68e7be8bf4bc2bffe8f1fd7253f8d0b101" "sha": "9eb312908f4a2e2d15e4e935320981433a549f77"
}, },
"homepage": "https://carta.com" "homepage": "https://carta.com"
}, },
@@ -490,7 +518,7 @@
"url": "https://github.com/carta/plugins.git", "url": "https://github.com/carta/plugins.git",
"path": "plugins/carta-crm", "path": "plugins/carta-crm",
"ref": "main", "ref": "main",
"sha": "ea02da68e7be8bf4bc2bffe8f1fd7253f8d0b101" "sha": "9eb312908f4a2e2d15e4e935320981433a549f77"
}, },
"homepage": "https://carta.com" "homepage": "https://carta.com"
}, },
@@ -506,7 +534,7 @@
"url": "https://github.com/carta/plugins.git", "url": "https://github.com/carta/plugins.git",
"path": "plugins/carta-investors", "path": "plugins/carta-investors",
"ref": "main", "ref": "main",
"sha": "ea02da68e7be8bf4bc2bffe8f1fd7253f8d0b101" "sha": "9eb312908f4a2e2d15e4e935320981433a549f77"
}, },
"homepage": "https://carta.com" "homepage": "https://carta.com"
}, },
@@ -533,7 +561,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/ChromeDevTools/chrome-devtools-mcp.git", "url": "https://github.com/ChromeDevTools/chrome-devtools-mcp.git",
"sha": "89718901174be7c0c58a1a2b29281ab2f053cd53" "sha": "702d3734f276a18efd67561ae00b88ce954cc515"
}, },
"homepage": "https://github.com/ChromeDevTools/chrome-devtools-mcp" "homepage": "https://github.com/ChromeDevTools/chrome-devtools-mcp"
}, },
@@ -627,7 +655,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/ClickHouse/clickhouse-claude-code-plugin.git", "url": "https://github.com/ClickHouse/clickhouse-claude-code-plugin.git",
"sha": "1f30864b720960a797e5c7f6138d328bec3984cb" "sha": "ecbd47627d7e7b3de15b297b91e0abf3e6ebc746"
}, },
"homepage": "https://github.com/ClickHouse/clickhouse-claude-code-plugin" "homepage": "https://github.com/ClickHouse/clickhouse-claude-code-plugin"
}, },
@@ -641,10 +669,24 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/ClickHouse/agent-skills.git", "url": "https://github.com/ClickHouse/agent-skills.git",
"sha": "46ef08ccf32fa28587b64e0c79106ff437dc8fcb" "sha": "544384f4fab1d6ed59f16a354d1c68296dfa6007"
}, },
"homepage": "https://clickhouse.com" "homepage": "https://clickhouse.com"
}, },
{
"name": "cloud-sql-mysql",
"description": "Connect and interact with a Cloud SQL for MySQL database and data.",
"author": {
"name": "Google LLC"
},
"category": "database",
"source": {
"source": "url",
"url": "https://github.com/gemini-cli-extensions/cloud-sql-mysql.git",
"sha": "983c804fe7dc58b3e58021960e7e1831a10e08b9"
},
"homepage": "https://github.com/gemini-cli-extensions/cloud-sql-mysql"
},
{ {
"name": "cloud-sql-postgresql", "name": "cloud-sql-postgresql",
"description": "Create, connect, and interact with a Cloud SQL for PostgreSQL database and data.", "description": "Create, connect, and interact with a Cloud SQL for PostgreSQL database and data.",
@@ -678,7 +720,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/cloudflare/skills.git", "url": "https://github.com/cloudflare/skills.git",
"sha": "60147cbb773649eadca89cee92b4e0caf02234b4" "sha": "c5b7b06b073fa0b4abbd63964630f97d81da69c4"
}, },
"description": "Skills for the Cloudflare developer platform: Workers, Durable Objects, Agents SDK, MCP servers, Wrangler CLI, and web performance.", "description": "Skills for the Cloudflare developer platform: Workers, Durable Objects, Agents SDK, MCP servers, Wrangler CLI, and web performance.",
"category": "deployment", "category": "deployment",
@@ -762,7 +804,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/CodSpeedHQ/codspeed.git", "url": "https://github.com/CodSpeedHQ/codspeed.git",
"sha": "f79d57d207f039e44a31a976564715f7731e71b6" "sha": "c6112f168b405df8e7310b12a9b80484cd01ac14"
}, },
"homepage": "https://codspeed.io" "homepage": "https://codspeed.io"
}, },
@@ -830,7 +872,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/CrowdStrike/foundry-skills.git", "url": "https://github.com/CrowdStrike/foundry-skills.git",
"sha": "b3f4ecb48333d6007117a29650daa1989a228b5c" "sha": "c542c932956fd19177a62b94577f288c832d4680"
}, },
"homepage": "https://github.com/CrowdStrike/foundry-skills" "homepage": "https://github.com/CrowdStrike/foundry-skills"
}, },
@@ -876,7 +918,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/dash0hq/dash0-agent-plugin.git", "url": "https://github.com/dash0hq/dash0-agent-plugin.git",
"sha": "8801a21931d80c543c0f51a4b7eef4cd1311c1b5" "sha": "5ff7aa5b8e52e10d10e45ea8e2f7cbebc86758bf"
}, },
"homepage": "https://dash0.com/" "homepage": "https://dash0.com/"
}, },
@@ -956,6 +998,20 @@
}, },
"homepage": "https://datahub.com" "homepage": "https://datahub.com"
}, },
{
"name": "dataproc",
"description": "Manage Dataproc clusters and jobs.",
"author": {
"name": "Google LLC"
},
"category": "database",
"source": {
"source": "url",
"url": "https://github.com/gemini-cli-extensions/dataproc.git",
"sha": "20eec06eee7683311689f4a1437cbb14ac8cd33e"
},
"homepage": "https://github.com/gemini-cli-extensions/dataproc"
},
{ {
"name": "datarobot-agent-skills", "name": "datarobot-agent-skills",
"description": "DataRobot skills for AI/ML workflows — model training, deployment, predictions, feature engineering, monitoring, explainability, data preparation, App Framework CI/CD, and external agent monitoring.", "description": "DataRobot skills for AI/ML workflows — model training, deployment, predictions, feature engineering, monitoring, explainability, data preparation, App Framework CI/CD, and external agent monitoring.",
@@ -966,7 +1022,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/datarobot-oss/datarobot-agent-skills.git", "url": "https://github.com/datarobot-oss/datarobot-agent-skills.git",
"sha": "90a33c0c87362f28be88c14c0ef0f3469e6d2596" "sha": "b5a8f7a4bc4d31a1f139a232efbba6127af0474a"
}, },
"homepage": "https://datarobot.com" "homepage": "https://datarobot.com"
}, },
@@ -979,7 +1035,7 @@
"url": "https://github.com/microsoft/Dataverse-skills.git", "url": "https://github.com/microsoft/Dataverse-skills.git",
"path": ".github/plugins/dataverse", "path": ".github/plugins/dataverse",
"ref": "main", "ref": "main",
"sha": "ab906c960db0f2da83c2cb92a3fd162ccaba9cb9" "sha": "2d50cf65f80efc17ac50632222d61fb374115a70"
}, },
"homepage": "https://github.com/microsoft/Dataverse-skills" "homepage": "https://github.com/microsoft/Dataverse-skills"
}, },
@@ -1008,7 +1064,7 @@
"url": "https://github.com/wonderwhy-er/DesktopCommanderMCP.git", "url": "https://github.com/wonderwhy-er/DesktopCommanderMCP.git",
"path": "plugins/claude", "path": "plugins/claude",
"ref": "main", "ref": "main",
"sha": "cf857bf061cb3b0e8673717dcac1f0fa2ecbdd40" "sha": "7a9b2ff0339a7fdc29c06a9957b323ef478a1dde"
}, },
"homepage": "https://desktopcommander.app" "homepage": "https://desktopcommander.app"
}, },
@@ -1070,7 +1126,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/exa-labs/exa-mcp-server.git", "url": "https://github.com/exa-labs/exa-mcp-server.git",
"sha": "ad888a188cdefbe832c9feed2c3a97d1cb93cb35" "sha": "f08388256c5806f457fae777b5528eb02a48e703"
}, },
"homepage": "https://exa.ai/docs/reference/exa-mcp" "homepage": "https://exa.ai/docs/reference/exa-mcp"
}, },
@@ -1094,7 +1150,7 @@
"url": "https://github.com/expo/skills.git", "url": "https://github.com/expo/skills.git",
"path": "plugins/expo", "path": "plugins/expo",
"ref": "main", "ref": "main",
"sha": "fdd3df12151a208853fe540ffea9a67773446377" "sha": "c38860242118df93d4ec4381a34f4144fff61928"
}, },
"homepage": "https://github.com/expo/skills/blob/main/plugins/expo/README.md" "homepage": "https://github.com/expo/skills/blob/main/plugins/expo/README.md"
}, },
@@ -1164,6 +1220,20 @@
}, },
"homepage": "https://github.com/firecrawl/firecrawl-claude-plugin.git" "homepage": "https://github.com/firecrawl/firecrawl-claude-plugin.git"
}, },
{
"name": "firestore-native",
"description": "Connect and interact with Firestore databases, collections, and documents.",
"author": {
"name": "Google LLC"
},
"category": "database",
"source": {
"source": "url",
"url": "https://github.com/gemini-cli-extensions/firestore-native.git",
"sha": "f88103bd0ccfe9e1e7a3a7d849de26d197978c9a"
},
"homepage": "https://github.com/gemini-cli-extensions/firestore-native"
},
{ {
"name": "forge-skills", "name": "forge-skills",
"description": "Forge-focused skills and MCP configuration for Atlassian Forge: scaffold and deploy apps (forge create, templates, dev spaces), build Teamwork Graph connectors for Rovo Search/Rovo Chat, pre-deploy review, systematic debugging, plus Forge docs and Atlassian Design System lookups via MCP.", "description": "Forge-focused skills and MCP configuration for Atlassian Forge: scaffold and deploy apps (forge create, templates, dev spaces), build Teamwork Graph connectors for Rovo Search/Rovo Chat, pre-deploy review, systematic debugging, plus Forge docs and Atlassian Design System lookups via MCP.",
@@ -1174,7 +1244,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/atlassian/forge-skills.git", "url": "https://github.com/atlassian/forge-skills.git",
"sha": "2014fae5b1529a22629129b1564ae522593eb46d" "sha": "02103cca4addb4c42d64d4e18a9d1a7f186edf6c"
}, },
"homepage": "https://developer.atlassian.com/platform/forge/" "homepage": "https://developer.atlassian.com/platform/forge/"
}, },
@@ -1200,7 +1270,7 @@
"source": "github", "source": "github",
"repo": "fullstorydev/fullstory-skills", "repo": "fullstorydev/fullstory-skills",
"commit": "1ec5865e7ab1449f9a0859d164c4b6a8c53b6e2f", "commit": "1ec5865e7ab1449f9a0859d164c4b6a8c53b6e2f",
"sha": "384555c3919a0631a096de1172998c8d855a0f26" "sha": "b20614e2d08d7a7c70775bb62b5af640f60b024b"
}, },
"homepage": "https://www.fullstory.com" "homepage": "https://www.fullstory.com"
}, },
@@ -1263,7 +1333,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/huggingface/skills.git", "url": "https://github.com/huggingface/skills.git",
"sha": "14cea99d5cd028974dbdd8bc12118882cd7a1b67" "sha": "d7223848c3895fbd447faf2aec73e0a6cdd7fdcd"
}, },
"homepage": "https://github.com/huggingface/skills.git" "homepage": "https://github.com/huggingface/skills.git"
}, },
@@ -1277,7 +1347,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/hunter-io/claude-plugin.git", "url": "https://github.com/hunter-io/claude-plugin.git",
"sha": "69c4e59ee573f4ccd8aa38bbc89e356bc8e7f876" "sha": "494b0bd6ac252c7c8d78402cb51c7f635b1469ad"
}, },
"homepage": "https://hunter.io" "homepage": "https://hunter.io"
}, },
@@ -1291,7 +1361,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/heygen-com/hyperframes.git", "url": "https://github.com/heygen-com/hyperframes.git",
"sha": "8228932e17e3371d5cf77ac5d5988f5322892dad" "sha": "25420bf4cfc37b179b4efeace9db25a7178b61bf"
}, },
"homepage": "https://hyperframes.heygen.com" "homepage": "https://hyperframes.heygen.com"
}, },
@@ -1345,10 +1415,24 @@
"source": "github", "source": "github",
"repo": "jfrog/claude-plugin", "repo": "jfrog/claude-plugin",
"commit": "259c8e718266c16e99b4f30ae9b1ed0f9f00d98d", "commit": "259c8e718266c16e99b4f30ae9b1ed0f9f00d98d",
"sha": "8324c7fc9a5561398fe57b8a56db53bdbf1e2cda" "sha": "117febaa29cbe9449cfb42d1c39b83b858d801a1"
}, },
"homepage": "https://jfrog.com" "homepage": "https://jfrog.com"
}, },
{
"name": "knowledge-catalog",
"description": "Connect to Knowledge Catalog to discover, manage, monitor, and govern data and AI artifacts across your data platform",
"author": {
"name": "Google LLC"
},
"category": "database",
"source": {
"source": "url",
"url": "https://github.com/gemini-cli-extensions/knowledge-catalog.git",
"sha": "317e96fdd12aa61778b950192aff627efdc21099"
},
"homepage": "https://github.com/gemini-cli-extensions/knowledge-catalog"
},
{ {
"name": "kotlin-lsp", "name": "kotlin-lsp",
"description": "Kotlin language server for code intelligence", "description": "Kotlin language server for code intelligence",
@@ -1460,6 +1544,20 @@
}, },
"homepage": "https://github.com/pydantic/skills/tree/main/plugins/logfire" "homepage": "https://github.com/pydantic/skills/tree/main/plugins/logfire"
}, },
{
"name": "looker",
"description": "Connect to Looker and interact with your data using LookML.",
"author": {
"name": "Google LLC"
},
"category": "database",
"source": {
"source": "url",
"url": "https://github.com/gemini-cli-extensions/looker.git",
"sha": "e912c0342f1bfd436e9236aaef7cc732239c80f7"
},
"homepage": "https://github.com/gemini-cli-extensions/looker"
},
{ {
"name": "lua-lsp", "name": "lua-lsp",
"description": "Lua language server for code intelligence", "description": "Lua language server for code intelligence",
@@ -1545,7 +1643,7 @@
"url": "https://github.com/modelcontextprotocol/ext-apps.git", "url": "https://github.com/modelcontextprotocol/ext-apps.git",
"path": "plugins/mcp-apps", "path": "plugins/mcp-apps",
"ref": "main", "ref": "main",
"sha": "a9907802937f1da067cbc4aa48b283cd4cfa7dc8" "sha": "ca1d29894fabbd1558885a9ec8620dcb01d7457e"
}, },
"homepage": "https://modelcontextprotocol.io" "homepage": "https://modelcontextprotocol.io"
}, },
@@ -1610,7 +1708,7 @@
"url": "https://github.com/awslabs/startups.git", "url": "https://github.com/awslabs/startups.git",
"path": "migrate/plugins/migration-to-aws", "path": "migrate/plugins/migration-to-aws",
"ref": "main", "ref": "main",
"sha": "30808e64b08ba13aedcecade5a27bfbff06dba09" "sha": "1dd909352dc228f978c2685724cb38e64efe6be4"
}, },
"homepage": "https://github.com/awslabs/startups" "homepage": "https://github.com/awslabs/startups"
}, },
@@ -1672,7 +1770,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/netlify/context-and-tools.git", "url": "https://github.com/netlify/context-and-tools.git",
"sha": "cffaf74f79128620b8200956222aeb819f5f8fd5" "sha": "5f777ba63df12f4eb189be4c58bd35d0c8316505"
}, },
"homepage": "https://github.com/netlify/context-and-tools" "homepage": "https://github.com/netlify/context-and-tools"
}, },
@@ -1741,7 +1839,7 @@
"url": "https://github.com/NVIDIA/skills.git", "url": "https://github.com/NVIDIA/skills.git",
"path": "plugins/nvidia-skills", "path": "plugins/nvidia-skills",
"ref": "main", "ref": "main",
"sha": "e695a8397463bbb64d787b3cd88d3c58889be633" "sha": "0482ebce81bd8f2d39990317bb3cfb07637e39fd"
}, },
"homepage": "https://github.com/NVIDIA/skills" "homepage": "https://github.com/NVIDIA/skills"
}, },
@@ -1757,10 +1855,24 @@
"url": "https://github.com/oracle-samples/oracle-aidp-samples.git", "url": "https://github.com/oracle-samples/oracle-aidp-samples.git",
"path": "ai/claude-code-plugins/oracle-ai-data-platform-workbench-spark-connectors", "path": "ai/claude-code-plugins/oracle-ai-data-platform-workbench-spark-connectors",
"ref": "main", "ref": "main",
"sha": "dcd5a5a19537bf9aaa9dd4f48514bc4402bfbc40" "sha": "00cedef34c99d642d969f87965736768de01cbd6"
}, },
"homepage": "https://docs.oracle.com/en/cloud/paas/ai-data-platform/index.html" "homepage": "https://docs.oracle.com/en/cloud/paas/ai-data-platform/index.html"
}, },
{
"name": "oracledb",
"description": "Connect, query, and interact with Oracle Databases and their data.",
"author": {
"name": "Google LLC"
},
"category": "database",
"source": {
"source": "url",
"url": "https://github.com/gemini-cli-extensions/oracledb.git",
"sha": "56239109760fd8ea838a56c946400347467bfa6d"
},
"homepage": "https://github.com/gemini-cli-extensions/oracledb"
},
{ {
"name": "outputai", "name": "outputai",
"description": "Output.ai workflow development toolkit for Claude Code. Adds 5 specialist agents (planner, builder, debugger, prompt writer, quality reviewer), 40+ slash-command skills covering scaffolding, debugging, evaluation, and credential management, plus a SessionStart hook that auto-loads Output SDK conventions so Claude understands the framework before the first prompt.", "description": "Output.ai workflow development toolkit for Claude Code. Adds 5 specialist agents (planner, builder, debugger, prompt writer, quality reviewer), 40+ slash-command skills covering scaffolding, debugging, evaluation, and credential management, plus a SessionStart hook that auto-loads Output SDK conventions so Claude understands the framework before the first prompt.",
@@ -1773,7 +1885,7 @@
"url": "https://github.com/growthxai/output.git", "url": "https://github.com/growthxai/output.git",
"path": "coding_assistants/claude/plugins/outputai", "path": "coding_assistants/claude/plugins/outputai",
"ref": "main", "ref": "main",
"sha": "d3c9b1f472358527386f7cc2bb6d4833d9bfe034" "sha": "2cc4685ebadfba9586f01890df48e1b25bd1049a"
}, },
"homepage": "https://output.ai" "homepage": "https://output.ai"
}, },
@@ -1821,7 +1933,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/gopigment/ai-plugins.git", "url": "https://github.com/gopigment/ai-plugins.git",
"sha": "abf36e64750d1323a4cc5fe79161597668231224" "sha": "f7bb2190a3f072bd9be5175bde6a0aa9596fcaaa"
}, },
"homepage": "https://www.pigment.com" "homepage": "https://www.pigment.com"
}, },
@@ -1883,7 +1995,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/PostHog/ai-plugin.git", "url": "https://github.com/PostHog/ai-plugin.git",
"sha": "a487311487bc369ee75e70c893d0a0c5ed478ba8" "sha": "db4a86632293ca66eec9a6d278786ddb22c1787e"
}, },
"homepage": "https://posthog.com/docs/model-context-protocol" "homepage": "https://posthog.com/docs/model-context-protocol"
}, },
@@ -1976,7 +2088,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/qdrant/skills.git", "url": "https://github.com/qdrant/skills.git",
"sha": "cace39df5cc46f7f0c192ced7391d767749142a0" "sha": "82337ccd4be601e52871f101844d57b2adbac52b"
}, },
"homepage": "https://skills.qdrant.tech" "homepage": "https://skills.qdrant.tech"
}, },
@@ -2015,7 +2127,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/quarkusio/quarkus-agent-mcp.git", "url": "https://github.com/quarkusio/quarkus-agent-mcp.git",
"sha": "01847d5d2eca02bc5751cce18deb41ad76a7a873" "sha": "e711107a1171507212dd0edd17b5a922212c3a97"
}, },
"homepage": "https://quarkus.io" "homepage": "https://quarkus.io"
}, },
@@ -2028,7 +2140,7 @@
"url": "https://github.com/railwayapp/railway-skills.git", "url": "https://github.com/railwayapp/railway-skills.git",
"path": "plugins/railway", "path": "plugins/railway",
"ref": "main", "ref": "main",
"sha": "831130cda8a659e8c47addd28be2744e9e67d31c" "sha": "1df604ebd18f528ff16b84975125ecff944cc036"
}, },
"homepage": "https://docs.railway.com/ai/claude-code-plugin" "homepage": "https://docs.railway.com/ai/claude-code-plugin"
}, },
@@ -2051,7 +2163,7 @@
"source": "url", "source": "url",
"url": "https://github.com/RevenueCat/rc-claude-code-plugin.git", "url": "https://github.com/RevenueCat/rc-claude-code-plugin.git",
"path": "revenuecat", "path": "revenuecat",
"sha": "b34f9bebe02ceb7e3f32e6d7d081cdfb2e7c37a6" "sha": "473fd504bf13d25e76bf4a0267b42be3794f6266"
}, },
"homepage": "https://www.revenuecat.com" "homepage": "https://www.revenuecat.com"
}, },
@@ -2091,7 +2203,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/resend/resend-skills.git", "url": "https://github.com/resend/resend-skills.git",
"sha": "0f598ef55623e37a76f972e93a53ffa91c1dc9d1" "sha": "0888546d6a69149c8d2402d46f395f5dddb1c720"
}, },
"homepage": "https://resend.com" "homepage": "https://resend.com"
}, },
@@ -2103,7 +2215,7 @@
"source": "url", "source": "url",
"url": "https://github.com/RevenueCat/rc-claude-code-plugin.git", "url": "https://github.com/RevenueCat/rc-claude-code-plugin.git",
"path": "revenuecat", "path": "revenuecat",
"sha": "b34f9bebe02ceb7e3f32e6d7d081cdfb2e7c37a6" "sha": "473fd504bf13d25e76bf4a0267b42be3794f6266"
}, },
"homepage": "https://www.revenuecat.com" "homepage": "https://www.revenuecat.com"
}, },
@@ -2202,7 +2314,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/sanity-io/agent-toolkit.git", "url": "https://github.com/sanity-io/agent-toolkit.git",
"sha": "7e04973754975e73b306b1d4dbae561160d797e9" "sha": "66f0ec5d9167b3ccb8b3450e5ec34f3b523d4139"
}, },
"homepage": "https://www.sanity.io" "homepage": "https://www.sanity.io"
}, },
@@ -2236,7 +2348,7 @@
"url": "https://github.com/SAP/open-ux-tools.git", "url": "https://github.com/SAP/open-ux-tools.git",
"path": "packages/fiori-mcp-server", "path": "packages/fiori-mcp-server",
"ref": "main", "ref": "main",
"sha": "b326a9a52b1da51effed574587e31fe5a2755b96" "sha": "fbfe8c32fb9fc64583aa72ac03ab64f553c407ee"
}, },
"homepage": "https://github.com/SAP/open-ux-tools/tree/main/packages/fiori-mcp-server" "homepage": "https://github.com/SAP/open-ux-tools/tree/main/packages/fiori-mcp-server"
}, },
@@ -2268,7 +2380,7 @@
"url": "https://github.com/spotify/save-to-spotify.git", "url": "https://github.com/spotify/save-to-spotify.git",
"path": "plugin", "path": "plugin",
"ref": "main", "ref": "main",
"sha": "35527660378c769bcbcfba89d8086d8b9fc4fccb" "sha": "cd4ea68111d96769b09c0b0d2199e692cf00a73c"
}, },
"homepage": "https://github.com/spotify/save-to-spotify" "homepage": "https://github.com/spotify/save-to-spotify"
}, },
@@ -2303,7 +2415,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/getsentry/sentry-for-claude.git", "url": "https://github.com/getsentry/sentry-for-claude.git",
"sha": "849303a8411c242d250885ffe714235a3bc2f5fe" "sha": "030b01fb76b21f5d7ef6af5a3c3dfa658a9b5024"
}, },
"homepage": "https://github.com/getsentry/sentry-for-claude/tree/main" "homepage": "https://github.com/getsentry/sentry-for-claude/tree/main"
}, },
@@ -2319,7 +2431,7 @@
"url": "https://github.com/getsentry/cli.git", "url": "https://github.com/getsentry/cli.git",
"path": "plugins/sentry-cli", "path": "plugins/sentry-cli",
"ref": "main", "ref": "main",
"sha": "5b78ddaf28252cb514007526025b138569445fd4" "sha": "9e9fe0fb6444f18ed109058b2749cced3c21f87e"
}, },
"homepage": "https://sentry.io" "homepage": "https://sentry.io"
}, },
@@ -2384,7 +2496,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/Shopify/Shopify-AI-Toolkit.git", "url": "https://github.com/Shopify/Shopify-AI-Toolkit.git",
"sha": "859be93bfc858f183ff5eb40183e35a4d91d2950" "sha": "a8e87a7cff153479eb77230d9c232484a1f3062f"
}, },
"homepage": "https://shopify.dev" "homepage": "https://shopify.dev"
}, },
@@ -2422,7 +2534,7 @@
"url": "https://github.com/Snowflake-Labs/snowflake-ai-kit.git", "url": "https://github.com/Snowflake-Labs/snowflake-ai-kit.git",
"path": "plugins/cortex-code", "path": "plugins/cortex-code",
"ref": "main", "ref": "main",
"sha": "c3f720020a3b6c8927f97362c2e5884e959acd53" "sha": "6a22eb1ff3b451c35e40468a118bbee54610c9bd"
}, },
"homepage": "https://docs.snowflake.com/en/user-guide/cortex-code" "homepage": "https://docs.snowflake.com/en/user-guide/cortex-code"
}, },
@@ -2462,6 +2574,20 @@
}, },
"homepage": "https://sourcegraph.com" "homepage": "https://sourcegraph.com"
}, },
{
"name": "spanner",
"description": "Connect and interact with Spanner data using natural language.",
"author": {
"name": "Google LLC"
},
"category": "database",
"source": {
"source": "url",
"url": "https://github.com/gemini-cli-extensions/spanner.git",
"sha": "d4678e2bc04f60f3dfcdb6b916df28e63a0d615f"
},
"homepage": "https://github.com/gemini-cli-extensions/spanner"
},
{ {
"name": "spotify-ads-api", "name": "spotify-ads-api",
"description": "Manage Spotify ad campaigns with natural language. Create campaigns, ad sets, ads, pull reports, and handle OAuth — all through conversation.", "description": "Manage Spotify ad campaigns with natural language. Create campaigns, ad sets, ads, pull reports, and handle OAuth — all through conversation.",
@@ -2482,7 +2608,7 @@
"url": "https://github.com/stripe/ai.git", "url": "https://github.com/stripe/ai.git",
"path": "providers/claude/plugin", "path": "providers/claude/plugin",
"ref": "main", "ref": "main",
"sha": "e27ee0091ed20f7557f3241e00ade3d4846af9d6" "sha": "b8f6adcb5d05f6ff01334411561ee8cb1ec014c6"
}, },
"homepage": "https://github.com/stripe/ai/tree/main/providers/claude/plugin" "homepage": "https://github.com/stripe/ai/tree/main/providers/claude/plugin"
}, },
@@ -2505,7 +2631,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/supabase-community/supabase-plugin.git", "url": "https://github.com/supabase-community/supabase-plugin.git",
"sha": "3217ac038647f6901a166f3264a32f01833f73ba" "sha": "2ed49769b1ec2f6703a14290af484df651336150"
}, },
"homepage": "https://github.com/supabase-community/supabase-plugin" "homepage": "https://github.com/supabase-community/supabase-plugin"
}, },
@@ -2550,7 +2676,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/JetBrains/teamcity-cli.git", "url": "https://github.com/JetBrains/teamcity-cli.git",
"sha": "3cc3013c0f8106ffc845b34fb322d763803bcb0e" "sha": "67e21f0be908daa7ca1e04c8016d1bc81750baee"
}, },
"homepage": "https://www.jetbrains.com/teamcity/" "homepage": "https://www.jetbrains.com/teamcity/"
}, },
@@ -2581,7 +2707,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/togethercomputer/skills.git", "url": "https://github.com/togethercomputer/skills.git",
"sha": "9772f2a2f83e2184c341dd2650ac4c7efb76c33b" "sha": "fb94cc1402900eb608c31e7102fc23566f8b0363"
}, },
"homepage": "https://www.together.ai" "homepage": "https://www.together.ai"
}, },
@@ -2643,7 +2769,7 @@
"url": "https://github.com/UI5/plugins-coding-agents.git", "url": "https://github.com/UI5/plugins-coding-agents.git",
"path": "plugins/ui5", "path": "plugins/ui5",
"ref": "main", "ref": "main",
"sha": "767ac53cb056a0c900374ccea0df96c54b769eb2" "sha": "9b3d7d80356f687725f9584988e4038dbead0d53"
}, },
"homepage": "https://github.com/UI5/plugins-coding-agents" "homepage": "https://github.com/UI5/plugins-coding-agents"
}, },
@@ -2661,7 +2787,7 @@
"url": "https://github.com/UI5/plugins-coding-agents.git", "url": "https://github.com/UI5/plugins-coding-agents.git",
"path": "plugins/ui5-typescript-conversion", "path": "plugins/ui5-typescript-conversion",
"ref": "main", "ref": "main",
"sha": "767ac53cb056a0c900374ccea0df96c54b769eb2" "sha": "9b3d7d80356f687725f9584988e4038dbead0d53"
}, },
"homepage": "https://github.com/UI5/plugins-coding-agents" "homepage": "https://github.com/UI5/plugins-coding-agents"
}, },
@@ -2677,7 +2803,7 @@
"url": "https://github.com/val-town/plugins.git", "url": "https://github.com/val-town/plugins.git",
"path": "plugin", "path": "plugin",
"ref": "main", "ref": "main",
"sha": "e01069e11ea6e46b8d2d5fd2945f2dd4d33e6a57" "sha": "02631f998eda9b88d73d699703b062db059d506b"
}, },
"homepage": "https://val.town" "homepage": "https://val.town"
}, },
@@ -2730,7 +2856,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/explorium-ai/vibeprospecting-plugin.git", "url": "https://github.com/explorium-ai/vibeprospecting-plugin.git",
"sha": "7ed0c4e2965ee315132c3c714609b46b23b5edc0" "sha": "aa5903f52d79e7f2a5f9c324c6fff7d5a5d92631"
}, },
"homepage": "https://www.vibeprospecting.ai/product/claude-plugin" "homepage": "https://www.vibeprospecting.ai/product/claude-plugin"
}, },
@@ -2755,7 +2881,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/wix/skills.git", "url": "https://github.com/wix/skills.git",
"sha": "f99715fc149208608a148c0fe0ed16c0f80ee734" "sha": "188ed338f39d70e5aef7f9a2582bbf338f223b78"
}, },
"homepage": "https://dev.wix.com/docs/wix-cli/guides/development/about-wix-skills" "homepage": "https://dev.wix.com/docs/wix-cli/guides/development/about-wix-skills"
}, },
@@ -2808,7 +2934,7 @@
"url": "https://github.com/zapier/zapier-mcp.git", "url": "https://github.com/zapier/zapier-mcp.git",
"path": "plugins/zapier", "path": "plugins/zapier",
"ref": "main", "ref": "main",
"sha": "f34a7854febed415c9ef766eec1c66529ef0668e" "sha": "770167c572deaf74c588b45d88003ddf2145d608"
}, },
"homepage": "https://github.com/zapier/zapier-mcp/tree/main/plugins/zapier" "homepage": "https://github.com/zapier/zapier-mcp/tree/main/plugins/zapier"
}, },
@@ -2862,7 +2988,7 @@
"source": { "source": {
"source": "url", "source": "url",
"url": "https://github.com/zscaler/zscaler-mcp-server.git", "url": "https://github.com/zscaler/zscaler-mcp-server.git",
"sha": "be37fb604a07dc9c5a4c3e009312c4f11acaa6d3" "sha": "f84ce4f0ed48047614a4202ac311cbdf00ea9a10"
}, },
"homepage": "https://github.com/zscaler/zscaler-mcp-server" "homepage": "https://github.com/zscaler/zscaler-mcp-server"
} }

View File

@@ -24,6 +24,10 @@ mkdir -p legacy && ln -s /path/to/your/legacy/codebase legacy/billing
`/modernize-assess` works best with [`scc`](https://github.com/boyter/scc) (LOC + complexity + COCOMO) or [`cloc`](https://github.com/AlDanial/cloc), and falls back to `find`/`wc` if neither is installed. Portfolio mode also benefits from [`lizard`](https://github.com/terryyin/lizard) (cyclomatic complexity). The commands degrade gracefully without them, but the metrics will be coarser. `/modernize-assess` works best with [`scc`](https://github.com/boyter/scc) (LOC + complexity + COCOMO) or [`cloc`](https://github.com/AlDanial/cloc), and falls back to `find`/`wc` if neither is installed. Portfolio mode also benefits from [`lizard`](https://github.com/terryyin/lizard) (cyclomatic complexity). The commands degrade gracefully without them, but the metrics will be coarser.
## Secret handling
Legacy systems routinely contain live credentials, and assessment artifacts get committed and shared. **Every agent in this plugin masks credential values** — findings, rule-card parameters, architecture notes, and test fixtures cite `file:line` with a masked preview (`AKIA****`), never the value. When credentials are found, a per-credential inventory (type, location, blast radius, rotation recommendation) is written to `analysis/<system>/SECRETS.local.md`, which the commands gitignore before writing; on non-git projects the quarantine file goes to `~/.modernize/<system>/` instead. `/modernize-harden` splits its remediation diff so credential-removal hunks (which necessarily contain the raw value) land in a gitignored `security_remediation.local.patch`, never the shareable patch. Pass `--show-secrets` to include raw values in the quarantine file (and only there). If you ran an earlier version of this plugin on a real system, check whether `analysis/` artifacts containing credentials were committed or shared, and rotate anything that was.
## Commands ## Commands
The commands are designed to be run in order, but each produces a standalone artifact so you can stop, review, and resume. The commands are designed to be run in order, but each produces a standalone artifact so you can stop, review, and resume.

View File

@@ -29,6 +29,12 @@ For **transformed code**:
- Does the test suite actually pin behavior, or just exercise code paths? - Does the test suite actually pin behavior, or just exercise code paths?
- What would the on-call engineer need at 3am that isn't here? - What would the on-call engineer need at 3am that isn't here?
## Secret handling (mandatory)
When a finding quotes code containing a credential, key, token, or
connection string, mask the value (`'Pr0d****'`) and cite `file:line`
findings get appended verbatim to committed notes files.
## Output ## Output
Findings ranked **Blocker / High / Medium / Nit**. Each with: what, where, Findings ranked **Blocker / High / Medium / Nit**. Each with: what, where,

View File

@@ -40,6 +40,15 @@ of the technology, skip it.
from structure/names), **Low** (ambiguous; needs SME). from structure/names), **Low** (ambiguous; needs SME).
6. If confidence < High, write the exact question an SME must answer. 6. If confidence < High, write the exact question an SME must answer.
## Secret handling (mandatory)
Rule parameters sometimes *are* credentials — hardcoded passwords in auth
checks, API keys in partner-service calls, connection strings in batch
routines. Record the **rule**, never the **value**: write the parameter as
`<credential — masked, see file:line>` with at most a 24 character
preview. Rule cards flow into briefs and steering decks; a raw credential
in a parameter list is a leak.
## Output format ## Output format
One "Rule Card" per rule (see the format in the `/modernize-extract-rules` One "Rule Card" per rule (see the format in the `/modernize-extract-rules`

View File

@@ -32,6 +32,15 @@ and explain it in terms a modern engineer can act on.
- **Note what's missing.** Unhandled error paths, TODO comments, commented-out - **Note what's missing.** Unhandled error paths, TODO comments, commented-out
blocks, magic numbers — these are signals about history and risk. blocks, magic numbers — these are signals about history and risk.
## Secret handling (mandatory)
Legacy code is full of live credentials, and your findings get copied into
shareable reports. When the evidence for a finding — hardcoded config,
dead code, debt, an interface payload — includes a credential, API key,
token, connection string, or private key, **never reproduce the value**.
Cite `file:line` with a masked preview (`VALUE 'Pr0d****'`,
`password=****`). The finding is the practice, not the value.
## Output format ## Output format
Default to structured markdown: tables for inventories, Mermaid for graphs, Default to structured markdown: tables for inventories, Mermaid for graphs,

View File

@@ -39,7 +39,30 @@ terminal/screen items don't apply to a SPA. Work through what's relevant:
Use available SAST where it helps (npm audit, pip-audit, grep for known-bad Use available SAST where it helps (npm audit, pip-audit, grep for known-bad
patterns) but **read the code** — tools miss logic flaws. Show tool output patterns) but **read the code** — tools miss logic flaws. Show tool output
verbatim, then add your manual findings. verbatim — except secret values, which you redact (see below) — then add
your manual findings.
## Secret handling (mandatory)
Legacy codebases routinely contain live production credentials, and your
findings get pasted into decks, tickets, and committed markdown. Copying a
secret into a report multiplies the exposure you were hired to find.
When you discover a hardcoded credential, API key, token, connection
string, or private key:
- **Never write the secret's value into any output** — no finding table,
no report, no quoted code excerpt, no echoed tool output. Mask it to the
first 24 identifying characters plus `****` (`AKIA****`,
`postgres://app_user:****@db-prod…`). If a scanner prints a secret,
redact it before including the excerpt.
- Cite `file:line`. The source file is the canonical location — anyone who
legitimately needs the value can open it there.
- State what the credential appears to grant access to (database, queue,
cloud account, third-party API) and whether it looks like a production
or test credential.
- Recommend rotation for anything that looks live — exposure in source
means it is already compromised, independent of any modernization plan.
## Reporting standard ## Reporting standard

View File

@@ -28,6 +28,15 @@ someone thinks it should do) so that a rewrite can be proven equivalent.
`@Disabled("pending RULE-NNN")` / `@pytest.mark.skip` / `it.todo()` — never `@Disabled("pending RULE-NNN")` / `@pytest.mark.skip` / `it.todo()` — never
deleted. deleted.
## Secret handling (mandatory)
Never copy credential-like literals — passwords, API keys, tokens,
connection strings — from legacy code into test fixtures. Tests live in
the deliverable codebase and get committed. Substitute clearly-fake values
of the same shape and length and note the substitution in a comment.
Anything a test genuinely needs live (e.g. a real database connection for
a dual-run harness) is read from an environment variable, never inlined.
## Output ## Output
Idiomatic tests for the requested target stack (JUnit 5 / pytest / Vitest / Idiomatic tests for the requested target stack (JUnit 5 / pytest / Vitest /

View File

@@ -1,11 +1,13 @@
--- ---
description: Full discovery & portfolio analysis of a legacy system — inventory, complexity, debt, effort estimation description: Full discovery & portfolio analysis of a legacy system — inventory, complexity, debt, effort estimation
argument-hint: <system-dir> | --portfolio <parent-dir> argument-hint: <system-dir> [--show-secrets] | --portfolio <parent-dir>
--- ---
**Mode select.** If `$ARGUMENTS` starts with `--portfolio`, run **Portfolio **Mode select.** If `$ARGUMENTS` starts with `--portfolio`, run **Portfolio
mode** against the directory that follows. Otherwise run **Single-system mode** against the directory that follows. Otherwise run **Single-system
mode** against `legacy/$1`. mode** against the system dir. Parse flags positionally-independently:
`--show-secrets` may appear before or after the system dir — the system
dir is the first non-flag token.
--- ---
@@ -108,12 +110,16 @@ Spawn three subagents **in parallel**:
2. **legacy-analyst** — "Identify technical debt in legacy/$1: dead code, 2. **legacy-analyst** — "Identify technical debt in legacy/$1: dead code,
deprecated APIs, copy-paste duplication, god objects/programs, missing deprecated APIs, copy-paste duplication, god objects/programs, missing
error handling, hardcoded config. Return the top 10 findings ranked by error handling, hardcoded config. Return the top 10 findings ranked by
remediation value, each with file:line evidence." remediation value, each with file:line evidence. If evidence contains a
credential value, mask it per your secret-handling rules — never quote
it."
3. **security-auditor** — "Scan legacy/$1 for security vulnerabilities: 3. **security-auditor** — "Scan legacy/$1 for security vulnerabilities:
injection, auth weaknesses, hardcoded secrets, vulnerable dependencies, injection, auth weaknesses, hardcoded secrets, vulnerable dependencies,
missing input validation. Return findings in CWE-tagged table form with missing input validation. Return findings in CWE-tagged table form with
file:line evidence and severity." file:line evidence and severity. Mask every discovered credential value
per your secret-handling rules — file:line plus a 24 character masked
preview, never the value itself."
Wait for all three. Synthesize their findings. Wait for all three. Synthesize their findings.
@@ -141,6 +147,31 @@ need explained.
## Step 6 — Write the assessment ## Step 6 — Write the assessment
**Secrets quarantine first.** The assessment gets shared and committed —
discovered credential values must never appear in it. If the
security-auditor found any hardcoded credentials:
1. Ensure `analysis/.gitignore` exists and contains the lines
`SECRETS.local.md` and `*.local.patch` (create or append as needed —
the patch pattern is used by `/modernize-harden`; writing both now
means the ignore set is complete from first contact). If the project is a
git repo, verify with `git check-ignore -q analysis/$1/SECRETS.local.md`
— do not write any findings until the check passes. If there is **no
git repo** (check for `.svn`/`.hg`/`CVS` too — a `.gitignore` protects
nothing under another VCS): refuse `--show-secrets` and write
`SECRETS.local.md` to `~/.modernize/$1/` instead of the project tree,
telling the user where it went and why.
2. Write `SECRETS.local.md`: one row per credential — masked preview,
`file:line`, credential type, what it grants access to,
production/test guess, rotation recommendation. Only if the user passed
`--show-secrets`, add the raw value column here — this file only, never
ASSESSMENT.md.
3. Masking applies to **every section of ASSESSMENT.md**, whichever agent
produced the finding — the Technical Debt section quotes hardcoded
config; those quotes follow the same masking rule as Security Findings.
The Security Findings section adds a one-line pointer:
"Credential inventory in SECRETS.local.md (gitignored; not for sharing)."
Create `analysis/$1/ASSESSMENT.md` with these sections: Create `analysis/$1/ASSESSMENT.md` with these sections:
- **Executive Summary** (3-4 sentences: what it is, how big, how risky, headline recommendation) - **Executive Summary** (3-4 sentences: what it is, how big, how risky, headline recommendation)
- **System Inventory** (the scc table + tech fingerprint) - **System Inventory** (the scc table + tech fingerprint)

View File

@@ -46,7 +46,7 @@ Merge the three result sets. Deduplicate. For each distinct rule, write a
When <trigger> When <trigger>
Then <outcome> Then <outcome>
[And <additional outcome>] [And <additional outcome>]
**Parameters:** <constants, rates, thresholds with their current values> **Parameters:** <constants, rates, thresholds with their current values — credentials masked: `<credential — masked, see file:line>`>
**Edge cases handled:** <list> **Edge cases handled:** <list>
**Suspected defect:** <optional — legacy behavior that looks wrong; decide preserve-vs-fix during transform> **Suspected defect:** <optional — legacy behavior that looks wrong; decide preserve-vs-fix during transform>
**Confidence:** High | Medium | Low — <why; if < High, state the exact SME question> **Confidence:** High | Medium | Low — <why; if < High, state the exact SME question>

View File

@@ -1,14 +1,42 @@
--- ---
description: Security vulnerability scan with a reviewable remediation patch — OWASP, CWE, CVE, secrets, injection description: Security vulnerability scan with a reviewable remediation patch — OWASP, CWE, CVE, secrets, injection
argument-hint: <system-dir> argument-hint: <system-dir> [--show-secrets]
--- ---
Run a **security hardening pass** on `legacy/$1`: find vulnerabilities, rank Run a **security hardening pass** on the legacy system: find
them, and produce a reviewable patch for the critical ones. vulnerabilities, rank them, and produce a reviewable patch for the
critical ones. Parse arguments flag-independently: the system dir
(referred to as `$1` below) is the first non-flag token in `$ARGUMENTS`;
`--show-secrets` may appear anywhere.
This command never edits `legacy/` — it writes findings and a proposed patch This command never edits `legacy/` — it writes findings and a proposed patch
to `analysis/$1/`. The user reviews and applies (or not). to `analysis/$1/`. The user reviews and applies (or not).
## Step 0 — Secrets quarantine setup
Findings files get shared, committed, and pasted into decks — discovered
credential values must never land in them. Before any scanning:
1. Ensure `analysis/.gitignore` exists and contains the lines
`SECRETS.local.md` and `*.local.patch`. Create the file or append the
missing lines.
2. If the project is a git repo, verify with
`git check-ignore -q analysis/$1/SECRETS.local.md` — if that exits
non-zero, fix the ignore rule before proceeding. Do not write any
findings until this check passes.
3. **If there is no git repo** (check for `.svn`/`.hg`/`CVS` too — a
`.gitignore` protects nothing under another VCS): refuse
`--show-secrets`, and write `SECRETS.local.md` and any `.local.patch`
file to `~/.modernize/$1/` instead of the project tree, telling the
user where they went and why.
All secret values in every shareable artifact this command produces are
**masked** (`AKIA****`, `password=****`) and cited by `file:line`. Raw
values may appear in exactly two places, both gitignored: the
`*.local.patch` remediation hunks (unavoidably — see Remediate) and, only
with `--show-secrets`, `SECRETS.local.md`. Never in SECURITY_FINDINGS.md
or patch commentary.
## Scan ## Scan
Spawn the **security-auditor** subagent: Spawn the **security-auditor** subagent:
@@ -20,7 +48,9 @@ hardcoded secrets, vulnerable dependency versions, missing input validation,
path traversal. For each finding return: CWE ID, severity path traversal. For each finding return: CWE ID, severity
(Critical/High/Med/Low), file:line, one-sentence exploit scenario, and (Critical/High/Med/Low), file:line, one-sentence exploit scenario, and
recommended fix. Run any available SAST tooling (npm audit, pip-audit, recommended fix. Run any available SAST tooling (npm audit, pip-audit,
OWASP dependency-check) and include its raw output." OWASP dependency-check) and include its raw output. Mask every discovered
credential value per your secret-handling rules — file:line plus a 24
character masked preview, never the value itself."
## Triage ## Triage
@@ -29,26 +59,50 @@ Write `analysis/$1/SECURITY_FINDINGS.md`:
- Findings table sorted by severity - Findings table sorted by severity
- Dependency CVE table (package, installed version, CVE, fixed version) - Dependency CVE table (package, installed version, CVE, fixed version)
If any hardcoded credentials were found, also write
`analysis/$1/SECRETS.local.md` (the gitignored quarantine file from Step 0):
one row per credential — masked preview, `file:line`, credential type, what
it appears to grant access to, production/test guess, and a rotation
recommendation. With `--show-secrets`, append the raw value column here —
this file only. SECURITY_FINDINGS.md gets a one-line pointer:
"N hardcoded credentials found — inventory in SECRETS.local.md (gitignored;
not for sharing)."
## Remediate ## Remediate
For each **Critical** and **High** finding, draft a minimal, targeted fix. For each **Critical** and **High** finding, draft a minimal, targeted fix.
Do **not** edit `legacy/` — write all fixes as a single unified diff to Do **not** edit `legacy/` — write fixes as unified diffs with **paths
`analysis/$1/security_remediation.patch`, with a comment line above each relative to the project root** (`legacy/$1/...`), applied from the project
hunk citing the finding ID it addresses (`# SEC-001: parameterize the query`). root, with a comment line above each hunk citing the finding ID it
addresses (`# SEC-001: parameterize the query`).
**Credential findings split into two files.** A diff that removes a
hardcoded secret necessarily contains the raw value on its `-` and
context lines — that cannot go in the shareable patch:
- `analysis/$1/security_remediation.patch` (shareable) — every
non-credential hunk, plus for each credential finding a comment-only
placeholder: `# SEC-NNN: credential remediation — hunk in
security_remediation.local.patch (gitignored; not for sharing)`.
- `analysis/$1/security_remediation.local.patch` (gitignored in Step 0) —
the real, applyable hunks for credential findings only.
Add a **Remediation Log** section to SECURITY_FINDINGS.md mapping each Add a **Remediation Log** section to SECURITY_FINDINGS.md mapping each
finding ID → one-line summary of the proposed fix and the patch hunk that finding ID → one-line summary of the proposed fix and which patch file
implements it. carries the hunk.
## Verify ## Verify
Spawn the **security-auditor** again to **review the patch** against the Spawn the **security-auditor** again to **review both patches** against
original code: the original code:
"Review analysis/$1/security_remediation.patch against legacy/$1. For each "Review analysis/$1/security_remediation.patch and
analysis/$1/security_remediation.local.patch against legacy/$1. For each
hunk: does it fully remediate the cited finding? Does it introduce new hunk: does it fully remediate the cited finding? Does it introduce new
vulnerabilities or change behavior beyond the fix? Return one verdict per vulnerabilities or change behavior beyond the fix? Confirm no raw
hunk: RESOLVES / PARTIAL / INTRODUCES-RISK, with a one-line reason." credential values appear anywhere in the shareable patch. Return one
verdict per hunk: RESOLVES / PARTIAL / INTRODUCES-RISK, with a one-line
reason."
Add a **Patch Review** section to SECURITY_FINDINGS.md with the verdicts. Add a **Patch Review** section to SECURITY_FINDINGS.md with the verdicts.
If any hunk is PARTIAL or INTRODUCES-RISK, revise the patch and re-review. If any hunk is PARTIAL or INTRODUCES-RISK, revise the patch and re-review.
@@ -57,8 +111,12 @@ If any hunk is PARTIAL or INTRODUCES-RISK, revise the patch and re-review.
Tell the user the artifacts are ready: Tell the user the artifacts are ready:
- `analysis/$1/SECURITY_FINDINGS.md` — findings, remediation log, patch review - `analysis/$1/SECURITY_FINDINGS.md` — findings, remediation log, patch review
- `analysis/$1/security_remediation.patch` — review, then apply if appropriate - `analysis/$1/security_remediation.patch` — review, then apply **from the
with `git -C legacy/$1 apply ../../analysis/$1/security_remediation.patch` project root**: `git apply analysis/$1/security_remediation.patch`
(if `legacy/$1` is a symlink, use `git apply --unsafe-paths` or apply
with `patch -p0` from the project root)
- `analysis/$1/security_remediation.local.patch` — the credential fixes;
apply the same way, and rotate the affected credentials regardless
- Re-run `/modernize-harden $1` after applying to confirm resolution - Re-run `/modernize-harden $1` after applying to confirm resolution
Suggest: `glow -p analysis/$1/SECURITY_FINDINGS.md` Suggest: `glow -p analysis/$1/SECURITY_FINDINGS.md`