Add UI5 plugins from SAP (ui5 + ui5-typescript-conversion)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

.claude-plugin/marketplace.json

@@ -53,7 +53,7 @@
     },
     {
       "name": "aikido",
-      "description": "Aikido Security scanning for Claude Code — SAST, secrets, and IaC vulnerability detection powered by the Aikido MCP server.",
+      "description": "Aikido Security scanning for Claude Code \u2014 SAST, secrets, and IaC vulnerability detection powered by the Aikido MCP server.",
       "source": {
         "source": "url",
         "url": "https://github.com/AikidoSec/aikido-claude-plugin.git",
@@ -243,7 +243,7 @@
     },
     {
       "name": "cockroachdb",
-      "description": "CockroachDB plugin for Claude Code — explore schemas, write optimized SQL, debug queries, and manage distributed database clusters directly from your AI coding agent.",
+      "description": "CockroachDB plugin for Claude Code \u2014 explore schemas, write optimized SQL, debug queries, and manage distributed database clusters directly from your AI coding agent.",
       "source": {
         "source": "url",
         "url": "https://github.com/cockroachdb/claude-plugin.git",
@@ -275,7 +275,7 @@
     },
     {
       "name": "coderabbit",
-      "description": "Your code review partner. CodeRabbit provides external validation using a specialized AI architecture and 40+ integrated static analyzers—offering a different perspective that catches bugs, security vulnerabilities, logic errors, and edge cases. Context-aware analysis via AST parsing and codegraph relationships. Automatically incorporates CLAUDE.md and project coding guidelines into reviews. Useful after writing or modifying code, before commits, when implementing complex or security-sensitive logic, or when a second opinion would increase confidence in the changes. Returns specific findings with suggested fixes that can be applied immediately. Free to use.",
+      "description": "Your code review partner. CodeRabbit provides external validation using a specialized AI architecture and 40+ integrated static analyzers\u2014offering a different perspective that catches bugs, security vulnerabilities, logic errors, and edge cases. Context-aware analysis via AST parsing and codegraph relationships. Automatically incorporates CLAUDE.md and project coding guidelines into reviews. Useful after writing or modifying code, before commits, when implementing complex or security-sensitive logic, or when a second opinion would increase confidence in the changes. Returns specific findings with suggested fixes that can be applied immediately. Free to use.",
       "category": "productivity",
       "source": {
         "source": "url",
@@ -365,7 +365,7 @@
     },
     {
       "name": "elixir-ls-lsp",
-      "description": "Elixir language server (ElixirLS) for Claude Code — provides code intelligence and diagnostics for .ex, .exs, and .heex files.",
+      "description": "Elixir language server (ElixirLS) for Claude Code \u2014 provides code intelligence and diagnostics for .ex, .exs, and .heex files.",
       "source": {
         "source": "url",
         "url": "https://github.com/MikaelFangel/claude-elixir-ls-lsp.git",
@@ -458,6 +458,16 @@
       },
       "homepage": "https://www.firetiger.com/"
     },
+    {
+      "name": "flint",
+      "description": "Build and manage websites with Flint's AI website builder through natural conversation.",
+      "source": {
+        "source": "url",
+        "url": "https://github.com/tryflint/claude-code-plugin.git",
+        "sha": "f3d56e33ed2fb3ed9b4f02e0fc65d0a79b24bf4d"
+      },
+      "homepage": "https://www.tryflint.com/docs/claude-code-plugin"
+    },
     {
       "name": "followrabbit",
       "description": "Cloud cost optimization for GCP infrastructure. Review changes for cost impact and auto-apply savings recommendations using the followrabbit CLI.",
@@ -532,7 +542,7 @@
     },
     {
       "name": "helius",
-      "description": "Build on Solana with Helius — live blockchain tools, expert coding patterns, and autonomous account signup",
+      "description": "Build on Solana with Helius \u2014 live blockchain tools, expert coding patterns, and autonomous account signup",
       "source": {
         "source": "git-subdir",
         "url": "helius-labs/core-ai",
@@ -743,7 +753,7 @@
     },
     {
       "name": "netlify-skills",
-      "description": "Netlify platform skills for Claude Code — functions, edge functions, blobs, database, image CDN, forms, config, CLI, frameworks, caching, AI gateway, and deployment.",
+      "description": "Netlify platform skills for Claude Code \u2014 functions, edge functions, blobs, database, image CDN, forms, config, CLI, frameworks, caching, AI gateway, and deployment.",
       "category": "development",
       "source": {
         "source": "url",
@@ -763,7 +773,7 @@
     },
     {
       "name": "nimble",
-      "description": "Nimble web data toolkit — search, extract, map, crawl the web and work with structured data agents",
+      "description": "Nimble web data toolkit \u2014 search, extract, map, crawl the web and work with structured data agents",
       "source": {
         "source": "url",
         "url": "https://github.com/Nimbleway/agent-skills.git",
@@ -783,7 +793,7 @@
     },
     {
       "name": "opsera-devsecops",
-      "description": "Opsera DevSecOps Agent — AI-powered architecture analysis, security scanning, compliance auditing, and SQL security for your codebase. Free trial included.",
+      "description": "Opsera DevSecOps Agent \u2014 AI-powered architecture analysis, security scanning, compliance auditing, and SQL security for your codebase. Free trial included.",
       "source": {
         "source": "url",
         "url": "https://github.com/opsera-agents/opsera-devsecops.git",
@@ -793,7 +803,7 @@
     },
     {
       "name": "optibot",
-      "description": "AI code review that catches production-breaking bugs, business logic issues, and security vulnerabilities — directly in Claude Code.",
+      "description": "AI code review that catches production-breaking bugs, business logic issues, and security vulnerabilities \u2014 directly in Claude Code.",
       "source": {
         "source": "url",
         "url": "https://github.com/Optimal-AI/optibot-skill.git",
@@ -858,7 +868,7 @@
     },
     {
       "name": "playground",
-      "description": "Creates interactive HTML playgrounds — self-contained single-file explorers with visual controls, live preview, and prompt output with copy button. Includes templates for design playgrounds, data explorers, concept maps, and document critique.",
+      "description": "Creates interactive HTML playgrounds \u2014 self-contained single-file explorers with visual controls, live preview, and prompt output with copy button. Includes templates for design playgrounds, data explorers, concept maps, and document critique.",
       "author": {
         "name": "Anthropic",
         "email": "support@anthropic.com"
@@ -940,7 +950,7 @@
     },
     {
       "name": "product-tracking-skills",
-      "description": "AI agent skills that make SaaS products data-ready for product analytics — from codebase scan to tracking plan to working instrumentation code.",
+      "description": "AI agent skills that make SaaS products data-ready for product analytics \u2014 from codebase scan to tracking plan to working instrumentation code.",
       "source": {
         "source": "url",
         "url": "https://github.com/Accoil/product-tracking-skills.git",
@@ -974,7 +984,7 @@
     },
     {
       "name": "qodo-skills",
-      "description": "Qodo Skills provides a curated library of reusable AI agent capabilities that extend Claude's functionality for software development workflows. Each skill is designed to integrate seamlessly into your development process, enabling tasks like code quality checks, automated testing, security scanning, and compliance validation. Skills operate across your entire SDLC—from IDE to CI/CD—ensuring consistent standards and catching issues early.",
+      "description": "Qodo Skills provides a curated library of reusable AI agent capabilities that extend Claude's functionality for software development workflows. Each skill is designed to integrate seamlessly into your development process, enabling tasks like code quality checks, automated testing, security scanning, and compliance validation. Skills operate across your entire SDLC\u2014from IDE to CI/CD\u2014ensuring consistent standards and catching issues early.",
       "category": "development",
       "source": {
         "source": "url",
@@ -1098,7 +1108,7 @@
     },
     {
       "name": "searchfit-seo",
-      "description": "Free AI-powered SEO toolkit — audit websites, plan content strategy, optimize pages, generate schema markup, cluster keywords, and track AI visibility. Works with any website or codebase.",
+      "description": "Free AI-powered SEO toolkit \u2014 audit websites, plan content strategy, optimize pages, generate schema markup, cluster keywords, and track AI visibility. Works with any website or codebase.",
       "source": {
         "source": "url",
         "url": "https://github.com/searchfit/searchfit-seo.git",
@@ -1321,6 +1331,32 @@
         }
       }
     },
+    {
+      "name": "ui5",
+      "description": "SAPUI5 / OpenUI5 plugin for Claude. Create and validate UI5 projects, access API documentation, run UI5 linter, get development guidelines and best practices for UI5 development.",
+      "category": "development",
+      "source": {
+        "source": "git-subdir",
+        "url": "UI5/plugins-claude",
+        "path": "plugins/ui5",
+        "ref": "main",
+        "sha": "5070dfc1cef711d6efad40beb43750027039d71f"
+      },
+      "homepage": "https://github.com/UI5/plugins-claude"
+    },
+    {
+      "name": "ui5-typescript-conversion",
+      "description": "SAPUI5 / OpenUI5 plugin for Claude. Convert JavaScript based UI5 projects to TypeScript.",
+      "category": "development",
+      "source": {
+        "source": "git-subdir",
+        "url": "UI5/plugins-claude",
+        "path": "plugins/ui5-typescript-conversion",
+        "ref": "main",
+        "sha": "5070dfc1cef711d6efad40beb43750027039d71f"
+      },
+      "homepage": "https://github.com/UI5/plugins-claude"
+    },
     {
       "name": "vercel",
       "description": "Vercel deployment platform integration. Manage deployments, check build status, access logs, configure domains, and control your frontend infrastructure directly from Claude Code.",

external_plugins/discord/.claude-plugin/plugin.json

@@ -1,20 +1,11 @@
 {
   "name": "discord",
   "description": "Discord channel for Claude Code \u2014 messaging bridge with built-in access control. Manage pairing, allowlists, and policy via /discord:access.",
-  "version": "0.0.5",
+  "version": "0.0.4",
   "keywords": [
     "discord",
     "messaging",
     "channel",
     "mcp"
-  ],
-  "userConfig": {
-    "DISCORD_BOT_TOKEN": {
-      "type": "string",
-      "title": "Bot Token",
-      "description": "Bot token from the Discord Developer Portal. Stored in keychain (macOS) or ~/.claude/.credentials.json with 0600 permissions elsewhere. Never written to settings.json.",
-      "required": true,
-      "sensitive": true
-    }
-  }
+  ]
 }

external_plugins/discord/.mcp.json

@@ -2,10 +2,7 @@
   "mcpServers": {
     "discord": {
       "command": "bun",
-      "args": ["run", "--cwd", "${CLAUDE_PLUGIN_ROOT}", "--shell=bun", "--silent", "start"],
-      "env": {
-        "DISCORD_BOT_TOKEN": "${user_config.DISCORD_BOT_TOKEN}"
-      }
+      "args": ["run", "--cwd", "${CLAUDE_PLUGIN_ROOT}", "--shell=bun", "--silent", "start"]
     }
   }
 }

external_plugins/discord/server.ts

@@ -39,12 +39,10 @@ const ACCESS_FILE = join(STATE_DIR, 'access.json')
 const APPROVED_DIR = join(STATE_DIR, 'approved')
 const ENV_FILE = join(STATE_DIR, '.env')
 
-// Token is injected via ${user_config.DISCORD_BOT_TOKEN} from .mcp.json —
-// prompted at enable time, stored in keychain (macOS) or .credentials.json 0600
-// elsewhere. The .env file below is a legacy fallback for users configured
-// before H1 #3617646 — real env wins, so the injected value takes precedence.
+// Load ~/.claude/channels/discord/.env into process.env. Real env wins.
+// Plugin-spawned servers don't get an env block — this is where the token lives.
 try {
-  // Defensive chmod for legacy .env files (no-op on Windows).
+  // Token is a credential — lock to owner. No-op on Windows (would need ACLs).
   chmodSync(ENV_FILE, 0o600)
   for (const line of readFileSync(ENV_FILE, 'utf8').split('\n')) {
     const m = line.match(/^(\w+)=(.*)$/)
@@ -58,8 +56,8 @@ const STATIC = process.env.DISCORD_ACCESS_MODE === 'static'
 if (!TOKEN) {
   process.stderr.write(
     `discord channel: DISCORD_BOT_TOKEN required\n` +
-    `  re-enter via: /plugin manage → discord → Configure options\n` +
-    `  (stored in keychain/credentials.json, not settings.json)\n`,
+    `  set in ${ENV_FILE}\n` +
+    `  format: DISCORD_BOT_TOKEN=MTIz...\n`,
   )
   process.exit(1)
 }

external_plugins/telegram/.claude-plugin/plugin.json

@@ -1,20 +1,11 @@
 {
   "name": "telegram",
   "description": "Telegram channel for Claude Code \u2014 messaging bridge with built-in access control. Manage pairing, allowlists, and policy via /telegram:access.",
-  "version": "0.0.5",
+  "version": "0.0.4",
   "keywords": [
     "telegram",
     "messaging",
     "channel",
     "mcp"
-  ],
-  "userConfig": {
-    "TELEGRAM_BOT_TOKEN": {
-      "type": "string",
-      "title": "Bot Token",
-      "description": "Bot token from @BotFather — format is 123456789:AAH... Stored in keychain (macOS) or ~/.claude/.credentials.json with 0600 permissions elsewhere. Never written to settings.json.",
-      "required": true,
-      "sensitive": true
-    }
-  }
+  ]
 }

external_plugins/telegram/.mcp.json

@@ -2,10 +2,7 @@
   "mcpServers": {
     "telegram": {
       "command": "bun",
-      "args": ["run", "--cwd", "${CLAUDE_PLUGIN_ROOT}", "--shell=bun", "--silent", "start"],
-      "env": {
-        "TELEGRAM_BOT_TOKEN": "${user_config.TELEGRAM_BOT_TOKEN}"
-      }
+      "args": ["run", "--cwd", "${CLAUDE_PLUGIN_ROOT}", "--shell=bun", "--silent", "start"]
     }
   }
 }

external_plugins/telegram/server.ts

@@ -28,12 +28,10 @@ const ACCESS_FILE = join(STATE_DIR, 'access.json')
 const APPROVED_DIR = join(STATE_DIR, 'approved')
 const ENV_FILE = join(STATE_DIR, '.env')
 
-// Token is injected via ${user_config.TELEGRAM_BOT_TOKEN} from .mcp.json —
-// prompted at enable time, stored in keychain (macOS) or .credentials.json 0600
-// elsewhere. The .env file below is a legacy fallback for users configured
-// before H1 #3617646 — real env wins, so the injected value takes precedence.
+// Load ~/.claude/channels/telegram/.env into process.env. Real env wins.
+// Plugin-spawned servers don't get an env block — this is where the token lives.
 try {
-  // Defensive chmod for legacy .env files (no-op on Windows).
+  // Token is a credential — lock to owner. No-op on Windows (would need ACLs).
   chmodSync(ENV_FILE, 0o600)
   for (const line of readFileSync(ENV_FILE, 'utf8').split('\n')) {
     const m = line.match(/^(\w+)=(.*)$/)
@@ -47,8 +45,8 @@ const STATIC = process.env.TELEGRAM_ACCESS_MODE === 'static'
 if (!TOKEN) {
   process.stderr.write(
     `telegram channel: TELEGRAM_BOT_TOKEN required\n` +
-    `  re-enter via: /plugin manage → telegram → Configure options\n` +
-    `  (stored in keychain/credentials.json, not settings.json)\n`,
+    `  set in ${ENV_FILE}\n` +
+    `  format: TELEGRAM_BOT_TOKEN=123456789:AAH...\n`,
   )
   process.exit(1)
 }

external_plugins/terraform/.claude-plugin/plugin.json

@@ -0,0 +1,7 @@
+{
+  "name": "terraform",
+  "description": "The Terraform MCP Server provides seamless integration with Terraform ecosystem, enabling advanced automation and interaction capabilities for Infrastructure as Code (IaC) development.",
+  "author": {
+    "name": "HashiCorp"
+  }
+}

external_plugins/terraform/.mcp.json

@@ -0,0 +1,12 @@
+{
+  "terraform": {
+    "command": "docker",
+    "args": [
+      "run",
+      "-i",
+      "--rm",
+      "-e", "TFE_TOKEN=${TFE_TOKEN}",
+      "hashicorp/terraform-mcp-server:0.4.0"
+    ]
+  }
+}