Add rill plugin

.claude-plugin/marketplace.json

@@ -448,6 +448,22 @@
       },
       "homepage": "https://github.com/gemini-cli-extensions/bigquery-data-analytics"
     },
+    {
+      "name": "boltz",
+      "description": "Predict structures, screen molecules and proteins, and design binders with Boltz from Claude Code.",
+      "author": {
+        "name": "Boltz"
+      },
+      "category": "development",
+      "source": {
+        "source": "git-subdir",
+        "url": "https://github.com/boltz-bio/boltz-api-skills.git",
+        "path": "plugins/boltz",
+        "ref": "main",
+        "sha": "dee5b9962b5edd8cedc7b8405d14261852441d96"
+      },
+      "homepage": "https://boltz.bio"
+    },
     {
       "name": "box",
       "description": "Work with your Box content directly from Claude Code — search files, organize folders, collaborate with your team, and use Box AI to answer questions, summarize documents, and extract data without leaving your workflow.",
@@ -2247,6 +2263,20 @@
       },
       "homepage": "https://www.revenuecat.com"
     },
+    {
+      "name": "rill",
+      "description": "Skills for developing and querying projects in the Rill business intelligence platform",
+      "author": {
+        "name": "Rill Data"
+      },
+      "category": "development",
+      "source": {
+        "source": "url",
+        "url": "https://github.com/rilldata/agent-skills.git",
+        "sha": "9bdc4efa38a9ad419104fc2d1bb3e89529202487"
+      },
+      "homepage": "https://docs.rilldata.com/developers/build/ai-configuration"
+    },
     {
       "name": "rootly",
       "description": "Full-lifecycle incident management: deploy safety, incident response, on-call management, and retrospectives.",
@@ -2415,7 +2445,7 @@
     {
       "name": "security-guidance",
       "description": "Security review for Claude-generated code. Pattern-based warnings on edits, LLM-powered diff review on Stop, and an agentic commit reviewer that catches injection, XSS, SSRF, hardcoded secrets, and 25+ other vulnerability classes.",
-      "version": "2.0.7",
+      "version": "2.0.6",
       "author": {
         "name": "Anthropic",
         "email": "support@anthropic.com"

plugins/security-guidance/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "security-guidance",
-  "version": "2.0.7",
+  "version": "2.0.6",
   "description": "Security review for Claude-generated code. Pattern-based warnings on edits, LLM-powered diff review on Stop, and an agentic commit reviewer that catches injection, XSS, SSRF, hardcoded secrets, and 25+ other vulnerability classes.",
   "author": {
     "name": "David Dworken",

plugins/security-guidance/hooks/ensure_agent_sdk.py

@@ -318,46 +318,6 @@ def _probe_has_pip() -> bool:
         return False
 
 
-def _probe_alt_python() -> int:
-    """When the hook interpreter is <3.10 (HOOK_PY_INCOMPATIBLE), look for a
-    3.10+ interpreter at well-known install locations that aren't necessarily
-    on the hook's PATH — Homebrew (/opt/homebrew, /usr/local), python.org
-    framework builds, and the `py`/distro layouts. Returns the HIGHEST version
-    found encoded as major*100+minor (e.g. 312), or 0 if none.
-
-    Purpose (telemetry only, for now): size how many of the macOS Python-3.9
-    cohort actually HAVE a newer interpreter that sg-python.sh's PATH probe
-    missed — i.e. how many are RECOVERABLE by an explicit-path search vs.
-    genuinely 3.9-only. Emitted as sdk_alt_py. Existence-checks the versioned
-    binaries (cheap); a later explicit-path search would version-verify before
-    exec'ing. Probed only on the incompatible path, so healthy sessions never
-    pay for it."""
-    candidates = []
-    for minor in (14, 13, 12, 11, 10):
-        candidates += [
-            f"/opt/homebrew/bin/python3.{minor}",        # Apple-Silicon Homebrew
-            f"/usr/local/bin/python3.{minor}",           # Intel Homebrew / python.org shim
-            f"/Library/Frameworks/Python.framework/Versions/3.{minor}/bin/python3",  # python.org
-            f"/usr/bin/python3.{minor}",                 # distro-managed (Linux)
-        ]
-    best = 0
-    for path in candidates:
-        try:
-            if os.access(path, os.X_OK):
-                # path name encodes the minor; parse it back to a code
-                base = os.path.basename(path)
-                minor = None
-                if base.startswith("python3."):
-                    minor = int(base.split(".")[1])
-                elif "/Versions/3." in path:
-                    minor = int(path.split("/Versions/3.")[1].split("/")[0])
-                if minor is not None:
-                    best = max(best, 300 + minor)
-        except (OSError, ValueError, IndexError):
-            continue
-    return best
-
-
 def _pip_err_from_stderr(stderr_b):
     """Categorize a pip-install stderr into a known err_kind (the pip subset
     of SDK_BOOTSTRAP_ERR_CODES). Used by the --target fallback; mirrors the
@@ -828,14 +788,6 @@ if __name__ == "__main__":
         # per healthy session.
         if _encode_err_kind(err_kind) == 11:
             metrics["sdk_has_pip"] = _probe_has_pip()
-    # When the hook interpreter is <3.10 (HOOK_PY_INCOMPATIBLE), probe for a
-    # 3.10+ interpreter at known non-PATH locations. Non-zero sdk_alt_py =
-    # this user is RECOVERABLE by an explicit-path search in sg-python.sh; 0 =
-    # genuinely 3.9-only (needs a user install). Sizes the macOS Py-3.9 cohort
-    # (~13.6% of macOS sessions) before we build the search. Incompatible path
-    # only — healthy sessions never run it.
-    if outcome == HOOK_PY_INCOMPATIBLE:
-        metrics["sdk_alt_py"] = _probe_alt_python()
     # Interpreter version (major*100 + minor, e.g. 309 / 312), emitted on
     # every bootstrap. Disambiguates the macOS cohort (Apple 3.9 vs a 3.10+
     # with broken ensurepip) for both venv_ensurepip_fail AND