From 5c75bd5de7f563b0359ff4b92be57dc96e9cefd7 Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Sat, 20 Jun 2026 09:14:07 +0200 Subject: [PATCH] docs: add full-depth plugin review (2026-06-20) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Grade A — non-agentic; one v0.1.0 maturity nit (no permissions block). Part of the marketplace-wide review (config-audit v5.4.0 + llm-security + structure + version). Read-only; this file is the only artifact. Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_01Ter3E2JSi1Khgmuf2kady8 --- docs/review-2026-06-20.md | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 docs/review-2026-06-20.md diff --git a/docs/review-2026-06-20.md b/docs/review-2026-06-20.md new file mode 100644 index 0000000..dd7bfef --- /dev/null +++ b/docs/review-2026-06-20.md @@ -0,0 +1,29 @@ +# Plugin review — claude-design v0.1.0 (2026-06-20) + +> Full-depth review (part of the marketplace-wide sweep; pilot was okr). Tooling: config-audit +> v5.4.0 scanners (from source) + llm-security posture assessor + structure/version checks. +> Read-only; this file is the only artifact. + +## Verdict + +**Clean, grade A — deliberately non-agentic.** Emits a copy-paste design prompt for a human to +paste into claude.ai/design; never executes the prompt, drives a browser, or touches the +filesystem. One v0.1.0 maturity nit. No blockers. + +## Results by dimension + +| Dimension | Result | +|-----------|--------| +| config-audit posture | **A** (Feature Coverage F 26, Token-Efficiency B 80 — expected for an early single-skill plugin) | +| config-audit plugin-health | **0 findings** | +| llm-security posture | **A** — only F-1 below. Strongest axis is Excessive Agency: `SKILL.md:151-156` explicitly disclaims code-gen, browser automation, and file writes. Unicode sweep clean; ~9 community-blog URLs are inert citations (never fetch targets). Scope-fence against Anthropic's official design plugin is test-enforced. | +| structure / hygiene | README ✓, CHANGELOG ✓, CLAUDE.md ✓, LICENSE ✓ | +| version consistency | **OK** (gate) | + +## Findings + +| ID | Severity | Location | Finding | +|----|----------|----------|---------| +| F-1 | Low (maturity) | `plugin.json:1-18` | No explicit `permissions` block. Not exploitable now (ships no hooks/MCP/commands; the skill invokes no tools), but new components added post-v0.1.0 would inherit session permissions with no deny-by-default baseline. **Recommend:** a minimal explicit `permissions` block before GA. | + +Citation discipline and the command-name scope-fence are test-gated strengths, not findings.