docs: add full-depth plugin review (2026-06-20)
Grade A — non-agentic; one v0.1.0 maturity nit (no permissions block). Part of the marketplace-wide review (config-audit v5.4.0 + llm-security + structure + version). Read-only; this file is the only artifact. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01Ter3E2JSi1Khgmuf2kady8
This commit is contained in:
parent
a5d672aa86
commit
5c75bd5de7
1 changed files with 29 additions and 0 deletions
29
docs/review-2026-06-20.md
Normal file
29
docs/review-2026-06-20.md
Normal file
|
|
@ -0,0 +1,29 @@
|
|||
# Plugin review — claude-design v0.1.0 (2026-06-20)
|
||||
|
||||
> Full-depth review (part of the marketplace-wide sweep; pilot was okr). Tooling: config-audit
|
||||
> v5.4.0 scanners (from source) + llm-security posture assessor + structure/version checks.
|
||||
> Read-only; this file is the only artifact.
|
||||
|
||||
## Verdict
|
||||
|
||||
**Clean, grade A — deliberately non-agentic.** Emits a copy-paste design prompt for a human to
|
||||
paste into claude.ai/design; never executes the prompt, drives a browser, or touches the
|
||||
filesystem. One v0.1.0 maturity nit. No blockers.
|
||||
|
||||
## Results by dimension
|
||||
|
||||
| Dimension | Result |
|
||||
|-----------|--------|
|
||||
| config-audit posture | **A** (Feature Coverage F 26, Token-Efficiency B 80 — expected for an early single-skill plugin) |
|
||||
| config-audit plugin-health | **0 findings** |
|
||||
| llm-security posture | **A** — only F-1 below. Strongest axis is Excessive Agency: `SKILL.md:151-156` explicitly disclaims code-gen, browser automation, and file writes. Unicode sweep clean; ~9 community-blog URLs are inert citations (never fetch targets). Scope-fence against Anthropic's official design plugin is test-enforced. |
|
||||
| structure / hygiene | README ✓, CHANGELOG ✓, CLAUDE.md ✓, LICENSE ✓ |
|
||||
| version consistency | **OK** (gate) |
|
||||
|
||||
## Findings
|
||||
|
||||
| ID | Severity | Location | Finding |
|
||||
|----|----------|----------|---------|
|
||||
| F-1 | Low (maturity) | `plugin.json:1-18` | No explicit `permissions` block. Not exploitable now (ships no hooks/MCP/commands; the skill invokes no tools), but new components added post-v0.1.0 would inherit session permissions with no deny-by-default baseline. **Recommend:** a minimal explicit `permissions` block before GA. |
|
||||
|
||||
Citation discipline and the command-name scope-fence are test-gated strengths, not findings.
|
||||
Loading…
Add table
Add a link
Reference in a new issue