feat(ms-ai-architect): add plugin to open marketplace (v1.5.0 baseline)
Initial addition of ms-ai-architect plugin to the open-source marketplace. Private content excluded: orchestrator/ (Linear tooling), docs/utredning/ (client investigation), generated test reports and PDF export script. skill-gen tooling moved from orchestrator/ to scripts/skill-gen/. Security scan: WARNING (risk 20/100) — no secrets, no injection found. False positive fixed: added gitleaks:allow to Python variable reference in output-validation-grounding-verification.md line 109. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Kjell Tore Guttormsen
parent
a8d79e4484
commit
6a7632146e
490 changed files with 213249 additions and 2 deletions
155
plugins/ms-ai-architect/docs/onboarding-ros-analysis.md
Normal file
155
plugins/ms-ai-architect/docs/onboarding-ros-analysis.md
Normal file
|
|
@ -0,0 +1,155 @@
|
|||
# From Clone to PR: Building ROS Analysis for ms-ai-architect
|
||||
|
||||
Step-by-step guide for **Windows**. Start at Step 1, end with a PR containing a complete ROS analysis feature.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- [Node.js](https://nodejs.org/) (LTS) — required for Claude Code and MCP servers
|
||||
- [Git for Windows](https://git-scm.com/download/win) — includes Git Bash (needed for test scripts)
|
||||
- [Claude Code](https://docs.anthropic.com/en/docs/claude-code) — `npm install -g @anthropic-ai/claude-code`
|
||||
## Step 1: Clone and Register
|
||||
|
||||
Open PowerShell:
|
||||
|
||||
```powershell
|
||||
# Create the marketplace directory
|
||||
New-Item -ItemType Directory -Force -Path "$env:USERPROFILE\.claude\plugins\marketplaces"
|
||||
|
||||
# Clone
|
||||
git clone https://github.com/guttormsen108/ktg-privat.git "$env:USERPROFILE\.claude\plugins\marketplaces\ktg-privat"
|
||||
```
|
||||
|
||||
Edit `%USERPROFILE%\.claude\settings.json` (create if it doesn't exist):
|
||||
|
||||
```json
|
||||
{
|
||||
"enabledPlugins": {
|
||||
"ms-ai-architect@ktg-privat": true
|
||||
},
|
||||
"mcpServers": {
|
||||
"microsoft-learn": {
|
||||
"command": "npx",
|
||||
"args": ["-y", "@nicobailey/microsoft-learn-mcp-server"]
|
||||
}
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
> **Tip:** Open the file with `notepad $env:USERPROFILE\.claude\settings.json`
|
||||
|
||||
## Step 2: Verify
|
||||
|
||||
```powershell
|
||||
cd "$env:USERPROFILE\.claude\plugins\marketplaces\ktg-privat"
|
||||
claude
|
||||
```
|
||||
|
||||
You should see:
|
||||
```
|
||||
Architect: Ingen virksomhetstilpasning. Kjor /architect:onboard (~5 min).
|
||||
```
|
||||
|
||||
Type `/architect:help` — if you see a list of commands, the plugin works.
|
||||
|
||||
## Step 3: Create a Branch
|
||||
|
||||
```powershell
|
||||
git checkout -b feat/ros-analysis
|
||||
```
|
||||
|
||||
## Step 4: Read the Pattern Files
|
||||
|
||||
Before writing anything, ask Claude to read these files. They are the patterns your ROS implementation must follow:
|
||||
|
||||
```
|
||||
Read these files:
|
||||
- plugins/ms-ai-architect/commands/dpia.md
|
||||
- plugins/ms-ai-architect/agents/dpia-agent.md
|
||||
- plugins/ms-ai-architect/agents/security-assessment-agent.md
|
||||
- plugins/ms-ai-architect/skills/ms-ai-security/references/ai-security-engineering/security-scoring-rubrics-6x5.md
|
||||
- plugins/ms-ai-architect/CLAUDE.md
|
||||
```
|
||||
|
||||
Key patterns to understand:
|
||||
- **Command** (`dpia.md`): collects context via dialog, then delegates to agent via `Task`
|
||||
- **Agent** (`dpia-agent.md`): phased methodology, KB-routing to reference files, structured output
|
||||
- **Scoring** (`security-scoring-rubrics-6x5.md`): deterministic rubrics with checkpoints per cell
|
||||
|
||||
## Step 5: Plan the Implementation
|
||||
|
||||
This is the critical step. Type `plan` first, then your prompt:
|
||||
|
||||
```
|
||||
plan Build a professional ROS analysis feature for the ms-ai-architect
|
||||
plugin. It needs: a /architect:ros command, a ros-analysis-agent,
|
||||
knowledge base files (threat library, scoring rubrics, sector checklists,
|
||||
methodology guide, report templates, integration guide), E2E tests,
|
||||
and updates to CLAUDE.md + help.md + SKILL.md.
|
||||
|
||||
Follow the patterns in dpia.md, dpia-agent.md, and
|
||||
security-scoring-rubrics-6x5.md exactly.
|
||||
```
|
||||
|
||||
Claude will explore the codebase and produce a detailed plan listing every file to create/modify. **Review the plan carefully.** The plan should include roughly:
|
||||
|
||||
- **~10 new files**: command, agent, 6 knowledge base references, test script, test fixture
|
||||
- **~5 modified files**: CLAUDE.md, help.md, SKILL.md, summary-agent.md, run-e2e.sh
|
||||
|
||||
When satisfied, approve the plan. Claude implements exactly what was approved — nothing more.
|
||||
|
||||
## Step 6: Verify
|
||||
|
||||
After implementation, run validation in **Git Bash** (not PowerShell — the test scripts are bash):
|
||||
|
||||
```bash
|
||||
# Open Git Bash from Start menu, then:
|
||||
cd ~/.claude/plugins/marketplaces/ktg-privat
|
||||
|
||||
# Plugin structure validation
|
||||
bash plugins/ms-ai-architect/tests/validate-plugin.sh
|
||||
|
||||
# E2E tests (no Claude invocation needed)
|
||||
bash plugins/ms-ai-architect/tests/run-e2e.sh --ros
|
||||
```
|
||||
|
||||
> **Note:** Alternatively, ask Claude to run the tests for you — Claude's built-in Bash tool handles this on Windows.
|
||||
|
||||
Fix any failures before proceeding.
|
||||
|
||||
## Step 7: Commit and PR
|
||||
|
||||
Ask Claude:
|
||||
|
||||
```
|
||||
Commit all changes and create a PR to main
|
||||
```
|
||||
|
||||
Commit message convention: `feat(architect): add ROS analysis command and agent`
|
||||
|
||||
CLAUDE.md must be updated in the same commit as the new functionality.
|
||||
|
||||
## What the Final PR Should Contain
|
||||
|
||||
| Type | Files | Description |
|
||||
|------|-------|-------------|
|
||||
| Command | `commands/ros.md` | `/architect:ros` with quick and full mode |
|
||||
| Agent | `agents/ros-analysis-agent.md` | Multi-phase ROS with scoring rubrics |
|
||||
| KB: Threats | `references/.../ros-ai-threat-library.md` | ~45 AI-specific threats |
|
||||
| KB: Scoring | `references/.../ros-scoring-rubrics-7x5.md` | Deterministic rubrics (7 dimensions x 5 levels) |
|
||||
| KB: Sectors | `references/.../ros-sector-checklists.md` | Health, transport, finance, justice, education |
|
||||
| KB: Methodology | `references/.../ros-methodology-ns5814-iso31000.md` | NS 5814 / ISO 31000 process mapping |
|
||||
| KB: Templates | `references/.../ros-report-templates.md` | Quick and full report templates |
|
||||
| KB: Integration | `references/.../ros-dpia-security-integration.md` | When to use ROS vs DPIA vs Security |
|
||||
| Tests | `tests/test-ros-output.sh` + `tests/fixtures/ros-analysis/` | E2E structure validation |
|
||||
| Docs | CLAUDE.md, help.md, SKILL.md, summary-agent.md, run-e2e.sh | Updated tables and references |
|
||||
|
||||
## Quick Reference
|
||||
|
||||
| Action | How |
|
||||
|--------|-----|
|
||||
| See all commands | Type `/` and scroll |
|
||||
| Plan mode | Type `plan` before your prompt |
|
||||
| Auto-accept tool calls | Shift+Tab |
|
||||
| Cancel | Esc |
|
||||
| New conversation | `/clear` |
|
||||
| Context usage | `/cost` |
|
||||
Loading…
Add table
Add a link
Reference in a new issue