diff --git a/README.md b/README.md index 4246276..b32a05c 100644 --- a/README.md +++ b/README.md @@ -2,20 +2,87 @@ Open-source Claude Code plugins for AI-assisted development, security, and planning. +Built for my own Claude Code workflow and shared openly for anyone who finds them useful. Solo project — bug reports and feature requests are welcome, pull requests are not accepted. + +--- + ## Plugins -| Plugin | Description | -|--------|-------------| -| **llm-security** | Security scanning, auditing, and threat modeling aligned to OWASP LLM Top 10 (2025) | -| **config-audit** | Multi-agent workflow for analyzing and optimizing Claude Code configuration | -| **ultraplan-local** | Deep implementation planning with agent swarms, adversarial review, and headless execution | -| **ai-psychosis** | Meta-awareness tools for healthy AI interaction patterns — detects reinforcement loops, scope escalation, and compulsive patterns | +### [LLM Security](plugins/llm-security/) `v5.0.0` + +Security scanning, auditing, and threat modeling for agentic AI projects. + +Built on OWASP LLM Top 10 (2025), OWASP Agentic AI Top 10, and the AI Agent Traps taxonomy (Google DeepMind, 2025). Three layers of protection: + +- **Automated enforcement** — 8 hooks that block dangerous operations in real time (prompt injection, secrets in code, destructive commands, supply chain guardrails) +- **Deterministic scanning** — 15 Node.js scanners for byte-level analysis: Shannon entropy, Unicode codepoints, typosquatting detection, taint flow, DNS resolution, git forensics +- **Advisory analysis** — 18 commands that scan, audit, and model threats with structured reports, letter grades, and actionable remediation + +Key commands: `/security posture`, `/security audit`, `/security scan`, `/security threat-model`, `/security plugin-audit` + +6 specialized agents · 15 scanners · 8 hooks · 13 knowledge docs + +→ [Full documentation](plugins/llm-security/README.md) + +--- + +### [Config-Audit](plugins/config-audit/) `v3.0.1` + +Configuration intelligence for Claude Code — health checks, feature discovery, and auto-fix. + +Claude Code reads instructions from 7+ file types across multiple scopes. This plugin tells you what's wrong, what's missing, and what's silently conflicting: + +- **Health** — 7 deterministic scanners verify correctness across every configuration file (broken imports, deprecated settings, conflicting rules, permission contradictions) +- **Opportunities** — context-aware recommendations for Claude Code features you're not using +- **Action** — auto-fix with mandatory backups, syntax validation, rollback support, and human-in-the-loop workflow + +Key commands: `/config-audit posture`, `/config-audit discover`, `/config-audit feature-gap`, `/config-audit fix` + +6 agents · 8 scanners · 15 commands · 482+ tests + +→ [Full documentation](plugins/config-audit/README.md) + +--- + +### [Ultraplan Local](plugins/ultraplan-local/) `v1.4.0` + +Deep implementation planning with specialized agent swarms and adversarial review, then autonomous execution with failure recovery. + +Two commands, one pipeline: plan first, then execute. The plan is the contract between the two. + +- **`/ultraplan-local`** — Interview, 6-8 specialized agents explore the codebase in parallel, adversarial review by plan-critic and scope-guardian +- **`/ultraexecute-local`** — Step-by-step implementation with git checkpoints, automatic failure recovery, and parallel session decomposition + +Modes: default (interview + background), spec-driven, foreground, quick, decompose, export + +13 specialized agents · 2 commands · No cloud dependency + +→ [Full documentation](plugins/ultraplan-local/README.md) + +--- + +### [AI Psychosis](plugins/ai-psychosis/) `v1.0.0` + +Meta-awareness tools that counteract sycophancy, reinforcement loops, and compulsive AI interaction patterns. + +AI assistants are structurally optimized to be agreeable. This creates reinforcement loops where productive collaboration is often a mirror showing you what you want to see. Research documents psychotic episodes triggered by sustained AI interaction in individuals with no prior psychiatric history. + +- **Layer 1 — Behavioral instructions** — SKILL.md rules that modify Claude's behavior: no unearned affirmations, mandatory risk identification, pattern naming +- **Layer 2 — Programmatic detection** — 4 hooks that measure session duration, dependency language, rapid-fire bursts, edit ratios, and late-night usage with progressive alerts + +Research-informed thresholds. Alerts are progressive and never blocking. Privacy-first: prompt text is never logged. + +1 skill · 1 command · 4 hooks + +→ [Full documentation](plugins/ai-psychosis/README.md) + +--- ## Installation ### Step 1: Add this marketplace -Add the following entry to your `~/.claude/plugins/known_marketplaces.json`: +Add to your `~/.claude/plugins/known_marketplaces.json`: ```json { @@ -49,7 +116,13 @@ Add the plugins you want to `~/.claude/settings.json`: ### Step 3: Verify -Open a new Claude Code session and run `/plugin` to see available plugins. +Open a new Claude Code session and run `/plugin` to see installed plugins. + +## Compatibility + +- Claude Code CLI, desktop app, and IDE extensions +- macOS, Linux, Windows +- No external dependencies (all scanners and hooks are self-contained) ## License