From bd22b29a21f1d0f2dabcb64a9a1c37b0493172aa Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Tue, 7 Apr 2026 17:27:10 +0200 Subject: [PATCH] chore(ms-ai-architect): sanitize all private references for open-source README.md: badges updated (1.7.0/387/12), installation URL updated to ktg-plugin-marketplace, added ai-act-assessor to agent table, updated skill ref counts, updated hooks section, updated category-skill-map path. CLAUDE.md: fix agent model column (sonnet->opus), remove Linear section, fix manual test path to generic placeholder. commands/generate-skills.md: orchestrator paths updated to scripts/skill-gen. commands/export.md: add Bash scope guardrail (security scan finding). docs: replace GitHub and ktg-privat URLs with Forgejo, replace personal paths. scripts/skill-gen/manifest.json: rename ktg-privat ID. skills: remove Linear tagging reference, add supply chain warnings. Co-Authored-By: Claude Opus 4.6 --- plugins/ms-ai-architect/CLAUDE.md | 30 ++++++-------- plugins/ms-ai-architect/README.md | 41 ++++++++----------- plugins/ms-ai-architect/commands/export.md | 2 + .../commands/generate-skills.md | 10 ++--- .../docs/eu-ai-act-integration-handover.md | 2 +- .../docs/onboarding-ros-analysis.md | 8 ++-- .../ms-ai-architect/docs/playground-plan.md | 4 +- .../scripts/skill-gen/manifest.json | 2 +- .../llm-evaluation-production.md | 2 +- .../small-language-models-economics.md | 12 +++++- 10 files changed, 55 insertions(+), 58 deletions(-) diff --git a/plugins/ms-ai-architect/CLAUDE.md b/plugins/ms-ai-architect/CLAUDE.md index b68f763..5cbc65c 100644 --- a/plugins/ms-ai-architect/CLAUDE.md +++ b/plugins/ms-ai-architect/CLAUDE.md @@ -48,18 +48,18 @@ Tilbyr strukturert arkitekturveiledning for Microsoft AI-stakken: | Agent | Formål | Modell | |-------|--------|--------| -| `research-agent` | MCP-isolert research med microsoft-learn | sonnet | -| `security-assessment-agent` | 6-dimensjons sikkerhetsrammeverk med 1-5 scoring | sonnet | -| `cost-estimation-agent` | Kostnadsestimering i NOK med TCO-sammenligning | sonnet | -| `adr-writer-agent` | ADR-generering i MADR v3.0-format | sonnet | -| `license-mapper-agent` | Kryssreferering av lisenser mot plattformkapabiliteter | sonnet | -| `diagram-generation-agent` | Arkitekturdiagrammer med Imagen 3 via mcp-image | sonnet | -| `architecture-review-agent` | Arkitekturgjennomgang mot Digdir, AI Act, NSM, Schrems II | sonnet | -| `ros-analysis-agent` | ROS-analyse med 7 dimensjoner, NS 5814-metodikk og AI-trusselbibliotek | sonnet | -| `dpia-agent` | DPIA/PVK for AI-systemer med risikomatrise og tiltakstabell | sonnet | -| `summary-agent` | Teknisk sammendrag og beslutningsnotat fra arkitekturvurderinger | sonnet | -| `ai-act-assessor` | EU AI Act-klassifisering, forpliktelser og compliance-vurdering | sonnet | -| `onboarding-agent` | Strukturert onboarding-intervju for virksomhetstilpasning | sonnet | +| `research-agent` | MCP-isolert research med microsoft-learn | opus | +| `security-assessment-agent` | 6-dimensjons sikkerhetsrammeverk med 1-5 scoring | opus | +| `cost-estimation-agent` | Kostnadsestimering i NOK med TCO-sammenligning | opus | +| `adr-writer-agent` | ADR-generering i MADR v3.0-format | opus | +| `license-mapper-agent` | Kryssreferering av lisenser mot plattformkapabiliteter | opus | +| `diagram-generation-agent` | Arkitekturdiagrammer med Imagen 3 via mcp-image | opus | +| `architecture-review-agent` | Arkitekturgjennomgang mot Digdir, AI Act, NSM, Schrems II | opus | +| `ros-analysis-agent` | ROS-analyse med 7 dimensjoner, NS 5814-metodikk og AI-trusselbibliotek | opus | +| `dpia-agent` | DPIA/PVK for AI-systemer med risikomatrise og tiltakstabell | opus | +| `summary-agent` | Teknisk sammendrag og beslutningsnotat fra arkitekturvurderinger | opus | +| `ai-act-assessor` | EU AI Act-klassifisering, forpliktelser og compliance-vurdering | opus | +| `onboarding-agent` | Strukturert onboarding-intervju for virksomhetstilpasning | opus | ## Skills (5 domenespesifikke) @@ -147,7 +147,7 @@ Fixture-basert validering av agent-output (sikkerhet, kostnad, sammendrag). Test #### Manuell test ```bash # Test at plugin registreres -cd /Users/ktg/repos/plugins/ktg-privat +cd claude --plugin ./plugins/ms-ai-architect # Kjør hovedcommand @@ -198,7 +198,3 @@ Interaktiv 5-stegs arkitektur-pipeline for Azure AI-beslutninger. **Tilsynsmyndigheter:** Datatilsynet (personvern), nasjonal AI-tilsynsmyndighet (under etablering), sektortilsyn. -## Linear - -Project: MS AI Architect Plugin Suite -Issues tagges med `🏛️ ARCHITECT` label. diff --git a/plugins/ms-ai-architect/README.md b/plugins/ms-ai-architect/README.md index cb92c42..de75ca7 100644 --- a/plugins/ms-ai-architect/README.md +++ b/plugins/ms-ai-architect/README.md @@ -2,10 +2,10 @@ > Your virtual Microsoft AI solution architect — meet **Cosmo Skyberg**. -![Version](https://img.shields.io/badge/version-1.5.0-blue) +![Version](https://img.shields.io/badge/version-1.7.0-blue) ![Platform](https://img.shields.io/badge/platform-Claude_Code_Plugin-purple) -![Docs](https://img.shields.io/badge/reference_docs-380-green) -![Agents](https://img.shields.io/badge/agents-11-orange) +![Docs](https://img.shields.io/badge/reference_docs-387-green) +![Agents](https://img.shields.io/badge/agents-12-orange) ![License](https://img.shields.io/badge/license-MIT-lightgrey) A Claude Code plugin that provides structured architecture guidance across the full Microsoft AI stack. Cosmo Skyberg is a methodical, opinionated architect persona who understands the problem before recommending technology, verifies claims against live Microsoft Learn documentation via MCP, and delivers assessments calibrated for Norwegian public sector governance — while remaining useful for any enterprise context. @@ -65,7 +65,7 @@ Key capabilities: ### Installation ```bash -claude plugin add ktg-privat/ms-ai-architect +claude plugin marketplace add https://git.fromaitochitta.com/open/ktg-plugin-marketplace.git ``` Or add to your `~/.claude/settings.json`: @@ -73,7 +73,7 @@ Or add to your `~/.claude/settings.json`: ```json { "enabledPlugins": { - "ms-ai-architect@ktg-privat": true + "ms-ai-architect@ktg-plugin-marketplace": true } } ``` @@ -146,7 +146,7 @@ Cosmo will ask clarifying questions about your business need, licenses, data sou ## Agent Architecture -The plugin delegates specialized work to 11 purpose-built agents. Each agent has its own knowledge base routing, model assignment, and tool access. +The plugin delegates specialized work to 12 purpose-built agents. Each agent has its own knowledge base routing, model assignment, and tool access. | Agent | Role | KB Sources | Triggered By | |-------|------|------------|--------------| @@ -161,6 +161,7 @@ The plugin delegates specialized work to 11 purpose-built agents. Each agent has | `diagram-generation-agent` | Architecture diagrams via Imagen 3 / Mermaid | Prompt templates | `/architect:diagram` | | `summary-agent` | Executive summary and decision memo synthesis | All assessment outputs (incl. ROS) | `/architect:summary` | | `onboarding-agent` | 5-phase structured org interview | Writes org/*.md | `/architect:onboard` | +| `ai-act-assessor` | EU AI Act classification, obligations, and compliance assessment | ms-ai-governance (ai-act-*) | `/architect:classify`, `/architect:requirements`, `/architect:transparency`, `/architect:frimpact`, `/architect:conformity` | ### Orchestration Pattern @@ -193,25 +194,25 @@ The orchestrator creates a `.work/` directory for intermediate results, delegate ## Knowledge Base -The plugin includes **380 reference documents** organized across 5 domain-specific skills: +The plugin includes **387 reference documents** organized across 5 domain-specific skills: | Skill | Domain | Refs | User Intent | |-------|--------|------|-------------| | `ms-ai-advisor` | Cosmo persona, 7-phase workflow, platform selection | 62 | "Help me choose" | | `ms-ai-engineering` | RAG, agents, Azure AI Services, data, MLOps, multimodal | 153 | "How do I build this?" | -| `ms-ai-governance` | Norwegian public sector governance, EU regulations, responsible AI, ROS | 71 | "Is this legal/safe?" | +| `ms-ai-governance` | Norwegian public sector governance, EU regulations, responsible AI, ROS | 78 | "Is this legal/safe?" | | `ms-ai-security` | Security scoring (6×5), cost estimation (P10/P50/P90) | 60 | "Is this safe?" | | `ms-ai-infrastructure` | BCDR, hybrid/edge, sovereign cloud | 34 | "How do I operate this?" | -### ms-ai-advisor (61 refs) +### ms-ai-advisor (62 refs) Architecture decision trees, platform comparison matrices, Cosmo persona definition, cost models, migration patterns. -### ms-ai-engineering (149 refs) +### ms-ai-engineering (153 refs) RAG implementation patterns, agent orchestration, Azure AI Foundry, Copilot Studio extensibility, AI Builder, multimodal processing, Semantic Kernel, MLOps pipelines. -### ms-ai-governance (71 refs) +### ms-ai-governance (78 refs) Norwegian public sector governance (Digdir, DFØ), EU AI Act (Annex III checklist), responsible AI frameworks, GDPR/Schrems II compliance, Utredningsinstruksen alignment. Includes a comprehensive **ROS analysis framework** with 7 new reference documents: AI threat library (49 threats across 7 categories), NS 5814/ISO 31000 methodology guide, 7×5 scoring rubrics, sector-specific checklists (health, transport, finance, justice, education), report templates, DPIA/security integration patterns, and MAESTRO multi-agent security model. @@ -329,25 +330,15 @@ These MCP servers enhance the plugin's capabilities but are not required: ## Hooks & Safety -Three runtime hooks provide session context and safety guardrails: +Two runtime hooks provide session context and safety guardrails: | Event | Script | Purpose | Behavior | |-------|--------|---------|----------| | `SessionStart` | `session-start-context.mjs` | Show active investigations + KB freshness | Advisory — displays context | -| `PreToolUse` (Edit\|Write) | `pre-edit-secrets.mjs` | Block Azure keys, tokens, credentials from being written | **Blocking** — prevents write | | `Stop` | `stop-assessment-reminder.mjs` | Remind about uncommitted assessments and next steps | Advisory — displays reminder | -### Secrets Detection - -The `pre-edit-secrets` hook scans all Edit and Write operations for patterns matching: - -- Azure subscription keys and connection strings -- Bearer tokens and API keys -- Service principal credentials -- SAS tokens and storage account keys - -> [!IMPORTANT] -> The secrets hook is **blocking** — it will prevent the write operation if a secret pattern is detected. This is a safety net, not a replacement for proper secrets management with `.env` files. +> [!TIP] +> For secrets scanning across all plugins, use the [llm-security plugin](https://git.fromaitochitta.com/open/ktg-plugin-marketplace) which provides byte-level secrets detection as a blocking PreToolUse hook. --- @@ -519,7 +510,7 @@ bash scripts/kb-staleness-check.sh --json --output report.json /architect:generate-skills --update ``` -Category-to-skill routing is defined in `category-skill-map.json` (20 categories mapped to 5 skills), used by the generate-skills workflow to place new reference documents in the correct skill directory. +Category-to-skill routing is defined in `scripts/skill-gen/category-skill-map.json` (20 categories mapped to 5 skills), used by the generate-skills workflow to place new reference documents in the correct skill directory. --- diff --git a/plugins/ms-ai-architect/commands/export.md b/plugins/ms-ai-architect/commands/export.md index 9c4c0aa..7469c08 100644 --- a/plugins/ms-ai-architect/commands/export.md +++ b/plugins/ms-ai-architect/commands/export.md @@ -10,6 +10,8 @@ model: opus Eksporter et markdown-dokument til profesjonell PDF med A4-layout, tabellformatering og fargekodet scoring. +> **Bash scope:** Bash brukes utelukkende til å kjøre `scripts/export-pdf.py`. Ingen andre shell-operasjoner skal utføres. + ## Språk og encoding **VIKTIG:** Bruk norske tegn (æ, ø, å) korrekt i all output. diff --git a/plugins/ms-ai-architect/commands/generate-skills.md b/plugins/ms-ai-architect/commands/generate-skills.md index 59047eb..a2b59f6 100644 --- a/plugins/ms-ai-architect/commands/generate-skills.md +++ b/plugins/ms-ai-architect/commands/generate-skills.md @@ -20,13 +20,13 @@ Dette gir ~15-20 skills per sesjon istedenfor ~5. ## Oppstart -1. **Les state:** `orchestrator/skill-gen/state.json` — hva er allerede generert? -2. **Les manifest:** `orchestrator/skill-gen/manifest.json` — hvilke skills finnes? +1. **Les state:** `scripts/skill-gen/state.json` — hva er allerede generert? +2. **Les manifest:** `scripts/skill-gen/manifest.json` — hvilke skills finnes? 3. **Sjekk om manifest er komplett:** - - Les `orchestrator/skill-gen/categories.json` for å se alle 15 kategorier + - Les `scripts/skill-gen/categories.json` for å se alle 15 kategorier - Hvis en kategori mangler i manifest, ekspander den ved å kjøre: ```bash - ./orchestrator/skill-gen/expand-categories.sh + ./scripts/skill-gen/expand-categories.sh ``` - Gjenta for alle manglende kategorier 4. **Beregn pending:** Alle skills i manifest som IKKE er i state.completed @@ -182,7 +182,7 @@ Task(general-purpose, sonnet): "Research + write skill: Multi-Index..." 2. **Commit:** ```bash - git add skills/ms-ai-*/references// orchestrator/skill-gen/state.json + git add skills/ms-ai-*/references// scripts/skill-gen/state.json git commit -m "docs(architect): generate N knowledge skills (category-names)" ``` diff --git a/plugins/ms-ai-architect/docs/eu-ai-act-integration-handover.md b/plugins/ms-ai-architect/docs/eu-ai-act-integration-handover.md index 2baf9ce..b6f2697 100644 --- a/plugins/ms-ai-architect/docs/eu-ai-act-integration-handover.md +++ b/plugins/ms-ai-architect/docs/eu-ai-act-integration-handover.md @@ -455,7 +455,7 @@ bash tests/test-ai-act-output.sh ### STEG 9: Kjør validate-plugin.sh ```bash -cd /Users/ktg/.claude/plugins/marketplaces/ktg-privat/plugins/ms-ai-architect +cd bash tests/validate-plugin.sh ``` diff --git a/plugins/ms-ai-architect/docs/onboarding-ros-analysis.md b/plugins/ms-ai-architect/docs/onboarding-ros-analysis.md index 62130fc..da7a6c7 100644 --- a/plugins/ms-ai-architect/docs/onboarding-ros-analysis.md +++ b/plugins/ms-ai-architect/docs/onboarding-ros-analysis.md @@ -16,7 +16,7 @@ Open PowerShell: New-Item -ItemType Directory -Force -Path "$env:USERPROFILE\.claude\plugins\marketplaces" # Clone -git clone https://github.com/guttormsen108/ktg-privat.git "$env:USERPROFILE\.claude\plugins\marketplaces\ktg-privat" +git clone https://git.fromaitochitta.com/open/ktg-plugin-marketplace.git "$env:USERPROFILE\.claude\plugins\marketplaces\ktg-plugin-marketplace" ``` Edit `%USERPROFILE%\.claude\settings.json` (create if it doesn't exist): @@ -24,7 +24,7 @@ Edit `%USERPROFILE%\.claude\settings.json` (create if it doesn't exist): ```json { "enabledPlugins": { - "ms-ai-architect@ktg-privat": true + "ms-ai-architect@ktg-plugin-marketplace": true }, "mcpServers": { "microsoft-learn": { @@ -40,7 +40,7 @@ Edit `%USERPROFILE%\.claude\settings.json` (create if it doesn't exist): ## Step 2: Verify ```powershell -cd "$env:USERPROFILE\.claude\plugins\marketplaces\ktg-privat" +cd "$env:USERPROFILE\.claude\plugins\marketplaces\ktg-plugin-marketplace" claude ``` @@ -103,7 +103,7 @@ After implementation, run validation in **Git Bash** (not PowerShell — the tes ```bash # Open Git Bash from Start menu, then: -cd ~/.claude/plugins/marketplaces/ktg-privat +cd ~/.claude/plugins/marketplaces/ktg-plugin-marketplace # Plugin structure validation bash plugins/ms-ai-architect/tests/validate-plugin.sh diff --git a/plugins/ms-ai-architect/docs/playground-plan.md b/plugins/ms-ai-architect/docs/playground-plan.md index a176b3c..bbfd8eb 100644 --- a/plugins/ms-ai-architect/docs/playground-plan.md +++ b/plugins/ms-ai-architect/docs/playground-plan.md @@ -1,6 +1,6 @@ # Azure AI Architecture Playground -**Target:** Lagre denne planen i `/Users/ktg/.claude/plugins/marketplaces/ktg-privat/plugins/ms-ai-architect/docs/playground-plan.md` +**Target:** Lagre denne planen i `/docs/playground-plan.md` --- @@ -10,7 +10,7 @@ **Mal:** Bygge et guidet arkitekturbeslutningsverktoy for Azure AI-plattformen, ved a bruke Playground-pluginen som generator og ms-ai-architect som kunnskapsbase. Prompt-outputen fra playground limes tilbake i Claude for a kjore `/architect`-kommandoer. -**Arbeidskatalog:** `/Users/ktg/.claude/plugins/marketplaces/ktg-privat/plugins/ms-ai-architect/` (ms-ai-architect plugin-mappen) +**Arbeidskatalog:** `/` (ms-ai-architect plugin-mappen) --- diff --git a/plugins/ms-ai-architect/scripts/skill-gen/manifest.json b/plugins/ms-ai-architect/scripts/skill-gen/manifest.json index 19669b9..8f6344c 100644 --- a/plugins/ms-ai-architect/scripts/skill-gen/manifest.json +++ b/plugins/ms-ai-architect/scripts/skill-gen/manifest.json @@ -2676,7 +2676,7 @@ ] }, { - "id": "agent-ecosystem-and-ktg-privat", + "id": "agent-ecosystem-and-marketplace", "title": "Agent Ecosystem and Plugin Marketplace Patterns", "description": "Bygging av agentekosystemer, plugin-markeder, third-party-integrasjoner og distribusjon av agentplugins.", "subtopics": [ diff --git a/plugins/ms-ai-architect/skills/ms-ai-engineering/references/mlops-genaiops/llm-evaluation-production.md b/plugins/ms-ai-architect/skills/ms-ai-engineering/references/mlops-genaiops/llm-evaluation-production.md index 3f8deff..bde0756 100644 --- a/plugins/ms-ai-architect/skills/ms-ai-engineering/references/mlops-genaiops/llm-evaluation-production.md +++ b/plugins/ms-ai-architect/skills/ms-ai-engineering/references/mlops-genaiops/llm-evaluation-production.md @@ -1073,4 +1073,4 @@ Dette området utvikler seg raskt. Anbefalt re-verification: --- -*Denne kunnskapsreferansen er sist oppdatert 2026-02-04 av Cosmo Skyberg, Microsoft AI Solution Architect. For spørsmål eller korreksjoner, kontakt via Linear issue tagging `🏛️ ARCHITECT`.* +*Denne kunnskapsreferansen er sist oppdatert 2026-02-04 av Cosmo Skyberg, Microsoft AI Solution Architect.* diff --git a/plugins/ms-ai-architect/skills/ms-ai-security/references/cost-optimization/small-language-models-economics.md b/plugins/ms-ai-architect/skills/ms-ai-security/references/cost-optimization/small-language-models-economics.md index 1315016..6a53a7a 100644 --- a/plugins/ms-ai-architect/skills/ms-ai-security/references/cost-optimization/small-language-models-economics.md +++ b/plugins/ms-ai-architect/skills/ms-ai-security/references/cost-optimization/small-language-models-economics.md @@ -116,9 +116,13 @@ print(response.choices[0].message.content) - **Ingen per-token avgift** **Eksempel (Ollama):** + +> [!WARNING] +> `curl | sh` laster ned og kjører remote kode direkte. For produksjonsbruk: last ned scriptet, inspiser det, kjør deretter: `curl -fsSL https://ollama.com/install.sh -o install.sh && sh install.sh` + ```bash # Installér Ollama -curl -fsSL https://ollama.com/install.sh | sh +curl -fsSL https://ollama.com/install.sh | sh # gitleaks:allow # Last ned Phi-4-mini ollama pull phi4 @@ -325,9 +329,13 @@ kubectl run -it --rm --restart=Never curl --image=curlimages/curl -- curl -X POS **Ollama** er et lightweight rammeverk for å kjøre LLMs og SLMs lokalt. **Eksempel (on-premises):** + +> [!WARNING] +> `curl | sh` laster ned og kjører remote kode direkte. Inspiser scriptet før kjøring i produksjon. + ```bash # Installér Ollama -curl -fsSL https://ollama.com/install.sh | sh +curl -fsSL https://ollama.com/install.sh | sh # gitleaks:allow # Last ned Phi-4 ollama pull phi4