open/ktg-plugin-marketplace
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity Actions

feat: initial open marketplace with llm-security, config-audit, ultraplan-local

Browse source
This commit is contained in:
Kjell Tore Guttormsen 2026-04-06 18:47:49 +02:00
commit f93d6abdae
380 changed files with 65935 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

101
plugins/config-audit/skills/config-hierarchy/SKILL.md Normal file
View file

@ -0,0 +1,101 @@
---
name: config-hierarchy
description: |
This skill should be used when the user asks about Claude Code configuration files,
CLAUDE.md hierarchy, settings.json structure, MCP server configuration, or rules directory patterns.
Triggers on: "CLAUDE.md hierarchy", "config file locations", "settings.json", ".mcp.json",
"rules directory", "configuration inheritance", "where does Claude read config from".
---
# Claude Code Configuration Hierarchy
Comprehensive reference for understanding Claude Code's configuration system.
## Overview
Claude Code loads configuration from multiple sources, with a defined precedence order. Understanding this hierarchy is crucial for effective configuration management.
## Configuration Sources (By Priority)
### 1. CLAUDE.md Hierarchy
From highest to lowest priority:
| Level | Location | Shared? | Purpose |
|-------|----------|---------|---------|
| **Managed** | System-level paths | All users | Enterprise/organization policies |
| **Project local** | `./CLAUDE.local.md` | No (gitignored) | Machine-specific project overrides |
| **Project shared** | `./CLAUDE.md` or `./.claude/CLAUDE.md` | Yes (git) | Team-shared project instructions |
| **Project rules** | `./.claude/rules/*.md` | Yes (git) | Modular, path-scoped rules |
| **User global** | `~/.claude/CLAUDE.md` | No | Personal defaults |
### 2. Settings.json Hierarchy
| Level | Location | Purpose |
|-------|----------|---------|
| **Managed** | System `managed-settings.json` | Enterprise policies (highest) |
| **CLI args** | Command line | Session-only overrides |
| **Local** | `.claude/settings.local.json` | Machine-specific project |
| **Project** | `.claude/settings.json` | Team-shared project |
| **User** | `~/.claude/settings.json` | Personal defaults (lowest) |
### 3. Other Configuration Files
| File | Location | Purpose |
|------|----------|---------|
| `.mcp.json` | Project root | MCP server definitions for project |
| `~/.claude.json` | Home | OAuth tokens, global MCP servers, state |
| `.claudeignore` | Project | File/directory exclusions |
| `~/.claude/agents/` | User | Custom subagent definitions |
## Managed Configuration Paths
For enterprise/organization-wide settings:
| Platform | Path |
|----------|------|
| macOS | `/Library/Application Support/ClaudeCode/CLAUDE.md` |
| Linux | `/etc/claude-code/CLAUDE.md` |
| Windows | `C:\Program Files\ClaudeCode\CLAUDE.md` |
## Key Concepts
### Inheritance
- Files are loaded from current directory upward to root
- Subtree files loaded on-demand when entering directories
- Lower priority files provide defaults
- Higher priority files override specific settings
### Path-Scoped Rules
In `.claude/rules/`, files can be scoped to specific paths:
```yaml
---
globs: ["src/**/*.ts", "src/**/*.tsx"]
---
# TypeScript Rules
These rules apply only to TypeScript files in src/
```
### @Imports
CLAUDE.md files can import other files:
```markdown
# Project CLAUDE.md
@./docs/api.md
@./CONTRIBUTING.md
```
## Further Reading
See the reference files for detailed schemas:
- `references/claude-md-structure.md` - CLAUDE.md sections
- `references/settings-json-schema.md` - settings.json keys
- `references/mcp-json-patterns.md` - MCP configuration
- `references/rules-directory.md` - Rules pattern
- `references/quality-criteria.md` - Quick reference (detailed rubric in `agents/analyzer-agent.md`)

103
plugins/config-audit/skills/config-hierarchy/references/claude-md-structure.md Normal file
View file

@ -0,0 +1,103 @@
# CLAUDE.md Structure Reference
## Purpose
CLAUDE.md files provide context and instructions to Claude Code for your project or globally.
## File Locations
| Location | Purpose | Shared? |
|----------|---------|---------|
| `~/.claude/CLAUDE.md` | Global defaults | No |
| `./CLAUDE.md` | Project shared | Yes |
| `./.claude/CLAUDE.md` | Alt project location | Yes |
| `./CLAUDE.local.md` | Local overrides | No |
## Common Sections
### Project Context
```markdown
# Project Name
Brief description of what this project does.
## Architecture
- Technology stack
- Key components
- Dependencies
```
### Coding Standards
```markdown
## Coding Standards
- Language preferences (TypeScript > JavaScript)
- Formatting rules
- Naming conventions
```
### Commands/Workflows
```markdown
## Available Commands
| Command | Description |
|---------|-------------|
| /build | Build the project |
| /test | Run tests |
```
### Environment Setup
```markdown
## Development Setup
1. Install dependencies: `npm install`
2. Set environment variables: see `.env.example`
3. Run dev server: `npm run dev`
```
## Frontmatter (Optional)
CLAUDE.md can have YAML frontmatter:
```yaml
---
model: sonnet
allowed-tools: Read, Write, Bash
---
```
## @Imports
Reference other files:
```markdown
# Main CLAUDE.md
@./docs/architecture.md
@./CONTRIBUTING.md
```
The imported files are loaded and included in context.
## Best Practices
1. **Keep it focused**: Don't repeat generic info
2. **Update regularly**: Keep sync with project changes
3. **Use imports**: Split large files into modules
4. **Be specific**: Give concrete examples, not vague guidelines
5. **Local for secrets**: Use CLAUDE.local.md for sensitive paths
## Size Recommendations
| File | Recommended Size |
|------|------------------|
| Global CLAUDE.md | 1-2 KB |
| Project CLAUDE.md | 2-5 KB |
| With imports | Total 5-10 KB |
Larger files consume more context tokens.

137
plugins/config-audit/skills/config-hierarchy/references/mcp-json-patterns.md Normal file
View file

@ -0,0 +1,137 @@
# MCP Server Configuration Reference
## File Locations
| Location | Scope |
|----------|-------|
| `~/.claude.json` → mcpServers | Global (all projects) |
| `.mcp.json` | Project-specific |
| `.claude/settings.json` → mcpServers | Project-specific |
## Basic Structure
```json
{
"mcpServers": {
"server-name": {
"command": "executable",
"args": ["arg1", "arg2"],
"env": {
"KEY": "value"
}
}
}
}
```
## Server Types
### stdio (Standard I/O)
Most common type, runs as subprocess:
```json
{
"mcpServers": {
"filesystem": {
"command": "npx",
"args": ["-y", "@anthropic/mcp-server-filesystem", "/path/to/root"],
"env": {}
}
}
}
```
### SSE (Server-Sent Events)
Connect to remote HTTP server:
```json
{
"mcpServers": {
"remote-service": {
"url": "https://api.example.com/mcp",
"headers": {
"Authorization": "Bearer ${API_TOKEN}"
}
}
}
}
```
## Common Patterns
### Filesystem Server
```json
{
"filesystem": {
"command": "npx",
"args": ["-y", "@anthropic/mcp-server-filesystem", "."],
"env": {}
}
}
```
### Database Server
```json
{
"database": {
"command": "npx",
"args": ["-y", "@anthropic/mcp-server-postgres"],
"env": {
"DATABASE_URL": "${DATABASE_URL}"
}
}
}
```
### Slack Server
```json
{
"slack": {
"command": "npx",
"args": ["-y", "@anthropic/mcp-server-slack"],
"env": {
"SLACK_BOT_TOKEN": "${SLACK_BOT_TOKEN}",
"SLACK_TEAM_ID": "${SLACK_TEAM_ID}"
}
}
}
```
## Environment Variables
**Best practice**: Use `${VAR_NAME}` syntax instead of hardcoded values:
```json
{
"env": {
"API_KEY": "${MY_API_KEY}" // Good
// "API_KEY": "sk-abc123..." // Bad - exposed secret
}
}
```
## Security Considerations
1. **Never hardcode secrets** in .mcp.json
2. **Use environment variable references** (`${VAR}`)
3. **.mcp.json should be gitignored** if it contains any sensitive paths
4. **Check for secrets** before committing
## Global vs Project
### When to use global (~/.claude.json)
- Servers used across all projects
- Personal tools (Slack, email)
- Utility servers (filesystem with safe root)
### When to use project (.mcp.json)
- Project-specific databases
- Project APIs
- Specialized tools for this codebase

27
plugins/config-audit/skills/config-hierarchy/references/quality-criteria.md Normal file
View file

@ -0,0 +1,27 @@
# CLAUDE.md Quality Criteria
> **Authoritative source:** The detailed scoring rubric, red flags, section detection patterns, and quality signals are maintained in `agents/analyzer-agent.md` under "## CLAUDE.md Quality Rubric (100 points)".
## Quick Reference
| Criterion | Points |
|-----------|--------|
| Commands/Workflows | 20 |
| Architecture Clarity | 20 |
| Non-Obvious Patterns | 15 |
| Conciseness | 15 |
| Currency | 15 |
| Actionability | 15 |
Grades: A (90-100), B (70-89), C (50-69), D (30-49), F (0-29)
## Assessment Process
1. Read the CLAUDE.md file completely
2. Cross-reference with actual codebase (check commands, file refs, architecture)
3. Score each criterion independently using breakdown in analyzer-agent.md
4. Calculate total and assign grade
5. List specific issues found
6. Propose concrete improvements
See `agents/analyzer-agent.md` for detailed scoring breakdowns per criterion.

169
plugins/config-audit/skills/config-hierarchy/references/rules-directory.md Normal file
View file

@ -0,0 +1,169 @@
# .claude/rules/ Directory Reference
## Purpose
The `.claude/rules/` directory allows modular organization of instructions with optional path scoping.
## Location
```
project/
├── .claude/
│ └── rules/
│ ├── code-style.md
│ ├── testing.md
│ └── api.md
└── CLAUDE.md
```
## File Format
Each rule file is a markdown file with optional frontmatter:
```markdown
---
paths: ["src/**/*.ts", "src/**/*.tsx"]
description: TypeScript code style rules
---
# TypeScript Rules
## Formatting
- Use 2-space indentation
- Prefer single quotes
## Types
- Always use explicit types for function parameters
- Avoid `any` type
```
## Frontmatter Options
### paths (Official) / globs (Legacy)
Array of glob patterns that scope when this rule applies.
**Official field name:** `paths:` (as per Claude Code documentation)
**Legacy/alternative:** `globs:` (also supported for backwards compatibility)
Both fields behave identically - use `paths:` for new rules:
```yaml
---
paths: ["src/**/*.ts"] # Official - Only for TypeScript in src/
---
```
```yaml
---
globs: ["src/**/*.ts"] # Legacy - Still works, but prefer paths:
---
```
```yaml
---
paths: ["tests/**/*", "**/*.test.ts"] # Test files anywhere
---
```
If no paths/globs specified, rule applies everywhere.
**Note:** Config-audit normalizes both to `patterns` internally and tracks which field was used via `pattern_source`.
### description
Brief description of what the rule covers:
```yaml
---
description: Code formatting and style preferences
---
```
### alwaysApply
Force rule to always be included regardless of current file:
```yaml
---
alwaysApply: true
---
```
## Loading Behavior
1. Rules are loaded when entering relevant directories
2. Glob patterns are matched against current file/directory
3. Matching rules are included in context
4. Non-matching rules are not loaded
## Example Rules
### code-style.md
```markdown
---
paths: ["src/**/*"]
description: Source code style
---
# Code Style
- TypeScript > JavaScript
- Explicit types for public API
- Document exported functions
```
### testing.md
```markdown
---
paths: ["tests/**/*", "**/*.test.ts", "**/*.spec.ts"]
description: Testing guidelines
---
# Testing
- Use Jest for unit tests
- Descriptive test names
- Arrange-Act-Assert pattern
```
### api.md
```markdown
---
paths: ["src/api/**/*", "src/routes/**/*"]
description: API development rules
---
# API Guidelines
- RESTful conventions
- Validate all inputs
- Consistent error responses
```
## Best Practices
1. **Split by concern**: One rule file per topic
2. **Use specific globs**: Avoid overly broad patterns
3. **Keep rules focused**: 200-500 words per file
4. **Document purpose**: Use description frontmatter
5. **Review periodically**: Remove outdated rules
## Migration from CLAUDE.md
To convert from monolithic CLAUDE.md to rules:
1. Identify distinct sections in CLAUDE.md
2. Create rule file for each section
3. Add appropriate globs
4. Remove sections from CLAUDE.md
5. Test that rules load correctly
## Debugging
To see which rules are loaded:
- Check Claude Code logs
- Rules appear in context when relevant files are active

138
plugins/config-audit/skills/config-hierarchy/references/settings-json-schema.md Normal file
View file

@ -0,0 +1,138 @@
# settings.json Schema Reference
## File Locations
| Location | Precedence | Purpose |
|----------|------------|---------|
| `~/.claude/settings.json` | Lowest | User defaults |
| `.claude/settings.json` | Medium | Project shared |
| `.claude/settings.local.json` | High | Project local |
| CLI arguments | Highest | Session only |
## Schema
```json
{
// Default model for the project
"model": "sonnet",
// Permission rules
"permissions": {
// Tools allowed without prompting
"allow": [
"Read",
"Write",
"Bash(npm*)",
"Bash(git*)"
],
// Tools that always require approval
"deny": [
"Bash(rm -rf*)"
]
},
// Environment variables to set
"env": {
"NODE_ENV": "development"
},
// Hooks configuration
"hooks": {
"PreToolUse": [...],
"PostToolUse": [...],
"Stop": [...]
},
// MCP server configuration (can also be in .mcp.json)
"mcpServers": {
"filesystem": {
"command": "npx",
"args": ["-y", "@anthropic/mcp-server-filesystem"],
"env": {}
}
},
// Custom agents path
"agents": "./agents",
// Plugins to load
"plugins": [
"~/plugins/my-plugin"
]
}
```
## Key Settings
### model
Default model for this project/user:
```json
{
"model": "sonnet" // or "opus", "haiku"
}
```
### permissions
Control tool access:
```json
{
"permissions": {
"allow": [
"Read",
"Write",
"Bash(npm *)",
"Bash(git *)",
"Task"
],
"deny": [
"Bash(rm -rf *)",
"Bash(sudo *)"
]
}
}
```
Patterns support wildcards:
- `*` matches any characters
- `Bash(npm*)` matches `npm install`, `npm test`, etc.
### env
Environment variables:
```json
{
"env": {
"NODE_ENV": "development",
"DEBUG": "true"
}
}
```
### hooks
Event-driven automation:
```json
{
"hooks": {
"PreToolUse": [
{
"matcher": "Bash",
"command": "echo 'About to run bash'"
}
]
}
}
```
## Merging Behavior
When multiple settings files exist:
- Objects are merged recursively
- Arrays are replaced, not merged
- Higher precedence wins for conflicts