Runnable demonstration of hooks/scripts/pre-compact-scan.mjs (the
only PreCompact hook in the plugin) detecting both a CRITICAL
injection pattern and an AWS-shaped credential inside a synthetic
JSONL transcript, exercised across all three values of
LLM_SECURITY_PRECOMPACT_MODE plus a benign-transcript control case
in block mode that proves the gate is not a brick wall.
The transcript is generated at runtime in a per-invocation tempdir
under os.tmpdir() and the directory is removed in a finally block,
so the user's real ~/.claude/projects/.../transcripts/ are never
touched. The AWS-shaped key uses the same 'AK' + 'IA' + ...
fragmentation idiom as tests/e2e/attack-chain.test.mjs so this
source contains no literal credentials and pre-edit-secrets does
not block writes during development.
Nine independent assertions (9/9 must pass):
- block mode + poisoned: exit 2, decision=block JSON, reason text
covers both injection and AWS labels (3 assertions)
- warn mode + poisoned: exit 0, systemMessage JSON, no decision
field (2 assertions)
- off mode + poisoned: exit 0, no JSON on stdout (2 assertions)
- block mode + benign: exit 0, no decision=block JSON (2 assertions)
OWASP / framework mapping: LLM01, LLM02, ASI01, AT-1, AT-3.
Docs updated: plugin README "Other runnable examples", plugin
CLAUDE.md "Examples" tabellen, CHANGELOG [Unreleased] Added.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Single-component lethal-trifecta walkthrough that drives
scanners/toxic-flow-analyzer.mjs against a deliberately
misconfigured fixture plugin. The fixture agent declares
tools: [Bash, Read, WebFetch], which alone covers all three
trifecta legs (input surface + data access + exfil sink). No
hooks/hooks.json is shipped, so TFA's mitigation logic finds
no active guards and emits a CRITICAL "Lethal trifecta:"
finding without downgrade.
Plugin marker is plugin.fixture.json (recognised by isPlugin())
rather than .claude-plugin/plugin.json — the latter is blocked
by the plugin's own pre-write-pathguard hook, and
plugin.fixture.json exists in isPlugin() specifically so
example fixtures can self-mark without touching guarded paths.
Three independent assertions (3/3 must pass): direct trifecta
present and CRITICAL; finding mentions the exfil-helper
component; description confirms "no hook guards detected"
(proves the mitigation path stayed inactive). expected-findings.md
documents the contract.
OWASP / framework mapping: ASI01, ASI02, ASI05, LLM01, LLM02, LLM06.
Docs updated: plugin README "Other runnable examples", plugin
CLAUDE.md "Examples" tabellen, CHANGELOG [Unreleased] Added.
[skip-docs] is appropriate because examples don't change what
the plugin "synes å dekke utad" — marketplace root README is
unaffected.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Three new self-contained, runnable threat demonstrations under
examples/, continuing the batch started in 583a78c. Each example
has README.md + run-*.mjs + expected-findings.md and uses
state-isolation discipline so the user's real cache/state files
are never polluted.
- examples/supply-chain-attack/ — two-layer demonstration:
pre-install-supply-chain (PreToolUse) blocks compromised
event-stream version 3.3.6 and emits a scope-hop advisory for
the @evilcorp scope; dep-auditor (DEP scanner, offline) flags
5 typosquat dependencies plus a curl-piped install-script
vector in the fixture package.json. Maps to LLM03/LLM05/ASI04.
- examples/poisoned-claude-md/ — all 6 memory-poisoning detectors
fire on a deliberately poisoned CLAUDE.md plus a fixture
agent file under .claude/agents (E15/v7.2.0 surface):
detectInjection, detectShellCommands, detectSuspiciousUrls,
detectCredentialPaths, detectPermissionExpansion,
detectEncodedPayloads. No agent runtime needed — scanner
imported directly. Maps to LLM01/LLM06/ASI04.
- examples/bash-evasion-gallery/ — one disguised variant per
T1 through T9 evasion technique fed through pre-bash-destructive,
verified BLOCK after bash-normalize strips the evasion. T8
base64-pipe-shell uses its own BLOCK_RULE. The canonical
destructive form uses a path token rather than the bare slash
(regex word-boundary requires it). Source-string fragmentation
pattern reused from the e2e attack-chain test. Maps to
LLM06/ASI01/LLM01.
Plugin README "Other runnable examples" section + plugin
CLAUDE.md "Examples" table + CHANGELOG Unreleased/Added
all updated. Marketplace root README unchanged
([skip-docs] for marketplace-level gate — plugin's outward
coverage is unchanged, only demonstrations were added).
Companion to 8df5d5c (which only carried the doc updates — the example
directories themselves were left out of staging by mistake). This
commit adds the actual example mappes:
- examples/lethal-trifecta-walkthrough/{README.md, run-trifecta.mjs,
expected-findings.md}
- examples/mcp-rug-pull/{README.md, run-rug-pull.mjs,
expected-findings.md}
Plus plugin CLAUDE.md "Examples (runnable demonstrations)" section
with a 4-row table covering malicious-skill-demo, prompt-injection-
showcase, lethal-trifecta-walkthrough, and mcp-rug-pull plus the
state-isolation discipline notes.
Marketplace root README unchanged since plugin's outward coverage
is unchanged ([skip-docs] covers the marketplace-level gate).
Two new self-contained, runnable threat demonstrations under examples/:
- lethal-trifecta-walkthrough/ — feeds 5 hook calls (WebFetch, Read .env,
Bash curl POST + suppression follow-ups) into post-session-guard and
verifies the Rule-of-Two advisory fires exactly on leg 3. State
isolated via run-script PID so /tmp/llm-security-session-*.jsonl is
not polluted. Treffer post-session-guard, ASI01/ASI02, LLM01/LLM02.
- mcp-rug-pull/ — mutates an MCP tool description across 8 stages.
Each per-update <10% Levenshtein, cumulative reaches 32.2% by stage
7 — proves the v7.3.0 (E14) mcp-cumulative-drift MEDIUM advisory
catches slow-burn rug-pulls that the per-update detection would
miss. Uses LLM_SECURITY_MCP_CACHE_FILE to isolate cache. Treffer
post-mcp-verify, mcp-description-cache.mjs, OWASP MCP05/LLM03/ASI04.
Each example: README.md + run-*.mjs + expected-findings.md.
Plugin README "Other runnable examples" section + CHANGELOG
[Unreleased] Added bullets + plugin CLAUDE.md "Examples" section
all updated in this commit. Marketplace root README unchanged
since plugin's outward coverage is unchanged ([skip-docs]
covers the marketplace-level gate).
Synthetic ROS-analyse output for "Acme Kunde-chatbot" (Acme Kommune)
following the same pattern as security-assessment, cost-estimation,
ai-act and summary fixtures. Satisfies all 29 assertions in
tests/test-ros-output.sh:
- 8 phases (Fase 1-8) plus Ledelsessammendrag
- 12 trusler i T-XXX-NN format (MAESTRO + OWASP-mapping)
- 9 risikoer i R-N format
- 10 tiltak i M-N format
- 7 ROS-dimensjoner med X/5-scoring
- 5x5 risikomatrise + restrisiko-tabell
- NS 5814 + ISO 31000 metodikk-referanser
- AI Act, GDPR, OWASP regulatoriske referanser
- MAESTRO + supply-chain referanser (Vedlegg O coverage)
Tar bort den siste pre-eksisterende run-e2e-feilen
(`bash tests/run-e2e.sh` exits 0).
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Three new files in tests/e2e/ (45 tests, 1777 -> 1822):
- attack-chain.test.mjs (17): full hook stack against attack payloads in
sequence -- prompt injection at the gate; T1/T5/T8 bash evasions;
pathguard on .env / .ssh; secrets hook on AWS-shaped keys and PEM
headers; markdown link-title and HTML-comment poisoning in tool
output; trifecta accumulation over a single session with dedup on
the next benign call.
- multi-session.test.mjs (9): state persistence across simulated
session boundaries. Uses the fact that a hook child's process.ppid
equals the test runner's process.pid, so writing the session state
file directly simulates "previous session" history. Covers slow-burn
trifecta (legs spread >50 calls), MCP cumulative description drift
via LLM_SECURITY_MCP_CACHE_FILE override, and pre-compact transcript
poisoning in warn / block / clean / missing-file modes.
- scan-pipeline.test.mjs (19): scan-orchestrator + all 10 scanners +
toxic-flow correlator against poisoned-project (BLOCK / 95 / Extreme)
and grade-a-project (WARNING / 48 / High). Asserts envelope shape,
verdict, risk_score, severity counts, OWASP coverage, scanner
enumeration, and a narrative-coherence cross-check that the BLOCK
scan strictly outranks the WARNING scan along every axis.
Test files build credential-shaped payloads at runtime via concatenation
so they contain no literal matches for the pre-edit-secrets regexes
(memory rule feedback_secrets_hook_test_fixtures.md).
Doc updates in same commit per marketplace policy:
- CLAUDE.md header: 1777+ -> 1822+ tests, mentions tests/e2e/
- README.md badge tests-1777 -> tests-1822, body text updated
- CHANGELOG.md: new [Unreleased] Added section describing scope
No version bump. No behavior changes outside tests/.
ToS-vurdering konkluderte med at autonom cron-kjøring er unødvendig kompleks
for en solo-fork-and-own-plugin. Apply-fasen krever LLM-resonnering uansett,
så manuell trigger fra en aktiv Claude Code-sesjon er enklere og holder
pluginen klart innenfor Anthropic Consumer Terms paragraf 3 (automated access
only via API key or where explicitly permitted — Claude Code CLI er
eksemptert som offisielt verktøy).
Lagt til:
- commands/kb-update.md — ny /architect:kb-update slash-kommando som driver
poll, endringsrapport, microsoft_docs_fetch-update og commit fra sesjonen.
Argumenter: --skip-discover, --priorities, --dry-run, --single-commit
- Catalog-entry i playground HTML for kb-update (categori: tool, 4 input-felt)
Slettet (Wave 3-5 reversert, ~1500 linjer + 7 testmoduler):
- scripts/install-kb-cron.mjs (cross-OS scheduler-installer)
- scripts/kb-update/weekly-kb-cron.mjs (cron-orkestrator med pre-flight, lock,
backup, claude -p subprocess, post-run verify, rollback)
- scripts/kb-update/templates/ (4 scheduler-templates: launchd plist, systemd
service+timer, Windows ps1 + README)
- scripts/kb-update/lib/auth-mode.mjs (cron-spesifikk auth validation)
- scripts/kb-update/lib/lock-file.mjs (PID+mtime stale-detection)
- scripts/kb-update/lib/cost-estimat.mjs (pre-flight budget-cap)
- 7 testmoduler under tests/kb-update/ for slettet kode
- tests/test-kb-update.sh (Bash-3.2-shim, erstattet av direkte node --test)
Beholdt (utility-laget fortsatt brukbart):
- run-weekly-update.mjs, report-changes.mjs, build-registry.mjs,
discover-new-urls.mjs (KB change-detection-pipelinen)
- lib/atomic-write, lib/backup, lib/cross-platform-paths, lib/log-rotate
- 4 testmoduler (42/42 tester PASS)
Endret:
- hooks/scripts/session-start-context.mjs: fjern kb-update-status.json-overvaaking
- tests/run-e2e.sh --kb-update kaller node --test direkte i stedet for shim
- README.md, CLAUDE.md: KB-vedlikehold-seksjon rewriter for manuell modell
- plugin.json: 1.11.0 -> 1.12.0
- Rot README + CLAUDE.md: ms-ai-architect-versjon bumpet
Schedulering er bevisst utenfor scope og overlatt til brukeren — eventuelle
forks som vil ha periodisk varsling kan sette opp egen cron / launchd /
GitHub Actions som kjører rapport-fasen og varsler om aa kjore
/architect:kb-update i CC-sesjon.
Verifisering:
- bash tests/validate-plugin.sh: 219 PASS, 0 FAIL
- bash tests/run-e2e.sh --kb-update: 42/42 inner + suite PASS
- bash tests/run-e2e.sh --playground: 271/271 PASS (statisk + parsers)
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Step 12 — adds --kb-update flag to tests/run-e2e.sh and a Bash 3.2-compatible
shim test-kb-update.sh that runs `node --test tests/kb-update/*.test.mjs`
(shell-glob form; Node 25 rejects directory-form arguments). Shim translates
node --test exit code + parsed pass/fail counts into the e2e-helpers.sh
suite counters (init_suite/print_summary).
Verification:
- Playground baseline 271 PASS unchanged before/after edit
- bash tests/run-e2e.sh --kb-update: exits 0, 110/110 inner tests pass
- bash tests/run-e2e.sh --all: kb-update suite included
- Pre-existing ROS-fixture absence (tests/fixtures/ros-analysis/) is
unrelated to this change and remains for separate handling
Wave 5 of 7 in v1.12.0 auto-KB-update plan.
Plan: .claude/projects/2026-05-04-kb-update-fork-and-own/plan.md (Step 12)
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Step 11 of v1.12.0 plan (.claude/projects/2026-05-04-kb-update-fork-and-own/plan.md).
scripts/install-kb-cron.mjs lives at the scripts/ root (not inside
scripts/kb-update/) because it is a plugin-wide install tool, not part of
the KB-update pipeline itself. Reads the appropriate template from
scripts/kb-update/templates/, fills {{NODE_BIN}}, {{PLUGIN_ROOT}},
{{LOG_FILE}}, {{SCHEDULE_HOUR/MINUTE/DAY_OF_WEEK}} placeholders, writes
to the platform-specific scheduler dir, and registers the job:
macOS - launchctl bootstrap gui/<uid> <plist> (load -w fallback)
Linux - systemctl --user daemon-reload && enable --now <timer>
Windows - powershell -ExecutionPolicy Bypass -File <ps1> (beta)
Flags: --print-only, --target macos|linux|windows, --uninstall, --purge,
--node-bin, --claude-bin, --schedule "M H * * D" (default: Wed 04:23).
UID resolution for launchctl is guarded by process.getuid() POSIX-only
(undefined on Windows). MCP server presence in ~/.claude.json is
warning-only per brief Spørsmål 7. WSL detected via /proc/version.
Cross-OS rendering supported via --print-only --target <other>; install
on a non-host target rejects with explicit error.
11 subprocess + filesystem-snapshot tests in
tests/kb-update/test-install-cron.test.mjs verify --print-only produces
filled templates with no unsubstituted {{...}} placeholders, --print-only
writes nothing under HOME, --uninstall is idempotent on an empty HOME,
--schedule substitutes correctly, and invalid flags reject with non-zero
exit. Tests never invoke launchctl/systemctl/Register-ScheduledTask
against real schedulers.
Tests: 110/110 pass (was 99 before this step).
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
D5 — final session of post-v3.4.1 stabilisering. Repo prepared for the
upcoming voyage-rebrand (v4.0.0 hard cut: ultraplan-local → voyage,
/ultra*-local → /trek*).
Tracked changes:
- README.md: cut #9 jargon — '### Self-verifying plan chain' →
'### Manifest-verified steps' with body rewritten to drop the
'objective completion predicate' jargon.
- package.json: removed 'simulate' script that pointed to
tests/simulator/run-pipeline.mjs (file never existed; D3 was
dropped before that work shipped).
- .claude-plugin/marketplace.json: ultraplan-local description
updated from 'Four-command pipeline' to the current six-command
shape with Handover 6 + multi-session resumption (matches
plugin.json).
- docs/_archive-ultra-suite-brief_2.md: deleted (tracked planning-doc
unrelated to ultraplan-local; 117 lines, no inbound references).
Untracked cleanup (not in commit, gitignored):
- 4 stale plugin-root .local.md (NEXT-SESSION-PROMPT.archived,
PLAN-v2.1-phase3, V3.0-MULTI-SESSION-PLAN, etc.)
- 3 docs/ planning .local.md (ultracontinue-brief, ultracontinue-design-notes,
ultraexecute-v2-observations)
- examples/01-add-verbose-flag/perf-baseline.local.md
- .claude/plans/ultraplan-2026-04-17-logger.md
- 9 closed sub-projects under .claude/projects/ (skill-factory,
ultracontinue, ultrareview-local, ultra-pipeline-speedup,
examples-02-real-cli, post-v3.4.0-roadmap, spor-c-q3-cache,
v3.3.1-ultracontinue-fixes)
Cuts #7 (template-duplisering) + #10 (Two kinds of briefs) reviewed
and judged not needed: README has 38 code-fences vs CLAUDE.md 2 (no
overlap), and 'Two kinds of briefs' is already a direct task-vs-
research-brief explanation, not jargon.
D3 + D4 droppet 2026-05-05 — voyage-rebrand renames all ultra*
references; new test infrastructure built against the old names
would need to be renamed in the same pass. Memory pin:
feedback_cleanup_vs_new_code.md.
Tests: 361 / 0 (unchanged — no test changes).
Stabilisering close-out: complete. Repo is ready for voyage-rebrand.
Foundation lib for v1.12.0 cron rewrite — closes brief deliverable
"log-rotate" that was missing from the original plan (Phase 9 scope
revision). Standard logrotate idiom, zero dependencies.
- rotateLog(logPath, opts) returns {rotated, dropped, kept}
- Defaults: maxSizeBytes 10 MB, maxGenerations 5 (1 active + 4 rotated)
- No-op when log missing or under threshold
- Over-size: drop oldest, shift .N..1 down by one, move active → .1
- maxGenerations=1 keeps only the active slot (no rotated copies)
- Pure stdlib fs.renameSync chain with silent try/catch on missing gens
8/8 tests pass: missing/under-size/over-size paths, chained 6 rotations
capped at maxGenerations, oldest dropped, two-step content shift.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Foundation lib for v1.12.0 cron rewrite. Detects which Claude auth mode is
in scope and rejects modes that are architecturally incompatible with cron.
Resolution order:
- ANTHROPIC_API_KEY env-var → 'api-key'
- CLAUDE_CODE_OAUTH_TOKEN env-var → 'long-oauth'
- ~/.claude.json onboarded + runner exit 0 → 'subscription-browser-only'
- otherwise → 'unauthenticated'
Subscription browser-OAuth tokens expire ~15h and cannot survive cron — the
detector flags them explicitly so validateAuthForCron throws EAUTHCRON with
a remediation message pointing to `claude setup-token` or ANTHROPIC_API_KEY.
Both runner (subprocess invoker) and claudeJsonPath (~/.claude.json) are
dependency-injected. Tests stub them — no real subprocess spawn, no home-
directory reads.
15/15 tests pass: precedence, env-var detection, onboarded subscription,
non-onboarded fallback, validateAuthForCron throw paths.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Foundation lib for v1.12.0 cron rewrite skill-tree backup/restore.
Zero dependencies. Uses fs.cpSync (recursive + preserveTimestamps) without
dereference (Node 22.17.x regression) and without filter (Windows symlink-
type bug).
- backupDir(srcDir, backupRoot, opts) → {backupPath, retentionDays, restore()}
- Backup-id format YYYY-MM-DDTHH-MM-SS (filesystem-safe; no colons)
- .backup-meta.json sentinel written as first action inside backupPath
- restore() writes .rollback-in-progress at backupRoot BEFORE rmSync+cpSync
so a crashed restore leaves the sentinel for the next run to detect
- detectStaleRollback(backupRoot) — boolean predicate over sentinel
- cleanupOldBackups(backupRoot, retentionDays) — 3-step age resolution:
meta.created_at → dir mtime → skip-with-warning (never delete a dir
whose age cannot be established)
12/12 tests pass: timestamp format, content round-trip, sentinel lifecycle,
retention, mtime fallback, unparseable-meta skip, missing-root no-op.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Foundation lib for v1.12.0 cron rewrite. Atomic exclusive create via
fs.writeFileSync('wx'); on EEXIST resolves staleness with OR semantics:
stale if PID is dead OR mtime exceeds threshold. Either alone breaks the
lock — handles SIGKILL orphans (mtime), PID-reuse races (mtime), and
crashed-then-replaced runs (PID).
- acquireLock(lockPath, opts) → {lockPath, release()}
- staleThresholdMs default 1h; refreshIntervalMs opt-in for long runs
- registerCleanup default true (exit/SIGINT/SIGTERM/SIGHUP/uncaughtException)
- isPidAlive uses kill(pid, 0) with EPERM-as-alive nuance
12/12 tests pass: PID liveness, fixture concurrency, idempotent release,
stale variants (dead+old, live+old, fresh+live), staleThresholdMs honored.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
D2 of post-v3.4.1 stabilisering. Removes 14 plugin-name references from
agents/, commands/, and docs/ tracked files (CLAUDE.md/README.md/SECURITY.md
were ryddet in v3.4.1 commit 6bca3fb).
The external architect plugin was moved out of the public marketplace
2026-05-04 due to ToS concerns around future skill sources. References in
prose are now stale or misleading for public users. The architecture/overview.md
filesystem slot remains available for any compatible producer — discovery
is plugin-agnostic via lib/validators/architecture-discovery.mjs (drift-WARN,
never drift-FAIL).
Files:
- agents/planning-orchestrator.md (1 ref generalized)
- commands/ultraplan-local.md (2 refs generalized; missed by prompt inventory)
- docs/HANDOVER-CONTRACTS.md (4 refs generalized; Handover 3 + stability summary)
- docs/architect-bridge-test.md (deleted; was a public-only bridge checklist)
- docs/subagent-delegation-audit.md (5 refs/rows removed; intervention #5 dropped, recommendation adjusted)
CHANGELOG.md retains historical references (20 occurrences) intentionally.
Verification:
- grep tracked non-CHANGELOG md: 0 references remaining
- npm test: 361/361 pass (baseline preserved)
D1 of post-v3.4.1 stabilisering. Path C (cache-warm sentinel + identical-tool
parallel) is closed 2026-05-05 per Q3 experiment NEGATIVE result:
median cache_creation_input_tokens = 163,903 across 3 fork-children at
186K parent context (CC v2.1.128, Sonnet 4.6).
Master-plan thresholds: <= 1,500 POSITIVE / >= 3,500 NEGATIVE — NEGATIVE
solidly. CLAUDE_CODE_FORK_SUBAGENT does not preserve cache prefix across
identical-tool children at our context size.
Path C migration is deferred indefinitely. Reassessment is appropriate
when CC v2.2.xxx ships fork-cache-relevant features. Harness
(scripts/q3-cache-prefix-experiment.mjs) and analyser
(lib/stats/cache-analyzer.mjs) remain available for re-run.
Brief: .claude/projects/2026-05-04-spor-c-q3-cache-prefix-experiment/brief.md
Result: q3-experiment-results.local.md (gitignored)
Pure auth-mode-aware cost estimator for v1.12.0 cron pre-flight.
Heuristic: critical+high files only (medium/low excluded per brief);
3000 input + 1500 output tokens per file at Sonnet pricing
($3/M in, $15/M out).
Auth-mode behavior:
- api-key: numeric usd, kvote_warn off (subject to dollar-cap)
- long-oauth, subscription-browser-only:
usd null, kvote_warn on (quota, no dollar billing)
- unauthenticated/missing: best-effort api-key estimate
11/11 tests pass; covers both billing modes plus token-math
invariance across auth-mode (auth only affects dollar-field, not tokens).
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Foundation lib for status-fil + lock-fil writes in v1.12.0 cron rewrite.
Pattern: writeFileSync to <path>.tmp.<pid>.<random> then renameSync to
target. Defends against half-written files; readers either see the
previous version or the new one, never a partial.
- atomicWriteSync(path, content) — string or Buffer
- atomicWriteJson(path, obj) — 2-space indent, trailing newline
- Windows EEXIST/EPERM defensive fallback (unlink target + rename)
- Best-effort tmp cleanup on writeFileSync failure
- crypto.randomInt(0, 2**32) two-arg form (unambiguous across Node)
9/9 tests pass including 50-way concurrent-write fuzzer (async-aware
withTmp helper).
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
First foundation lib for v1.12.0 auto-KB-update. Resolves per-OS paths:
- macOS: ~/Library/{Caches,Logs,Application Support}/<app>/
- Linux: XDG_CACHE_HOME / XDG_STATE_HOME with ~/.cache, ~/.local/state fallbacks
- Windows: %LOCALAPPDATA%\<app>\{Cache,Logs,State}
Plus getBackupDir(pluginRoot) → <pluginRoot>/.kb-backup (gitignored).
All four functions auto-mkdir target. Dependency-injection via opts
({platform, homedir, env}) makes the lib pure-testable; 13/13 tests
pass under tmpdir isolation without touching real ~/ paths.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Pre-step for v1.12.0 auto-KB-update for fork-and-own. The cron-rewrite
in Step 9 will create plugin-root/.kb-backup/<ISO-ts>/skills/ during each
run; gitignoring it here ensures backups never enter git history. The
.rollback-in-progress sentinel is created by lib/backup.mjs#restore() and
must also be ignored.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Implements Spor C of post-v3.4.0 roadmap. Zero-dep harness measures
CLAUDE_CODE_FORK_SUBAGENT cache-prefix preservation across 3 fork-children
with identical --allowedTools at 150-250K parent context.
Harness uses --append-system-prompt-file (avoids stdin buffer cap at
>200K bytes) + --exclude-dynamic-system-prompt-sections (prevents
per-child cache-prefix divergence from cwd/env/git-status).
Companion analyser summarizes accumulated ultraexecute-stats.jsonl:
percentile wall_time (p50/p90/max), total events, ISO time range.
Output: JSON via --json <path> CLI shim.
Result file is gitignored (*.local.md). Master-plan thresholds
(<= 1.5K positive / >= 3.5K negative) gate the v3.5.0 Path C decision.
Brief: .claude/projects/2026-05-04-spor-c-q3-cache-prefix-experiment/brief.md
Master-plan: .claude/projects/2026-05-04-post-v3.4.0-roadmap/master-plan.md
Brings docs to parity with other plugin READMEs (graceful-handoff,
ai-psychosis pattern):
README.md
- Header block: tagline, solo-maintained disclaimer, AI-generated note
- 6 shields.io badges (version, platform, output-style, commands, hooks, license)
- "The problem" framing: why a shared tone is needed across plugins
- Eight-directive table with what/how each rule changes Claude output
- Before/after example showing default vs human-friendly on the same task
- Architecture ASCII diagram of style merge into system prompt
- Quick start: marketplace install, settings.json enable, /config activation, verify steps
- "What this plugin does NOT do" section pointing users to ms-ai-architect /
ai-psychosis / linkedin-thought-leadership for adjacent concerns
- Cross-plugin use, compatibility matrix, versioning policy
GOVERNANCE.md (new)
- Standard marketplace fork-and-own governance, adapted with
human-friendly-style-specific notes (likely fork variants are tone
variants; trivial fork target since it's one Markdown file)
- Issues-yes, PRs-no policy with reasoning
- Version stability guarantees for the style file itself
CHANGELOG.md
- v1.0.0 entry expanded to reflect the docs polish + GOVERNANCE addition
- All within the same unreleased v1.0.0 (still 1 commit ahead of origin)
[skip-docs]: doc-trippel covered in initial commit (e769140); this is
plugin-internal docs polish only.
New plugin shipping a single Claude Code output style for consistent,
plain-language tone across all marketplace plugins. Auto-discovered from
the plugin's output-styles/ directory per Anthropic's documented plugin
contract.
Style instructs Claude to explain what and why (not how), hide noise
(paths, raw commands, JSON, stack traces) by default, match the user's
language, and stay honest about uncertainty. Keeps Claude Code's default
coding instructions intact via keep-coding-instructions: true.
- plugins/human-friendly-style/output-styles/human-friendly.md (style)
- plugins/human-friendly-style/.claude-plugin/plugin.json (manifest)
- plugins/human-friendly-style/{README,CLAUDE,CHANGELOG,LICENSE}
- .claude-plugin/marketplace.json: registered as 9th plugin
- README.md (root): added section between OKR and Shared infrastructure
[skip-docs]: doc-trippel covered (plugin README, plugin CLAUDE, root
README). Root CLAUDE.md update deferred to avoid conflict with concurrent
ultraplan-local + ms-ai-architect work touching the same Repo-struktur
block.
Pipeline-walk-through fylt inn etter B3 pipeline-run mot examples/02-real-cli.
Erstatter 'TBD' og '(Placeholder)' med faktisk research-skip + plan-summary
+ execute-summary (4 commits c4cf49f → da68c2f) + 10/10 SC PASS-tabell.
Spor B er ferdig. Neste handling: operatør-bekreftelse + WAIT_FOR_TELEMETRY
før Spor C kan starte. Se plugins/ultraplan-local/NEXT-SESSION-PROMPT.local.md
(stop-prompt, IKKE C1).
Step 4 (final) of plan.md (Spor B B3 pipeline run). Adds 4 new tests
in a contiguous block at the end of tests/tally.test.mjs, mirroring
the existing spawnSync style. All 4 test names contain --regex or -r.
Coverage map:
- SC #1 (long form, exit 0): test 1
- SC #2 (-r short form): test 2
- SC #4 (invalid exits 2 with /^tally: invalid regex/): test 3
- SC #5 (--json includes flags.regex): test 4
Total: 14 tests, all green, 3.16s wall-clock (under 5s cap).
[skip-docs]
Step 3 of plan.md (Spor B B3 pipeline run). Adds one line under
Options: in the HELP template literal so --help users can discover
the new flag. Satisfies SC #8.
[skip-docs]
Step 2 of plan.md (Spor B B3 pipeline run). Wires the --regex/-r flag
into main(): when set, compileRegex(pattern) is used and the count is
text.match(re).length. Invalid regex exits 2 via the existing fail()
helper. JSON output now includes flags.regex so consumers can tell the
mode apart. Baseline tests remain green; -i/--ignore-case has no effect
when --regex is set (out of brief scope).
Verify covered: SC #1 (any position), SC #2 (-r short form), SC #3
(regex semantics differ), SC #4 (invalid exits 2), SC #5 (JSON regex),
SC #6 (byte-identical baseline).
[skip-docs]
Step 1 of plan.md (Spor B B3 pipeline run). Adds the new --regex / -r
flag to parseArgs and a compileRegex(pattern) helper. The flag is
parsed but main() does not yet branch on it (wired in step 2). All
10 baseline tests remain green.
[skip-docs]
Adds the runnable counterpart to examples/01-add-verbose-flag (which is
artifacts-only). The fixture is the measurement target for Spor B's
end-to-end pipeline run (B3) and Spor C's cache-prefix experiment.
Baseline:
- tally.mjs (80 lines, hand-rolled argv parser, zero deps)
- 3 flags: --json, -i/--ignore-case, --lines + --help
- Exit codes: 0 success, 1 file error, 2 invalid argv
- 10 node:test cases, all green (~2.2s wall-clock)
- Deterministic fixtures: sample.txt (foo×7, Foo×1, regex fo+×9) +
poem.txt (--lines vs total distinction)
- REGENERATED.md skeleton (B3 fills the pipeline walk-through)
Brief preconditions verified:
- grep -c 'foo' sample.txt = 4 (>= 1)
- regex /fo+/g count = 9 (> grep count)
- Brief assumptions for B3 SC #1, #3 hold
This is the first runnable example in plugins/ultraplan-local/examples/.
Next: B3 runs /ultraresearch-local + /ultraplan-local + /ultraexecute-local
against the brief to add --regex/-r, then verifies all 10 Success Criteria.
Documents the 4-track procedure for updating plugin playground HTML
when plugins are extended or upgraded:
- Track A: Plugin HTML change (parsers, renderers, surfaces)
- Track B: Shared design-system change (with vendor sync)
- Track C: Visual verification (screenshots + manual QA)
- Track D: Release (version bump + 3-doc rule)
Lives at marketplace root because the procedure crosses the
plugin/shared boundary. Marketplace-root CLAUDE.md gets a one-line
pointer under Konvensjoner so Claude finds it automatically in
future sessions.
Includes architecture diagram, common pitfalls (replace_all scope,
sync-without-testing, screenshot folder version mismatch, background
orchestrator degradation), and guidance on when to hoist inline CSS
to the shared DS vs keep it plugin-local.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Step 13 of v3.4.1 plan.
- plugin.json description: Five-command -> Six-command (drift fix); also
drops the trailing ultra-cc-architect sentence (SC-6 collateral).
Mentions multi-session resumption as part of the Six-command pipeline.
- plugin.json + package.json version: 3.4.0 -> 3.4.1.
361 tests still green.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Step 12 of v3.4.1 plan. Surgical line-by-line generalization of references
to the ultra-cc-architect plugin (no longer publicly distributed):
- CLAUDE.md: 8 hits → "opt-in upstream architect plugin (not bundled)"
- README.md: 9 hits including bare slug at line 646 (removed entirely);
rephrased to "no longer publicly distributed" with the architecture/
filesystem slot still supported by /ultraplan-local
- SECURITY.md: 1 hit → generalized "Opt-in upstream architect step"
CHANGELOG.md historical references preserved per brief; appended a
2026-05-04 note at top of [3.0.0] block stating the plugin is no longer
publicly distributed but the architecture/overview.md slot remains
supported for any compatible producer.
The architecture/overview.md filesystem contract (Handover 3, EXTERNAL,
drift-WARN) is unchanged — anyone implementing a compatible producer
can plug in.
361 tests still green (no regressions). doc-consistency pins for
/ultracontinue-local and Handover 7 § Lifecycle still pass.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
