ktg-plugin-marketplace

Open-source Claude Code plugins for AI-assisted development, security, and planning.

Built for my own Claude Code workflow and shared openly for anyone who finds them useful. Solo-maintained, AI-assisted, fork-and-own. Issues are welcome as signals; pull requests are not accepted. See GOVERNANCE.md for what upstream provides and how this is meant to be used.

AI-generated code disclosure

All code in this marketplace is generated by Claude Code through a dialog-based process. I direct, review, test, and validate; Claude writes. Every commit reflects this — treat the plugins as AI-authored, human-curated.

Installation

claude plugin marketplace add https://git.fromaitochitta.com/open/ktg-plugin-marketplace.git

Then open Claude Code and type /plugin to browse and install plugins from the marketplace.

Compatibility

• Claude Code CLI, desktop app, and IDE extensions
• macOS, Linux, Windows
• No external dependencies (all scanners and hooks are self-contained)

---

Plugins

LLM Security v7.6.1

Security scanning, auditing, and threat modeling for agentic AI projects.

Built on OWASP LLM Top 10 (2025), OWASP Agentic AI Top 10, and the AI Agent Traps taxonomy (Google DeepMind, 2025). Three layers of protection:

• Automated enforcement — 9 hooks that block dangerous operations in real time (prompt injection, secrets in code, destructive commands, supply chain guardrails, transcript scanning before context compaction)
• Deterministic scanning — 23 Node.js scanners (10 orchestrated + 13 standalone) for byte-level analysis: Shannon entropy, Unicode codepoints, typosquatting detection, taint flow, DNS resolution, git forensics, AI-BOM, attack simulation, IDE extension prescan (VS Code + JetBrains — URL fetch from Marketplace / OpenVSX / direct VSIX / JetBrains Marketplace, hardened ZIP extractor for zip-slip / symlinks / bombs, plus OS sandbox via sandbox-exec / bwrap so the kernel enforces FS confinement), MCP cumulative-drift baseline reset (E14 — sticky baseline catches slow-burn rug-pulls). Bash-normalize T1-T6 for obfuscation-resistant denylists
• Advisory analysis — 20 commands that scan, audit, and model threats with structured reports, letter grades, and actionable remediation
• Enterprise governance — Compliance mapping (EU AI Act, NIST AI RMF, ISO 42001), SARIF 2.1.0 output, structured audit trail, policy-as-code, standalone CLI
• v7.6.1 playground visuell-patch (2026-05-06) — Seks bugs fanget av maintainer ved manuell verifisering i nettleser etter v7.6.0-release. Alle skyldtes mismatch mellom DS-klasser og hvordan playground-rendrere brukte dem (eller manglende DS-implementasjoner av klasser playground-rendrere antok eksisterte): renderFindingsBlock brukte .findings outer-class (DS' 2-kolonners list+detail-grid) → erstattet med <section class="report-meta"> + korrekt findings__list-mønster; .report-table manglet helt i DS men brukes i 7+ rendrere → lokal CSS-implementasjon; renderPreDeploy traffic-lights brukte fast 28×28 px .sm-card__grade for "PASS"/"PASS-WITH-NOTES"/"FAIL" → bredde-tilpasset status-pill; threat-model matrix-bobler ikke klikkbare → <button> med data-threat-id + click-handler som scroller til Trusler-tabellen; radar-labels overlappet → SVG 280→380, R 105→125, dynamisk text-anchor; recommendation-card__body tekstoverflyt → overflow-wrap: anywhere. 4/4 fix-spesifikke + 18/18 regresjons-tester passerer. Ingen scanner- eller hook-atferdsendringer
• v7.6.0 playground Tier 3-referanse-case (2026-05-06) — Playgroundet er hevet til en visuelt og strukturelt fullført referanse for shared/playground-design-system/ Tier 3-supplementet. 8 nye DS-komponenter integrert i de 18 rapport-rendererne: tfa-flow + tfa-leg + tfa-arrow (lethal trifecta-kjede med <button>-elementer + ARIA), mat-ladder + mat-step (5-trinns modenhets-stige), suppressed-group (narrative-audit), codepoint-reveal + cp-tag/cp-zw/cp-bidi (Unicode-steganografi), top-risks + top-risk[data-severity] (rangert top-funn-listing), utvidet recommendation-card[data-severity] på clean/harden/audit/posture/pre-deploy/plugin-audit, risk-meter (band-visualisering 0-100 på 5 archetypes), card--severity-{level} modifier på findings-cards. Wave 1 (Sesjon 2): badge--scope-security (identitets-chip), verdict-pill-lg (DS Tier 3-pill på alle 18 rapport-typer), form-progress + fp-step (onboarding-wizard). Slettet ~30 duplikat-CSS-deklarasjoner (DS vinner cascade). 5 nye DS-helpers + mapSeverityToCardLevel + parseNarrativeAudit. A11Y-rapport oppdatert. Filendring totalt 10209 → 10677 linjer over 5 sesjoner. Ingen scanner- eller hook-behavior-changes — purely additive surface
• v7.5.0 playground (2026-05-05) — Single-file SPA at plugins/llm-security/playground/llm-security-playground.html (~10 200 lines) for onboarding, demoer og workshop-bruk uten Claude Code-installasjon. Parsere + renderere for alle 18 produces_report-kommandoer, 18 markdown test-fixtures som kontrakt-anker, komplett demo-prosjekt med alle 18 rapporter ferdig parsed, vendor-synket design-system, 9 Playwright-genererte screenshots. 11 nye window-globaler eksponert for testing/automasjon (__store, __navigate, __loadDemoState, __PARSERS, __RENDERERS …). Bug-fix: normalizeVerdictText håndterer GO-WITH-CONDITIONS uten å kollapse til ALLOW. Ingen scanner- eller hook-behavior-changes — purely additive surface
• v7.4.0 examples + e2e suite (2026-05-05) — 9 runnable demonstration walkthroughs under examples/ (lethal-trifecta, mcp-rug-pull, supply-chain-attack, poisoned-claude-md, bash-evasion-gallery, prompt-injection-showcase, malicious-skill-demo, toxic-agent-demo, pre-compact-poisoning) plus three new test suites under tests/e2e/ (attack-chain, multi-session, scan-pipeline) that prove the framework works as a coordinated system. +45 tests (1777 → 1822), no scanner or hook behavior changes — purely additive surface
• v8.0.0 env-var deprecation runway (D3, v7.3.0) — Hook configuration has historically been split between process env-vars and the team-distributable .llm-security/policy.json file. Until v7.3.0 the two surfaces could disagree silently. The new getPolicyValueWithEnvWarn() helper in scanners/lib/policy-loader.mjs now emits a one-time-per-process stderr line whenever both surfaces are explicitly set:
  • Affected pairs: LLM_SECURITY_INJECTION_MODE↔injection.mode, LLM_SECURITY_TRIFECTA_MODE↔trifecta.mode, LLM_SECURITY_ESCALATION_WINDOW↔trifecta.escalation_window (new key in DEFAULT_POLICY), LLM_SECURITY_AUDIT_LOG↔audit.log_path
  • Env still wins through the v7.x window — no behaviour change today, only a runway signal
  • Suppress headless-log noise with LLM_SECURITY_DEPRECATION_QUIET=1
  • Teams should converge on policy.json for distributable configuration before v8.0.0 removes the env-var path
• Opus 4.7 aligned — Agent instructions rewritten for literal instruction-following (system card §6.3.1.1), defense-in-depth posture per §5.2.1, production hardening guide

Key commands: /security posture, /security audit, /security scan, /security ide-scan, /security threat-model, /security plugin-audit

6 specialized agents · 23 scanners · 9 hooks · 20 knowledge docs · 9 runnable examples · 1822 tests

→ Full documentation

---

Config-Audit v5.1.0

Configuration intelligence for Claude Code — health checks, feature discovery, auto-fix, active-config inventory, reality-based Opus-4.7 token analysis, and plain-language UX that leads with prose ("Fix soon: The same automation is set up more than once") instead of technical IDs.

Claude Code reads instructions from 7+ file types across multiple scopes. This plugin tells you what's wrong, what's missing, what's silently conflicting, what's actually loaded, and where you're burning tokens unnecessarily:

• Health — 12 deterministic scanners verify correctness across every configuration file (broken imports, deprecated settings, conflicting rules, permission contradictions, Opus-4.7-era token waste, cache-prefix instability, dead tool grants, cross-plugin skill collisions)
• Opportunities — context-aware recommendations for Claude Code features you're not using
• Action — auto-fix with mandatory backups, syntax validation, rollback support, and human-in-the-loop workflow
• What's active — read-only inventory of plugins, skills, MCP servers, hooks, and CLAUDE.md cascade for a repo, with token estimates
• Token hotspots — /config-audit tokens ranks files by estimated waste across 6 Opus-4.7 patterns (cache-breaking volatile content, redundant tool permissions, deep import chains, oversized cascades, bloated SKILL.md descriptions, MCP tool-schema budget). Optional --accurate-tokens calibrates against Anthropic's count_tokens API.
• System-prompt manifest — /config-audit manifest ranks every token source (CLAUDE.md cascade, plugins, skills, MCP servers, hooks) by estimated tokens
• Plain-language UX (v5.1.0) — default output of all 18 commands leads with prose; findings group by user-impact category (Configuration mistake, Conflict, Wasted tokens, Missed opportunity, Dead config) and urgency phrase (Fix this now → FYI). Pass --raw for v5.0.0 verbatim output; --json is unchanged and byte-stable.

Key commands: /config-audit posture, /config-audit feature-gap, /config-audit fix, /config-audit whats-active, /config-audit tokens, /config-audit manifest

6 agents · 12 scanners · 18 commands · 792+ tests

→ Full documentation

---

Voyage v4.3.0

Deep requirements gathering, research, implementation planning, self-verifying execution, independent post-hoc review, operator-driven artifact annotation via voyage's marketplace playground, and zero-friction multi-session resumption — with specialized agent swarms, adversarial review, and failure recovery. Seven-command (brief, research, plan, execute, review, revise, continue) universal pipeline.

v4.3.0 (non-breaking) rebuilds the v4.2 playground with a dashboard-centric layout, file://-loader, and matured anchor-rendering. playground/voyage-playground.html now opens a .claude/projects/<slug>/-mappe directly via webkitdirectory directory-picker, drag-drop with webkitGetAsEntry recursive walk, or ?project=/abs/path URL-parameter — no more paste-into-textarea workflow. The new fleet-grid of fleet-tile per artifact with drill-down detail surface achieves visual parity with plugins/llm-security/playground/llm-security-playground.html. Anchor-rendering matures: block-boundary placement with code-fence/table/list-item fallback, browser-side parseAnchor mirroring Node-side regex, numbered-badge gutter + yellow-tint highlight, hidden-by-default sidebar-rail with J/K keyboard navigation, two-opacity pattern (active 100% / inactive 40% / resolved 30% strikethrough). A11Y panel built from DS-primitives. Screenshots-spor convention via window.__voyage hooks (navigate / scheduleRender / getProjectArtifacts) + docs/screenshots/. Path-traversal + symlink/dotfile filter (isProjectPathSafe). DOMPurify ≥ 3.1.1 vendored for sanitizeAnnotation; HTML-comment indirect prompt-injection mitigation via parseAnchor-allowlist gate before md.render. Total bundle 388 KB / 460 KB HALT-gate. Test pyramid Groups A-D — Group A 17 static-HTML grep tests (SC1 10-element checklist + SC3 + SC6 + SC7 tag-level no-CDN), Group B 9 structure tests, Group C 7 export-bundle schema + annotation_digest SHA-256 validity tests, Group D 4 Playwright e2e (light/dark axe-core delta-baseline + pixel-diff smoke + zero-external-network authoritative gate via npm run test:e2e). Test count: 672 → 705 pass / 0 fail. WCAG-violations baseline'd; actual fix deferred to v4.4 (HTML FROZEN in Sesjon 6 per Wave 7 verification-only scope).

v4.2.0 (non-breaking) adds the /trekrevise command and the Handover 8 (annotation → revision) annotation pipeline. The original playground/voyage-playground.html (single self-contained HTML with vendored markdown-it + highlight.js) lets operators paste a brief/plan/review, drag-select or hover-anchor comments, and export a /trekrevise --apply batch. Round-trippable in-place revision: byte-identical body outside anchor blocks (SC2), idempotent annotation_digest (SC3), additive frontmatter — no *_version bump, every brief / plan / review written before v4.2 validates as revision: 0 without migration. Single-iteration MVP per research-05; multi-iteration loops deferred. Includes lib/parsers/anchor-parser.mjs + lib/parsers/annotation-digest.mjs, lib/util/markdown-write.mjs + lib/util/revision-guard.mjs, scripts/render-artifact.mjs server-side render CLI, and docs/annotation-quickstart.md ≤7-step operator walkthrough.

v4.0.0 (breaking) renames the plugin from ultraplan-local to Voyage and all seven commands from /ultra*-local to /trek* to remove name collision with Anthropic's /ultraplan and /ultrareview features. No migration path — fork-and-own users re-fork from main. See plugins/voyage/TRADEMARKS.md and plugins/voyage/CHANGELOG.md.

Seven commands, one pipeline with clear division of labor:

• /trekbrief — Capture intent. Dynamic, quality-gated interview: a section-driven completeness loop (Phase 3) followed by a brief-reviewer stop-gate (Phase 4, max 3 review iterations). Required sections must reach an initial-signal gate AND pass review across completeness, consistency, testability, scope clarity, and research-plan validity before brief.md is written. Identifies research topics with copy-paste-ready /trekresearch commands. Optional auto-orchestration runs research + planning in foreground. Always interactive.
• /trekresearch — Gather context. Deep multi-source research with triangulation: 5 local agents + 4 external agents + Gemini bridge, producing structured briefs with confidence ratings. Makes no build decisions.
• /trekplan — Transform intent into an executable contract. Per-step YAML manifests (expected_paths, commit_message_pattern, bash_syntax_check). Plan-critic is a hard gate on manifest quality. Requires a task brief as input (--brief or --project). Auto-discovers architecture/overview.md when produced upstream and cross-references its cc_features_proposed against exploration findings.
• /trekexecute — Execute the contract disciplined. Manifest-based verification, independent Phase 7.5 audit from git log + filesystem (ignores agent bookkeeping), Phase 7.6 bounded recovery dispatch for missing steps. Step 0 pre-flight catches sandbox push-denial before any work. --validate mode offers a fast schema-only sanity-check between planning and execution.
• /trekreview — Close the iteration loop. Independent post-hoc reviewer reads brief.md from scratch and evaluates the diff produced by execute. Two parallel reviewers (brief-conformance + code-correctness) plus a Judge Agent (review-coordinator) for dedup and reasonableness filtering. Severity-tagged findings (Critical/High/Medium/Low/Info) with stable 40-char hex IDs feed back into planning via Handover 6 (/trekplan --brief review.md → remediation plan with source_findings: audit trail).
• /trekrevise — (v4.2) Apply operator annotations from the playground back into the source artifact. Operator opens playground/voyage-playground.html, anchors comments on brief.md / plan.md / review.md, exports a batch, pastes back as /trekrevise --apply. Round-trippable in-place revision via Handover 8: revision: counter, source_annotations: audit trail, deterministic annotation_digest (SHA-256 prefix). Idempotence — replaying the same batch yields identical digest with no body diff outside anchor refresh. Single-iteration MVP.
• /trekcontinue — Zero-friction multi-session resumption. In a fresh chat, type /trekcontinue — reads .session-state.local.json (Handover 7), prints a 3-line summary, and immediately begins executing the next session. Any session-end mechanism may write the state file (/trekexecute Phase 8/2.55/4 do so automatically; /trekendsession helper writes it for informal flows). Forward-compat schema (unknown top-level keys ignored) so future producers can extend additively.

All artifacts land in one project directory: .claude/projects/{YYYY-MM-DD}-{slug}/ contains brief.md, research/NN-*.md, plan.md, sessions/, progress.json, review.md, and .session-state.local.json (gitignored). --project <dir> works across /trekresearch, /trekplan, /trekexecute, /trekreview, and (optionally) /trekcontinue.

v3.4.0 (non-breaking) adds the autonomy chain from brief approval to main-merge plus parallel-wave hardenings. New lib/util/autonomy-gate.mjs state machine (idle → approved → executing → merge-pending → main-merged), lib/review/plan-review-dedup.mjs for Phase 9 inline dedup, lib/stats/event-emit.mjs for autonomy-gate transitions and main-merge gate, and --gates {open|closed|adaptive} flag on all four pipeline commands. commands/trekplan.md Phase 8 seals Opus-4.7 plan/list-emission schema-drift via plan-validator --strict. commands/trekexecute.md Phase 2.6 wave-executor adds 11 hardenings for plugin-in-monorepo + gitignored-state topology (GIT_OPTIONAL_LOCKS, --max-turns, --max-budget-usd, scoped --allowedTools, push-before-cleanup ordering). New hooks/scripts/post-compact-flush.mjs PostCompact hook re-injects session-state after compaction. SC7 synthetic determinism floor (Jaccard ≥ 0.833) for plan + review fixtures. Hook baseline regression pins. Architecture decision: Path B (sequential --no-ff parallel waves with manifest-driven failure recovery) ships; Path C (cache-first hybrid) deferred to v3.5.0 contingent on cache-telemetry harvest.

v3.3.0 (non-breaking) adds /trekcontinue as the sixth command and the contracted Handover 7 (.session-state.local.json) for zero-friction multi-session resumption. New lib/validators/session-state-validator.mjs (schema v1, forward-compat — unknown top-level keys ignored), lib/util/atomic-write.mjs extracted from pre-compact-flush.mjs for tmp+rename writes, and /trekendsession helper for informal multi-session flows. /trekexecute Phase 8 / 2.55 / 4 now write the state file alongside progress.json. pre-compact-flush.mjs also refreshes the state file before context compaction (monotonic; never advances to non-resumable status). 22 new tests (163 → 185 green).

v3.2.0 (non-breaking) adds /trekreview as the fifth command and the contracted Handover 6 (review → plan) feedback loop. New artifact type type: trekreview validated by lib/validators/review-validator.mjs, stable 40-char SHA1 finding-IDs from lib/parsers/finding-id.mjs, Jaccard similarity for determinism testing (lib/parsers/jaccard.mjs), and a 12-key version-pinned rule catalogue (lib/review/rule-catalogue.mjs). Four new agents (review-orchestrator, brief-conformance-reviewer, code-correctness-reviewer, review-coordinator) implementing the Judge-Agent dedup pattern. /trekplan now consumes --brief review.md (BLOCKER + MAJOR findings become plan goals) and writes source_findings: [<id>, ...] audit trail. brief-validator accepts both type: trekbrief and type: trekreview.

v3.0.0 extracts the Claude-Code-specific architecture phase to a separate plugin. The planning pipeline now stays technology-agnostic; CC-feature matching becomes opt-in. The plan command still auto-discovers architecture/overview.md if produced upstream — the contract is filesystem-level, not code-level. Non-breaking for users of brief/research/plan/execute. See plugins/voyage/CHANGELOG.md for migration steps.

v2.4.0 (breaking, default behavior) removes background mode. The commands now run foreground in the main context because the harness does not expose the Agent tool to sub-agents — background orchestrators silently degraded the swarm to inline reasoning without external research tools. The --fg flag is preserved as a no-op alias for backward compatibility. Source: github.com/anthropics/claude-code/issues/19077.

v2.1 (non-breaking) replaced the hardcoded Q1–Q8 interview with a dynamic, quality-gated loop; brief-reviewer emits machine-readable per-dimension JSON scores so /trekbrief can use it as an internal stop-gate. v2.0 (breaking) extracted the interview from planning: briefs are reviewable artifacts that downstream agents (brief-reviewer, plan-critic, scope-guardian) validate independently. /trekplan requires --brief or --project. See plugins/voyage/MIGRATION.md.

v1.7 self-verifying chain (preserved): a step may not be marked completed unless its manifest verifies. v1.8 Opus 4.7 literalism fixes (preserved): literal Step+Manifest template, forbidden narrative headers, schema self-check.

v3.1.0 (in progress) adds a lib/-tree of zero-dep validators (brief-validator, research-validator, plan-validator, progress-validator, architecture-discovery) wired into the four commands as CLI shims, plus 109 node:test cases and a doc-consistency invariant test. The Phase 5.5 schema self-check now runs as node lib/validators/plan-validator.mjs --strict instead of three grep -cE calls — same checks, single source of truth, machine-readable error codes. Architecture discovery treats the upstream architecture/overview.md contract as drift-WARN, never drift-FAIL. Forking the plugin? npm test is the readiness gate.

v3.1.0 also adds: docs/HANDOVER-CONTRACTS.md as the single source of truth for the 5 pipeline handovers (extended to 6 in v3.2.0, then to 7 in v3.3.0); PreCompact-hook (pre-compact-flush.mjs, CC v2.1.105+) that fixes the documented progress.json drift bug — --resume now works after long conversations; UserPromptSubmit-hook that sets session titles voyage:<command>:<slug> for headless multiplexing (CC v2.1.94+); PostToolUse-hook that captures Bash duration_ms per call (CC v2.1.97+); semantic plan-critic rubric that catches paraphrased deferred decisions ("implement as needed", "wire it up") instead of just exact-string blacklist; examples/01-add-verbose-flag/ showing a calibrated end-to-end pipeline run; SECURITY.md boilerplate; docs/architect-bridge-test.md smoke checklist.

Defense-in-depth security: plugin hooks block destructive commands and sensitive path writes, prompt-level denylist works in headless sessions, pre-execution plan scan catches dangerous commands before they run, scoped --allowedTools replaces --dangerously-skip-permissions in parallel sessions. Recommended hardening: disableSkillShellExecution: true for fork-ers handling untrusted plans (CC v2.1.91+).

Modes: default, brief-driven, project-scoped, research-enriched, foreground, quick, decompose, export, resume, revise

23 specialized agents · 7 commands (+ 1 helper) · 5 plugin hooks · 600+ tests · First marketplace playground (v4.2) · No cloud dependency

→ Full documentation · Migration guide

---

AI Psychosis v1.2.0

Meta-awareness tools that counteract sycophancy, reinforcement loops, and compulsive AI interaction patterns.

AI assistants are structurally optimized to be agreeable. This creates reinforcement loops where productive collaboration is often a mirror showing you what you want to see. Research documents psychotic episodes triggered by sustained AI interaction in individuals with no prior psychiatric history.

• Layer 1 — Behavioral instructions — SKILL.md rules that modify Claude's behavior: no unearned affirmations, mandatory risk identification, pattern naming
• Layer 2 — Programmatic detection — 4 hooks that measure session duration, dependency language, rapid-fire bursts, edit ratios, and late-night usage with progressive alerts
• Layer 3 — Interaction reports — /interaction-report slash command for aggregated session statistics across configurable timeframes (weekly, monthly, all-time). Opt-in
• Layer 4 — Contemplative references — optional references to contemplative approaches when interaction flags are elevated. Opt-in

Research-informed thresholds. Alerts are progressive and never blocking. Privacy-first: prompt text is never logged. Layers 3 and 4 are off by default.

1 skill · 1 command · 4 hooks

→ Full documentation

---

Graceful Handoff v2.1.0

Auto-trigger session handoff at context threshold. Manual /graceful-handoff always works as backup. Built for Opus 4.7.

When you hit 60-70% context and have to start a new session, three things usually get rushed or forgotten: summarizing state, committing finished work, and writing a continuation prompt. v2.0 removed all three from the user's hands; v2.1 makes context detection model-aware so auto-trigger fires at the right moment on Opus 4.7's 1M window.

• Auto-trigger via Stop hook — at estimated ≥70% context, writes artifact + commits (push remains user-triggered: irreversible operations stay manual)
• Model-aware context detection (v2.1) — 4-step fallback chain (used_percentage → payload-size → model-map → 1M default), so Opus 4.7 no longer fires 5–7× too early
• statusLine hint — display-only warning at 60% and urgent reminder at 70% (never runs git, safe per research)
• SessionStart auto-load — on --resume / compact, handoff content is injected into the new session via additionalContext; no manual cat needed
• Skill-architecture — disable-model-invocation: true so Claude can't autonomously invoke the side-effect-bearing flow; user triggers manually or hooks call the pipeline directly
• Deterministic JSON pipeline — scripts/handoff-pipeline.mjs returns structured JSON; tests run without LLM involvement
• Explicit staging — pipeline stages ONLY the artifact (never git add -A, regression-tested)
• No subagents, no web — under 60s budget; pinned to Sonnet 4.6 to free Opus for the next session

Key command: /graceful-handoff [topic-slug] [--no-commit] [--no-push] [--dry-run]

3 hooks · 1 skill · 1 pipeline · 57 tests · BREAKING from v1.0

→ Full documentation

---

MS AI Architect — Azure AI and Microsoft Foundry v1.14.0 🇳🇴 Norwegian

Microsoft AI solution architecture guidance for Norwegian public sector and enterprise.

Meet Cosmo Skyberg — a structured architect persona who understands the problem before recommending technology. Every recommendation is grounded in 387 reference documents and verified against live Microsoft Learn documentation via MCP:

• Structured advisory — 7-phase methodology from business need to architecture recommendation and optional diagram
• Regulatory assessments — ROS analysis (NS 5814), DPIA/PVK, security scoring (6×5), EU AI Act classification, cost estimation in NOK (P10/P50/P90)
• Norwegian public sector — Digdir architecture principles, Utredningsinstruksen, NSM, Schrems II data residency, EU AI Act compliance workflow
• Manual KB-refresh — /architect:kb-update slash command drives sitemap-based change detection + new-URL discovery + per-file microsoft_docs_fetch-update + commit, run from an active Claude Code session. Scheduling is intentionally out of scope and left to the user (cron / launchd / GitHub Actions etc. as desired)

Key commands: /architect, /architect:ros, /architect:security, /architect:dpia, /architect:utredning, /architect:cost

12 specialized agents · 25 commands · 5 skills (387 reference docs) · 2 hooks · manual sitemap-driven KB refresh

One-click demo (v1.14.0, 2026-05-08): "Last inn demo-data"-knappen på onboarding bootstrapper en ferdig "Acme Kommune" med demo-prosjektet "Acme: Kunde-chatbot" og alle 17 rapport-typer pre-importert som raw_markdown (konsistente navn på tvers av alle fixtures). Visualisering rehydreres automatisk på project-surface mount. 24 retina-screenshots committed under playground/screenshots/v1.14.0/ (12 surfaces × 2 tema), så forkere ser pluginen uten å kjøre noe. Standalone Playwright-runner under tests/screenshot/ (egen package.json).

Playground (v3, v1.14.0 — root-cause refaktor, 2026-05-08): Multi-surface decision-builder + report viewer. The single-file HTML app lives at playground/ms-ai-architect-playground.html (~3870+ lines). v1.14.0 leverer DS-konvensjon-adopsjon på 14 renderere over 6 sesjoner: B-DS-1/2/3 fikset i shared/ DS v0.4.0 (kanban-card word-break, expansion title-block, matrix-bubble cursor); 3 risk-renderere til DS-summary-grid + ros-layout; 6 compliance/govern-renderere bytter .report-meta-wrapper mot DS-konvensjon; renderMigrate + renderPoc til expansion-list per fase; 5b-fixes i renderCost/renderCompare/renderUtredning. Lokal <style>-blokk: 191 → 122 effektive linjer (~36% reduksjon siden v1.13.1).

• 4 surfaces: Onboarding (4 strukturerte / 14 fritekst, prefill alle command-skjemaer) → Home (project list + 3 entry tracks) → Catalog (24 commands grouped in 5 expansion categories with search) → Project (per-project tabs, command-form prefill, paste-back report import + visualization)
• Persistence: IndexedDB primary + localStorage fallback, schema-versioned (STATE_KEY = 'ms-ai-architect-state-v1') with eager migrations pipeline. v1.10.0 adds idempotent dataVersion v1→v2 migration that backfills verdict + keyStats on existing reports.
• 17 inline report renderers (felles grunnskjelett) — all wrap output through renderPageShell() with eyebrow + h1 + optional verdict-pill + optional key-stats-grid + archetype body (pyramid, 5×5/6×5/7×5 matrix, radar, kanban, mat-ladder, scenario-cards, screen-tabs, residual-pair, top-risks, recommendation-card, suppressed-panel, critique-card, read-more, traffic-light).
• Foundation helpers — renderPageShell, renderVerdictPill, renderKeyStatsGrid, inferVerdict, inferKeyStats, KEY_STATS_CONFIG.
• Light/dark theme toggle with Aksel-aligned tokens in both modes (full WCAG AA contrast). Persisted in localStorage('ms-ai-architect-theme'), FOUC-safe via <head>-bootstrap script.
• Validation: 272 PASS combined — 201 static + 70 parser-fixture + 1 verdict-pill. bash tests/run-e2e.sh --playground runs static-structure + parser-fixture suites. Migrations 7 PASS separat. Plugin-validering 219 PASS.
• Vendored design-system at playground/vendor/, kept in sync via scripts/sync-design-system.mjs ms-ai-architect. Standalone — opens from file:// without server or marketplace dependency.

→ Full documentation

---

LinkedIn Thought Leadership v1.2.0

Build authentic LinkedIn authority through algorithmic understanding, strategic consistency, and AI-assisted content creation.

Updated for the January 2026 360Brew algorithm change, which validates your creator profile before distributing content. v1.2.0 reduces friction: auto-clipboard on all content commands, max 2 interactive steps per post, deterministic state management, MCP image carousel pipeline, progressive onboarding, and iCal calendar integration for batch scheduling.

• Guided onboarding — /linkedin:onboarding walks new users through profile → setup → first post in one flow
• 360Brew profile optimization — audit your profile against LinkedIn's creator validation criteria
• Full content pipeline — ideation, drafting, publishing, 48-hour monitoring, and analytics
• Content Matrix System — 40+ post ideas from a single topic using 8 universal angles and 48 industry-specific variants
• Voice training — learns your authentic writing style and detects drift with 6-dimension scoring
• Analytics pipeline — import LinkedIn CSV exports, weekly/monthly reports, day-of-week heatmap
• Growth strategy — phase-specific guidance from foundation (0-1K followers) through authority (10K+)

Key commands: /linkedin:onboarding, /linkedin:post, /linkedin:quick, /linkedin:carousel, /linkedin:react, /linkedin:report

16 specialized agents · 27 commands · 6 skills · 9 hooks · 24 reference docs

→ Full documentation

---

OKR for Public Sector v1.3.0 🇳🇴 Norwegian

Turn strategy into measurable goals. An AI coach that learns your organization, tracks progress across cycles, and guides you from first OKR to organizational mastery.

Most OKR tools explain methodology. This plugin knows your organization. After a one-time onboarding conversation, it remembers your maturity level, strategic goals, current OKR, and cultural challenges. Every interaction builds on that knowledge — so you spend time on strategy, not re-explaining context.

• Strategy to OKR — transform goals from virksomhetsplan, tildelingsbrev, or any strategic document into well-structured OKR with guided writing, quality checks, and alignment scoring
• Gap analysis — /okr:gap compares your strategic documents against current OKR and shows what's covered, what's missing, and what to do about it
• Cross-cycle learning — /okr:analyse tracks score trends, recurring antipatterns, and alignment progress across cycles with visual charts
• Proactive coaching — automatically tells you where you are in the cycle and what to focus on — progress checks mid-cycle, retrospective prep near the end
• 19 antipattern detection — catches sandbagging, activity-disguised-as-KR, set-and-forget, and 16 more named failure modes before they take root
• Built for norsk offentlig sektor — 4-month tertials, DFO terminology, tillitsvalgt involvement, Riksrevisjon-ready documentation, governance chain from Stortingsmelding to team OKR

Key commands: /okr:skriv, /okr:kvalitet, /okr:gap, /okr:analyse, /okr:kaskade, /okr:sporing, /okr:governance, /okr:oppsett

7 agents · 10 commands · 4 hooks · 16 reference docs

→ Full documentation

---

Human-Friendly Style v1.0.0

Shared Claude Code output style used across this marketplace. Gives every plugin a consistent, plain-language tone — so users don't have to switch mental gears when moving between plugins.

• Explains what and why, not how — describes the work in human terms, reserves technical detail for when the user asks
• Hides noise by default — long paths, raw commands, JSON, stack traces, and verbose tool output are summarized rather than dumped
• Matches the user's language — Norwegian when the user writes Norwegian, English otherwise
• Honest about uncertainty — says "I think this should work" instead of pretending to be sure
• Keeps coding instructions intact (keep-coding-instructions: true) — testing discipline, careful edits, and verification still apply

Optional. Every other plugin in the marketplace works without it; this just makes the conversation feel more like dialog and less like a console dump.

Activate with /config → Output style → Human-Friendly.

1 output style · 0 commands · 0 agents · 0 hooks

→ Full documentation

---

Shared infrastructure

Playground Design System v0.1

Shared design system for plugin Playgrounds — visual self-service UIs that complement terminal slash-commands. Aksel/Digdir-aligned aesthetics, WCAG 2.1 AA compliance, light + dark themes, A4 print stylesheets with B/W severity patterns.

Targets five plugins: ms-ai-architect, okr, llm-security, voyage, config-audit. Built for Norwegian public sector decision-makers (kommunaldirektører, sikkerhetsoffiserer, OKR-koordinatorer) plus developer power-users — one visual family, two information densities.

• Tokens — Inter/JetBrains Mono/Source Serif 4 (all self-hosted, OFL 1.1), body 17px, Digdir blue #0062BA, deuteranopia-safe severity ramp, distinct severity-red vs failure-red, plugin-scope colors, semantic CSS custom properties
• Tier 1 components — radar/spider, 5×5 matrix-heatmap (bottom-left origin, ROS/DPIA), findings-browser, critique-card, wizard/stepper, live-meter with antipattern lints
• Tier 2 components — decision-tree (AI Act 4-step), traffic-lights, diff-review, treemap (token hotspots), distribution P10/P50/P90, command-pipeline output, AI Act 4-color pyramide, pipeline-cockpit, verdict-pill + 5-band risk-meter, codepoint-reveal (Unicode steganography), small-multiples grid (16-category posture without overcrowded radar), OWASP badges (LLM/ASI/AST/MCP)
• Tier 3 components (wave 1+2, 20 total) — pair-before-after, AI Act timeline, 3-track entry, FRIA rights-matrix, capability-matrix, parallel-agent-status, ErrorSummary, GuidePanel, toxic-flow chain, fleet-overview, kanban Keep/Review/Remove, maturity-ladder, classify-and-transform, cycle-ribbon, persistent-antipattern, suppressed-signals, ExpansionCard, ReadMore, FormProgress, Aspirational-vs-Committed
• JSON schemas — finding.schema.json, okr-set.schema.json, ros-threat.schema.json for cross-plugin data interchange
• Privacy-first — all fonts self-hosted as woff2 in fonts/, zero external CDN requests, GDPR-safe for offentlig sektor, works offline / behind air-gapped firewalls
• Reference scenarios — Lier kommune ROS-rapport (ms-ai-architect), Bærum kommune T2 OKR live-writer, Direktoratet for digital tjenesteutvikling ToxicSkills findings review (85 funn, BLOCK)
• Vendoring sync — scripts/sync-design-system.mjs <plugin> copies the design-system into plugins/<name>/playground/vendor/ so each plugin stays standalone. SHA-256 MANIFEST detects local drift; --force to override. First adopter: ms-ai-architect (2026-05-03).

→ Full documentation · Browse showcase

---

License

MIT