Add /ultraresearch-local for structured research combining local codebase analysis with external knowledge via parallel agent swarms. Produces research briefs with triangulation, confidence ratings, and source quality assessment. New command: /ultraresearch-local with modes --quick, --local, --external, --fg. New agents: research-orchestrator (opus), docs-researcher, community-researcher, security-researcher, contrarian-researcher, gemini-bridge (all sonnet). New template: research-brief-template.md. Integration: --research flag in /ultraplan-local accepts pre-built research briefs (up to 3), enriches the interview and exploration phases. Planning orchestrator cross-references brief findings during synthesis. Design principle: Context Engineering — right information to right agent at right time. Research briefs are structured artifacts in the pipeline: ultraresearch → brief → ultraplan --research → plan → ultraexecute. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
6.6 KiB
Security Posture Scorecard
Header
Project: [Name of the project or directory assessed]
Assessment date: [ISO 8601 — e.g. 2026-02-19]
Assessed by: llm-security plugin v[X.X] — posture-assessor-agent
Mode: Quick assessment (for full audit run /security audit)
Overall Score
[N] / 9 categories covered
[==========> ] [N]/9 [Rating label]
Rating labels by score:
- 9/9 — Fully secured
- 7–8/9 — Well secured
- 5–6/9 — Partially secured
- 3–4/9 — Significant gaps
- 0–2/9 — Critical gaps
One-line verdict: [e.g. "3 gaps require immediate attention before this plugin is safe for production use."]
Category Scorecard
Each category is marked with one of four indicators:
- COVERED — Control is in place and effective
- PARTIAL — Control exists but has gaps
- GAP — Control is absent or broken
- N/A — Not applicable to this project
| # | Category | Status | Notes |
|---|---|---|---|
| 1 | Deny-First Configuration | [COVERED / PARTIAL / GAP / N/A] | [1–2 lines: what is in place or what is missing] |
| 2 | Secrets Protection | [COVERED / PARTIAL / GAP / N/A] | [1–2 lines] |
| 3 | Path Guarding | [COVERED / PARTIAL / GAP / N/A] | [1–2 lines] |
| 4 | MCP Server Trust | [COVERED / PARTIAL / GAP / N/A] | [1–2 lines] |
| 5 | Destructive Command Blocking | [COVERED / PARTIAL / GAP / N/A] | [1–2 lines] |
| 6 | Sandbox Configuration | [COVERED / PARTIAL / GAP / N/A] | [1–2 lines] |
| 7 | Human Review Requirements | [COVERED / PARTIAL / GAP / N/A] | [1–2 lines] |
| 8 | Skill and Plugin Sources | [COVERED / PARTIAL / GAP / N/A] | [1–2 lines] |
| 9 | Session Isolation | [COVERED / PARTIAL / GAP / N/A] | [1–2 lines] |
Category Detail
1. Deny-First Configuration
[What deny-first controls were found, or what is missing. Reference specific config files if present.]
2. Secrets Protection
[Describe hook coverage, .gitignore patterns, and any hardcoded secrets found. Redact actual values.]
3. Path Guarding
[Which sensitive paths are guarded. List any unprotected paths that should be blocked.]
4. MCP Server Trust
[Number of MCP servers found. Trust status for each: verified / unverified / local-only.]
5. Destructive Command Blocking
[Hook presence. Which destructive patterns are blocked. Any patterns that are missing.]
6. Sandbox Configuration
[Network access scope, file system scope, any overly permissive settings found.]
7. Human Review Requirements
[Whether high-impact operations require confirmation. Examples of confirmation gates found or absent.]
8. Skill and Plugin Sources
[Number of plugins/skills. Source verification status. Any plugins from unverified sources.]
9. Session Isolation
[How context is shared between agents and sessions. Any cross-session state leakage risks.]
Top 3 Recommendations
These are the highest-impact actions to improve posture, ordered by urgency.
1. [Title of recommendation] Category: [Category name] Risk: [What could happen if not addressed] Action: [Specific step to take] Effort: [Low / Medium / High]
2. [Title of recommendation] Category: [Category name] Risk: [What could happen if not addressed] Action: [Specific step to take] Effort: [Low / Medium / High]
3. [Title of recommendation] Category: [Category name] Risk: [What could happen if not addressed] Action: [Specific step to take] Effort: [Low / Medium / High]
Quick Wins
Things that can be fixed in under 5 minutes with no architectural changes.
- [Quick win action — e.g. "Add
.envto.gitignore"] - [Quick win action — e.g. "Enable
pre-edit-secretshook from claude-code-essentials"] - [Quick win action — e.g. "Remove hardcoded API key on line 42 of config.json"]
If no quick wins are identified, write: "No quick wins identified — improvements require architectural changes."
Baseline Comparison
What a fully secured Claude Code project looks like vs. this project.
| Category | Fully Secured | This Project |
|---|---|---|
| Deny-First Configuration | defaultPermissionLevel: deny in settings |
[Current state] |
| Secrets Protection | Hook active + .env gitignored + no hardcoded secrets |
[Current state] |
| Path Guarding | pre-write-pathguard hook blocks sensitive paths |
[Current state] |
| MCP Server Trust | All servers verified, minimal scope, auth required | [Current state] |
| Destructive Command Blocking | pre-bash-destructive hook with comprehensive patterns |
[Current state] |
| Sandbox Configuration | Network and filesystem access scoped to project | [Current state] |
| Human Review Requirements | Confirmation gates before irreversible operations | [Current state] |
| Skill and Plugin Sources | All plugins from verified sources, minimal permissions | [Current state] |
| Session Isolation | No cross-session state leakage, minimal context sharing | [Current state] |
Gap summary: [N] of 9 categories match the fully secured baseline. [N] have partial coverage. [N] have no coverage.
Footer
| Field | Value |
|---|---|
| llm-security version | [e.g. 0.1.0] |
| Assessment engine | posture-assessor-agent |
| Full audit command | /security audit |
| Report generated | [ISO 8601 timestamp] |