zsp/everything-claude-code
1
0
Fork 0
mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-03-30 13:43:26 +08:00
Code Issues Packages Projects Releases Wiki Activity
748 Commits 23 Branches 12 Tags
bb1efad7c7971caa653ff6ae62e8bb7e6868db54
Commit Graph

748 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Affaan Mustafa
bb1efad7c7 fix: bump plugin.json and marketplace.json to v1.9.0 
Both files were stuck at v1.8.0, blocking upgrades via claudepluginhub.
 2026-03-22 15:36:35 -07:00
Affaan Mustafa
57fa3b56c0 Merge pull request #736 from pvgomes/docs/add-brazilian-portuguese-translation 
Docs/add brazilian portuguese translation
 2026-03-22 06:47:18 -07:00
Paulo Victor Leite Lima Gomes
c3769b5c13 Update docs/pt-BR/commands/eval.md 
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
 2026-03-22 09:31:32 +01:00
Paulo Victor Leite Lima Gomes
d54b57e77d Update docs/pt-BR/commands/plan.md 
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
 2026-03-22 09:21:11 +01:00
Paulo Victor Leite Lima Gomes
82e842ad69 Update docs/pt-BR/commands/orchestrate.md 
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
 2026-03-22 09:20:46 +01:00
Paulo Victor Gomes
408a208086 fix security reviewer and refactor doc 2026-03-22 09:18:26 +01:00
Paulo Victor Leite Lima Gomes
bb1c625b30 Update docs/pt-BR/agents/go-build-resolver.md 
Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
 2026-03-22 09:05:13 +01:00
Affaan Mustafa
900c9836fb docs: restore zenith.chat and @DRodriguezFX in Background (own project) 2026-03-21 19:48:20 -07:00
Affaan Mustafa
6b2de1baff security: remove supply chain risks, external promotions, and unauthorized credits 
- Remove zenith.chat references and @DRodriguezFX shoutout from README
- Remove Inspiration Credits section (already in CHANGELOG.md)
- Remove awesome-agent-skills reference from Links
- Remove Plankton H3 section by @alxfazio (skill stays in skills/)
- Remove brand names (InsAIts, VideoDB, Evos) from v1.9.0 notes
- Remove @ericcai0814 individual credit from README (kept in CHANGELOG)
- Add Security Guide to Links section
- Replace curl-pipe-to-bash in autonomous-loops with review warning
- Replace git clone in plankton-code-quality with review warning
- Replace pip install git+ in agent-eval with review warning
- Replace npm install -g in dmux-workflows with review warning
- Add commercial API notice to nutrient-document-processing
- Remove VideoDB maintainer credit from videodb skill
- Replace skill-creator.app link with ECC-Tools GitHub App reference
 2026-03-21 18:10:05 -07:00
Paulo Victor Leite Lima Gomes
f55dc50435 Update docs/pt-BR/commands/go-review.md 
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
 2026-03-21 21:19:26 +01:00
Paulo Victor Leite Lima Gomes
dae25a15b3 Update docs/pt-BR/commands/eval.md 
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
 2026-03-21 21:19:02 +01:00
Paulo Victor Leite Lima Gomes
4dafacaa8b Update docs/pt-BR/commands/plan.md 
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
 2026-03-21 21:18:38 +01:00
Paulo Victor Gomes
9b24173867 docs(readme): add pt-BR language link 2026-03-21 14:09:27 +01:00
Paulo Victor Gomes
91dcb31886 docs(pt-BR): add rules translation 2026-03-21 14:06:49 +01:00
Paulo Victor Gomes
be6d7f314a docs(pt-BR): add examples translation 2026-03-21 14:06:49 +01:00
Paulo Victor Gomes
1ef8bc1e72 docs(pt-BR): add commands translation 2026-03-21 14:06:49 +01:00
Paulo Victor Gomes
5fb3bca5fd docs(pt-BR): add agents translation 2026-03-21 14:06:49 +01:00
Paulo Victor Gomes
29c0434eb3 docs(pt-BR): add core docs translation 2026-03-21 14:06:49 +01:00
Paulo Victor Gomes
0195465234 basic README 2026-03-21 14:01:15 +01:00
Affaan Mustafa
0d2828cc00 Merge pull request #728 from zdocapp/zh-CN-pr 
docs(zh-CN): sync Chinese docs with latest upstream changes
 2026-03-21 03:02:14 -07:00
Affaan Mustafa
c1847bec5d docs: publish The Shorthand Guide to Everything Agentic Security 
Full article with embedded images: attack chain diagram, sandboxing
comparison, sanitization visual, observability logging, ghostyy overflow.
Tweet quotes from @TalBeerySec, @HedgieMarkets, @blackorbird formatted
as blockquotes. Stats table fixed. Code blocks tagged. Links to shorthand
and longform guides at bottom.
 2026-03-20 22:57:50 -07:00
neo
4b01c8eef5 fix(zh-CN): update image path 2026-03-21 13:21:55 +08:00
neo
e73c2ffa34 docs(zh-CN): sync Chinese docs with latest upstream changes 2026-03-21 12:55:58 +08:00
Affaan Mustafa
0af0fbf40b docs: update guide screenshots with current engagement stats 2026-03-20 20:40:13 -07:00
Affaan Mustafa
af30ae63c5 docs: add security guide header image to README 2026-03-20 20:34:03 -07:00
Affaan Mustafa
fc4e5d654b docs: add SECURITY.md, publish agentic security guide, remove openclaw guide 
- Add SECURITY.md with vulnerability reporting policy
- Publish "The Shorthand Guide to Everything Agentic Security" with attack
  vectors, sandboxing, sanitization, CVEs, and AgentShield coverage
- Add security guide to README guides section (3-column layout)
- Remove unpublished openclaw guide
- Copy security article images to assets/images/security/
 2026-03-20 20:25:15 -07:00
Affaan Mustafa
7ccfda9e25 fix: skip flaky observer shell test on Windows (#722) 2026-03-20 07:30:52 -07:00
Affaan Mustafa
2643e0c72f fix: update catalog counts for flutter-reviewer (28 agents, 116 skills) 2026-03-20 07:11:16 -07:00
Maciej
1975a576c5 feat(agents): add flutter-reviewer agent and skill (#716) 
Library-agnostic Flutter/Dart code reviewer that adapts to the project's
chosen state management solution (BLoC, Riverpod, Provider, GetX, MobX,
Signals) and architecture pattern (Clean Architecture, MVVM, feature-first).

Co-authored-by: Maciej Starosielec <maciej@code-snap.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-20 06:40:28 -07:00
Chris Yau
f563fe2a3b fix: codex sync merges AGENTS.md instead of replacing it (#715) 
The sync script previously overwrote ~/.codex/AGENTS.md on every run,
destroying any user-authored content. This adds marker-based merging
(<!-- BEGIN ECC --> / <!-- END ECC -->) so only the ECC-managed section
is replaced on subsequent runs, preserving user content outside the
markers.

Merge logic:
- No file → create with markers
- Both markers present (ordered, CRLF-safe) → replace only the ECC section
- BEGIN without END (corrupted) → full replace (backup saved)
- No markers at all → append ECC block (preserves existing content)

Also fixes:
- Symlink preservation: uses cat > instead of mv to write through symlinks
- CRLF handling: strips \r in marker detection to handle Windows-edited files
- Marker ordering: validates BEGIN appears before END, not just that both exist

The legacy heading-match heuristic was intentionally removed per council
review: any unmarked file is either user-authored (append is safe) or
legacy ECC-generated (duplicates once, deduplicates on next run via
markers). A timestamped backup is always saved before any mutation.

Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Happy <yesreply@happy.engineering>
 2026-03-20 06:38:32 -07:00
Affaan Mustafa
e8495aa3fc feat: add MCP health-check hook (#711) 2026-03-20 05:56:21 -07:00
Affaan Mustafa
35071150b7 fix: sanitize SessionStart session summaries (#710) 2026-03-20 05:42:32 -07:00
Affaan Mustafa
40f18885b1 feat(rules): add C# language support (#704) 
* feat(rules): add C# language support

* feat: add everything-claude-code ECC bundle (#705)

* feat: add everything-claude-code ECC bundle (.claude/ecc-tools.json)

* feat: add everything-claude-code ECC bundle (.claude/skills/everything-claude-code/SKILL.md)

* feat: add everything-claude-code ECC bundle (.agents/skills/everything-claude-code/SKILL.md)

* feat: add everything-claude-code ECC bundle (.agents/skills/everything-claude-code/agents/openai.yaml)

* feat: add everything-claude-code ECC bundle (.claude/identity.json)

* feat: add everything-claude-code ECC bundle (.codex/agents/explorer.toml)

* feat: add everything-claude-code ECC bundle (.codex/agents/reviewer.toml)

* feat: add everything-claude-code ECC bundle (.codex/agents/docs-researcher.toml)

* feat: add everything-claude-code ECC bundle (.claude/rules/everything-claude-code-guardrails.md)

* feat: add everything-claude-code ECC bundle (.claude/research/everything-claude-code-research-playbook.md)

* feat: add everything-claude-code ECC bundle (.claude/team/everything-claude-code-team-config.json)

* feat: add everything-claude-code ECC bundle (.claude/enterprise/controls.md)

* feat: add everything-claude-code ECC bundle (.claude/commands/database-migration.md)

* feat: add everything-claude-code ECC bundle (.claude/commands/feature-development.md)

* feat: add everything-claude-code ECC bundle (.claude/commands/add-language-rules.md)

---------

Co-authored-by: ecc-tools[bot] <257055122+ecc-tools[bot]@users.noreply.github.com>

* ci: retrigger

---------

Co-authored-by: ecc-tools[bot] <257055122+ecc-tools[bot]@users.noreply.github.com>
 2026-03-20 05:20:23 -07:00
Affaan Mustafa
b77f49569b feat: add nuxt 4 patterns skill (#702) 2026-03-20 04:44:31 -07:00
Affaan Mustafa
bea68549c5 feat: agent description compression with lazy loading (#696) 
* feat: add agent description compression with lazy loading (#491)

Agent descriptions consume ~26k tokens (121KB across 27 agents). This adds
a compression library with three modes:
- catalog: metadata only (~2-3k tokens) for agent selection
- summary: metadata + first paragraph (~4-5k tokens) for routing
- full: no compression, for when agent is invoked

Includes lazy-load function to fetch full agent body on demand.
21 tests covering parsing, compression, filtering, and real agents dir.

* fix: update JSDoc to include all stats fields in buildAgentCatalog

Add compressedBytes and mode to the documented return type, matching
the actual implementation.
 2026-03-20 03:53:22 -07:00
Affaan Mustafa
b981c765ae fix: stabilize windows project metadata assertions 2026-03-20 03:39:37 -07:00
Chris Yau
b61f549444 fix(tests): resolve Windows CI test failures (#701) 
* fix(tests): skip bash tests on Windows and fix USERPROFILE in resolve-ecc-root

- hooks.test.js: add SKIP_BASH guard for 8 bash-dependent tests
  (detect-project.sh, observe.sh) while keeping 207 Node.js tests running
- resolve-ecc-root.test.js: add USERPROFILE to env overrides in 2
  INLINE_RESOLVE tests so os.homedir() resolves correctly on Windows

Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)

Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>

* fix(tests): handle BOM in shebang stripping and skip worktree tests on Windows

- validators.test.js: replace regex stripShebang with character-code
  approach that handles UTF-8 BOM before shebang line
- detect-project-worktree.test.js: skip entire file on Windows since
  tests invoke bash scripts directly

Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)

Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Happy <yesreply@happy.engineering>
 2026-03-20 03:37:21 -07:00
Affaan Mustafa
162236f463 fix: normalize bash metadata paths on windows 2026-03-20 03:29:45 -07:00
Affaan Mustafa
04ad4737de fix: stabilize windows hook tests 2026-03-20 03:23:37 -07:00
Affaan Mustafa
8ebb47bdd1 fix: normalize windows bash test harness 2026-03-20 03:15:05 -07:00
Affaan Mustafa
e70c43bcd4 fix: harden windows CI tests and markdown lint 2026-03-20 03:03:57 -07:00
Affaan Mustafa
cbccb7fdc0 fix: strip validator shebangs on Windows CRLF checkouts 2026-03-20 02:44:25 -07:00
Affaan Mustafa
a2df9397ff fix: resolve ESLint errors and add npx command support in hook tests 
Remove unused loadInstallManifests import and prefix unused result
variable with underscore in selective-install tests. Add npx as an
approved command prefix in hook validation tests.
 2026-03-20 02:11:12 -07:00
Affaan Mustafa
47f508ec21 Revert "Add Kiro IDE support (.kiro/) (#548)" 
This reverts commit ce828c1c3c.
 2026-03-20 01:58:19 -07:00
Himanshu Sharma
ce828c1c3c Add Kiro IDE support (.kiro/) (#548) 
Co-authored-by: Sungmin Hong <hsungmin@amazon.com>
 2026-03-20 01:50:35 -07:00
Ofek Gabay
c8f631b046 feat: add block-no-verify hook for Claude Code and Cursor (#649) 
Adds npx block-no-verify@1.1.2 as a PreToolUse Bash hook in hooks/hooks.json
and a beforeShellExecution hook in .cursor/hooks.json to prevent AI agents
from bypassing git hooks via the hook-bypass flag.

This closes the last enforcement gap in the ECC security stack — the bypass
flag silently skips pre-commit, commit-msg, and pre-push hooks.

Closes #648

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-20 01:50:31 -07:00
Affaan Mustafa
8511d84042 feat(skills): add rules-distill skill (rebased #561) (#678) 
* feat(skills): add rules-distill — extract cross-cutting principles from skills into rules

Applies the skill-stocktake pattern to rules maintenance:
scan skills → extract shared principles → propose rule changes.

Key design decisions:
- Deterministic collection (scan scripts) + LLM judgment (cross-read & verdict)
- 6 verdict types: Append, Revise, New Section, New File, Already Covered, Too Specific
- Anti-abstraction safeguard: 2+ skills evidence, actionable behavior test, violation risk
- Rules full text passed to LLM (no grep pre-filter) for accurate matching
- Never modifies rules automatically — always requires user approval

* fix(skills): address review feedback for rules-distill

Fixes raised by CodeRabbit, Greptile, and cubic:

- Add Prerequisites section documenting skill-stocktake dependency
- Add fallback command when skill-stocktake is not installed
- Fix shell quoting: add IFS= and -r to while-read loops
- Replace hardcoded paths with env var placeholders ($CLAUDE_RULES_DIR, $SKILL_STOCKTAKE_DIR)
- Add json language identifier to code blocks
- Add "How It Works" parent heading for Phase 1/2/3
- Add "Example" section with end-to-end run output
- Add revision.reason/before/after fields to output schema for Revise verdict
- Document timestamp format (date -u +%Y-%m-%dT%H:%M:%SZ)
- Document candidate-id format (kebab-case from principle)
- Use concrete examples in results.json schema

* fix(skills): remove skill-stocktake dependency, add self-contained scripts

Address P1 review feedback:
- Add scan-skills.sh and scan-rules.sh directly in rules-distill/scripts/
  (no external dependency on skill-stocktake)
- Remove Prerequisites section (no longer needed)
- Add cross-batch merge step to prevent 2+ skills requirement
  from being silently broken across batch boundaries
- Fix nested triple-backtick fences (use quadruple backticks)
- Remove head -100 cap (silent truncation)
- Rename "When to Activate" → "When to Use" (ECC standard)
- Remove unnecessary env var placeholders (SKILL.md is a prompt, not a script)

* fix: update skill/command counts in README.md and AGENTS.md

rules-distill added 1 skill + 1 command:
- skills: 108 → 109
- commands: 57 → 58

Updates all count references to pass CI catalog validation.

* fix(skills): address Servitor review feedback for rules-distill

1. Rename SKILL_STOCKTAKE_* env vars to RULES_DISTILL_* for consistency
2. Remove unnecessary observation counting (use_7d/use_30d) from scan-skills.sh
3. Fix header comment: scan.sh → scan-skills.sh
4. Use jq for JSON construction in scan-rules.sh to properly escape
   headings containing special characters (", \)

* fix(skills): address CodeRabbit review — portability and scan scope

1. scan-rules.sh: use jq for error JSON output (proper escaping)
2. scan-rules.sh: replace GNU-only sort -z with portable sort (BSD compat)
3. scan-rules.sh: fix pipefail crash on files without H2 headings
4. scan-skills.sh: scan only SKILL.md files (skip learned/*.md and
   auxiliary docs that lack frontmatter)
5. scan-skills.sh: add portable get_mtime helper (GNU stat/date
   fallback to BSD stat/date)

* fix: sync catalog counts with filesystem (27 agents, 114 skills, 59 commands)

---------

Co-authored-by: Tatsuya Shimomoto <shimo4228@gmail.com>
 2026-03-20 01:44:55 -07:00
dependabot[bot]
8a57894394 chore(deps-dev): bump flatted (#675) 
Bumps the npm_and_yarn group with 1 update in the / directory: [flatted](https://github.com/WebReflection/flatted).


Updates `flatted` from 3.3.3 to 3.4.2
- [Commits](https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2)

---
updated-dependencies:
- dependency-name: flatted
  dependency-version: 3.4.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-20 01:42:19 -07:00
Affaan Mustafa
68484da2fc fix: auto-detect ECC root from plugin cache when CLAUDE_PLUGIN_ROOT is unset (#547) (#691) 
When ECC is installed as a Claude Code plugin via the marketplace,
scripts live in the plugin cache (~/.claude/plugins/cache/...) but
commands fallback to ~/.claude/ which doesn't have the scripts.

Add resolve-ecc-root.js with a 3-step fallback chain:
  1. CLAUDE_PLUGIN_ROOT env var (existing)
  2. Standard install at ~/.claude/ (existing)
  3. NEW: auto-scan the plugin cache directory

Update sessions.md and skill-health.md commands to use the new
inline resolver. Includes 15 tests covering all fallback paths
including env var priority, standard install, cache discovery,
and the compact INLINE_RESOLVE used in command .md files.
 2026-03-20 01:38:15 -07:00
Affaan Mustafa
0b0b66c02f feat: agent compression, inspection logic, governance hooks (#491, #485, #482) (#688) 
Implements three roadmap features:

- Agent description compression (#491): New `agent-compress` module with
  catalog/summary/full compression modes and lazy-loading. Reduces ~26k
  token agent descriptions to ~2-3k catalog entries for context efficiency.

- Inspection logic (#485): New `inspection` module that detects recurring
  failure patterns in skill_runs. Groups by skill + normalized failure
  reason, generates structured reports with suggested remediation actions.
  Configurable threshold (default: 3 failures).

- Governance event capture hook (#482): PreToolUse/PostToolUse hook that
  detects secrets, policy violations, approval-required commands, and
  elevated privilege usage. Gated behind ECC_GOVERNANCE_CAPTURE=1 flag.
  Writes to governance_events table via JSON-line stderr output.

59 new tests (16 + 16 + 27), all passing.
 2026-03-20 01:38:13 -07:00