[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"extension-plugin-anthropics-security-guidance-pl":3,"guides-for-anthropics-security-guidance":276,"similar-k1731y8wkmyp03dbg7ksa3f67x867zz7":277},{"_creationTime":4,"_id":5,"children":6,"community":7,"display":9,"evaluation":19,"identity":211,"isFallback":216,"parentExtension":217,"providers":247,"relations":252,"repo":253,"workflow":275},1778054452948.4302,"k1731y8wkmyp03dbg7ksa3f67x867zz7",[],{"reviewCount":8},0,{"description":10,"installMethods":11,"name":12,"sourceUrl":13,"tags":14},"Security reminder hook that warns about potential security issues when editing files, including command injection, XSS, and unsafe code patterns",{},"Security Guidance","https://github.com/anthropics/claude-plugins-official/tree/HEAD/plugins/security-guidance",[15,16,17,18],"security","code-editing","hooks","python",{"_creationTime":20,"_id":21,"extensionId":5,"locale":22,"result":23,"trustSignals":199,"workflow":209},1778054703946.796,"kn7ddjn69hj2dbbsd9g2zen0z1866aya","en",{"checks":24,"evaluatedAt":189,"extensionSummary":190,"promptVersionExtension":191,"promptVersionScoring":192,"rationale":193,"score":194,"summary":195,"tags":196,"targetMarket":197,"tier":198},[25,30,33,36,40,43,47,52,56,59,63,67,70,74,77,80,83,86,89,92,96,100,104,108,112,115,118,122,126,129,132,135,138,141,144,147,150,153,156,159,162,165,168,171,175,178,181,185],{"category":26,"check":27,"severity":28,"summary":29},"Practical Utility","Problem relevance","pass","The description clearly states the problem addressed: warning about potential security issues when editing files.",{"category":26,"check":31,"severity":28,"summary":32},"Unique selling proposition","The plugin implements specific security pattern checks (command injection, XSS, etc.) beyond basic LLM behavior, offering tangible value.",{"category":26,"check":34,"severity":28,"summary":35},"Production readiness","The plugin provides a complete lifecycle for security warnings, including runtime checks, warnings, and session-based state management for previously shown issues.",{"category":37,"check":38,"severity":28,"summary":39},"Scope","Single responsibility principle","The plugin focuses solely on providing security reminders for file editing operations, aligning with its name and description.",{"category":37,"check":41,"severity":28,"summary":42},"Description quality","The displayed description accurately and concisely reflects the plugin's functionality.",{"category":44,"check":45,"severity":28,"summary":46},"Invocation","Scoped tools","The plugin hooks are scoped to specific file editing tools (Edit, Write, MultiEdit) and specific filename patterns where applicable, rather than general commands.",{"category":48,"check":49,"severity":50,"summary":51},"Documentation","Configuration & parameter reference","warning","The script references an environment variable `ENABLE_SECURITY_REMINDER` for disabling the hook, but this is not documented in the README or plugin.json.",{"category":37,"check":53,"severity":54,"summary":55},"Tool naming","not_applicable","This is a plugin with hooks, not exposed tools/commands with user-facing names.",{"category":37,"check":57,"severity":28,"summary":58},"Minimal I/O surface","The hook's input and output are limited to the necessary data for security pattern detection and warning display.",{"category":60,"check":61,"severity":28,"summary":62},"License","License usability","The plugin includes an Apache 2.0 license file, which is a permissive open-source license.",{"category":64,"check":65,"severity":54,"summary":66},"Maintenance","Commit recency","No commits found in the repository for this plugin, indicating it may be unmaintained or static.",{"category":64,"check":68,"severity":54,"summary":69},"Dependency Management","No third-party dependencies are used by the plugin.",{"category":71,"check":72,"severity":28,"summary":73},"Security","Secret Management","The plugin does not handle or expose any secrets.",{"category":71,"check":75,"severity":28,"summary":76},"Injection","The hook sanitizes input and checks for known injection patterns; it does not execute arbitrary code from external sources.",{"category":71,"check":78,"severity":28,"summary":79},"Transitive Supply-Chain Grenades","The plugin only uses bundled Python scripts and does not fetch external code or data at runtime.",{"category":71,"check":81,"severity":28,"summary":82},"Sandbox Isolation","The hook operates within expected scopes, writing logs to /tmp and state to ~/.claude/, and exits cleanly without affecting external files or the system.",{"category":71,"check":84,"severity":28,"summary":85},"Sandbox escape primitives","The hook exits with appropriate status codes (0, 2) and does not use detached processes or retry loops to escape sandboxing.",{"category":71,"check":87,"severity":28,"summary":88},"Data Exfiltration","The hook does not make any outbound network calls or submit confidential data.",{"category":71,"check":90,"severity":28,"summary":91},"Hidden Text Tricks","The bundled files do not contain any hidden text tricks or obfuscation aimed at manipulating the model.",{"category":93,"check":94,"severity":28,"summary":95},"Hooks","Opaque code execution","The Python hook script is readable, not obfuscated, and does not fetch external code.",{"category":97,"check":98,"severity":28,"summary":99},"Portability","Structural Assumption","The hook uses standard paths like /tmp and ~/.claude/ for state and logs, which are portable across environments.",{"category":101,"check":102,"severity":54,"summary":103},"Trust","Issues Attention","No issues found in the repository for this plugin.",{"category":105,"check":106,"severity":50,"summary":107},"Versioning","Release Management","No version information is present in the manifest files or any other metadata, and the install instructions do not specify a version, potentially leading to unexpected updates.",{"category":109,"check":110,"severity":28,"summary":111},"Code Execution","Validation","The hook validates its input by checking for relevant tool names and extracting content, and uses fixed paths for logs and state files.",{"category":71,"check":113,"severity":28,"summary":114},"Unguarded Destructive Operations","The hook is designed to provide warnings and does not perform any destructive operations.",{"category":109,"check":116,"severity":28,"summary":117},"Error Handling","The Python script includes error handling for file operations and JSON parsing, and exits with appropriate codes, allowing the agent to proceed or block as intended.",{"category":109,"check":119,"severity":120,"summary":121},"Logging","info","The plugin implements a debug log file for its own operations, which is helpful but not a user-facing audit log of executed actions.",{"category":123,"check":124,"severity":28,"summary":125},"Compliance","GDPR","The plugin does not specifically operate on personal data beyond what is inherent in file content, and it doesn't submit data to third parties.",{"category":123,"check":127,"severity":28,"summary":128},"Target market","The plugin's functionality is generic and not tied to any specific geographic or legal jurisdiction. Target market is global.",{"category":97,"check":130,"severity":28,"summary":131},"Runtime stability","The plugin is written in Python and uses standard libraries, making it stable across different environments. It handles potential errors gracefully.",{"category":37,"check":133,"severity":54,"summary":134},"Tool surface size","This is a plugin with hooks, not exposed tools/commands.",{"category":44,"check":136,"severity":28,"summary":137},"Name collisions","There is only one hook defined, so no name collisions are possible.",{"category":44,"check":139,"severity":54,"summary":140},"Overlapping near-synonym tools","This is a plugin with hooks, not exposed tools/commands with overlapping functionalities.",{"category":44,"check":142,"severity":50,"summary":143},"Hooks-off mechanism","The plugin uses an environment variable `ENABLE_SECURITY_REMINDER` to disable hooks, but this mechanism is not documented in the README, making it difficult for users to discover and use.",{"category":44,"check":145,"severity":28,"summary":146},"Hook matcher tightness","The hook matcher `Edit|Write|MultiEdit` is specific to relevant file editing operations and is not overly broad.",{"category":71,"check":148,"severity":28,"summary":149},"Hook security","The hook only provides warnings and does not perform destructive operations or network calls. It is also session-scoped and exits appropriately.",{"category":93,"check":151,"severity":28,"summary":152},"Silent prompt rewriting","This is a `PreToolUse` hook and does not rewrite prompts. Any warnings are output to stderr, making them visible.",{"category":71,"check":154,"severity":54,"summary":155},"Permission Hook","The plugin does not use PermissionRequest hooks.",{"category":123,"check":157,"severity":28,"summary":158},"Hook privacy","The hook logs its own debug information locally and does not send any telemetry or data over the network.",{"category":109,"check":160,"severity":28,"summary":161},"Hook dependency","The hook is a single, readable Python script of reasonable length and is included in the repository.",{"category":48,"check":163,"severity":50,"summary":164},"Install / Setup Instructions","The README provides general installation instructions for plugins but lacks specific setup or configuration details for this particular plugin, such as how to enable/disable the security reminder.",{"category":48,"check":166,"severity":50,"summary":167},"Feature Transparency","The `plugin.json` declares a `PreToolUse` hook, but the README does not mention the security reminder functionality or its purpose.",{"category":48,"check":169,"severity":28,"summary":170},"Phantom features","All documented features (security reminders for file edits) correspond to implemented functionality.",{"category":172,"check":173,"severity":28,"summary":174},"Convention","Layout convention adherence","The plugin follows standard Claude Code plugin structure with `.claude-plugin/plugin.json` and hooks in the `hooks/` directory.",{"category":172,"check":176,"severity":28,"summary":177},"Plugin state","Plugin state (session warnings) is stored under `~/.claude/`, which adheres to best practices for persistence.",{"category":71,"check":179,"severity":54,"summary":180},"Keychain-stored secrets","The plugin does not consume or store any secrets.",{"category":182,"check":183,"severity":54,"summary":184},"Dependencies","Tagged release sourcing","No bundled MCP servers or external dependencies requiring tagged release sourcing are used.",{"category":186,"check":187,"severity":28,"summary":188},"Installation","Clean uninstall","The plugin does not install background daemons, cron jobs, or other persistent services that would survive uninstallation.",1778054659704,"This plugin hooks into file editing operations (Edit, Write, MultiEdit) to scan for and warn about common security risks such as command injection, XSS, and unsafe code patterns. It maintains session-specific state to avoid repetitive warnings and uses standard Python for its logic.","2.0.0","3.4.0","The plugin is well-implemented with a clear security focus and good sandboxing. However, the lack of versioning and undocumented configuration (hooks-off mechanism) indicate areas for improvement in maintenance and user experience.",75,"A security reminder plugin that warns about potential vulnerabilities during file edits.",[15,16,17,18],"global","evaluated",{"codeQuality":200,"collectedAt":201,"documentation":202,"maintenance":204,"popularity":205,"security":206,"testCoverage":208},{},1778054645912,{"descriptionLength":203,"readmeSize":8},144,{},{"smitheryUniqueUsers":8,"smitheryUseCount":8},{"hasNpmPackage":207,"smitheryVerified":207},false,{"hasCi":207,"hasTests":207},{"updatedAt":210},1778054703946,{"githubOwner":212,"githubRepo":213,"locale":22,"slug":214,"type":215},"anthropics","claude-plugins-official","security-guidance","plugin",true,{"_creationTime":218,"_id":219,"community":220,"display":221,"identity":230,"parentExtension":231,"providers":232,"relations":241,"workflow":243},1778054452948.4092,"k171b9714j6pgfxqht22y94q4x866sck",{"reviewCount":8},{"description":222,"name":223,"sourceUrl":224,"tags":225},"Directory of popular Claude Code extensions including development tools, productivity plugins, and MCP integrations","Claude Code Plugins Directory","https://github.com/anthropics/claude-plugins-official",[226,227,228,229],"marketplace","directory","plugins","mcp",{"githubOwner":212,"githubRepo":213,"locale":22,"slug":213,"type":226},null,{"extract":233,"llm":238,"smithery":240},{"commitSha":234,"license":235,"marketplace":236},"06f52cd3ac3e47ecb45228a86183ea2a86e9d6ff","n/a",{"name":213,"pluginCount":237},179,{"promptVersionExtension":191,"promptVersionScoring":192,"score":239,"targetMarket":197,"tier":198},85,{"qualityScore":8,"totalActivations":8,"uniqueUsers":8,"useCount":8,"verified":207},{"repoId":242},"kd798hf3w99qz2xt1fqtgq7gf9865e31",{"anyEnrichmentAt":244,"extractAt":245,"githubAt":246,"llmAt":210,"smitheryAt":244,"updatedAt":210},1778054509977,1778054452948,1778054454391,{"extract":248,"llm":250,"smithery":251},{"commitSha":234,"license":249},"Apache-2.0",{"promptVersionExtension":191,"promptVersionScoring":192,"score":194,"targetMarket":197,"tier":198},{"qualityScore":8,"totalActivations":8,"uniqueUsers":8,"useCount":8,"verified":207},{"parentExtensionId":219,"repoId":242},{"_creationTime":254,"_id":242,"identity":255,"providers":256,"workflow":272},1777995558409.857,{"githubOwner":212,"githubRepo":213,"sourceUrl":224},{"discover":257,"github":261},{"sources":258},[259,260],"skills-sh","smithery",{"closedIssues90d":262,"forks":263,"homepage":264,"openIssues90d":265,"pushedAt":266,"readmeSize":267,"stars":268,"topics":269},83,2270,"https://code.claude.com/docs/en/plugins",480,1778039881000,1948,18631,[270,229,271],"claude-code","skills",{"discoverAt":273,"extractAt":274,"githubAt":274,"updatedAt":274},1777995558409,1778054455773,{"anyEnrichmentAt":244,"extractAt":245,"githubAt":246,"llmAt":210,"smitheryAt":244,"updatedAt":210},[],[278,314,337,359,391],{"_creationTime":279,"_id":280,"community":281,"display":282,"identity":295,"providers":299,"relations":306,"workflow":309},1777995627391.5356,"k177z2t3rfgaw0zrb7qprpnndh864r09",{"reviewCount":8},{"description":283,"installMethods":284,"name":285,"sourceUrl":286,"tags":287},"Data observability plugin - health monitoring, alerts, schema drift, freshness tracking",{},"AnomalyArmor Agents","https://github.com/anomalyarmor/agents",[288,229,18,289,290,291,292,293,15,294],"data-observability","alerts","freshness","schema-drift","data-quality","monitoring","pipeline",{"githubOwner":296,"githubRepo":297,"locale":22,"slug":298,"type":215},"anomalyarmor","agents","armor",{"extract":300,"llm":302,"smithery":305},{"commitSha":301},"7c56d4a0fc8feccdfa8e85cc11ff1010b18c3a89",{"promptVersionExtension":191,"promptVersionScoring":192,"score":303,"targetMarket":197,"tier":304},99,"verified",{"qualityScore":8,"totalActivations":8,"uniqueUsers":8,"useCount":8,"verified":207},{"parentExtensionId":307,"repoId":308},"k173vznv6dcx28h1c568068tnx864f8n","kd7966c5zsgty1d4tqde2rgz1n8658b1",{"anyEnrichmentAt":310,"extractAt":311,"githubAt":312,"llmAt":313,"smitheryAt":310,"updatedAt":313},1777995723550,1777995627391,1777995627861,1777995897177,{"_creationTime":315,"_id":316,"community":317,"display":318,"identity":328,"providers":330,"relations":335,"workflow":336},1778054452948.4253,"k1767a8yk98h8qcz0rkh7t64an867zws",{"reviewCount":8},{"description":319,"installMethods":320,"name":321,"sourceUrl":322,"tags":323},"Skills for designing and building MCP servers that work seamlessly with Claude. Guides you through deployment models (remote HTTP, MCPB, local), tool design patterns, auth, and interactive MCP apps.",{},"MCP Server Development Suite","https://github.com/anthropics/claude-plugins-official/tree/HEAD/plugins/mcp-server-dev",[229,324,325,326,18,327,15,215],"server","development","typescript","documentation",{"githubOwner":212,"githubRepo":213,"locale":22,"slug":329,"type":215},"mcp-server-dev",{"extract":331,"llm":332,"smithery":334},{"commitSha":234,"license":249},{"promptVersionExtension":191,"promptVersionScoring":192,"score":333,"targetMarket":197,"tier":304},98,{"qualityScore":8,"totalActivations":8,"uniqueUsers":8,"useCount":8,"verified":207},{"parentExtensionId":219,"repoId":242},{"anyEnrichmentAt":244,"extractAt":245,"githubAt":246,"llmAt":210,"smitheryAt":244,"updatedAt":210},{"_creationTime":338,"_id":339,"community":340,"display":341,"identity":351,"providers":353,"relations":357,"workflow":358},1778054452948.4272,"k179khyq4dvq0ytvdcepec984d8666wk",{"reviewCount":8},{"description":342,"name":343,"sourceUrl":344,"tags":345},"Comprehensive toolkit for developing Claude Code plugins. Includes 7 expert skills covering hooks, MCP integration, commands, agents, and best practices. AI-assisted plugin creation and validation.","Plugin Development Toolkit","https://github.com/anthropics/claude-plugins-official/tree/HEAD/plugins/plugin-dev",[325,346,17,297,271,229,347,348,349,350],"plugin-creation","cli","automation","guidance","best-practices",{"githubOwner":212,"githubRepo":213,"locale":22,"slug":352,"type":215},"plugin-dev",{"extract":354,"llm":355,"smithery":356},{"commitSha":234,"license":249},{"promptVersionExtension":191,"promptVersionScoring":192,"score":303,"targetMarket":197,"tier":304},{"qualityScore":8,"totalActivations":8,"uniqueUsers":8,"useCount":8,"verified":207},{"parentExtensionId":219,"repoId":242},{"anyEnrichmentAt":244,"extractAt":245,"githubAt":246,"llmAt":210,"smitheryAt":244,"updatedAt":210},{"_creationTime":360,"_id":361,"community":362,"display":363,"identity":375,"providers":379,"relations":384,"workflow":387},1778053078370.9028,"k17dwt2y8zcwbj9r1ccgc0mwvs867jac",{"reviewCount":8},{"description":364,"installMethods":365,"name":366,"sourceUrl":367,"tags":368},"Complete Claude Code plugin development system. PROACTIVELY activate when users want to: (1) Create/build plugins with 2025 features, (2) Add skills/commands/agents/hooks, (3) Validate plugin structure, (4) Publish to marketplace, (5) Get plugin development guidance. Provides: agent-first design patterns, progressive disclosure skills, hook automation, MCP integration, marketplace publishing. Includes plugin-expert agent and validation utilities.",{},"Plugin Master","https://github.com/josiahsiegel/claude-plugin-marketplace/tree/HEAD/plugins/plugin-master",[369,370,371,17,229,372,226,373,348,374],"plugin-development","agent","skill","commands","validation","devops",{"githubOwner":376,"githubRepo":377,"locale":22,"slug":378,"type":215},"josiahsiegel","claude-plugin-marketplace","plugin-master",{"extract":380,"llm":383},{"commitSha":381,"license":382},"a05d923c8a3551d4274eef152649583d693b9b67","MIT",{"promptVersionExtension":191,"promptVersionScoring":192,"score":303,"targetMarket":197,"tier":304},{"parentExtensionId":385,"repoId":386},"k1741p5y8fyyp90j4zdea56w61867nj3","kd75az366mhppxzk11c689vzen865qkv",{"anyEnrichmentAt":388,"extractAt":389,"githubAt":388,"llmAt":390,"updatedAt":390},1778053080008,1778053078370,1778053164925,{"_creationTime":392,"_id":393,"community":394,"display":395,"identity":407,"providers":409,"relations":412,"workflow":413},1778053078370.9038,"k17b5xsd2g2113z1wvtzcry55d866avy",{"reviewCount":8},{"description":396,"installMethods":397,"name":398,"sourceUrl":399,"tags":400},"Complete Git expertise for ALL operations with 2025 features (Git 2.49+, GitHub CLI 2.x). PROACTIVELY activate for: (1) ANY Git task, (2) Git 2.49+ features (git-backfill, path-walk API, reftables, sparse-checkout, worktrees), (3) Security (signed commits, zero-trust, secret scanning, CodeQL), (4) Trunk-Based Development, (5) GitHub CLI 2.x (Copilot CLI, model evaluations), (6) GitHub Actions 2025 (1 vCPU runners, immutable releases), (7) Modern workflows (monorepo, parallel development), (8) History rewriting/recovery. Provides: Git 2.49 git-backfill for partial clones, path-walk API, reftables migration, sparse-checkout (90% space reduction), worktrees, GitHub Copilot CLI, gh models eval, zero-trust security, signed commits (GPG/SSH), GitHub Actions 2025 features, automatic backups, safety guardrails, reflog recovery.",{},"Git Master Plugin","https://github.com/josiahsiegel/claude-plugin-marketplace/tree/HEAD/plugins/git-master",[401,402,374,347,403,404,15,405,406],"git","version-control","windows","bash","workflow","recovery",{"githubOwner":376,"githubRepo":377,"locale":22,"slug":408,"type":215},"git-master",{"extract":410,"llm":411},{"commitSha":381,"license":382},{"promptVersionExtension":191,"promptVersionScoring":192,"score":333,"targetMarket":197,"tier":304},{"parentExtensionId":385,"repoId":386},{"anyEnrichmentAt":388,"extractAt":389,"githubAt":388,"llmAt":390,"updatedAt":390}]