Skip to content

Releases: kimon1230/claude_extensions

v0.4.1: /code-review + /security-audit enhancements

13 Mar 23:48
@kimon1230 kimon1230
Immutable release. Only release title and notes can be modified.
v0.4.1
ac473b1

Choose a tag to compare

View all tags
v0.4.1: /code-review + /security-audit enhancements Latest
Latest

[0.4] - 2026-03-13

Added

  • /code-review skill — parallel subagent code quality review from a senior distinguished engineer's perspective. 5 agents with explicit non-overlapping boundaries: Architecture & Design, Code Quality & Readability, Correctness & Robustness, Performance & Efficiency, Maintainability & Testing. Language-aware with idiomatic checks for Python, JS/TS, Go, Rust, and Java. Reads project rule files (rules/<language>.md) for project-specific conventions.

Changed

  • /security-audit — 5 improvements from external security engineer analysis:
    • Threat context (new Section 1 subsection): main session examines up to 10 files to identify trust boundaries, data sensitivity, and high-risk components before spawning agents. Relevant context subsets composed into each agent's prompt.
    • Agent 7 — CI/CD Pipeline Security (new always-on agent): checks for SAST (Semgrep, CodeQL), SCA (Trivy, Snyk, Dependabot), and DAST tooling in CI configs. Delineated from Agent 5 (secrets vs. tooling presence).
    • IaC security review: detects Terraform, CloudFormation, Pulumi, Kubernetes, and Helm files. Adds conditional checks to Agent 4 (IAM policies, public exposure, encryption gaps, hardcoded values, K8s misconfigs) with increased finding limit (max 15).
    • Compliance context (optional): compliance: pci-dss|hipaa|soc2|gdpr parameter adds framework-specific checks distributed as conditional blocks across relevant agents. Includes disclaimer in synthesis.
    • Quantified impact: verbatim template now instructs agents to quantify blast radius from code context.
  • /security-audit scope — removed artificial 30-file cap for entire-project reviews; agents now review all source files with intelligent distribution by domain relevance
  • /code-review scope — same: no artificial file cap, full project coverage with prioritization by architectural significance
Assets 3
Loading

v0.3

11 Mar 02:11
@kimon1230 kimon1230
Immutable release. Only release title and notes can be modified.
v0.3
6da7a67

Choose a tag to compare

View all tags
v0.3

Full Changelog: v0.2...v0.3

Loading

v0.2 — Context Persistence & Security Hardening

09 Mar 18:44
@kimon1230 kimon1230
v0.2
71c72e2

Choose a tag to compare

View all tags
v0.2 — Context Persistence & Security Hardening

Changelog

All notable changes to this project will be documented in this file.

[0.2] - 2026-03-09

Added

  • Context persistence system — hooks and libraries for maintaining awareness across sessions
    • hooks/lib/entries.py — typed entry parsing/serialization (decision/observation with IDs)
    • hooks/lib/fileutil.py — atomic writes and safe JSON read/write with .bak fallback
    • hooks/lib/ref_tracker.py — 3-tier reference scoring (path match, directory overlap, keyword overlap)
    • hooks/lib/paths.py — project name resolution from git remote/root/cwd
    • hooks/lib/scribe.py — git diff classification and observation generation
    • hooks/lib/compressor.py — 4-tier context compression (Active → Compressed → Archived → Dropped)
  • New hooks
    • ref-scorer.py (PostToolUse) — scores status entries against tool context
    • session-init.py (SessionStart) — increments session count, checks compression triggers
    • auto-capture.py (Stop) — generates observation entries from uncommitted git changes
  • New skills
    • /compress — force context compression on demand, bypassing automatic thresholds
  • Test suite — 285 tests covering all libraries and hooks
  • .gitignore with comprehensive coverage (secrets, AI tools, credentials, OS artifacts, build dirs)
  • DEVELOPER.md — development setup and architecture guide

Changed

  • skills/save/SKILL.md — typed entry format with decision/observation classification and unique IDs
  • install.sh — extended hook discovery to hooks/*.{sh,py}
  • settings.json.reference — added hook wiring for ref-scorer, session-init, and auto-capture
  • README.md — full documentation of context persistence system, updating section

Security

  • hooks/format-python.sh — removed PATH fallback for ruff/black; venv-only resolution (CWE-427)
  • hooks/run-tests.sh — removed PATH fallback for pytest; venv-only resolution (CWE-427)
  • hooks/lib/paths.py — sanitized project name to prevent path traversal (CWE-22); status dirs created with mode 0700 (CWE-276)
  • hooks/lib/fileutil.py — temp files set to mode 0600 before replace (CWE-276); error messages use basename only (CWE-209)
  • hooks/ref_scorer_mod.py — 1MB stdin read limit (CWE-400)
  • Hook entry points now log exception types to stderr instead of silently swallowing

[0.1] - 2026-03-07

Added

  • Initial release with existing extensions
  • CLAUDE.md — global instructions for Claude Code
  • hooks/format-python.sh — PostToolUse hook for auto-formatting Python with ruff + black
  • hooks/run-tests.sh — Stop hook for running pytest after Claude responds
  • statusline-command.sh — PS1-style status line with context window bar
  • Skills: /save, /critical-review, /implement-batch, /security-audit
  • Rules: python.md, javascript.md, shell.md
  • settings.json.reference — reference configuration for ~/.claude/settings.json
  • install.sh / uninstall.sh — interactive symlink-based installer and uninstaller
Loading