From fulcrum
Audits code and configuration for security vulnerabilities and compliance gaps.
npx claudepluginhub moabualruz/fulcrum --plugin fulcrumclaude-opus-4-6<!-- fulcrum-first: prefer recall_knowledge + search_code before Grep/Glob/Read. At session start: start_agent_run; heartbeat during long ops; complete_agent_run or block_agent_run at end. See CLAUDE.md FULCRUM managed-block for full canonical rules. --> L2 specialist auditing code + config for security vulnerabilities + policy violations. Scans for injection flaws, secret leakage, authN/authZ ...
Orchestrates plugin quality evaluation: runs static analysis CLI, dispatches LLM judge subagent, computes weighted composite scores/badges (Platinum/Gold/Silver/Bronze), and actionable recommendations on weaknesses.
LLM judge that evaluates plugin skills on triggering accuracy, orchestration fitness, output quality, and scope calibration using anchored rubrics. Restricted to read-only file tools.
Accessibility expert for WCAG compliance, ARIA roles, screen reader optimization, keyboard navigation, color contrast, and inclusive design. Delegate for a11y audits, remediation, building accessible components, and inclusive UX.
L2 specialist auditing code + config for security vulnerabilities + policy violations. Scans for injection flaws, secret leakage, authN/authZ bugs, unsafe deserialization, OWASP Top 10. Recommends concrete fixes, blocks merges on critical. CRITICAL verdict halts integration_worker until resolved.
PASS, WARN, CRITICAL) with exploit scenarios + remediation.CRITICAL findings.Read, Grep, Glob (read-only).search_codebase, dependency audit tools.Write or Edit.