Thermo-nuclear branch review: deep correctness and security audits plus harsh code-quality rubrics, parallel subagents, code-review-expert orchestration, and optional take-the-wheel and FSD merge-ready flows.
Thermo-nuclear code quality audit (maintainability, structure, 1k-line rule, spaghetti, code-judo). Invoked via Task after a parent gathers diff and file contents. Loads rubric from the thermo-nuclear-code-quality-review skill in the Code Review Expert plugin.
Thermo-nuclear branch audit (bugs, breaking changes, security, devex, feature-flag leaks) scoped to the diff. Invoked via Task after a parent gathers diff and file contents. Loads rubric from the thermo-nuclear-review skill in the Code Review Expert plugin.
Adversarial code review where the reviewer plays a senior/expert software engineer who owns and deeply knows this codebase, reviewing a Pull Request as if it was opened by a junior developer. Ships sensible defaults but offers interactive configuration: which model the reviewer uses, criticality/severity threshold, whether to post inline PR comments and then resolve them, review scope (working diff, staged, branch-vs-main, or a GitHub PR number), and optional auto-fix. Use when the user runs /code-review-adversary, says "review this PR as a senior", "adversarial review", "review as if I'm a junior", "revisa como sênior", "revisa essa PR com rigor", or wants a strict expert-grade review with mentoring feedback.
Launch both thermo-nuclear review subagents in parallel, then synthesize their findings. Use for code-review-expert, double thermo review, or combined bug/security and code-quality branch audits.
Run an extremely strict maintainability review for abstraction quality, giant files, and spaghetti-condition growth. Use for a thermo-nuclear code quality review, thermonuclear review, deep code quality audit, or especially harsh maintainability review.
Comprehensive security and correctness audit of a branch's changes. Use for thermo nuclear, thermonuclear, or deep review requests, or branch/PR diff audits focused on bugs, breaking changes, security issues, devex regressions, and feature-gate leaks.
Uses power tools
Uses Bash, Write, or Edit tools
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
Build, Launch, and Scale with AI-Native Architecture.
Lemon AI Hub is a centralized and optimized repository to manage AI Skills and Plugins across different local agents (Claude Code, Codex, OpenCode, Agy). It is the technical foundation of the Lemon.dev ecosystem, designed by Anderson Lima to help founders and developers bridge the gap between AI-generated code and production-ready products.
This project is based on and inspired by Peter Steinberger's pattern (steipete/agent-scripts), but structured with a focus on .claude and shared with other providers via transparent symbolic links.
The best code is invisible—it works, scales, and converts. Lemon AI Hub embodies this by providing:
This repository ships a marketplace manifest (.claude-plugin/marketplace.json) so you can install its plugins directly inside Claude Code.
Inside a Claude Code session, run the slash command:
/plugin marketplace add Andersonlimahw/lemon-ai-hub
Open the interactive installer, or install a plugin by name using the plugin@marketplace syntax:
/plugin # browse the catalog UI
/plugin install spotify-squad@lemon-ai-hub
/plugin install agentic-value-loops@lemon-ai-hub
| Plugin | Description |
|---|---|
a11y-audit | WCAG 2.1 AA/AAA accessibility audit for web components, pages, and apps. Detects contrast failures, missing ARIA labels, keyboard trap issues, focus order problems, and screen-reader gotchas. Use when user wants to audit accessibility, fix a11y warnings, prepare for compliance review, or validate UI against WCAG standards. |
a11y-guardian | Accessibility guardian plugin. Continuous WCAG 2.1 AA/AAA compliance monitoring for web projects. Integrates static analysis of React/Vue/HTML components, contrast ratio checks, ARIA validation, keyboard navigation audit, and generates actionable HTML reports. Pairs with a11y-audit skill. |
agent-sdk-dev | A comprehensive plugin for creating and verifying Agent SDK applications in Python and TypeScript. |
agentic-value-loops | Agentic Value Loops plugin — Continuous improvement engine that ships verified increments with constant quality. Includes loops for Feature Development, Maintenance & Security, Documentation Sync, and AI Tuning. |
ai-workspace-orchestrator | Project and workspace AI setup orchestrator. Builds AGENTS.md/CLAUDE.md contracts, optional global or project skills, Spotify Squad-style agent/subagent topology, and adversarial setup review for single apps, monorepos, and multi-domain workspaces. |
api-test-loop | API Test Loop plugin — Automated REST API validation loop. Executes HTTP requests via CURL, logs findings for REST best practices (method, input/output format, security, performance, docs), and implements backend fixes. |
app-store-connect-api | Apple Store Connect API Expert Agent and Skills. Provides comprehensive tools and knowledge for interacting with the App Store Connect API, covering domains like TestFlight, In-app purchases, Subscriptions, App management, and Provisioning. |
apple-store-release-agent | AI release agent for the Apple App Store. Audits Expo/React Native iOS builds, App Store metadata, App Privacy readiness, TestFlight, RevenueCat/IAP, Firebase, i18n parity, screenshots, and review notes, then emits a GO/GO_WITH_WARNINGS/NO_GO decision with full risk + privacy + IAP reports. Never submits to App Review or alters the store without explicit human approval. Generic core with presets for Expo/RN/Firebase/RevenueCat apps. |
async-advisor | Async and concurrency static analysis plugin. Scans TypeScript/JavaScript codebases for race conditions, unbounded Promise.all, missing AbortController, swallowed rejections, and N+1 async patterns. Runs as a pre-commit hook or CI check and provides inline fix suggestions. |
async-patterns | Async and concurrency pattern advisor for JavaScript/TypeScript, Python, Go, and Rust. Identifies race conditions, missing error handling in promise chains, N+1 async anti-patterns, unbounded parallelism, and missing cancellation. Recommends correct patterns: Promise.all, p-limit, AbortController, AsyncLocalStorage, worker threads. Use when async code has bugs, timeouts, or memory leaks. |
npx claudepluginhub andersonlimahw/lemon-ai-hub --plugin code-review-expertIncident response runbooks, on-call workflows, and postmortem templates. Generates severity-tiered runbooks, communication templates, timeline reconstruction, and blameless postmortem docs. Use when user is in an incident, doing on-call prep, writing a postmortem, or building incident response playbooks.
Load testing setup, execution, and analysis with k6, Artillery, or Locust. Generates test scripts, defines VU ramp-up scenarios, interprets p99 latency and error rate results, and suggests infrastructure fixes. Use when user wants to load test an API, check throughput limits, validate SLO headroom, or diagnose performance under traffic.
Database index optimization advisor for PostgreSQL, MySQL, and SQLite. Analyzes slow queries, missing indexes, unused indexes, and over-indexed tables. Generates CREATE INDEX statements with EXPLAIN ANALYZE estimates. Use when queries are slow, p99 DB latency spikes, or when reviewing a new schema.
AI release agent for Google Play Store: audits Android/Expo/React Native/Firebase/RevenueCat before submission. Validates build readiness (app.json, eas.json, AAB, versionCode), Play Console metadata, Data Safety Form, Android permissions, RevenueCat/IAP, i18n parity (PT/EN/ES), policy-risk copy, internal/closed testing and staged rollout. Generates reports + GO/NO-GO checklist. Never publishes or rolls out without explicit human approval. Use when preparing an Android app for Google Play, auditing a submission, generating release notes, validating Data Safety or permissions, or running a release go/no-go.
>
Security review for generated code including pattern warnings, diff review, and agentic commit review.
Comprehensive code review skill with 53 specialized agents for architecture, code quality, error handling, types, comments, tests, accessibility, localization, concurrency, performance, simplification, security, and platform-specific reviews (iOS, macOS, Android, Angular, TypeScript, Next.js, Vue.js, Python, Django, Ruby, Rust, Go, Rails, Flutter, Java/Spring Boot, C#/.NET, PHP/Laravel, C/C++, React Native, Svelte/SvelteKit, Elixir/Phoenix, Kotlin Server, Scala, Terraform, Shell/Bash, Docker, Kubernetes, GraphQL, GitHub Actions) with automatic platform detection and confidence scoring.
Universal quality control orchestrator and final authority for any software development project. Dynamically discovers and coordinates with available sub-agents, performs comprehensive multi-dimensional quality assessment, security validation, and deployment readiness verification. Adapts to any project type, programming language, or development framework while maintaining enterprise-grade quality standards. Examples: <example>Context: Code changes ready for review across any project. user: 'Please review this code before commit' assistant: 'I'll use the 1-ceo-quality-control-agent to orchestrate comprehensive quality validation, discover available specialists, and perform final security scanning before approval.' <commentary>Universal quality control requires comprehensive validation across all dimensions regardless of project type.</commentary></example> <example>Context: Multi-agent work completion needing validation. user: 'Several agents completed their tasks, need quality review' assistant: 'Let me engage the 1-ceo-quality-control-agent to coordinate comprehensive validation across all completed work and ensure quality standards.' <commentary>Multi-agent coordination and quality validation applies to any development project.</commentary></example>
Conducts multi-axis code review before merging any change. Use when reviewing code written by yourself, another agent, or a human, to assess quality across multiple dimensions before it enters the main branch.
Expert code review specialist. Proactively reviews code for quality, security, and maintainability. Use immediately after writing or modifying code.
24 parallel audit agents + 6 workflow skills for Claude Code. Complete E2E development workflow for solo devs.