SAST analysis, dependency vulnerability scanning, OWASP Top 10 compliance, container security scanning, and automated security hardening
Implement comprehensive security hardening with defense-in-depth strategy through coordinated multi-agent orchestration:
Static Application Security Testing (SAST) for code vulnerability analysis across multiple languages and frameworks
You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across multiple ecosystems to identify vulnerabilities, assess risks, and provide automated remediation strategies.
Expert security auditor specializing in DevSecOps, comprehensive cybersecurity, and compliance frameworks. Masters vulnerability assessment, threat modeling, secure authentication (OAuth2/OIDC), OWASP standards, cloud security, and security automation. Handles DevSecOps integration, compliance (GDPR/HIPAA/SOC2), and incident response. Use PROACTIVELY for security audits, DevSecOps, or compliance implementation.
Expert in threat modeling methodologies, security architecture review, and risk assessment. Masters STRIDE, PASTA, attack trees, and security requirement extraction. Use PROACTIVELY for security architecture reviews, threat identification, or building secure-by-design systems.
Build comprehensive attack trees to visualize threat paths. Use when mapping attack scenarios, identifying defense gaps, or communicating security risks to stakeholders.
Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning, implementing DevSecOps practices, or automating code vulnerability detection.
Derive security requirements from threat models and business context. Use when translating threats into actionable requirements, creating security user stories, or building security test cases.
Apply STRIDE methodology to systematically identify threats. Use when analyzing system security, conducting threat modeling sessions, or creating security documentation.
Map identified threats to appropriate security controls and mitigations. Use when prioritizing security investments, creating remediation plans, or validating control effectiveness.
Uses power tools
Uses Bash, Write, or Edit tools
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
Internal AI development toolkit with 108 specialized agents and 140 skills for accelerated software development.
Prima Delivery provides a comprehensive collection of AI-powered development tools organized into focused, single-purpose components:
| Component | Count | Description |
|---|---|---|
| Agents | 108 | Specialized AI assistants for specific domains |
| Skills | 140 | Modular knowledge packages with progressive disclosure |
| Plugins | 72 | Workflow bundles combining agents, skills, and commands |
Install using OpenPackage for multi-platform support (Copilot, OpenCode, Claude Code, Cursor, Windsurf, and more):
# Install OpenPackage CLI
npm install -g opkg
# Install full toolkit (all 72 plugins)
opkg install gh@esimplicityinc/prima-delivery
# Install specific plugins
opkg install gh@esimplicityinc/prima-delivery --plugins debugging-toolkit
opkg install gh@esimplicityinc/prima-delivery --plugins python-development backend-development
# Install specific agents only
opkg install gh@esimplicityinc/prima-delivery --agents docs-architect code-reviewer
# Install to global scope (user-wide)
opkg install gh@esimplicityinc/prima-delivery -g
Supported Platforms:
Add Prima Delivery agents to your GitHub Copilot setup:
# Copy Copilot instructions to your project
cp .github/copilot-instructions.md /path/to/your/project/.github/
# Or copy individual agent files
cp -r .github/agents/ /path/to/your/project/.github/agents/
Copy the .opencode/ directory to your project root:
cp -r .opencode/ /path/to/your/project/
Or install globally:
cp -r .opencode/ ~/.config/opencode/
Structure:
.opencode/
├── agents/ # 108 agent markdown files
├── skills/ # 140 skill directories
├── commands/ # Custom slash commands
└── plugins/ # TypeScript plugins
Add the marketplace to your Claude Code installation:
/plugin marketplace add [internal-path]/prima-delivery
Install specific plugins:
/plugin install python-development
/plugin install backend-development
/plugin install security-scanning
backend-architect - API design, microservices, database schemasfrontend-developer - React, responsive layouts, state managementdatabase-architect - Schema design, technology selection, optimizationpython-pro, typescript-pro, golang-pro, rust-projava-pro, csharp-pro, ruby-pro, php-proc-pro, cpp-pro, elixir-pro, haskell-procloud-architect - AWS/Azure/GCP infrastructurekubernetes-architect - Container orchestration, GitOpsterraform-specialist - Infrastructure as Codedeployment-engineer - CI/CD pipelinescode-reviewer - Code review with security focussecurity-auditor - Vulnerability assessment, OWASPtest-automator - Unit, integration, e2e testingperformance-engineer - Profiling, optimizationai-engineer - LLM applications, RAG systemsml-engineer - ML pipelines, model servingdata-scientist - Analysis, modeling, BigQuerydata-engineer - ETL, data warehousesdocs-architect - Technical documentationapi-documenter - OpenAPI/Swagger specstutorial-engineer - Step-by-step guidesSkills provide specialized knowledge that agents can load on-demand:
async-python-patterns - AsyncIO, concurrencytypescript-advanced-types - Generics, type inferencerust-ownership-patterns - Memory safety, borrowingkubernetes-manifest-patterns - K8s configurationsterraform-module-library - IaC templatesistio-traffic-management - Service meshrag-implementation - Retrieval-augmented generationprompt-engineering-patterns - LLM optimizationlangchain-architecture - LLM application frameworksView complete skills reference
# Development
/plugin install python-development # Python with 5 skills
/plugin install javascript-typescript # JS/TS with 4 skills
/plugin install backend-development # APIs with 3 skills
# Infrastructure
/plugin install kubernetes-operations # K8s with 4 skills
/plugin install cloud-infrastructure # Cloud with 4 skills
npx claudepluginhub p/esimplicityinc-security-scanning-plugins-security-scanningAgent and skill creation, diagnosis, and maintenance. Build new agents through guided workflows and fix misbehaving agents with evidence-based analysis.
Git workflow automation, pull request enhancement, and team onboarding processes
Code cleanup, refactoring automation, and technical debt management with context restoration
Database architecture, schema design, and SQL optimization for production systems
Multi-agent system optimization, agent improvement workflows, and context management
Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.
Harness-native ECC operator layer - 67 agents, 278 skills, 94 legacy command shims, reusable hooks, rules, selective install profiles, and production-ready workflows for Claude Code, Codex, OpenCode, Cursor, and related agent harnesses
Access thousands of AI prompts and skills directly in your AI coding assistant. Search prompts, discover skills, save your own, and improve prompts with AI.
Consult multiple AI coding agents (Gemini, OpenAI, Grok, Perplexity, plus codex, antigravity, and grok CLIs when installed) to get diverse perspectives on coding problems
Complete developer toolkit for Claude Code
Production-grade engineering skills for AI coding agents — covering the full software development lifecycle from spec to ship.