Composable, multi-language, TDD-first clean code enforcement system. Orchestrates 17 check sub-skills across TypeScript, JavaScript, Python, Go, and Rust.
npx claudepluginhub mikecubed/agent-orchestration --plugin clean-code-codexAccessibility pattern enforcement for TypeScript (TSX) and JavaScript (JSX). Detects missing alt text, non-semantic HTML, absent ARIA roles, keyboard-inaccessible interactive elements, and click-only event handlers. Wired into the conductor's review operation.
Enforces architectural boundary rules (ARCH-1 through ARCH-6). Loaded by the conductor for review, refactor, and new-service operations. Detects layer violations, circular imports, and missing public API declarations. Architecture boundaries are language-agnostic — no language reference files needed.
Core orchestrator for Clean Code Codex enforcement. Auto-invoked when writing, reviewing, refactoring, or testing code in TypeScript, Python, Go, Rust, or JavaScript. Detects language, routes to targeted check sub-skills, enforces the TDD gate on write operations, and runs a Boy Scout check at session end. Do NOT invoke for documentation-only edits, configuration files (JSON/YAML/TOML), or non-code content. (Exception: IaC files such as Terraform HCL, CloudFormation YAML/JSON, and Kubernetes manifests should be passed to the conductor with the `security` or `review` operation to trigger `iac-check`.)
Context hygiene enforcement. Detects stale or absent session state, exceeded failed-hypothesis budgets, and missing codebase briefs before non-trivial implementation tasks. Wired into the conductor's write and review operations.
Enforces dead code elimination rules (DEAD-1 through DEAD-5). Loaded by the conductor for review, refactor, and cleanup operations. Detects commented-out code, unused exports, orphaned files, unlinked TODOs, and stub/placeholder functions. References scripts/lint_dead_code.py for export and orphan detection.
Enforces dependency health rules (DEP-1 through DEP-5). Loaded by the conductor for dependency update operations and CI full-check runs. Detects known vulnerabilities, version lag, unused dependencies, misclassified dev/prod dependencies, and unpinned production versions. Invokes scripts/dep_audit.sh for automated vulnerability scanning. Activated by: "check dependencies", "update deps", "CVE", "vulnerability scan", "npm audit".
Documentation coverage enforcement for TypeScript, JavaScript, Python, and Go. Detects missing JSDoc/docstrings on exported symbols, misleading or stale inline comments, and absent README files in new packages. Does not overlap with dead-check (commented-out code). Wired into the conductor's review operation.
Internationalization enforcement for TypeScript, JavaScript, and Python. Detects hardcoded user-visible strings, locale-unaware date/number/currency formatting, and missing translation keys. Wired into the conductor's review and write operations.
Enforces IaC security rules (IAC-1 through IAC-5). Loaded by the conductor for security audits and review operations on infrastructure-as-code files. Detects public storage buckets, containers running as root, missing encryption-at-rest, wildcard IAM policies, and exposed ports in security groups. Supports Terraform HCL, CloudFormation YAML/JSON, and Kubernetes manifests; other dialects are skipped gracefully.
Enforces naming convention rules (NAME-1 through NAME-7). Loaded by the conductor for write and review operations. Detects meaningless names, incorrect boolean prefixes, misleading names, abbreviations, and naming inconsistencies. Loads references/{language}.md for language-specific casing conventions before checking.
Enforces observability rules (OBS-1 through OBS-5). Loaded by the conductor for review, incident response, and new service scaffolding. Detects empty catch blocks, unstructured logging, missing endpoint tracing, absent health checks, and vague error messages. Activated by: "incident", "on call", "debugging production", "empty catch", "logging", "observability", "health check".
Enforces performance rules (PERF-1 through PERF-3). Loaded by the conductor for review operations. Detects N+1 query patterns, unbounded loops over large collections, and missing pagination on list endpoints using static analysis.
Static resilience-pattern analysis. Detects missing retry/backoff, absent circuit breakers, unbounded timeouts, and missing deadline propagation in TypeScript, JavaScript, Python, and Go. Wired into the conductor's review and write operations.
Enforces security rules (SEC-1 through SEC-7). Loaded by the conductor for security audits, PR/code reviews, incident response, and new service scaffolding. Detects hardcoded secrets, insecure credential handling, XSS vectors, SQL injection, gitignore gaps, stale credentials, and CORS misconfigurations. Invokes scripts/scan_secrets.sh for automated scanning. Activated by: "security audit", "check for secrets", "vulnerabilities", "hardcoded key", "SQL injection", "review".
Enforces code size and complexity rules (SIZE-1 through SIZE-6). Loaded by the conductor for write, review, and refactor operations. Detects oversized functions, files, deep nesting, long parameter lists, flag arguments, and God classes. Size thresholds are language-agnostic — no language reference files needed.
Enforces Test-Driven Development rules (TDD-1 through TDD-9). Loaded by the conductor for write, refactor, and test operations. Blocks implementation-first code production, enforces Red-Green-Refactor cycle, and monitors test quality and coverage ratios. Load the matching references/{language}.md for language-specific test framework defaults.
Enforces test quality rules (TEST-1 through TEST-8). Loaded by the conductor for review and test operations. Detects weak assertions, insufficient coverage, missing property tests, slow unit tests, I/O in unit tests, missing boundary conditions, and test ratio imbalances. Complements tdd-check (workflow enforcement) by enforcing the quality of tests that already exist.
Enforces type-safety rules (TYPE-1 through TYPE-6). Loaded by the conductor for write and review operations. Blocks use of escape-hatch types, unsafe assertions, and missing exhaustive pattern matching. Loads references/{language}.md for language-specific tooling and rule applicability.
AI-native product management for startups. Transform Claude into an expert PM with competitive research, gap analysis using the WINNING filter, PRD generation, and GitHub Issues integration.
Comprehensive UI/UX design plugin for mobile (iOS, Android, React Native) and web applications with design systems, accessibility, and modern patterns
Intelligent prompt optimization using skill-based architecture. Enriches vague prompts with research-based clarifying questions before Claude Code executes them