By salemaziel
AI-augmented Innovation & Development Workflow: V-Model phases from business analysis to security audit
Transforms business analyses into epics, features, and tech-agnostic success criteria. Creates handoff documents for the architect. Use this skill when the user mentions "Requirements", "RE", "Define Features", "Create Epics", "User Stories", "Requirements", "Success Criteria", "NFRs", "ASRs", "Acceptance Criteria", or similar. Also when a BA document exists and the next step is the formalization of requirements.
Brownfield entry point for the V-Model workflow. Reverse-engineers an existing codebase into the standard V-Model artifacts: plan-context.md, ADRs, arc42 snapshot, FEATURE inventory, backlog seed, and an evidence-based BA draft. Walks the V backwards from Coding up to Business Analysis, filling every step only with what can be proven from the code or the existing documentation. Every claim is sourced (path:line or doc section); nothing is invented. Use this skill when the user mentions "existing project", "legacy codebase", "reverse engineer", "import existing code", "brownfield", "we already have code", "onboard existing project", or when the user wants to enter the V-Model workflow but artifacts do not exist yet.
Performs a COMPREHENSIVE, formal security audit of an entire codebase and produces a written audit report (AUDIT-{PROJECT}-{DATE}.md) with prioritized findings (H/M/L) and a remediation plan. Covers SAST, OWASP Top 10, OWASP LLM Top 10, SCA (dependency analysis), Zero Trust validation, code quality. Takes 30+ minutes. TRIGGER ONLY when the user explicitly requests a formal full-codebase audit producing a report: "security audit", "OWASP audit", "full security review", "AUDIT-Report erstellen", "Codebase auditieren", "SCA audit", "dependency audit", "CVE audit", "Sicherheitsaudit". DO NOT trigger for: PR-level security checks (use the built-in security-review skill), one-off security questions, threat-modeling discussions without an audit report, individual finding fixes, or generic mentions of "secure" / "security".
Creates and manages unit tests and integration tests. Analyzes the existing codebase, auto-detects the test framework, and generates tests that follow project conventions. Use this skill when the user mentions "write tests", "unit tests", "integration tests", "test coverage", "testing", "tests missing", "TDD" or similar. Also after implementation when tests need to be created or updated.
Creates Architecture Decision Records (ADRs) in MADR format and arc42 documentation. Generates plan-context.md as the context bridge to Claude Code. Use this skill when the user mentions "architecture", "ADR", "arc42", "Architecture Decision", "tech stack", "solution design", "system design", "architecture review", "plan-context", or similar. Also when requirements exist and the next step is technical structuring. This skill creates PROPOSALS. Claude Code makes the final decisions based on the real state of the codebase.
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
When code costs almost nothing, the plan becomes the product.
A V-Model workflow that walks your AI coding assistant through Business Analysis, Requirements Engineering, Architecture, Coding, Testing, and a Security Audit, with quality-gated handoffs between every phase.
Full documentation: pssah4.github.io/digital-innovation-agents
Shipping code is a solved problem. What most teams still lack is evidence that the features they ship matter to a real user. Digital Innovation Agents pair a battle-tested innovation methodology with a state-of-the-art coding workflow, so your AI never builds the wrong thing at speed. Works across Claude Code, Cursor, Codex, OpenCode, Gemini CLI, and GitHub Copilot.
The project ships thirteen skills that run inside your AI coding
assistant. Six are V-Model phase skills (business analysis,
requirements engineering, architecture, coding, testing, security
audit). Two are entry-point skills for non-greenfield projects
(reverse engineering, dia-migration). One is the on-demand workflow
guide (/dia-guide). Four are foundation skills (project conventions,
consistency check, humanizer, dia-bootstrap). Every
phase skill owns one part of the V-Model, has its own quality gates,
and hands off a structured artifact to the next phase. The guide is
called separately whenever the user wants an orientation read.
Every decision stays traceable from a real user problem through
requirements, architecture, code, tests, and a security audit.
Three entry points cover greenfield, brownfield, and migration projects:
/business-analysis starts with structured discovery
(users, needs, insights, critical hypotheses) and walks forward
through the V-Model./reverse-engineering walks the V backwards over an
existing codebase and produces plan-context, ADRs, an arc42 snapshot,
a FEATURE inventory, a backlog seed, and an evidence-based BA draft.
Every claim is sourced to a file path or doc section. Nothing invented./dia-migration brings an older DIA project (v1) or a
pre-existing V-Model variant up to current conventions: cleans
status drift, normalises ID schemas, flattens analysis/, regenerates
the backlog as single source of truth.The BA and RE agents ship a catalog of 32 innovation methods (qualitative interviews, extreme users, fly on the wall, cultural probes, persona synthesis, stakeholder maps, jobs to be done, brainwriting, TRIZ, wizard of oz, pre-mortem, value proposition quantification, and more) organised as method cards in the docs.
During a BA or RE session, when your answers go thin, the agent stops the interview and proposes the matching field method with a one-page card: what it produces, when to reach for it, how to run it, team and time, things that go wrong, and what to bring back to the session. The actual research work stays human-to-human: interviews with real users, observations in the real context, prototypes on real hands. The agent's job is to spot the gap and pick the right method, not to replace the work.
Pick your platform. Each installer drops the same thirteen skills with the same templates and quality gates into your tool of choice.
/plugin lives in the Claude Code CLI, not in the VS Code or
JetBrains extensions. If claude --version returns
command not found, install the CLI first:
curl -fsSL https://claude.ai/install.sh | bash # official installer
# or: brew install --cask claude-code # macOS Homebrew
# or: npm install -g @anthropic-ai/claude-code # any OS with Node
Reopen your shell (source ~/.zshrc or ~/.bashrc), then install the
plugin:
claude
/plugin marketplace add https://github.com/pssah4/digital-innovation-agents.git
/plugin install digital-innovation-agents@pssah4-skills
Type / in any new session to see the skills in autocomplete. The
dia-bootstrap skill loads automatically at session
start as a brief orientation.
Design workflow for coding agents: discovery, research, strategy, inclusive design, critique, and handoff — enforced automatically
Evidence-driven development pipeline with multi-model code review
Unified CLI-agent orchestrator. Drives Claude Code, OpenAI Codex, Google Gemini, GitHub Copilot, and Qwen Code CLIs in two modes: persistent tmux worker teams (omc-teams style) and one-shot multi-AI fleet dispatch / debate / review (claude-octopus style). Self-contained — no dependency on omc or octo.
Complete WordPress development and automation toolkit for Claude Code - includes Docker/Playground environments, white-labeling with FREE plugins, SEO optimization, visual QA, performance optimization, and slash commands for rapid site setup.
v9.44.0 — Patch release for cursor-agent smoke checks in untrusted workspaces. Run /octo:setup.
npx claudepluginhub salemaziel/digital-innovation-agentsMatt Pocock's agent skills for real engineering — grilling, spec/ticket flows, TDD, code review, domain modelling and more. Plug-and-play, not vibe coding.
Core skills library for Claude Code: TDD, debugging, collaboration patterns, and proven techniques
The most comprehensive Claude Code plugin — 14+ agents, 56+ skills, 33+ commands, and production-ready hooks for TDD, security scanning, code review, and continuous learning
Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.
Reliable automation, in-depth debugging, and performance analysis in Chrome using Chrome DevTools and Puppeteer
Lazy senior dev mode. Forces the simplest, shortest solution that actually works: YAGNI, stdlib first, no unrequested abstractions.