CI/CD supply chain hardening for Rust projects — Trusted Publishing, SLSA provenance, Scorecard, cargo-deny, and more
npx claudepluginhub anthropics/claude-plugins-community --plugin gh-guardScan a Rust project and produce a supply chain security gap analysis
Check for outdated GitHub Action SHAs and CLI tool versions in deployed workflows
Generate a single supply chain security config file
Interactive wizard to generate missing supply chain security configs
Verify that generated supply chain configs are valid and functional
Cross-platform binary distribution for Rust — cargo-dist, cross, and manual CI matrix
Supply chain audits for third-party crates — human review attestation with cargo-vet
Automated changelog generation with git-cliff and conventional commits
Rust CI best practices — multi-job design, gate pattern, caching, SHA pinning
Three-layer dependency defense — cargo-deny, Dependabot, and osv-scanner
Coverage-guided fuzz testing for Rust — cargo-fuzz, corpus management, and CI integration
Shared hardening level detection algorithm — single source of truth for /audit, /harden, and migration-guide
Upgrade paths between hardening levels — detection, delta generation, and rollback
PR-based release flow with signed tags, branch protection compatibility, and CI polling
OpenSSF Scorecard — all 18 checks with Rust-specific implementation guidance
SARIF triage and response for CodeQL, Scorecard, cargo-deny, and Dependabot findings
SLSA L3 build provenance for Rust crates — three-job publish/provenance/release pipeline
OIDC-based Trusted Publishing for crates.io — eliminate long-lived API tokens
Multi-crate workspace publishing — ordering, Trusted Publishing, and release automation
Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.
Battle-tested Claude Code plugin for engineering teams — 38 agents, 156 skills, 72 legacy command shims, production-ready hooks, and selective install workflows evolved through continuous real-world use
Upstash Context7 MCP server for up-to-date documentation lookup. Pull version-specific documentation and code examples directly from source repositories into your LLM context.
Comprehensive startup business analysis with market sizing (TAM/SAM/SOM), financial modeling, team planning, and strategic research
Claude + Google Stitch workflow toolkit with MCP integration (prompt authoring, screen generation, design extraction)
Semantic search for Claude Code conversations. Remember past discussions, decisions, and patterns.