Search everything...

Stats

Actions

Available In

corso

Name: corso
Author: thelightarchitect

By theLightArchitect

CORSO — The DAWG. Security, operations, and standards enforcement via MCP tools

npx claudepluginhub thelightarchitect/corso

Popularity

Stars

Above avg

Med: 0·Avg: 280

Installs

Med: 0·Avg: 1

What's Inside

Agents2

C0RS0

/C0RS0

C0RS0 - The DAWG. Battle-hardened operational enforcer with Birmingham voice. Security watchdog, standards keeper, SAS precision. Use for security scans, research, performance analysis, or any conversation with C0RS0's personality. Examples: <example>C0RS0 scan this for vulnerabilities</example> <example>Talk to C0RS0 about this architecture</example> <example>Hey C0RS0, review this code</example>

TEAM-HELIX

/TEAM-HELIX

Squad consultation agent. Routes to /SCRUM (General Review Mode) for full 3-round squad reviews with EVA, CORSO, and Claude. Use when you want both opinions at once. Examples: <example>Get both EVA and C0RS0's take on this architecture</example> <example>TEAM HELIX review this plan</example> <example>What do EVA and C0RS0 think about this?</example>

Skills8

CHASE

/CHASE

Testing, Performance & Ops domain context. Test strategy inference, bottleneck detection, metrics selection, infrastructure analysis, and coverage enforcement. C0RS0 executes with corsoTools action chase.

CORSO

/CORSO

CORSO - The DAWG. Single entry point for all CORSO operations: personality/chat, C0RS0 Pack Build Cycle (SCOUT->FETCH->SNIFF->GUARD->CHASE->HUNT->SCRUM), security scanning, research, performance analysis, memory ops. Use when user says 'CORSO', '/CORSO', 'talk to CORSO', 'build with CORSO', or needs security audit, research, performance profiling, code generation, or CORSO's personality/opinions. Genesis Day February 4, 2026.

FETCH

/FETCH

Knowledge & Strategy domain context. Research scope classification, documentation source selection, decision factor analysis, and trade-off evaluation. C0RS0 executes with corsoTools action fetch (includes knowledge graph queries, formerly query_knowledge).

GUARD

/GUARD

Security & Deployment domain context. Threat model injection, language-specific threat detection, supply chain auditing, and deploy gate enforcement. C0RS0 executes with corsoTools action guard (includes path-based scanning, formerly security_scan).

HUNT

/HUNT

Internal phase 6 of the C0RS0 Pack Build Cycle. Accepts approved plan files, loads MANIFEST state, executes phases with HITL phase gates and feedback loops, enforces quality gates, and tracks progress via scratchpad. Supports session recovery and kill switch. Invoked by /CORSO — not a standalone entry point.

Hooks1

Event Hooks

Bash

File writes

8 hooks across 2 events

MCP Servers1

C0RS0

admin

Stats

Version4.0.0

ReleasedFeb 22, 2026

LanguageShell

Stars1

MaintenanceExcellent

LicenseAGPL-3.0

Last CommitMay 28, 2026

AddedMar 16, 2026

Actions

View on GitHub View README Plugin Marketplace JSON

Own this plugin?

Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).

Safety Signals

Critical

Admin access level

Server config contains admin-level keywords

Caution

Executes bash commands

Hook triggers when Bash tool is used

README

CORSO

Security-first MCP server for Claude Code. Scans your code for vulnerabilities, reviews pull requests, researches documentation, analyzes performance, and enforces quality gates — all through a single tool orchestrator.

Quick Start

# Install (macOS arm64)
curl -fsSL https://raw.githubusercontent.com/theLightArchitect/CORSO/main/install.sh | bash

# Add to Claude Code
claude mcp add C0RS0 -- ~/.corso/bin/corso

Restart Claude Code. You're done.

What You Get

Tool	What It Does	Try It
`guard`	Security scan — 4,997 vulnerability patterns (SQL injection, XSS, command injection, secrets, dependency CVEs)	"CORSO, scan this project for security issues"
`code_review`	Code review with standards enforcement (complexity, error handling, architecture)	"CORSO, review this file"
`fetch`	Multi-source research — documentation, knowledge graphs, decision analysis	"CORSO, research how to implement OAuth2 in Rust"
`chase`	Performance analysis — bottleneck identification, benchmarking, optimization	"CORSO, profile this function"
`scout`	Plan generation — requirements triage, architecture design, strategy	"CORSO, plan the implementation for this feature"

Plus 19 more tools (code generation, deployment, container management, log analysis, etc.) accessible through a single corsoTools orchestrator.

Requirements

macOS with Apple Silicon (M1/M2/M3/M4)
Claude Code CLI

macOS Security Note

The binary is ad-hoc signed. If macOS blocks it:

xattr -cr ~/.corso/bin/corso

Architecture

CORSO routes every request through a three-layer pipeline — zero HTTP, single binary, entirely in-process:

flowchart LR
    REQ([Request]) ==> GW["Gateway<br/>Input validation<br/>Complexity classification"]
    GW ==> OR["Orchestrator<br/>Domain routing<br/>Parallel execution"]
    OR ==> VL["Validator<br/>Quality enforcement<br/>Security scanning"]
    VL ==> RES([Response])

    OR -.-> D1["Code<br/>Domain"]
    OR -.-> D2["Security<br/>Domain"]
    OR -.-> D3["Knowledge<br/>Domain"]
    OR -.-> D4["Infrastructure<br/>Domain"]

    classDef pipeline fill:#4a90d9,color:#fff,stroke:#3a7bc8,stroke-width:2px
    classDef domain fill:#2d3436,color:#fff,stroke:#636e72,stroke-width:1px
    classDef io fill:#00b894,color:#fff,stroke:#009a7d,stroke-width:2px

    class GW,OR,VL pipeline
    class D1,D2,D3,D4 domain
    class REQ,RES io

Gateway classifies each request by complexity and sanitizes input. Orchestrator routes to domain-specialized modules — simple requests get direct handling, complex requests fan out to multiple domains in parallel. Validator enforces quality standards and runs security checks before any response leaves the pipeline. On failure, the validator denies by default (fail-secure).

Build Cycle

CORSO includes a 7-phase build pipeline with human-in-the-loop gates:

flowchart LR
    subgraph PLAN ["Phase 1 — Plan"]
        S(["Plan<br/>Requirements · Triage"])
        S --> PG1{"Gate"}
    end

    PG1 ==> F

    subgraph ANALYZE ["Phases 2–5 — Analyze"]
        F(["Research"]) --> SN(["Code Analysis"])
        SN --> G(["Security Scan"])
        G --> C(["Test · Perf"])
        G -.->|"issues found"| SN
    end

    C ==> PG2

    subgraph SHIP ["Phases 6–7 — Ship"]
        PG2{"Gate"} ==> H(["Execute"])
        H --> QG{"Quality<br/>Gate"}
        QG -->|pass| SC(["Review"])
        QG -.->|fail| H
    end

    classDef plan fill:#6c5ce7,color:#fff,stroke:#5a4bd6,stroke-width:2px
    classDef research fill:#0984e3,color:#fff,stroke:#0873c4,stroke-width:2px
    classDef code fill:#00b894,color:#fff,stroke:#009a7d,stroke-width:2px
    classDef security fill:#d63031,color:#fff,stroke:#b52828,stroke-width:2px
    classDef test fill:#e17055,color:#fff,stroke:#c45f48,stroke-width:2px
    classDef execute fill:#fdcb6e,color:#333,stroke:#dbb35e,stroke-width:2px
    classDef review fill:#a29bfe,color:#fff,stroke:#8b84e0,stroke-width:2px
    classDef gate fill:#2d3436,color:#fff,stroke:#636e72,stroke-width:2px

    class S plan
    class F research
    class SN code
    class G security
    class C test
    class H execute
    class SC review
    class PG1,PG2,QG gate

Plugin Structure

This repository is a Claude Code plugin. The MCP binary provides the tools; the plugin layer wires them into Claude Code's agent, hook, and skill systems.

View full README on GitHub

corso

Popularity

What's Inside

Confidence

README

CORSO

Quick Start

What You Get

Requirements

macOS Security Note

Architecture

Build Cycle

Plugin Structure

Similar Plugins

code-quality-expert

code-guardian

comprehensive-review

security-agent

code-quality-orchestrator

security-engineering

More by theLightArchitect

soul

quantum

eva

CORSO

Quick Start

What You Get

Requirements

macOS Security Note

Architecture

Build Cycle

Plugin Structure

Popularity

Health & Quality

More by theLightArchitect

soul

quantum

eva

Similar Plugins

code-quality-expert

code-guardian

comprehensive-review

security-agent

code-quality-orchestrator

security-engineering