By thermiteau
Orchestrate autonomous AI agents to manage GitHub issues, enforce coding standards, run security audits, and generate documentation without manual oversight.
Autonomous code reviewer that performs two-stage review — spec compliance first, then code quality (correctness, test coverage, maintainability). Security is out of scope; do-cybersecurity-review handles that as a mandatory pre-push gate. Dispatched after completing implementation steps or before creating PRs.
Takes a solution design and produces an ordered task list. Dispatched by do-issue-solo and do-issue-guided as a subagent so that planning does not consume the caller's context window.
Reads a GitHub issue, explores the codebase, and produces a solution design. Dispatched by do-issue-solo and do-issue-guided as a subagent so that codebase exploration does not consume the caller's context window.
Reviews Claude Code session activity and git diffs to identify missed opportunities, duplicated code, and quality issues.
Autonomous technical documentation writer. Dispatched when documentation needs to be created or updated — architecture, services, data flows, design decisions, or technology choices. Produces professional markdown with Mermaid diagrams.
Scan a project for missing best-practice areas and implement the top recommendation for each gap (linting, unit testing) — installs tools, writes configs, verifies, and commits. Pass 'recommend' to stop after writing recommendations without implementing (replaces the old do-recommend skill).
Implement a focused code change. Use this skill as the wrapper for any implementation work so the Maverick workflow report captures what was done and so the agent applies the project's coding standards before editing. Intended to be invoked once per task from inside a do-issue-* or do-epic phase, not standalone.
Audit a codebase for security risks in one of two modes. In full-audit mode it scans the entire codebase and writes a findings report to docs/security-audit.md (run as part of do-init or on demand). In update mode it reviews only a diff plus the code it could impact, returning a structured findings list as a pre-push gate for do-issue-solo and do-issue-guided. Covers secrets exposure, dependency vulnerabilities, authentication and authorisation patterns, input validation, transport security, and common OWASP risks.
Create, restructure, or update technical documentation. Handles greenfield projects, refactoring non-compliant docs, and incremental updates after code changes.
Work on a multi-story GitHub epic end-to-end. Builds a DAG from the child stories, groups them into waves, runs waves in parallel via per-story worktrees, ejects PRs that fail agent-code-review for human handling, and propagates blocks to downstream stories. Requires git worktrees.
Executes bash commands
Hook triggers when Bash tool is used
Modifies files
Hook triggers on file write and edit operations
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
Uses power tools
Uses Bash, Write, or Edit tools
Uses power tools
Uses Bash, Write, or Edit tools
Claude Code tooling to build software right
Explore the docs
·
Report Bug
·
Request Feature
Maverick is a Claude Code ( Cursor and Codex ) plugin and local CLI commands that enables autonomous AI-driven software development while enforcing quality, security, and operational best practices.
It provides skills, agents, and hooks that constrain and guide LLM behaviour - making unattended development safe and reliable.
LLMs generate code fast but don't come with any concept of quality, best practice or constraint. Claude Code will happily agree to build the world's worst idea, with a smile, because without guardrails:
These risks multiply enormously in unattended development when no human is watching the LLM work. There is no developer catching issues in real-time, no reviewer glancing at the diff, no operator noticing silent failures. Every quality gap becomes a production risk.
Maverick is comprised of four parts:
Maverick comes with Claude Code skills that defines how to write quality code. These are not detailed technical skills, they are the why and how of software development practices. These skills are part of the plugin and get loaded into Claude Code.
There are also a few technical skills that are so common, they have been predefined in the plugin.
Safety rules are not prose the model can forget — the plugin ships hooks that enforce them at the tool-call boundary:
maverick coord authorize) — an agent
cannot self-grant a scope the issue never approved.Because every codebase is unique, there is no way to ship defined skills that are needed to enable Claude Code. So Maverick builds them when it is initialised in a project.
There are multiple ways to run Claude Code, the most obvious being the software running locally on your machine. This works well for interactive development where you ask Claude Code to complete a task, answer any questions as they come up and monitor the progress.
It falls down when you need to complete multiple features or bug fixes at the same time. Claude Code on local machines, doesnt scale.
npx claudepluginhub thermiteau/maverick --plugin maverick24 agent definitions, 81 reusable skills, 28 lifecycle hooks for GitHub Copilot CLI workflows
Harness engineering for Claude Code — hook-enforced dual review, state-machine gates, and fail-closed safety where it counts.
Harness for Claude Code — skills, /harness:* slash commands, persona subagents, lifecycle hooks, and MCP tools without per-repo `harness setup`. Sibling plugins exist for Cursor, Gemini CLI, and Codex.
MeowKit — an opinionated Claude Code harness (skills, agents, hooks).
Autonomous AI development pipeline that uses GitHub as a structured knowledge graph for Claude Code agents. Adds /work-on, /review-pr, /quality-gate, /orchestrate, and 20+ pipeline commands.
Language-agnostic development process harness implementing the Stateless Agent Methodology (SAM) 7-stage pipeline with ARL human touchpoint model and Voltron-style language plugin composition. Provides orchestration, workflows, planning, verification, and testing methodology that any language plugin can compose with.