By tinetti
Essential agents, commands, and tools for enhanced Claude Code workflows - git commits, code simplification, security audits, thermo-nuclear code-quality review, PR creation, and codebase sweep.
Use PROACTIVELY when creating git commits. Performs git commit with semantic messages and pre-commit validation
Use this agent when you need to refactor code to improve readability, reduce complexity, or enhance maintainability without altering functionality. This includes simplifying complex logic, removing redundancy, improving naming, extracting methods, reducing nesting, and applying clean code principles. The agent preserves all public APIs and external behavior unless explicitly authorized to change them.
Use this agent when the user explicitly requests a security audit, penetration test, or vulnerability assessment of their codebase. Specializes in finding critical vulnerabilities (auth bypass, IDOR, injection, etc.) through invariant-binding analysis across trust boundaries. Do not auto-invoke for general code review — only for dedicated security analysis requests. <example> Context: User has pushed changes to a payment processing endpoint and wants confidence before merge. user: "Can you do a security audit on the branch changes to the billing API?" assistant: "I'll use the security-auditor agent to perform a deep invariant-binding analysis of the billing API changes." <commentary> Explicit request for a security audit on specific code — exactly the trigger condition. The agent runs the multi-phase methodology in an isolated context. </commentary> </example> <example> Context: User is preparing a release and wants to check for access control issues. user: "Before we ship, can you check this for IDOR or auth bypass vulns?" assistant: "Launching the security-auditor agent to hunt for IDOR and access control flaws across the release scope." <commentary> Vulnerability-class-specific request. The agent scopes its threat model to access control and applies the detection heuristics for IDOR and auth bypass. </commentary> </example> <example> Context: User asks for general code review. user: "Can you review this PR for code quality?" assistant: "I'll handle the code quality review directly. The security-auditor is reserved for explicit security audits." <commentary> NOT a trigger. The description explicitly says "Do not auto-invoke for general code review." Generic review requests use a different path. </commentary> </example>
Use this agent for an unusually strict maintainability audit of branch changes — abstraction quality, the 1k-line rule, spaghetti-condition growth, and "code judo" simplification. The harsh, high-conviction sibling to general code review; reserve it for when the user explicitly asks for a thermo-nuclear / thermonuclear review or a deep, demanding code-quality audit. Do not auto-invoke for ordinary review requests. <example> Context: User wants a brutal structural pass on a feature branch before merge. user: "Give this branch a thermo-nuclear code quality review." assistant: "I'll dispatch the thermo-nuclear-code-quality-review agent to audit the branch diff against the full maintainability rubric." <commentary> Explicit thermo-nuclear request — exactly the trigger. The agent loads the rubric skill and applies it to the diff in an isolated context. </commentary> </example> <example> Context: User is worried a PR is bloating files and adding ad-hoc branches. user: "This PR feels like it's turning into spaghetti and one file is getting huge. Tear it apart." assistant: "Launching the thermo-nuclear-code-quality-review agent — it specifically hunts file-size explosions, spaghetti branching, and code-judo simplifications." <commentary> Maintainability/structure concern with an explicitly demanding tone. Matches the agent's purpose. </commentary> </example> <example> Context: User asks for a normal, balanced PR review. user: "Can you review this PR?" assistant: "I'll run a standard review. The thermo-nuclear-code-quality-review agent is reserved for when you explicitly want the harsh maintainability audit." <commentary> NOT a trigger. Ordinary review requests should not invoke this agent — it is deliberately strict and high-conviction. </commentary> </example>
Phased maintainability migration that transforms messy, overgrown, or slop-prone repos into product-shaped codebases while preserving behavior. Covers file splitting, typed boundaries, test hardening, feature folders, API consolidation, and a final migration audit microsite. Use when the user asks to "rehab this codebase", "run a maintainability migration", "modernize structure", "clean up this messy repo and make it maintainable", or "productionize this prototype". Unlike codebase-sweep (parallel quick audit), this is a deep, staged refactor with migration planning and checkpoint commits. Do not use for security audits, observability, compliance, or SRE work.
Comprehensive, codebase-wide quality sweep that dispatches parallel subagents to find and fix structural issues. Covers deduplication, type consolidation, dead code removal, circular dependencies, weak types, defensive try/catch, deprecated paths, and AI slop. Primary support for JS/TS projects (knip, madge, TypeScript types); other languages get grep-based analysis. Use when the user asks to "deep clean the whole repo", "run a full codebase audit", "nuclear cleanup", "deslop everything", or "sweep the entire codebase for quality issues". Do NOT use for single-file fixes, branch-scoped diffs (use de-slopify instead), or targeted refactors.
Remove code slop from the current branch
Compact the current conversation into a handoff document for another agent to pick up. Use when the user says "hand this off", "wrap up", "save context", "continue later", "pass this to another session", "I need to stop here", "pick this up later", or when a session is ending with unfinished work. Also use when context is getting long and the user wants to start fresh without losing progress.
Fetch tweets, Twitter/X articles, and Reddit posts via proxy APIs. Use when the user provides a twitter.com, x.com, or reddit.com URL, or asks to read a tweet, post, article, or thread from Twitter/X or Reddit.
Uses power tools
Uses Bash, Write, or Edit tools
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
My personal collection of Claude Code plugins.
Add this marketplace to Claude Code:
/plugin marketplace add tinetti/claude-plugins
Then install plugins:
/plugin install consultant@tinetti
This repo is also a Pi package. Install it directly:
pi install git:github.com/tinetti/claude-plugins
# or, while developing locally:
pi install /Users/jtinetti/Developer/claude-plugins
The Pi package loads the same plugins/*/skills and plugins/*/commands files, plus pi/extensions/claude-compat.ts for Claude Code compatibility shims like AskUserQuestion, WebFetch, WebSearch, TodoWrite, and file-backed task tools.
For skills that rely on Claude Code's Task/Agent subagent workflow, install pi-subagents once:
pi install npm:pi-subagents
This repo does not load pi-subagents directly because Pi currently errors when the same extension/tool is loaded twice, and many Pi setups already have pi-subagents installed globally.
This is a pnpm workspace with TypeScript project references.
# Install dependencies
pnpm install
# Type check everything
pnpm run typecheck
# Build all MCP servers
pnpm run build
# Build and sync marketplace metadata
pnpm run build:all
plugins/your-plugin/.claude-plugin/plugin.json with metadatapnpm-workspace.yaml and root tsconfig.jsonpnpm run sync to auto-discover and add to marketplaceThe sync script scans plugins/ and automatically discovers all plugins with valid plugin.json files. Add a plugin directory and it shows up. Remove one and it disappears.
Forked from nicknisi/claude-plugins by Nick Nisi.
MIT
npx claudepluginhub tinetti/claude-plugins --plugin essentialsTransform brain dumps into implementation specs through an evidence-gated interview stress-tested by adversarial plan critics. Interactive HTML contract for planning decisions, Markdown specs for execution. /ideation:autopilot runs all phases on a deterministic workflow engine with overlap-serialized parallel waves; /ideation:retro mines implementation notes into learnings future interviews read.
Tools for the experienced developer experience engineer.
Experimental agents, skills, and output styles for unconventional interaction patterns
Generate or edit images via Google Gemini (nano-banana-pro) or OpenAI gpt-image-2. Supports 1K/2K/4K resolution and masked inpainting.
Meta-cognitive tools for Claude Code self-improvement. Learn from feedback, optimize configuration, and evolve your AI development workflow.
Harness-native ECC plugin for engineering teams - 67 agents, 278 skills, 94 legacy command shims, reusable hooks, rules, MCP conventions, and operator workflows for Claude Code plus adjacent agent harnesses
Evidence-gated AI coding workflow: scan → analyze → plan → TDD → execute → fix → verify → review, powered by Codebase Memory MCP >= 0.9.0 with optional Serena LSP intelligence. Includes blast-radius planning, test/cycle gates, independent review, and Windows Git Bash hook auto-resolution.
Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.
Tools to maintain and improve CLAUDE.md files - audit quality, capture session learnings, and keep project memory current.
A growing collection of Claude-compatible academic workflow bundles. Covers scientific figures, manuscript writing and polishing, reviewer assessment, citation retrieval, data availability, paper reading, literature search, response letters, paper-to-PPTX conversion, and evidence-grounded Chinese invention patent drafting. Rules are organized as reusable skill folders with explicit workflows and quality checks.
Comprehensive feature development workflow with specialized agents for codebase exploration, architecture design, and quality review