From kastell
Explores Kastell codebase read-only with Read, Grep, Glob tools for tracing bugs across files, mapping callsites before refactoring, and investigating subsystems.
npx claudepluginhub kastelldev/kastellThis skill is limited to using the following tools:
Explore the Kastell codebase using read-only tools (Read, Grep, Glob). Runs in a forked Explore agent with Kastell architecture knowledge inlined.
Provides Kastell CLI architecture overview, patterns, anti-patterns, decision trees, layer rules, and adapters for codebase work or server infrastructure, provisioning, security audits, hardening.
Uses tree-sitter index for code navigation in Rust, Python, TypeScript, JavaScript, Go, Java, Scala, SQL: finds symbols, reads function implementations, traces callers, discovers tests.
Maps unfamiliar codebases in phases: structure, entry points, data flow, patterns, landmines. Use before coding in new, inherited, or revisited projects.
Share bugs, ideas, or general feedback.
Explore the Kastell codebase using read-only tools (Read, Grep, Glob). Runs in a forked Explore agent with Kastell architecture knowledge inlined.
Commands:
!node -e "import('fs').then(f=>console.log(f.readdirSync('src/commands').filter(x=>x.endsWith('.ts')).map(x=>x.replace('.ts','')).join(', '))).catch(()=>console.log('commands dir not found'))"
Provider registry:
!node -e "import('fs').then(f=>{const c=f.readFileSync('src/constants.ts','utf8');const m=c.match(/PROVIDER_REGISTRY[\s\S]{0,200}/);console.log(m?m[0].split('\n').slice(0,4).join('\n'):'not found')}).catch(()=>console.log('constants.ts not found'))"
src/
commands/ # 31 thin CLI wrappers (parse args + delegate only)
core/ # Business logic (ALL computation here)
audit/ # 30 audit categories, 457+ checks
lock/ # 24-step server hardening
providers/ # Cloud API: hetzner, digitalocean, vultr, linode
adapters/ # Platform abstraction: coolify, dokploy
factory.ts # getAdapter(platform) — entry point
mcp/
server.ts # 13 tool registrations
tools/ # Handler files
utils/ # ssh, config, cloudInit, modeGuard
types/ # ServerMode, ServerRecord, Platform
constants.ts # PROVIDER_REGISTRY
Commands (parse args) --> Core (business logic) --> Providers (cloud API) / Adapters (platform ops). MCP tools also delegate to Core.
Bug investigation:
src/commands/<name>.ts)src/core/<name>.ts)Feature mapping:
__tests__/Architecture question:
kastell-plugin/skills/kastell-ops/SKILL.md for full detail (adapter contract, provider registry, layer rules)Common failure patterns and where to look first:
| Symptom | Start Here | Then Check |
|---|---|---|
| SSH auth failure | src/utils/ssh.ts → sshExec() | assertValidIp(), server config ~/.kastell/servers.json, banner parsing |
| Provider API error | src/providers/<name>.ts | withProviderErrorHandling() in src/utils/retry.ts, API token config |
| Audit check false positive | src/core/audit/checks/<category>.ts | SSH command output parsing, regex pattern, sshExec mock in test |
| Fix rejected (SAFE tier) | src/core/fix.ts → resolveTier() | FORBIDDEN_PATTERNS, shell redirect/pipe in fixCommand string |
| MCP tool error | src/mcp/tools/<name>.ts | Handler → core delegation, Zod schema validation, result.content format |
| Lock step failure | src/core/lock.ts | Step's SSH command, sshExec stderr, cloud-init completion |
| Config not found | src/utils/config.ts | ~/.kastell/ dir existence, servers.json format, migration from ~/.quicklify/ |
Known pitfalls: See kastell-plugin/skills/kastell-ops/references/pitfalls.md
$ARGUMENTS