Interactively prepares a targeted Red Team Review package. It conducts a brief discovery interview to determine the threat model, generates a strict security auditor prompt, compiles a manifest of relevant project files, and bundles them into a single Markdown artifact or ZIP archive ready for an external LLM (like Grok, ChatGPT, or Gemini) or a human reviewer.
From context-bundlernpx claudepluginhub richfrem/agent-plugins-skills --plugin context-bundlerThis skill is limited to using the following tools:
acceptance-criteria.mdassets/resources/file-manifest-schema.jsonassets/resources/file-manifest.jsonevals/evals.jsonevals/results.tsvfallback-tree.mdrequirements.inrequirements.txtscripts/bundle.pyscripts/bundle_zip.pyscripts/manifest_manager.pyscripts/path_resolver.pyExecutes pre-written implementation plans: critically reviews, follows bite-sized steps exactly, runs verifications, tracks progress with checkpoints, uses git worktrees, stops on blockers.
Guides idea refinement into designs: explores context, asks questions one-by-one, proposes approaches, presents sections for approval, writes/review specs before coding.
Dispatches parallel agents to independently tackle 2+ tasks like separate test failures or subsystems without shared state or dependencies.
This skill automates the preparation of "Red Team" security and architecture reviews. Instead of manually explaining the context to an external LLM, this skill generates a highly specific instruction prompt, gathers the relevant codebase files, and uses the core Context Bundler scripts to compile them into a single, seamless payload.
Because context windows are valuable and red team reviews require precision, this is a Level 2.0 Interactive Skill. You must not blindly guess the user's intent or immediately execute scripts. You must follow the phased workflow below to confirm the target, threat model, and format before generating the payload.
Discover, Confirm, Isolate, Instruct, and Package. You are creating a standalone artifact designed to be read by an external AI or human. The most critical part of this bundle is the Promptβit must explicitly tell the receiving AI how to attack, review, or analyze the accompanying code based on the user's specific threat model.
When asked to prepare a red team review, you MUST follow these phases in order. Do not skip to execution.
Before creating any directories or writing any files, evaluate the user's initial request. If it is vague, you must ask 1-2 targeted questions to shape the payload:
.md), or do you need a .zip to send to a human reviewer/offline agent?")Wait for the user's response before proceeding.
Draft the execution plan based on the discovery phase, but DO NOT execute the Python scripts or write to disk yet. Present the proposed plan to the user for approval:
Red Team Bundle Plan:
- Target Topic: [Topic Name]
- Format: [.md or .zip]
- Proposed Persona/Prompt: "Act as a ruthless security auditor focusing on [Threat Model]..."
- Proposed Files to Bundle:
1. src/auth/...
2. docs/security...
Does this look right? (yes / adjust)
Wait for the user to confirm.
Once the user confirms the plan, create the workspace and draft the prompt:
mkdir -p temp/red-team-review-[topic-name]
temp/red-team-review-[topic-name]/prompt.md. The prompt must explicitly establish the Red Team rules of engagement, the specific threat model, and the desired severity scoring (Critical, High, Medium, Low).Create file-manifest.json inside the temp directory.
CRITICAL ORDERING: The newly created prompt.md MUST be the very first item in the files array. This ensures the receiving LLM reads the instructions before reading the source code.
{
"title": "Red Team Review: [Topic Name]",
"description": "Security and architecture review bundle focusing on [Threat Model].",
"files": [
{
"path": "temp/red-team-review-[topic-name]/prompt.md",
"note": "Primary Instructions & Rules of Engagement"
},
{
"path": "src/target/logic.py",
"note": "Target: Core implementation logic"
},
{
"path": "docs/security-model.md",
"note": "Context: Intended security architecture"
}
]
}
(Note: Use directory paths like src/auth/ to recursively include entire folders if necessary, rather than listing 50 files manually).
Invoke the appropriate core Context Bundler script based on the format negotiated in Phase 1.
(Adjust the script path below depending on if you are running this from the plugin root or via an npx installed .agents/ path).
For Markdown (.md):
python3 ./scripts/bundle.py --manifest temp/red-team-review-[topic-name]/file-manifest.json --bundle temp/red-team-review-[topic-name]/payload.md
For ZIP Archive (.zip):
python3 ./scripts/bundle_zip.py --manifest temp/red-team-review-[topic-name]/file-manifest.json --bundle temp/red-team-review-[topic-name]/payload.zip
Once the payload is generated, inform the user that it is ready for handoff. If it is a Markdown file, explicitly remind them they can copy the contents of that file and paste it directly into their external chat interface.