Java plugins

Automatically generate C4 architecture diagrams (Context, Container, Component, Code) from your codebase via bottom-up analysis, producing Mermaid diagrams and documentation for system design, API interfaces, and deployment units.

Automate technical debt reduction, dependency updates, and code refactoring by scanning for vulnerabilities and code smells, generating prioritized remediation plans, and leveraging AI-powered test automation and code review.

Delegate architecture, implementation, optimization, and debugging of complex applications to specialized AI agents expert in Python/Django/FastAPI, TypeScript/React/Next.js/Angular/Vue, Go, Rust, Java/Spring Boot, PHP/Laravel/Symfony, C#/.NET, mobile (Flutter/React Native/Swift/Kotlin), Elixir/Rails, SQL, and DevOps tools.

Run CodeQL and Semgrep to scan multi-language codebases (Python, JavaScript/TS, Go, Java, C#, Ruby, Rust) for security vulnerabilities via taint tracking and pattern matching. Parse, deduplicate, and aggregate SARIF outputs from scans, then integrate findings into CI/CD pipelines using GitHub Actions or bash scripts.

Decompile Android APK, XAPK, JAR, and AAR files using jadx or Fernflower, then extract HTTP API endpoints and trace call flows from UI to network layer for security analysis and API documentation.

Implement Trail of Bits handbook security testing workflows: fuzz Rust, Python, C/C++, Ruby code with AFL++, libFuzzer, cargo-fuzz, Atheris; instrument AddressSanitizer; run static analysis via Semgrep, CodeQL; generate coverage reports, dictionaries, and bypass obstacles for vulnerability detection.

Automatically generate production-ready unit tests from source code files or snippets in JavaScript/TypeScript (using Jest, Vitest, or Mocha), Python (pytest), Java (JUnit 5), and Go. Auto-detects frameworks, covers happy paths, edge cases, boundaries, errors, and provides mocks for robust testing.

Audit Armeria-based Java projects for event loop blocking by discovering patterns, scanning operations, tracing calls, and generating fix plans without code changes. Pinpoint latency spike causes for pre-release validation.

Design, execute, and analyze load, stress, spike, soak, and endurance tests on APIs, web apps, and databases using k6, Artillery, JMeter, Locust, and autocannon. Identify bottlenecks, review metrics, and verify SLAs to optimize performance.

Detect memory leaks in running Node.js, Python, and JVM apps by analyzing event listeners, closures, unbounded caches, and retained references. Scan codebases for patterns like unremoved listeners, uncancelled timers, circular references, and DOM holds, generating markdown reports with severity ratings, code locations, snippets, fixes, and prevention strategies.

Automate OWASP Top 10 vulnerability scans and penetration testing on JavaScript, Python, and Java codebases using Semgrep, ESLint-security, Bandit, and dependency audits. Delegate comprehensive security audits to a specialized agent covering injections, XSS, CSRF, authentication flaws, access control, and misconfigurations.

Build complete API authentication and authorization systems supporting JWT, OAuth2, API keys, sessions, MFA, RBAC, token refresh, validation, and brute-force protection. Generates models, middleware, and services for JavaScript/Node.js, Python, and Java backends.

Add Redis-backed rate limiting to Express, FastAPI, Python, Node.js, or Java APIs using token bucket, sliding window, or quota algorithms. Enforce per-user or per-IP limits with configurable tiers, monitoring headers, and automatic 429 responses to protect against abuse.

Audit web app session management for vulnerabilities like fixation, ID generation flaws, expiration issues, cookie misconfigurations, insecure storage, and poor invalidation in Express, Django, Rails, Python, and Java apps. Check current Claude Code session status, including active state and user details.

Scan codebases to detect CPU hotspots, intensive operations, blocking calls, and algorithmic inefficiencies. Generate detailed optimization reports with before/after code examples, performance estimates, and targeted recommendations to boost application speed in bash, Python, and Java projects.

Audit authentication in JavaScript, Python, and Java web apps/APIs against OWASP/NIST standards—covering password hashing, JWT handling, sessions, OAuth flows, MFA, and account controls. Validate project setups by checking credentials, tokens, and config files for errors and compliance status.

Analyze test coverage reports from Jest/nyc, pytest, Go test, and JaCoCo across JavaScript, Python, Go, and Java projects to identify untested code paths, branch gaps, low-coverage files, enforce thresholds, and generate detailed reports with targeted test recommendations.

Generate k6, Artillery, wrk, or Gatling scripts for API load, stress, and soak tests to validate performance under configurable loads. Run tests locally to measure response times, throughput, error rates, scalability, and identify bottlenecks.

Validate API responses against OpenAPI and JSON schemas to ensure contract compliance, detect schema drift, and verify data integrity. Generate JSON Schema definitions, Ajv validators, Express middleware, tests, docs, and monitoring directly in Node.js, Python, or Java workflows.

Scan cryptographic code for timing side-channel vulnerabilities like secret-dependent branches and divisions across Go, Rust, Java, Kotlin, C#, PHP, JS/TS, Python, and Ruby. Run constant-time analysis via skills or commands to get violation reports in JSON, with filters for warnings, architecture, and functions.

Engineer production-ready ADK agents and multi-agent systems in Python, Java, or Go, generating clean code structures, unit tests, safe tools, and deployment automation for Vertex AI.

Generate and implement standardized API error handling with RFC 7807 responses, typed error classes, middleware, logging, monitoring, and recovery strategies for consistent HTTP status codes across Express, FastAPI, Flask, Node.js, Python, Java, and Go backends.

Implement multi-level API caching strategies using Redis for server-side storage, CDNs for edge caching, and HTTP headers for browser control, with TTL settings, tag-based invalidation, cache-aside patterns, and stale-while-revalidate to optimize performance across Node, Python, and Java backends.

Deploy specialized AI agents to synthesize research from academic papers, web sources, and GitHub repos with citations; generate API docs, OpenAPI specs, and SDKs; transcribe, analyze, and optimize podcasts; modernize legacy code across React, Python, Java; build and link knowledge graphs; orchestrate multi-agent pipelines for complex tasks.

Delegate coding tasks to expert AI agents specialized in Python, Go, Rust, Java, JavaScript, PHP, Ruby/Rails, C/C++, SQL, and TypeScript. They proactively write idiomatic code, refactor for performance, implement advanced features like concurrency and generics, add tests with pytest or RSpec, optimize queries/schemas, and handle builds like Cargo.toml or CMake.

Build API monitoring systems with Prometheus metrics, Grafana dashboards, health checks, alerts, synthetic probes, and SLO tracking to ensure performance and uptime for Node.js, Python, and Java REST APIs.

Run integration test suites for APIs, databases, services, queues, and files using real Dockerized dependencies without mocks. Automates full workflow: environment setup, database seeding, service orchestration, test execution with coverage reporting, and teardown cleanup. Select suites and configure environments via CLI flags.

Generate production-ready REST APIs from OpenAPI specs or schemas, creating full CRUD endpoints with pagination, filtering, auth, routes, controllers, models, middleware, services, tests, and docs for Express, FastAPI, Spring Boot, and Gin.

Generate production-ready, type-safe client SDKs in TypeScript, JavaScript, Python, Go, and Java from OpenAPI specs, automatically including authentication, retries, pagination, tests, usage docs, and examples for rapid API client development.

Generate and execute comprehensive test suites for REST and GraphQL APIs directly from OpenAPI specs, automating request generation, schema/response validation, CRUD coverage, auth handling, error/performance checks, idempotency tests, with reporting in Jest, pytest, Supertest, or REST-assured.

Run mutation testing on JavaScript, Python, Java, Go, C#, or Ruby codebases to evaluate test suite quality. Introduce code mutants with tools like Stryker, mutmut, PITest, or go-mutesting, check detection rates, identify coverage gaps, and generate reports with survival scores and improvement suggestions.

Implement structured logging for API requests with automatic correlation IDs, PII redaction, performance metrics, and security audit trails in JavaScript, Python, and Java backends. Use the setup command to configure request/response capture and log shipping in Node.js or Python apps for debugging, compliance, and observability workflows.

Audit database connections, calculate optimal pool sizes, configure app-level pooling parameters, and deploy PgBouncer or ProxySQL for PostgreSQL and MySQL to prevent exhaustion and boost throughput. Implement best practices with code examples for Node.js, Python, and Java.

Perform consumer-driven contract testing with Pact (JavaScript, Python, JVM) and OpenAPI validation for REST, GraphQL, gRPC APIs to detect breaking changes, generate tests, and produce detailed reports integrable into CI/CD pipelines.

Profile Node.js, Python, and Java application performance by analyzing CPU usage, memory allocation, execution hotspots, and bottlenecks. Generate markdown reports with detailed breakdowns, patterns, and actionable optimization recommendations including code fixes.

Exploits Apache Shiro rememberMe deserialization vulnerabilities for security assessments, including key brute-force, gadget chain detection, command execution, and memory shell injection against Shiro-based Java applications.

Integrate Azure services into Java apps using SDK clients and best practices for AI agents, anomaly detection, vision analysis, document processing, real-time voice/chat/SMS, storage/blobs/tables/Cosmos DB, Event Hubs/Grid, Key Vault secrets/keys, authentication, monitoring, and batch compute with sync/async operations.

Accelerate Guidewire InsuranceSuite development by automating Cloud API integrations for PolicyCenter policy lifecycles, ClaimCenter claims processing, BillingCenter ops; CI/CD pipelines with Gradle/Gosu; error diagnosis/fixes; secure deployments; performance/cost tuning; production monitoring/incident response via 24 specialized skills.

Develop secure, performant integrations with Veeva Vault for clinical operations, document management, and CRM using guided skills for REST API calls, VQL queries, VAPIL Java SDK, authentication, error handling, deployments, migrations, rate limiting, observability, and compliance checks.

Enforce cross-language coding standards and automate development workflows—code review, commit message generation, project scaffolding, optimization scans, and documentation—by configuring Claude Code and other AI assistants with contextual rules, skills, and commands for Java, Go, Python, TypeScript, Vue, React, Docker, and Redis.

Delegate specialized AI agents to build secure Solidity smart contracts, DeFi protocols, and full Web3 apps including tests, gas optimization, audits, and frontend integration. Develop production Hyperledger Fabric v2.5/v3 enterprise blockchains with Go/Java/TypeScript chaincode, network architecture, Kubernetes deployments, Raft/SmartBFT consensus, channels, MSPs, and privacy features.

Security-test IoT devices, firmware, and embedded systems by analyzing UEFI/BIOS dumps for rootkits, extracting filesystems from firmware, decompiling Android APKs, scanning networks with nmap and ONVIF probes, capturing and decoding hardware debug interfaces (SWD/JTAG) and logic analyzer traces (UART/SPI/I2C), interacting with UART and telnet consoles, and auditing MQTT/CoAP traffic from PCAPs.

Automate code analysis, test setup, and quality enhancement across JavaScript, TypeScript, Python, Java, Go, Rust, and Ruby by running slash commands that generate unit/integration/E2E/mutation/property/load/visual tests, fix linting/formatting issues, analyze coverage/performance/security, reproduce bugs with failing tests, optimize code, and integrate CI/CD workflows.

Design MongoDB schemas with best patterns and anti-patterns, generate and optimize queries from natural language using schema and indexes, tune client connections across Node.js Python Java Go drivers, implement Atlas full-text vector hybrid search for RAG, provision stream processing pipelines with Kafka S3 Lambda, and configure MCP servers via Docker or Atlas API.

Design RESTful or GraphQL APIs from domain models and requirements, generate OpenAPI 3.1 specs by scanning codebases in Express, FastAPI, Flask, Go, or Java, and consult an expert for endpoint reviews, schemas, auth, versioning, pagination, and optimizations.

Accelerate Java Spring Boot development by generating CRUD apps, REST APIs, and AI integrations with LangChain4j; write unit/integration tests; integrate AWS services like RDS, DynamoDB, S3, Lambda; refactor code, audit security/dependencies, and produce documentation/architecture reviews via agents, commands, skills, and LSP support.

Bootstrap Stripe projects with CLI, implement official best practices for payments via Checkout Sessions or PaymentIntents, Billing subscriptions, Connect Accounts, Treasury, Payment Element, and upgrade APIs/SDKs across Python, Ruby, Node.js, Java, Go, .NET.

Run a phased performance investigation workflow that establishes baselines, maps code paths, profiles hotspots with flame graphs, generates and tests hypotheses via benchmarks, logs evidence, and synthesizes recommendations with decisions for Node/JS, Python, Rust, Go, Java projects.

Generate Markdown API reference docs from source code and routes, extracting endpoints, methods, parameters, schemas, auth, errors, and examples for Express, FastAPI, Django, Java, and Go backends.

Run mutation testing on JavaScript/TypeScript, Python, or Java codebases with Stryker, mutmut, or PITest to quantify test suite effectiveness. Review mutation scores, inspect survived mutants with specific test improvement suggestions, and generate savable reports for better code quality assurance.

Detect memory leaks and profile heap usage in Node.js, Python, Java, Go, and browser apps by capturing snapshots, measuring growth rates with GC, tracing references, identifying consumers, suggesting fixes, and verifying resolutions.

Scan direct and transitive dependencies across Node, Python, Java, Rust, Go package managers for license compliance, classify licenses, flag issues with counts and statuses in reports, and generate NOTICE files attributing third-party licenses with full texts, copyrights, and project notices.

Generate optimized, explained regex patterns from natural language descriptions supporting JavaScript, Python, Go, Java, and PCRE flavors. Test patterns against sample inputs, edge cases, adversarial strings, and non-matches with match reports, group captures, performance metrics, accuracy scores (TP/TN/FP/FN), and targeted improvement suggestions.

Interactively configure secure Azure Blob Storage accounts with encryption, lifecycle policies, network rules, and IaC templates, then set up and deploy Azure Functions apps complete with triggers, bindings, auth, monitoring, and CI/CD pipelines.

Generate customized CLAUDE.md configs for Claude AI assistants by auto-detecting Node, Python, Rust, Go, Java, Docker environments and package managers, incorporating git user info, TDD methodologies, memory rules, and local best-practices references with multi-file sync.

Trade Taiwan financial markets (TWSE/TPEX/TAIFEX) programmatically using Shioaji's Python binding, CLI tool, or HTTP API with SSE streaming. Supports orders, real-time quotes, account data, and multi-language HTTP clients in JS/TS, Go, C/C++, C#, Rust, Java/Kotlin.

Set up SAP Business Application Studio (BAS) on SAP BTP: create dev spaces and subscriptions, connect to Git repos and external systems via destinations/Cloud Connector, deploy MTA apps to Cloud Foundry, configure Node.js/Java/Python runtimes, manage tasks/CI-CD, and troubleshoot connectivity.

Develop enterprise integrations on SAP BTP Integration Suite by building iFlows for cloud and on-premise connectivity, managing API proxies, implementing Event Mesh for event-driven architectures, deploying Edge Integration Cells for hybrid setups, configuring B2B/EDI adapters, and processing messages with Groovy or JavaScript.

Enforces secure-by-default code practices during AI-assisted development and migration, preventing common vulnerabilities in authentication, data handling, and infrastructure. Also guides migration of C/C++/Assembly to memory-safe languages and performs full OWASP-aligned security code reviews with prioritized remediation reports.

Orchestrate end-to-end QA automation across Playwright and Selenium — generate, execute, and debug UI, API, and accessibility tests, plan regression suites with ISTQB-aligned artifacts, and heal flaky tests via delegated specialist agents.

Manage Apache Cayenne ORM projects by reverse-engineering database schemas, designing and editing DataMaps, generating entity Java classes, writing Cayenne queries, and bootstrapping runtime configuration – all through MCP tool integrations.

Develop business applications on SAP BTP using CAP (Node.js/Java) or ABAP Cloud, deploy to Cloud Foundry or Kyma, integrate SAP HANA Cloud and remote systems, build Fiori UIs, create multitenant SaaS apps, extend S/4HANA, set up CI/CD pipelines, implement observability, and apply SAP best practices.

Follow SAP API Style Guide standards to create and review consistent documentation for REST, OData, Java, JavaScript, .NET, and C/C++ APIs, including naming conventions, OpenAPI specifications, comments, quality checklists, and deprecation policies.

Integrate SAP Cloud SDK for AI into JavaScript/TypeScript and Java applications to access SAP AI Core, Generative AI Hub, and Orchestration Service for LLM workflows including chat completion, embeddings, streaming, function calling, content filtering, data masking, document grounding, and LangChain/Spring AI support with models like GPT-4o, Llama, and Gemini via SAP BTP.

Automate Java/Spring Boot development workflows: scaffold production-ready Spring Boot 4.x apps with REST APIs, JPA entities, security, tests, Modulith, Thymeleaf, and Docker Compose; add JSpecify for nullability checks in Maven/Gradle projects; review recent code changes for bugs, security, architecture, and best practices.

Connect to MongoDB databases, explore schemas, generate queries and aggregation pipelines from natural language, analyze query performance with index recommendations, implement Atlas Search and Vector Search, and manage stream processing workflows — all from within Claude.

Enable AI coding agents to build Stellar blockchain applications in Java using stellar-sdk for transactions, Horizon, Soroban smart contracts, XDR/SCVal conversion, and SEP protocol integrations.

Explore Citrus Framework's component catalog, DSL schemas, and best practices directly from AI coding assistants via the MCP protocol, accelerating Java integration testing and deployment verification workflows.

End-to-end development workflow with structured feature planning, spec-driven task decomposition, automated implementation, code review, documentation generation, git integration, and persistent knowledge graph for cross-session context

Implement secure OAuth 2.0 and OpenID Connect authentication flows for web apps, SPAs, and services. Handle Authorization Code with PKCE, Client Credentials grants, and token refresh. Use ready Express.js examples with Flask and Spring Boot references to integrate third-party auth and SSO quickly.

Develop SAP CAP applications with full lifecycle support: interactive project setup, CDS modeling, service implementation (Node.js/Java), database configuration (HANA/SQLite/PostgreSQL), OData services, deployment to BTP Cloud Foundry/Kyma, and error diagnostics. Includes CDS language server for real-time syntax and navigation.

Configure tsk Docker container images for Rust, Go, Node, Python, or Java projects by detecting the stack, migrating Dockerfiles to tsk.toml layers, running dry-run builds, and interactively troubleshooting setup issues.

Enforces architectural, clean code, DDD, security, and test-quality rules across the full SDLC — from design and requirements through code generation, review, and refactoring — with project-specific configuration and per-feature context preservation.

Run automated code quality reviews on pre-commit changes and GitHub PRs with language-aware analysis for idiomatic patterns, test coverage, DRY/SOLID principles, error handling, and build verification. Supports Go, Python, Rust, TypeScript, Java, and custom project profiles like HyperShift.

Provides agent skills for comprehensive Neo4j database management: querying, modeling, data ingestion, AI/ML pipelines (GraphRAG, embeddings), graph algorithms, provisioning, security, and performance tuning.

Search and read source code of Kotlin/Gradle dependencies to inspect API shapes and implementations without accessing .gradle files directly

Accelerate Spring Boot development with code generation for REST controllers, DTOs, mappers, Kafka config, and Spring Security, plus IntelliJ integration, project exploration, and structured implementation plans via the Amplicode MCP server.

Index codebases with Tree-sitter to enable precise navigation across Rust, Python, TypeScript, JavaScript, Go, and Java files: search symbols, trace cross-file callers, read function implementations, discover tests, and grep with scope awareness using integrated skills and CLI commands.

Query public APIs of any JVM dependency (Scala 3, Scala 2, Java) from the terminal — view type signatures, members, documentation, and source as Markdown without unpacking JARs. Enables rapid exploration of unfamiliar libraries and dependency API checks without a full project import.

Provision phone numbers, send SMS/MMS/RCS, control voice calls/conferences, build/deploy AI voice assistants, manage WebRTC clients/pushes, handle 10DLC compliance/porting, and configure SIP/IoT via multi-language Telnyx SDK code examples, curl, CLI.

Automate end-to-end Testany testing workflows: decompose scenarios into cases with Python/Java/Playwright/Gradle/Maven scripts and ZIP packages, register and manage cases/pipelines, configure Jenkins/GitHub Actions triggers and schedules, monitor executions, debug failures via log analysis, and organize workspaces/teams with permissions.

Build SQLite analysis databases from Java JAR/WAR/Class files to capture classes, methods, calls, inheritance, strings, and Spring components. Execute SQL queries for security audits including vulnerability detection, method/call chain searches, and string analysis.

Orchestrate multi-agent coding workflows with built-in TDD, code review, security scanning, and automated pattern learning across Go, Java, Python, TypeScript, Rust, and C++ projects.

Rapidly explore unfamiliar Scala 2/3 and Java codebases from the CLI by searching symbols, finding definitions, implementations, usages, imports, members, and scaladoc, plus viewing call graphs as ASCII art for quick project navigation and test lookups.

Structure software projects into context-driven tracks: scaffold setups, generate specs and plans from project docs, implement tasks via AI agents with git snapshots, review code for quality/security/test coverage, track progress, manage skills/snippets/patterns, and revert via git history.

Build, test, and maintain custom language SDKs generated from OpenAPI specs using the oagen framework — scafffold emitters and extractors, run compatibility checks, automate smoke tests, and fix regressions in a generate-verify loop.

Generates full-stack Vaadin/jOOQ Java web apps including UI views, data access queries, Flyway database migrations, Karibu server-side tests, and Playwright E2E tests, with MCP connections for Vaadin, jOOQ, Java docs, and browser automation.

Enforce Java code quality and style standards using Checkstyle, with support for XML configuration, custom checks, and built-in rule enforcement for naming conventions and code metrics.

Enforce formal backpressure in AI coding by generating compile-time guard types from Shen sequent-calculus specifications, then running a verification loop that catches invariant violations during build and tests handwritten implementations against formal specs.

Enforces CodeDNA annotations across source files — scanning for unannotated files, verifying exports and dependency graphs, performing cascade impact analysis on file changes, and checking for unresolved token placeholders after every save.

Write and debug Java code with expert-level guidance on streams, concurrency, and generics, plus LSP-powered code intelligence including diagnostics, navigation, and references for .java files.

Generate Mermaid and PlantUML diagrams from natural language descriptions or source code analysis in TypeScript, Python, Java, C#, Prisma, and Django to visualize classes, ER models, sequences, dependencies, architectures, workflows, and data flows directly in Markdown for docs or repos.

Write and maintain Cucumber BDD tests with Gherkin syntax, using best practices for declarative scenarios, independent tests, and step definitions in JavaScript, TypeScript, Java, or Ruby.

Validate and enforce quality for Apache Maven projects — manage build lifecycles, resolve dependencies with scope and conflict control, and configure plugins and profiles in pom.xml files for Java builds.

Embed structured annotations, categorized TODOs, and bidirectional documentation links into codebases using AI-optimized patterns like @ai- markers, @doc/@impl tags, and AI-DEV-NOTE comments, preserving context, decisions, and issues for seamless AI-assisted development workflows.

Apply core OOP principles in Java and Python: enforce encapsulation via private fields, validated getters/setters, and defensive copying; choose inheritance versus composition for optimal class hierarchies; implement polymorphism with interfaces and abstract classes to create extensible, robust systems.