feat: Add plugin-dev toolkit for comprehensive plugin development

Adds the plugin-dev plugin to public marketplace. A comprehensive toolkit for developing Claude Code plugins with 7 expert skills, 3 AI-assisted agents, and extensive documentation covering the complete plugin development lifecycle. Key features: - 7 skills: hook-development, mcp-integration, plugin-structure, plugin-settings, command-development, agent-development, skill-development - 3 agents: agent-creator (AI-assisted generation), plugin-validator (structure validation), skill-reviewer (quality review) - 1 command: /plugin-dev:create-plugin (guided 8-phase workflow) - 10 utility scripts for validation and testing - 21 reference docs with deep-dive guidance (~11k words) - 9 working examples demonstrating best practices Changes for public release: - Replaced all references to internal repositories with "Claude Code" - Updated MCP examples: internal.company.com → api.example.com - Updated token variables: ${INTERNAL_TOKEN} → ${API_TOKEN} - Reframed agent-creation-system-prompt as "proven in production" - Preserved all ${CLAUDE_PLUGIN_ROOT} references (186 total) - Preserved valuable test blocks in core modules Validation: - All 3 agents validated successfully with validate-agent.sh - All JSON files validated with jq - Zero internal references remaining - 59 files migrated, 21,971 lines added 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2026-04-25 07:06:05 +00:00 · 2025-11-17 04:09:00 -08:00
parent 31ba6e541b
commit 387dc35db7
59 changed files with 21971 additions and 0 deletions
--- a/plugins/plugin-dev/skills/hook-development/examples/validate-write.sh
+++ b/plugins/plugin-dev/skills/hook-development/examples/validate-write.sh
@@ -0,0 +1,38 @@
+#!/bin/bash
+# Example PreToolUse hook for validating Write/Edit operations
+# This script demonstrates file write validation patterns
+
+set -euo pipefail
+
+# Read input from stdin
+input=$(cat)
+
+# Extract file path and content
+file_path=$(echo "$input" | jq -r '.tool_input.file_path // empty')
+
+# Validate path exists
+if [ -z "$file_path" ]; then
+  echo '{"continue": true}' # No path to validate
+  exit 0
+fi
+
+# Check for path traversal
+if [[ "$file_path" == *".."* ]]; then
+  echo '{"hookSpecificOutput": {"permissionDecision": "deny"}, "systemMessage": "Path traversal detected in: '"$file_path"'"}' >&2
+  exit 2
+fi
+
+# Check for system directories
+if [[ "$file_path" == /etc/* ]] || [[ "$file_path" == /sys/* ]] || [[ "$file_path" == /usr/* ]]; then
+  echo '{"hookSpecificOutput": {"permissionDecision": "deny"}, "systemMessage": "Cannot write to system directory: '"$file_path"'"}' >&2
+  exit 2
+fi
+
+# Check for sensitive files
+if [[ "$file_path" == *.env ]] || [[ "$file_path" == *secret* ]] || [[ "$file_path" == *credentials* ]]; then
+  echo '{"hookSpecificOutput": {"permissionDecision": "ask"}, "systemMessage": "Writing to potentially sensitive file: '"$file_path"'"}' >&2
+  exit 2
+fi
+
+# Approve the operation
+exit 0