UsernameStudio A.I. native

Open source

Skills publiques

Des plugins Claude Code nés de notre travail réel, partagés avec la communauté. Génériques, réutilisables, taillés pour durer.

Conçues avec Claude Fable 5

Installation

Ajoutez le marketplace une fois, puis installez les plugins voulus.

/plugin marketplace add username-workspace/skills

Le catalogue

  • aws-remote-auth

    DevOps

    Re-authenticate to AWS from anywhere, on demand, with an autofill device code.

    When an AWS SSO session expires, this surfaces a device-code login you approve from any browser — autofill link included. A PreToolUse hook detects expiry on aws commands and hands you the code instead of a cryptic "token has expired" error; the skill also re-auths any profile on demand.

    • Detects expired or missing AWS SSO sessions locally, with no network call
    • Starts a device-code login and surfaces the autofill URL + code
    • PreToolUse hook turns "token expired" into an actionable re-auth prompt
    • Generic across profiles and SSO portals — nothing account-specific
    /plugin install aws-remote-auth@username

    Sous-commandes : hook · login · status

    macOS · LinuxMITGitHub

  • claude-remote-spawn

    Agents

    Spawn a new Claude Code session remotely, on your own machine.

    Remote Control drives the Claude Code sessions already open on your machine. claude-remote-spawn starts new ones — or respawns an existing one: a persistent, visible session that shows up at once in Remote Control and in "claude agents", drivable from your phone.

    • Launches a persistent, visible session (claude --remote-control inside a PTY)
    • open: runs the session in a NEW local terminal tab (macOS iTerm/Terminal.app) so you see and drive it live where you launched it — ephemeral, closing the tab ends it
    • Resumes an existing session by id (resolves its cwd) — compose with find-session to reopen one from a description
    • Pick the model with --model (any alias or id your claude accepts — passed straight through, never hardcoded)
    • Shows up in Remote Control and in "claude agents", drivable from your phone
    • Stays alive until you stop it, unlike a headless run that exits immediately
    • Terminal-agnostic, no dependencies
    /plugin install claude-remote-spawn@username

    Sous-commandes : spawn · open · resume · list · stop · check

    macOS · LinuxMITGitHub

  • coding-agent-usage

    FinOps

    See your AI coding-agent usage — and where you rank against other developers.

    Parses your local Claude Code transcripts (~/.claude/projects) into an interactive HTML dashboard: API-equivalent cost, tokens, sessions, model mix, tool distribution, cache efficiency, thinking and subagent rates, per-project and per-week breakdowns — placed on a log-scale percentile gauge against Anthropic's published per-developer cost figures (fetched live, cached 24h). Adds a multi-provider view of total spend across Claude Code, Codex and Gemini via ccusage. Cost reconciles to within ~1% of ccusage; no account access.

    • Percentile placement on a log-scale $/active-day gauge vs Anthropic's published cost benchmark
    • Live, 24h-cached benchmark with lognormal refit — falls back to a committed seed offline
    • Multi-provider spend view: Claude Code + Codex + Gemini, attributed by model via ccusage
    • Accurate local cost: dedupes tokens by message.id, version-aware pricing (Opus 4.5+ tier)
    /plugin install coding-agent-usage@username

    Sous-commandes : collect-usage · collect-multiprovider

    macOS · LinuxMITGitHub

  • delivery-metrics

    Analytics

    Turn git history into a developer productivity & quality dashboard.

    Analyzes git history for a single repo or a workspace of submodules and renders an interactive HTML dashboard: tickets delivered, velocity adjusted for availability, fix-ratio, reverts, WIP vs delivered, utilization, and per-repo specialization, with monthly trends. Repo-agnostic and configurable — no external services, no network.

    • Splits delivered (default branch) from WIP, surviving rebases and cherry-picks
    • Velocity normalized for availability (weekdays minus configurable holidays and leaves)
    • Quality signals: fix-ratio, reverts, big commits, lines per commit
    • Configurable ticket pattern, repos, aliases — works on any repo, no hardcoding
    /plugin install delivery-metrics@username

    Sous-commandes : collect-metrics

    macOS · LinuxMITGitHub

  • find-session

    Agents

    Find and resume the past Claude Code session you're thinking of.

    Describe the work — a topic, a file, a ticket — and find the Claude Code session where it happened. It turns your phrasing into concept terms, cross-matches them against your local transcripts, ranks the candidates by mentions and recency, and hands back the session ID with a ready `claude --resume` command. Defaults to the current project and widens to every project when needed.

    • Turns a natural-language query into cross-matched concept terms — all must appear in a session
    • Ranks candidates by mentions and recency, using density and the dominant key to flag reports over real work sessions
    • Returns the best session ID with a ready-to-run `claude --resume <id>` command
    • Searches the current project or every project under local ~/.claude/projects transcripts
    /plugin install find-session@username
    macOS · LinuxMITGitHub

  • merge-review

    Quality

    An adversarial reviewer that scores the diff, fixes what's attested, and loops until it's merge-ready.

    A merge-readiness reviewer that proves code is production-ready instead of assuming it. It scores the diff 0-100 across security, correctness, quality and maintainability with strict deductions, and runs iteratively — the score climbs as findings are genuinely addressed. Two outcome modes make the difference: LOCAL (interactive) re-derives every finding, applies the attested ones (high-confidence, file:line-cited, root-cause) and loops until the score clears the threshold; contestable pure-logic findings are surfaced for you to arbitrate, never silently patched. REMOTE (diff injected by a CI/bot runner) is strictly read-only — it emits the verdict and a machine-readable state block, touches nothing. An asymmetric trust model treats the diff, descriptions and comments as untrusted data that may only raise scrutiny, never lower the verdict. Forge-agnostic context (gh/glab). The review step that sits between ship-when-done and mr-watchdog.

    • Adversarial 0-100 score across security, correctness, quality, maintainability — with itemised, file:line-cited deductions and a configurable threshold (default 80)
    • Iterative & history-aware: reconciles against the prior pass (stable finding identity, not line numbers) so the score reflects the current code and climbs as feedback is addressed
    • LOCAL mode auto-fixes the attested findings (high-confidence, cited) at the root cause and loops until viable; contestable logic findings are surfaced, never silently applied
    • REMOTE mode is read-only: diff injected by the runner, emits verdict + machine-readable state, never commits/pushes/posts
    • Pre-push gate armed while a declared delivery is in flight (default) or, with HARNESS_AUTO_ENGAGE=1, on the branch THIS session produced work on; a fake-green guard blocks deleted/weakened tests, --no-verify, || true, lowered thresholds; opt out per repo
    /plugin install merge-review@username

    Sous-commandes : merge-review

    macOS · LinuxMITGitHub

  • mr-watchdog

    DevOps

    Open a merge request, then forget it — a background watcher follows its CI and hands the verdict back to your session.

    Triggered by an open merge request (not a manual command), mr-watchdog watches the MR's remote CI as a background task your main session owns. The watcher is launched with run_in_background and tracked by the harness, which re-invokes your session the moment the pipeline resolves — so 'ok, all good' (green) or the failing job log (red) reaches you IN the conversation, with no detached daemon, no status file, and no polling-by-hook. It is strictly read-only: it never commits, pushes, or merges. On red it hands back the failing log so your session fixes the ROOT cause (no bypass); a verify command self-checks that fix for fake-green before committing. A Stop hook nudges the session to launch the watcher (once per pipeline HEAD). Forge-agnostic (GitHub via gh, GitLab via glab). The CI-watch step after ship-when-done → merge-review — and the only remote dependency in that chain.

    • MR-triggered, not manual: a Stop hook nudges your session to launch the watcher when an open MR has live CI
    • Background task the SESSION owns: launched via run_in_background, tracked by the harness, which re-invokes you when it resolves — the verdict lands in the conversation, not a status file
    • Read-only watcher — it only polls CI and reads logs; never commits, pushes, or merges
    • On red: hands back the failing job log so your session fixes the ROOT cause (no bypass); on green: 'ok, all good'
    • verify: a fake-green gate your session runs before committing — blocks deleted/weakened tests, --no-verify, || true, lowered thresholds. Engaged via ship-when-done's handoff (default) or self-engaging with HARNESS_AUTO_ENGAGE=1 (a branch THIS session pushed); opt out per repo; forge-agnostic (gh/glab)
    /plugin install mr-watchdog@username

    Sous-commandes : watch

    macOS · LinuxMITGitHub

  • proof-of-fix

    Quality

    Prove the bug before fixing it — then prove the fix with the same probe. Red before, green after.

    A fix you cannot demonstrate is a guess. proof-of-fix enforces the evidence-first loop: record the smallest probe that demonstrates the bug (accepted only if it FAILS), fix the root cause, then check — the exact same probe must now run green. It engages on its own: a bug-shaped prompt (en/fr) injects the protocol into context once per session per repo, and a Stop hook re-runs an open repro itself — auto-closing it on green with a one-line confirmation, handing the failing output back to the session on red (one attempt per work-state, capped, never a Stop loop). The recommended probe is a real test committed with the fix, so every repro becomes a permanent regression guard. State lives in .git and is never committed; opt out per repo.

    • record: runs the reproduction probe and REFUSES it if it exits 0 — a repro must fail before the fix, or it proves nothing
    • check: re-runs the exact same probe — the fix is proven only by a green run of the command that was red
    • Auto-engagement: bug/fix-shaped prompts (en + fr) inject the protocol as context, once per session per repo
    • Stop guard with real signals: an open repro is re-run by the hook itself — green auto-proves it, red blocks with the failing output (bounded per work-state, capped at 5)
    • Horizontal: any repo, any stack — the probe is whatever command demonstrates the bug; git + Python stdlib only
    /plugin install proof-of-fix@username

    Sous-commandes : proof-of-fix

    macOS · LinuxMITGitHub

  • security-audit

    Security

    One Trivy scan, every ecosystem — a prioritised security report.

    A language-agnostic security audit powered by Trivy. One full scan covers dependency CVEs across every ecosystem (npm, pip, Go, Cargo, Composer, Maven, RubyGems, NuGet and more), hard-coded secrets, and IaC misconfigurations, then renders a prioritised report — Markdown for the terminal and a dark HTML dashboard for human review — fixable vulnerabilities first, with target fix versions. Report-only: it surfaces what to upgrade without ever touching your code.

    • Scans dependency CVEs across every ecosystem Trivy detects, plus OS packages — no per-language setup
    • Adds hard-coded secret detection and IaC misconfiguration checks (Dockerfile, Terraform, Kubernetes)
    • Outputs both Markdown and a single-file dark HTML dashboard (Username design system): fixable findings first, with severity and fix versions
    • Audits the repo, not local junk — honours .gitignore across submodules and skips git worktrees and test dirs
    • Separates prod dependencies from nested sub-project / tooling lockfiles (e.g. bundled updaters), cutting false positives — tool-agnostic
    • Report-only and dependency-light — Trivy is the single external tool, parsed with the stdlib (no jq)
    • Reports vuln-DB freshness, and validates the Trivy version every run (cached daily) — flagging a stale DB or an outdated binary
    /plugin install security-audit@username
    macOS · LinuxMITGitHub

  • ship-when-done

    DevOps

    Commit at each milestone, push so nothing is lost, open the PR when it's actually done.

    A Stop-hook harness that turns 'did you commit / push / open the MR?' from a thing you keep asking into a thing the agent does — gated on real signals, not self-confidence. Commits coherent milestones, pushes the feature branch (mandatory when a remote exists, anti-loss), and opens a draft PR/MR only when the goal's checklist is satisfied AND the project's quality gate is actually green. Forge-agnostic (GitHub, GitLab, Bitbucket), no CLI required. Branch-first, never on the default branch, never merges. Explicit by default: a declared done-marker (mark-done) drives it; HARNESS_AUTO_ENGAGE=1 lets it engage on its own on work this session produced (never a pre-existing dirty tree). Opt out per repo.

    • Autonomy ladder keyed on a completion score: commit → push → draft PR/MR, each on its own trigger
    • Forge-agnostic PR/MR: uses gh/glab if present, else GitLab push options, else surfaces the PR-creation URL — no CLI dependency
    • Done is decided from free objective signals (gate actually green, no fresh TODOs) — no per-turn model call
    • Guardrails: branch-first, never commit/push the default branch, never auto-merge, no AI attribution
    • Explicit by default (a declared mark-done drives it) or self-engaging with HARNESS_AUTO_ENGAGE=1 (work this session produced, never a pre-existing dirty tree); opt out per repo; zero-config (auto-detects the gate, forge, ticket pattern, commit convention)
    /plugin install ship-when-done@username

    Sous-commandes : ship

    macOS · LinuxMITGitHub