The /initial-setup command was generating NETBOX_API_URL without the
/api suffix, causing all MCP tools to fail with JSON parsing errors.
Changes:
- Update example URL to include /api suffix
- Add instruction to auto-append /api if user forgets
- Fix validation test to be consistent with actual usage
Root cause: Setup asked for base URL (https://netbox.company.com) but
NetBoxClient expects API URL (https://netbox.company.com/api). The
validation test incorrectly added /api/ making it pass, while the
actual MCP server failed.
Fixes#126
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Fixes multiple issues from diagnostic #123:
1. create_label_smart type safety (labels.py)
- Add isinstance(result, dict) checks after API calls
- Return structured error dict if API returns unexpected type
- Prevents "list indices must be integers" crash
2. debug-report always uses curl with labels
- Remove MCP option - always use curl for marketplace issues
- Add label ID fetching step (Source/Diagnostic, Type/Bug)
- Include labels in curl POST payload
- Avoids branch protection restrictions on main branch
Fixes#123
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
When NetBox MCP tools fail with JSON decode errors, the error message
now includes:
- HTTP status code
- Response content length
- Preview of actual content received (first 200 bytes)
This helps diagnose transient issues like network timeouts or
incomplete responses that result in cryptic "Expecting value" errors.
Fixes#120
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Expose additional parameters in dcim_create_device and dcim_update_device
MCP tools that were already supported by the backend but not exposed:
dcim_create_device:
- platform, primary_ip4, primary_ip6, asset_tag, description, comments
dcim_update_device:
- platform, primary_ip4, primary_ip6, serial, asset_tag, site, rack,
position, description, comments
This enables setting the platform (OS) and primary IP address when
creating or updating devices in NetBox.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
SessionStart hook checks if CLAUDE.md has mandatory rules.
If missing, adds them automatically.
Rules enforced:
- Check everything when user asks
- Believe user when they say something's wrong
- Never say "done" without verification
- Show exactly what user asks for
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add MANDATORY BEHAVIOR RULES to CLAUDE.md (read every session)
- Rules: check everything, believe user, verify before saying done
- post-update.sh now clears plugin cache
- verify-hooks.sh checks all locations for prompt hooks
These rules prevent wasted user time from AI overconfidence.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- post-update.sh now clears plugin cache automatically
- verify-hooks.sh checks ALL locations for prompt hooks
- Prevents cached old hooks from overriding fixed hooks
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
create_label_smart now checks if label already exists before creating.
- Checks both org and repo labels
- Handles format variations (Type/Bug vs Type: Bug)
- Returns {skipped: true} if label already exists
- Prevents duplicate label creation errors
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
ALL hooks now use command type (bash scripts) instead of prompt type.
Prompt hooks are unreliable - model ignores instructions.
Changes:
- projman: SessionStart → startup-check.sh with [projman] prefix
- pr-review: SessionStart → startup-check.sh with [pr-review] prefix
- project-hygiene: cleanup.sh now has [project-hygiene] prefix
- doc-guardian: already fixed (notify.sh with [doc-guardian] prefix)
- code-sentinel: already fixed (security-check.sh with [code-sentinel] prefix)
All hook output now guaranteed to have plugin name prefix.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Same fix as doc-guardian - prompt hooks unreliable.
Command hook guarantees exact behavior.
- Add security-check.sh that skips config/doc files silently
- Only checks code files for hardcoded secrets
- Outputs with [code-sentinel] prefix
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Prompt hook approach didn't work - Claude ignores instructions.
Real fix was switching to command hook type.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Prompt hooks are unreliable - Claude ignores instructions and generates
verbose analysis despite explicit FORBIDDEN rules. Command hooks guarantee
the exact output we want.
- Add notify.sh script that only outputs for config file changes
- Change hooks.json from prompt type to command type
- Script exits silently for non-config files (no blocking)
Fixes#110
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add protected branch detection to /commit command (Step 1)
- Warn users before committing to protected branches
- Offer to create feature branch automatically
- Rewrite doc-guardian hook to be truly non-blocking
- Enforce strict [plugin-name] prefix in all hook outputs
- Add forbidden words list to prevent accidental blocking
Fixes#109, #110
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add [plugin-name] prefix to all hook messages for better identification
- Make doc-guardian hook notification-only (non-blocking)
- Add stale branch detection to /commit-sync with git fetch --prune
- Enhance /branch-cleanup to handle stale branches separately
Closes improvements for hook UX and git workflow
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The MCP server's branch-aware security blocks write operations on
protected branches (main, fix/*, etc). After pushing a feature branch
and creating a PR, we must switch back to development before adding
comments to issues via MCP tools.
When MCP tools are not available in a session (the very scenario
/debug-report is designed to diagnose), the command now falls back to:
1. Check for Gitea credentials at ~/.config/claude/gitea.env
2. Use curl + jq to create the issue via Gitea REST API
3. If no credentials, save report to local file for manual submission
Security measures:
- Uses mktemp -m 600 for restrictive file permissions
- Uses jq --rawfile for safe JSON construction (no command substitution)
- Proper cleanup of temporary files
Fixes#100
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The suggest_labels tool accepted a repo parameter in the implementation
but didn't expose it in the MCP tool schema, causing it to always rely
on auto-detection which failed in some contexts.
Fixes#94
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
MCP servers fail when venvs don't exist in ~/.claude/plugins/marketplaces/.
Claude Code doesn't run setup.sh when installing marketplaces, so users
must run it manually.
Added:
- Critical warning section at top of UPDATING.md
- Step to run setup in installed location after updates
- Troubleshooting for "X MCP servers failed" error
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
