Merge feat/377-version-docs

- marketplace.json: 5.6.0 → 5.7.0
- data-platform plugin.json: 1.1.0 → 1.3.0
- CHANGELOG.md: Add v5.7.0 entry with data-platform additions
- README.md: Update Domain Advisory table (Data: planned → active)

Domain Advisory Pattern now fully operational for both domains.

Closes #377

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

.claude-plugin/marketplace.json

@@ -6,12 +6,12 @@
   },
   "metadata": {
     "description": "Project management plugins with Gitea and NetBox integrations",
-    "version": "5.1.0"
+    "version": "5.7.0"
   },
   "plugins": [
     {
       "name": "projman",
-      "version": "3.2.0",
+      "version": "3.4.0",
       "description": "Sprint planning and project management with Gitea integration",
       "source": "./plugins/projman",
       "author": {
@@ -20,14 +20,14 @@
       },
       "homepage": "https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace/src/branch/main/plugins/projman/README.md",
       "repository": "https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace.git",
-      "mcpServers": ["./.mcp.json"],
+      "hooks": ["./hooks/hooks.json"],
       "category": "development",
       "tags": ["sprint", "agile", "gitea", "project-management"],
       "license": "MIT"
     },
     {
       "name": "doc-guardian",
-      "version": "1.0.0",
+      "version": "1.1.0",
       "description": "Automatic documentation drift detection and synchronization",
       "source": "./plugins/doc-guardian",
       "author": {
@@ -43,7 +43,7 @@
     },
     {
       "name": "code-sentinel",
-      "version": "1.0.0",
+      "version": "1.0.1",
       "description": "Security scanning and code refactoring tools",
       "source": "./plugins/code-sentinel",
       "author": {
@@ -75,7 +75,7 @@
     },
     {
       "name": "cmdb-assistant",
-      "version": "1.1.0",
+      "version": "1.2.0",
       "description": "NetBox CMDB integration with data quality validation and machine registration",
       "source": "./plugins/cmdb-assistant",
       "author": {
@@ -84,14 +84,14 @@
       },
       "homepage": "https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace/src/branch/main/plugins/cmdb-assistant/README.md",
       "repository": "https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace.git",
-      "mcpServers": ["./.mcp.json"],
+      "hooks": ["./hooks/hooks.json"],
       "category": "infrastructure",
       "tags": ["cmdb", "netbox", "dcim", "ipam", "data-quality", "validation"],
       "license": "MIT"
     },
     {
       "name": "claude-config-maintainer",
-      "version": "1.0.0",
+      "version": "1.1.0",
       "description": "CLAUDE.md optimization and maintenance for Claude Code projects",
       "source": "./plugins/claude-config-maintainer",
       "author": {
@@ -100,13 +100,14 @@
       },
       "homepage": "https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace/src/branch/main/plugins/claude-config-maintainer/README.md",
       "repository": "https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace.git",
+      "hooks": ["./hooks/hooks.json"],
       "category": "development",
       "tags": ["claude-md", "configuration", "optimization"],
       "license": "MIT"
     },
     {
       "name": "clarity-assist",
-      "version": "1.0.0",
+      "version": "1.2.0",
       "description": "Prompt optimization and requirement clarification with ND-friendly accommodations",
       "source": "./plugins/clarity-assist",
       "author": {
@@ -115,13 +116,14 @@
       },
       "homepage": "https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace/src/branch/main/plugins/clarity-assist/README.md",
       "repository": "https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace.git",
+      "hooks": ["./hooks/hooks.json"],
       "category": "productivity",
       "tags": ["prompts", "requirements", "clarification", "nd-friendly"],
       "license": "MIT"
     },
     {
       "name": "git-flow",
-      "version": "1.0.0",
+      "version": "1.2.0",
       "description": "Git workflow automation with intelligent commit messages and branch management",
       "source": "./plugins/git-flow",
       "author": {
@@ -130,13 +132,14 @@
       },
       "homepage": "https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace/src/branch/main/plugins/git-flow/README.md",
       "repository": "https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace.git",
+      "hooks": ["./hooks/hooks.json"],
       "category": "development",
       "tags": ["git", "workflow", "commits", "branching"],
       "license": "MIT"
     },
     {
       "name": "pr-review",
-      "version": "1.0.0",
+      "version": "1.1.0",
       "description": "Multi-agent pull request review with confidence scoring and actionable feedback",
       "source": "./plugins/pr-review",
       "author": {
@@ -145,14 +148,14 @@
       },
       "homepage": "https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace/src/branch/main/plugins/pr-review/README.md",
       "repository": "https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace.git",
-      "mcpServers": ["./.mcp.json"],
+      "hooks": ["./hooks/hooks.json"],
       "category": "development",
       "tags": ["code-review", "pull-requests", "security", "quality"],
       "license": "MIT"
     },
     {
       "name": "data-platform",
-      "version": "1.0.0",
+      "version": "1.3.0",
       "description": "Data engineering tools with pandas, PostgreSQL/PostGIS, and dbt integration",
       "source": "./plugins/data-platform",
       "author": {
@@ -161,14 +164,14 @@
       },
       "homepage": "https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace/src/branch/main/plugins/data-platform/README.md",
       "repository": "https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace.git",
-      "mcpServers": ["./.mcp.json"],
+      "hooks": ["./hooks/hooks.json"],
       "category": "data",
       "tags": ["pandas", "postgresql", "postgis", "dbt", "data-engineering", "etl"],
       "license": "MIT"
     },
     {
       "name": "viz-platform",
-      "version": "1.0.0",
+      "version": "1.1.0",
       "description": "Visualization tools with Dash Mantine Components validation, Plotly charts, and theming",
       "source": "./plugins/viz-platform",
       "author": {
@@ -177,14 +180,14 @@
       },
       "homepage": "https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace/src/branch/main/plugins/viz-platform/README.md",
       "repository": "https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace.git",
-      "mcpServers": ["./.mcp.json"],
+      "hooks": ["./hooks/hooks.json"],
       "category": "visualization",
       "tags": ["dash", "plotly", "mantine", "charts", "dashboards", "theming", "dmc"],
       "license": "MIT"
     },
     {
       "name": "contract-validator",
-      "version": "1.0.0",
+      "version": "1.2.0",
       "description": "Cross-plugin compatibility validation and Claude.md agent verification",
       "source": "./plugins/contract-validator",
       "author": {
@@ -193,7 +196,7 @@
       },
       "homepage": "https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace/src/branch/main/plugins/contract-validator/README.md",
       "repository": "https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace.git",
-      "mcpServers": ["./.mcp.json"],
+      "hooks": ["./hooks/hooks.json"],
       "category": "development",
       "tags": ["validation", "contracts", "compatibility", "agents", "interfaces", "cross-plugin"],
       "license": "MIT"

.mcp.json

@@ -0,0 +1,24 @@
+{
+  "mcpServers": {
+    "gitea": {
+      "command": "./mcp-servers/gitea/run.sh",
+      "args": []
+    },
+    "netbox": {
+      "command": "./mcp-servers/netbox/run.sh",
+      "args": []
+    },
+    "viz-platform": {
+      "command": "./mcp-servers/viz-platform/run.sh",
+      "args": []
+    },
+    "data-platform": {
+      "command": "./mcp-servers/data-platform/run.sh",
+      "args": []
+    },
+    "contract-validator": {
+      "command": "./mcp-servers/contract-validator/run.sh",
+      "args": []
+    }
+  }
+}

CHANGELOG.md

@@ -4,9 +4,272 @@ All notable changes to the Leo Claude Marketplace will be documented in this fil
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
-## [Unreleased]
+## [5.7.0] - 2026-02-02
 
 ### Added
+- **data-platform**: New `data-advisor` agent for data integrity, schema, and dbt compliance validation
+- **data-platform**: New `data-integrity-audit.md` skill defining audit rules, severity levels, and scanning strategies
+- **data-platform**: New `/data-gate` command for binary pass/fail data integrity gates (projman integration)
+- **data-platform**: New `/data-review` command for comprehensive data integrity audits
+
+### Changed
+- Domain Advisory Pattern now fully operational for both Viz and Data domains
+- projman orchestrator `Domain/Data` gates now resolve to live `/data-gate` command (previously fell through to "gate unavailable" warning)
+
+---
+
+## [5.6.0] - 2026-02-01
+
+### Added
+- **Domain Advisory Pattern**: Cross-plugin integration enabling projman to consult domain-specific plugins during sprint lifecycle
+- **projman**: New `domain-consultation.md` skill for domain detection and gate protocols
+- **viz-platform**: New `design-reviewer` agent for design system compliance auditing
+- **viz-platform**: New `design-system-audit.md` skill defining audit rules and severity levels
+- **viz-platform**: New `/design-review` command for detailed design system audits
+- **viz-platform**: New `/design-gate` command for binary pass/fail validation gates
+- **Labels**: New `Domain/Viz` and `Domain/Data` labels for domain routing
+
+### Changed
+- **projman planner**: Now loads domain-consultation skill and performs domain detection during planning
+- **projman orchestrator**: Now runs domain gates before marking Domain/* labeled issues as complete
+
+---
+
+## [5.5.0] - 2026-02-01
+
+### Added
+
+#### RFC System for Feature Tracking
+Wiki-based Request for Comments (RFC) system for capturing, reviewing, and tracking feature ideas through their lifecycle.
+
+**New Commands (projman):**
+- `/rfc-create` - Create new RFC from conversation or clarified specification
+- `/rfc-list` - List all RFCs grouped by status (Draft, Review, Approved, Implementing, Implemented, Rejected, Stale)
+- `/rfc-review` - Submit Draft RFC for maintainer review
+- `/rfc-approve` - Approve RFC, making it available for sprint planning
+- `/rfc-reject` - Reject RFC with documented reason
+
+**RFC Lifecycle:**
+- Draft → Review → Approved → Implementing → Implemented
+- Terminal states: Rejected, Superseded
+- Stale: Drafts with no activity >90 days
+
+**Sprint Integration:**
+- `/sprint-plan` now detects approved RFCs and offers selection
+- `/sprint-close` updates RFC status to Implemented on completion
+- RFC-Index wiki page auto-maintained with status sections
+
+**Clarity-Assist Integration:**
+- Vagueness hook now detects feature request patterns
+- Suggests `/rfc-create` for feature ideas
+- `/clarify` offers RFC creation after delivering clarified spec
+
+**New MCP Tool:**
+- `allocate_rfc_number` - Allocates next sequential RFC number
+
+**New Skills:**
+- `skills/rfc-workflow.md` - RFC lifecycle and state transitions
+- `skills/rfc-templates.md` - RFC page template specifications
+
+### Changed
+
+#### Sprint 8: Hook Efficiency Quick Wins
+Performance optimizations for plugin hooks to reduce overhead on every command.
+
+**Changes:**
+- **viz-platform:** Remove SessionStart hook that only echoed "loaded" (zero value)
+- **git-flow:** Add early exit to `branch-check.sh` for non-git commands (skip JSON parsing)
+- **git-flow:** Add early exit to `commit-msg-check.sh` for non-git commands (skip Python spawn)
+- **project-hygiene:** Add 60-second cooldown to `cleanup.sh` (reduce find operations)
+
+**Impact:** Hooks now exit immediately for 90%+ of Bash commands that don't need processing.
+
+**Issues:** #321, #322, #323, #324
+**PR:** #334
+
+---
+
+## [5.4.1] - 2026-01-30
+
+### Removed
+
+#### Multi-Model Agent Support (REVERTED)
+
+**Reason:** Claude Code does not support `defaultModel` in plugin.json or `model` in agent frontmatter. The schema validation rejects these as "Unrecognized key".
+
+**Removed:**
+- `defaultModel` field from all plugin.json files (6 plugins)
+- `model` field references from agent frontmatter
+- `docs/MODEL-RECOMMENDATIONS.md` - Deleted entirely
+- Model configuration sections from `docs/CONFIGURATION.md` and `CLAUDE.md`
+
+**Lesson:** Do not implement features without verifying they are supported by Claude Code's plugin schema.
+
+---
+
+## [5.4.0] - 2026-01-28 [REVERTED]
+
+### Added (NOW REMOVED - See 5.4.1)
+
+#### Sprint 7: Multi-Model Agent Support
+~~Configurable model selection for agents with inheritance chain.~~
+
+**This feature was reverted in 5.4.1 - Claude Code does not support these fields.**
+
+Original sprint work:
+- Issues: #302, #303, #304, #305, #306
+- PRs: #307, #308
+
+---
+
+## [5.3.0] - 2026-01-28
+
+### Added
+
+#### Sprint 6: Visual Branding Overhaul
+Consistent visual headers and progress tracking across all plugins.
+
+**Visual Output Headers (109 files):**
+- **Projman**: Double-line headers (╔═╗) with phase indicators (🎯 PLANNING, ⚡ EXECUTION, 🏁 CLOSING)
+- **Other Plugins**: Single-line headers (┌─┐) with plugin icons
+- **All 23 agents** updated with Visual Output Requirements section
+- **All 86 commands** updated with Visual Output section and header templates
+
+**Plugin Icon Registry:**
+| Plugin | Icon |
+|--------|------|
+| projman | 📋 |
+| code-sentinel | 🔒 |
+| doc-guardian | 📝 |
+| pr-review | 🔍 |
+| clarity-assist | 💬 |
+| git-flow | 🔀 |
+| cmdb-assistant | 🖥️ |
+| data-platform | 📊 |
+| viz-platform | 🎨 |
+| contract-validator | ✅ |
+| claude-config-maintainer | ⚙️ |
+
+**Wiki Branding Specification (4 pages):**
+- [branding/visual-spec](https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace/wiki/branding%2Fvisual-spec) - Central specification
+- [branding/plugin-registry](https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace/wiki/branding%2Fplugin-registry) - Icons and styles
+- [branding/header-templates](https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace/wiki/branding%2Fheader-templates) - Copy-paste templates
+- [branding/progress-templates](https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace/wiki/branding%2Fprogress-templates) - Sprint progress blocks
+
+### Fixed
+- **Docs:** Version sync - CLAUDE.md, marketplace.json, README.md now consistent
+- **Docs:** Added 18 missing commands from Sprint 4 & 5 to README.md and COMMANDS-CHEATSHEET.md
+- **MCP:** Registered `/sprint-diagram` as invokable skill
+
+**Sprint Completed:**
+- Milestone: Sprint 6 - Visual Branding Overhaul (closed 2026-01-28)
+- Issues: #272, #273, #274, #275, #276, #277, #278
+- PRs: #284, #285
+- Wiki: [Sprint 6 Lessons](https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace/wiki/lessons/sprints/sprint-6---visual-branding-and-documentation-maintenance)
+
+---
+
+## [5.2.0] - 2026-01-28
+
+### Added
+
+#### Sprint 5: Documentation (V5.2.0 Plugin Enhancements)
+Documentation and guides for the plugin enhancements initiative.
+
+**git-flow v1.2.0:**
+- **Branching Strategy Guide** (`docs/BRANCHING-STRATEGY.md`) - Complete documentation of `development -> staging -> main` promotion flow with Mermaid diagrams
+
+**clarity-assist v1.2.0:**
+- **ND Support Guide** (`docs/ND-SUPPORT.md`) - Documentation of neurodivergent accommodations, features, and usage examples
+
+**Gitea MCP Server:**
+- **`update_issue` milestone parameter** - Can now assign/change milestones programmatically
+
+**Sprint Completed:**
+- Milestone: Sprint 5 - Documentation (closed 2026-01-28)
+- Issues: #266, #267, #268, #269
+- Wiki: [Change V5.2.0: Plugin Enhancements (Sprint 5 Documentation)](https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace/wiki/Change-V5.2.0%3A-Plugin-Enhancements-%28Sprint-5-Documentation%29)
+
+---
+
+#### Sprint 4: Commands (V5.2.0 Plugin Enhancements)
+Implementation of 18 new user-facing commands across 8 plugins.
+
+**projman v3.3.0:**
+- **`/sprint-diagram`** - Generate Mermaid diagram of sprint issues with dependencies and status
+
+**pr-review v1.1.0:**
+- **`/pr-diff`** - Formatted diff with inline review comments and annotations
+- **Confidence threshold config** - `PR_REVIEW_CONFIDENCE_THRESHOLD` env var (default: 0.7)
+
+**data-platform v1.2.0:**
+- **`/data-quality`** - DataFrame quality checks (nulls, duplicates, types, outliers) with pass/warn/fail scoring
+- **`/lineage-viz`** - dbt lineage visualization as Mermaid diagrams
+- **`/dbt-test`** - Formatted dbt test runner with summary and failure details
+
+**viz-platform v1.1.0:**
+- **`/chart-export`** - Export charts to PNG, SVG, PDF via kaleido
+- **`/accessibility-check`** - Color blind validation (WCAG contrast ratios)
+- **`/breakpoints`** - Responsive layout breakpoint configuration
+- **New MCP tools**: `chart_export`, `accessibility_validate_colors`, `accessibility_validate_theme`, `accessibility_suggest_alternative`, `layout_set_breakpoints`
+- **New dependency**: kaleido>=0.2.1 for chart rendering
+
+**contract-validator v1.2.0:**
+- **`/dependency-graph`** - Mermaid visualization of plugin dependencies with data flow
+
+**doc-guardian v1.1.0:**
+- **`/changelog-gen`** - Generate changelog from conventional commits
+- **`/doc-coverage`** - Documentation coverage metrics by function/class
+- **`/stale-docs`** - Flag documentation behind code changes
+
+**claude-config-maintainer v1.1.0:**
+- **`/config-diff`** - Track CLAUDE.md changes over time with behavioral impact analysis
+- **`/config-lint`** - 31 lint rules for CLAUDE.md (security, structure, content, format, best practices)
+
+**cmdb-assistant v1.2.0:**
+- **`/cmdb-topology`** - Infrastructure topology diagrams (rack, network, site views)
+- **`/change-audit`** - NetBox audit trail queries with filtering
+- **`/ip-conflicts`** - Detect IP conflicts and overlapping prefixes
+
+**Sprint Completed:**
+- Milestone: Sprint 4 - Commands (closed 2026-01-28)
+- Issues: #241-#258 (18/18 closed)
+- Wiki: [Change V5.2.0: Plugin Enhancements (Sprint 4 Commands)](https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace/wiki/Change-V5.2.0%3A-Plugin-Enhancements-%28Sprint-4-Commands%29)
+- Lessons: [Sprint 4 - Plugin Commands Implementation](https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace/wiki/lessons/sprints/sprint-4---plugin-commands-implementation)
+
+### Fixed
+- **MCP:** Project directory detection - all run.sh scripts now capture `CLAUDE_PROJECT_DIR` from PWD before changing directories
+- **Docs:** Added Gitea auto-close behavior and MCP session restart notes to DEBUGGING-CHECKLIST.md
+
+---
+
+#### Sprint 3: Hooks (V5.2.0 Plugin Enhancements)
+Implementation of 6 foundational hooks across 4 plugins.
+
+**git-flow v1.1.0:**
+- **Commit message enforcement hook** - PreToolUse hook validates conventional commit format on all `git commit` commands (not just `/commit`). Blocks invalid commits with format guidance.
+- **Branch name validation hook** - PreToolUse hook validates branch naming on `git checkout -b` and `git switch -c`. Enforces `type/description` format, lowercase, max 50 chars.
+
+**clarity-assist v1.1.0:**
+- **Vagueness detection hook** - UserPromptSubmit hook detects vague prompts and suggests `/clarify` when ambiguity, missing context, or unclear scope detected.
+
+**data-platform v1.1.0:**
+- **Schema diff detection hook** - PostToolUse hook monitors edits to schema files (dbt models, SQL migrations). Warns on breaking changes (column removal, type narrowing, constraint addition).
+
+**contract-validator v1.1.0:**
+- **SessionStart auto-validate hook** - Smart validation that only runs when plugin files changed since last check. Detects interface compatibility issues at session start.
+- **Breaking change detection hook** - PostToolUse hook monitors plugin interface files (README.md, plugin.json). Warns when changes would break consumers.
+
+**Sprint Completed:**
+- Milestone: Sprint 3 - Hooks (closed 2026-01-28)
+- Issues: #225, #226, #227, #228, #229, #230
+- Wiki: [Change V5.2.0: Plugin Enhancements Proposal](https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace/wiki/Change-V5.2.0:-Plugin-Enhancements-Proposal)
+- Lessons: Background agent permissions, agent runaway detection, MCP branch detection bug
+
+### Known Issues
+- **MCP Bug #231:** Branch detection in Gitea MCP runs from installed plugin directory, not user's project directory. Workaround: close issues via Gitea web UI.
+
+---
 
 #### Gitea MCP Server - create_pull_request Tool
 - **`create_pull_request`**: Create new pull requests via MCP

CLAUDE.md

@@ -1,6 +1,5 @@
 # CLAUDE.md
 
-This file provides guidance to Claude Code when working with code in this repository.
 ## ⛔ MANDATORY BEHAVIOR RULES - READ FIRST
 
 **These rules are NON-NEGOTIABLE. Violating them wastes the user's time and money.**
@@ -9,65 +8,162 @@ This file provides guidance to Claude Code when working with code in this reposi
 - Search ALL locations, not just where you think it is
 - Check cache directories: `~/.claude/plugins/cache/`
 - Check installed: `~/.claude/plugins/marketplaces/`
-- Check source: `~/claude-plugins-work/`
+- Check source directories
 - **NEVER say "no" or "that's not the issue" without exhaustive verification**
 
 ### 2. WHEN USER SAYS SOMETHING IS WRONG - BELIEVE THEM
 - The user knows their system better than you
 - Investigate thoroughly before disagreeing
-- If user suspects cache, CHECK THE CACHE
-- If user suspects a file, READ THE FILE
 - **Your confidence is often wrong. User's instincts are often right.**
 
 ### 3. NEVER SAY "DONE" WITHOUT VERIFICATION
 - Run the actual command/script to verify
 - Show the output to the user
-- Check ALL affected locations
 - **"Done" means VERIFIED WORKING, not "I made changes"**
 
 ### 4. SHOW EXACTLY WHAT USER ASKS FOR
 - If user asks for messages, show the MESSAGES
 - If user asks for code, show the CODE
-- If user asks for output, show the OUTPUT
-- **Don't interpret or summarize unless asked**
-
-### 5. AFTER PLUGIN UPDATES - VERIFY AND RESTART
-
-**⚠️ DO NOT clear cache mid-session** - this breaks MCP tools that are already loaded.
-
-1. Run `./scripts/verify-hooks.sh` to check hook types
-2. If changes affect MCP servers or hooks, inform the user:
-   > "Plugin changes require a session restart to take effect. Please restart Claude Code."
-3. Cache clearing is ONLY safe **before** starting a new session (not during)
-
-See `docs/DEBUGGING-CHECKLIST.md` for details on cache timing.
+- **Do not interpret or summarize unless asked**
 
 **FAILURE TO FOLLOW THESE RULES = WASTED USER TIME = UNACCEPTABLE**
 
 ---
 
 
+
+This file provides guidance to Claude Code when working with code in this repository.
+
+## ⛔ RULES - READ FIRST
+
+### Behavioral Rules
+
+| Rule | Summary |
+|------|---------|
+| **Check everything** | Search cache (`~/.claude/plugins/cache/`), installed (`~/.claude/plugins/marketplaces/`), and source (`~/claude-plugins-work/`) |
+| **Believe the user** | User knows their system. Investigate before disagreeing. |
+| **Verify before "done"** | Run commands, show output, check all locations. "Done" = verified working. |
+| **Show what's asked** | Don't interpret or summarize unless asked. |
+
+### After Plugin Updates
+
+Run `./scripts/verify-hooks.sh`. If changes affect MCP servers or hooks, inform user to restart session.
+**DO NOT clear cache mid-session** - breaks loaded MCP tools.
+
+### NEVER USE CLI TOOLS FOR EXTERNAL SERVICES
+- **FORBIDDEN:** `gh`, `tea`, `curl` to APIs, any CLI that talks to Gitea/GitHub/external services
+- **REQUIRED:** Use MCP tools exclusively (`mcp__plugin_projman_gitea__*`, `mcp__plugin_pr-review_gitea__*`)
+- **NO EXCEPTIONS.** Don't try CLI first. Don't fall back to CLI. MCP ONLY.
+
+### NEVER PUSH DIRECTLY TO PROTECTED BRANCHES
+- **FORBIDDEN:** `git push origin development`, `git push origin main`, `git push origin master`
+- **REQUIRED:** Create feature branch → push feature branch → create PR via MCP
+- If you accidentally commit to a protected branch locally: `git checkout -b fix/branch-name` then reset the protected branch
+
+### Repository Rules
+
+| Rule | Details |
+|------|---------|
+| **File creation** | Only in allowed paths. Use `.scratch/` for temp work. Verify against `docs/CANONICAL-PATHS.md` |
+| **plugin.json location** | Must be in `.claude-plugin/` directory |
+| **Hooks** | Use `hooks/hooks.json` (auto-discovered). Never inline in plugin.json |
+| **MCP servers** | Defined in root `.mcp.json`. Use MCP tools, never CLI (`tea`, `gh`) |
+| **Allowed root files** | `CLAUDE.md`, `README.md`, `LICENSE`, `CHANGELOG.md`, `.gitignore`, `.env.example` |
+
+**Valid hook events:** `PreToolUse`, `PostToolUse`, `UserPromptSubmit`, `SessionStart`, `SessionEnd`, `Notification`, `Stop`, `SubagentStop`, `PreCompact`
+
+### ⛔ MANDATORY: Before Any Code Change
+
+**Claude MUST show this checklist BEFORE editing any file:**
+
+#### 1. Impact Search Results
+Run and show output of:
+```bash
+grep -rn "PATTERN" --include="*.sh" --include="*.md" --include="*.json" --include="*.py" | grep -v ".git"
+```
+
+#### 2. Files That Will Be Affected
+Numbered list of every file to be modified, with the specific change for each.
+
+#### 3. Files Searched But Not Changed (and why)
+Proof that related files were checked and determined unchanged.
+
+#### 4. Documentation That References This
+List of docs that mention this feature/script/function.
+
+**User verifies this list before Claude proceeds. If Claude skips this, STOP IMMEDIATELY.**
+
+#### After Changes
+Run the same grep and show results proving no references remain unaddressed.
+
+---
+
+## ⚠️ Development Context: We Build AND Use These Plugins
+
+**This is a self-referential project.** We are:
+1. **BUILDING** a plugin marketplace (source code in `plugins/`)
+2. **USING** the installed marketplace to build it (dogfooding)
+
+### Plugins ACTIVELY USED in This Project
+
+These plugins are installed and should be used during development:
+
+| Plugin | Used For |
+|--------|----------|
+| **projman** | Sprint planning, issue management, lessons learned |
+| **git-flow** | Commits, branch management |
+| **pr-review** | Pull request reviews |
+| **doc-guardian** | Documentation drift detection |
+| **code-sentinel** | Security scanning, refactoring |
+| **clarity-assist** | Prompt clarification |
+| **claude-config-maintainer** | CLAUDE.md optimization |
+| **contract-validator** | Cross-plugin compatibility |
+
+### Plugins NOT Used Here (Development Only)
+
+These plugins exist in source but are **NOT relevant** to this project's workflow:
+
+| Plugin | Why Not Used |
+|--------|--------------|
+| **data-platform** | For data engineering projects (pandas, PostgreSQL, dbt) |
+| **viz-platform** | For dashboard projects (Dash, Plotly) |
+| **cmdb-assistant** | For infrastructure projects (NetBox) |
+
+**Do NOT suggest** `/ingest`, `/profile`, `/chart`, `/cmdb-*` commands - they don't apply here.
+
+### Key Distinction
+
+| Context | Path | What To Do |
+|---------|------|------------|
+| **Editing plugin source** | `~/claude-plugins-work/plugins/` | Modify code, add features |
+| **Using installed plugins** | `~/.claude/plugins/marketplaces/` | Run commands like `/sprint-plan` |
+
+When user says "run /sprint-plan", use the INSTALLED plugin.
+When user says "fix the sprint-plan command", edit the SOURCE code.
+
+---
+
 ## Project Overview
 
 **Repository:** leo-claude-mktplace
-**Version:** 5.0.0
+**Version:** 5.4.0
 **Status:** Production Ready
 
 A plugin marketplace for Claude Code containing:
 
 | Plugin | Description | Version |
 |--------|-------------|---------|
-| `projman` | Sprint planning and project management with Gitea integration | 3.2.0 |
+| `projman` | Sprint planning and project management with Gitea integration | 3.3.0 |
 | `git-flow` | Git workflow automation with smart commits and branch management | 1.0.0 |
-| `pr-review` | Multi-agent PR review with confidence scoring | 1.0.0 |
+| `pr-review` | Multi-agent PR review with confidence scoring | 1.1.0 |
 | `clarity-assist` | Prompt optimization with ND-friendly accommodations | 1.0.0 |
 | `doc-guardian` | Automatic documentation drift detection and synchronization | 1.0.0 |
-| `code-sentinel` | Security scanning and code refactoring tools | 1.0.0 |
+| `code-sentinel` | Security scanning and code refactoring tools | 1.0.1 |
 | `claude-config-maintainer` | CLAUDE.md optimization and maintenance | 1.0.0 |
-| `cmdb-assistant` | NetBox CMDB integration for infrastructure management | 1.0.0 |
-| `data-platform` | pandas, PostgreSQL, and dbt integration for data engineering | 1.0.0 |
-| `viz-platform` | DMC validation, Plotly charts, and theming for dashboards | 1.0.0 |
-| `contract-validator` | Cross-plugin compatibility validation and agent verification | 1.0.0 |
+| `cmdb-assistant` | NetBox CMDB integration for infrastructure management | 1.2.0 |
+| `data-platform` | pandas, PostgreSQL, and dbt integration for data engineering | 1.1.0 |
+| `viz-platform` | DMC validation, Plotly charts, and theming for dashboards | 1.1.0 |
+| `contract-validator` | Cross-plugin compatibility validation and agent verification | 1.1.0 |
 | `project-hygiene` | Post-task cleanup automation via hooks | 0.1.0 |
 
 ## Quick Start
@@ -77,25 +173,33 @@ A plugin marketplace for Claude Code containing:
 ./scripts/validate-marketplace.sh
 
 # After updates
-./scripts/post-update.sh   # Rebuild venvs, verify symlinks
+./scripts/post-update.sh   # Rebuild venvs
 ```
 
-### Plugin Commands by Category
+### Plugin Commands - USE THESE in This Project
 
 | Category | Commands |
 |----------|----------|
-| **Setup** | `/initial-setup`, `/project-init`, `/project-sync` |
-| **Sprint** | `/sprint-plan`, `/sprint-start`, `/sprint-status`, `/sprint-close` |
-| **Quality** | `/review`, `/test-check`, `/test-gen` |
+| **Setup** | `/setup` (modes: `--full`, `--quick`, `--sync`) |
+| **Sprint** | `/sprint-plan`, `/sprint-start`, `/sprint-status` (with `--diagram`), `/sprint-close` |
+| **Quality** | `/review`, `/test` (modes: `run`, `gen`) |
 | **Versioning** | `/suggest-version` |
-| **PR Review** | `/pr-review:initial-setup`, `/pr-review:project-init` |
-| **Docs** | `/doc-audit`, `/doc-sync` |
+| **PR Review** | `/pr-review`, `/pr-summary`, `/pr-findings`, `/pr-diff` |
+| **Docs** | `/doc-audit`, `/doc-sync`, `/changelog-gen`, `/doc-coverage`, `/stale-docs` |
 | **Security** | `/security-scan`, `/refactor`, `/refactor-dry` |
-| **Config** | `/config-analyze`, `/config-optimize` |
-| **Data** | `/ingest`, `/profile`, `/schema`, `/explain`, `/lineage`, `/run` |
-| **Visualization** | `/component`, `/chart`, `/dashboard`, `/theme`, `/theme-new`, `/theme-css` |
-| **Validation** | `/validate-contracts`, `/check-agent`, `/list-interfaces` |
-| **Debug** | `/debug-report`, `/debug-review` |
+| **Config** | `/config-analyze`, `/config-optimize`, `/config-diff`, `/config-lint` |
+| **Validation** | `/validate-contracts`, `/check-agent`, `/list-interfaces`, `/dependency-graph` |
+| **Debug** | `/debug` (modes: `report`, `review`) |
+
+### Plugin Commands - NOT RELEVANT to This Project
+
+These commands are being developed but don't apply to this project's workflow:
+
+| Category | Commands | For Projects Using |
+|----------|----------|-------------------|
+| **Data** | `/ingest`, `/profile`, `/schema`, `/lineage`, `/dbt-test` | pandas, PostgreSQL, dbt |
+| **Visualization** | `/component`, `/chart`, `/dashboard`, `/theme` | Dash, Plotly dashboards |
+| **CMDB** | `/cmdb-search`, `/cmdb-device`, `/cmdb-sync` | NetBox infrastructure |
 
 ## Repository Structure
 
@@ -103,46 +207,40 @@ A plugin marketplace for Claude Code containing:
 leo-claude-mktplace/
 ├── .claude-plugin/
 │   └── marketplace.json          # Marketplace manifest
-├── mcp-servers/                  # SHARED MCP servers (v3.0.0+)
+├── .mcp.json                     # MCP server configuration (all servers)
+├── mcp-servers/                  # SHARED MCP servers
 │   ├── gitea/                    # Gitea MCP (issues, PRs, wiki)
 │   ├── netbox/                   # NetBox MCP (CMDB)
 │   ├── data-platform/            # pandas, PostgreSQL, dbt
-│   └── viz-platform/             # DMC validation, charts, themes
+│   ├── viz-platform/             # DMC validation, charts, themes
+│   └── contract-validator/       # Plugin compatibility validation
 ├── plugins/
 │   ├── projman/                  # Sprint management
 │   │   ├── .claude-plugin/plugin.json
-│   │   ├── .mcp.json
-│   │   ├── mcp-servers/gitea -> ../../../mcp-servers/gitea  # SYMLINK
-│   │   ├── commands/             # 14 commands (incl. setup, debug, suggest-version)
-│   │   ├── hooks/                # SessionStart: mismatch detection + sprint suggestions
+│   │   ├── commands/             # 12 commands
+│   │   ├── hooks/                # SessionStart: mismatch detection
 │   │   ├── agents/               # 4 agents
-│   │   └── skills/label-taxonomy/
+│   │   └── skills/               # 17 reusable skill files
 │   ├── git-flow/                 # Git workflow automation
 │   │   ├── .claude-plugin/plugin.json
 │   │   ├── commands/             # 8 commands
 │   │   └── agents/
 │   ├── pr-review/                # Multi-agent PR review
 │   │   ├── .claude-plugin/plugin.json
-│   │   ├── .mcp.json
-│   │   ├── mcp-servers/gitea -> ../../../mcp-servers/gitea  # SYMLINK
-│   │   ├── commands/             # 6 commands (incl. setup)
+│   │   ├── commands/             # 6 commands
 │   │   ├── hooks/                # SessionStart mismatch detection
 │   │   └── agents/               # 5 agents
 │   ├── clarity-assist/           # Prompt optimization
 │   │   ├── .claude-plugin/plugin.json
 │   │   ├── commands/             # 2 commands
 │   │   └── agents/
-│   ├── data-platform/            # Data engineering (NEW v4.0.0)
+│   ├── data-platform/            # Data engineering
 │   │   ├── .claude-plugin/plugin.json
-│   │   ├── .mcp.json
-│   │   ├── mcp-servers/          # pandas, postgresql, dbt MCPs
 │   │   ├── commands/             # 7 commands
 │   │   ├── hooks/                # SessionStart PostgreSQL check
 │   │   └── agents/               # 2 agents
-│   ├── viz-platform/             # Visualization (NEW v4.0.0)
+│   ├── viz-platform/             # Visualization
 │   │   ├── .claude-plugin/plugin.json
-│   │   ├── .mcp.json
-│   │   ├── mcp-servers/          # viz-platform MCP
 │   │   ├── commands/             # 7 commands
 │   │   ├── hooks/                # SessionStart DMC check
 │   │   └── agents/               # 3 agents
@@ -150,6 +248,7 @@ leo-claude-mktplace/
 │   ├── code-sentinel/            # Security scanning & refactoring
 │   ├── claude-config-maintainer/
 │   ├── cmdb-assistant/
+│   ├── contract-validator/
 │   └── project-hygiene/
 ├── scripts/
 │   ├── setup.sh, post-update.sh
@@ -161,40 +260,6 @@ leo-claude-mktplace/
     └── CONFIGURATION.md          # Centralized configuration guide
 ```
 
-## CRITICAL: Rules You MUST Follow
-
-### File Operations
-- **NEVER** create files in repository root unless listed in "Allowed Root Files"
-- **NEVER** modify `.gitignore` without explicit permission
-- **ALWAYS** use `.scratch/` for temporary/exploratory work
-- **ALWAYS** verify paths against `docs/CANONICAL-PATHS.md` before creating files
-
-### Plugin Development
-- **plugin.json MUST be in `.claude-plugin/` directory** (not plugin root)
-- **Every plugin MUST be listed in marketplace.json**
-- **MCP servers are SHARED at root** with symlinks from plugins
-- **MCP server venv path**: `${CLAUDE_PLUGIN_ROOT}/mcp-servers/{name}/.venv/bin/python`
-- **CLI tools forbidden** - Use MCP tools exclusively (never `tea`, `gh`, etc.)
-
-#### ⚠️ plugin.json Format Rules (CRITICAL)
-- **Hooks in separate file** - Use `hooks/hooks.json` (auto-discovered), NOT inline in plugin.json
-- **NEVER reference hooks** - Don't add `"hooks": "..."` field to plugin.json at all
-- **Agents auto-discover** - NEVER add `"agents": ["./agents/"]` - .md files found automatically
-- **Always validate** - Run `./scripts/validate-marketplace.sh` before committing
-- **Working examples:** projman, pr-review, claude-config-maintainer all use `hooks/hooks.json`
-- See lesson: `lessons/patterns/plugin-manifest-validation---hooks-and-agents-format-requirements`
-
-### Hooks (Valid Events Only)
-`PreToolUse`, `PostToolUse`, `UserPromptSubmit`, `SessionStart`, `SessionEnd`, `Notification`, `Stop`, `SubagentStop`, `PreCompact`
-
-**INVALID:** `task-completed`, `file-changed`, `git-commit-msg-needed`
-
-### Allowed Root Files
-`CLAUDE.md`, `README.md`, `LICENSE`, `CHANGELOG.md`, `.gitignore`, `.env.example`
-
-### Allowed Root Directories
-`.claude/`, `.claude-plugin/`, `.claude-plugins/`, `.scratch/`, `docs/`, `hooks/`, `mcp-servers/`, `plugins/`, `scripts/`
-
 ## Architecture
 
 ### Four-Agent Model (projman)
@@ -214,7 +279,7 @@ leo-claude-mktplace/
 | Labels | `get_labels`, `suggest_labels`, `create_label`, `create_label_smart` |
 | Milestones | `list_milestones`, `get_milestone`, `create_milestone`, `update_milestone`, `delete_milestone` |
 | Dependencies | `list_issue_dependencies`, `create_issue_dependency`, `remove_issue_dependency`, `get_execution_order` |
-| Wiki | `list_wiki_pages`, `get_wiki_page`, `create_wiki_page`, `update_wiki_page`, `create_lesson`, `search_lessons` |
+| Wiki | `list_wiki_pages`, `get_wiki_page`, `create_wiki_page`, `update_wiki_page`, `create_lesson`, `search_lessons`, `allocate_rfc_number` |
 | **Pull Requests** | `list_pull_requests`, `get_pull_request`, `get_pr_diff`, `get_pr_comments`, `create_pr_review`, `add_pr_comment` |
 | Validation | `validate_repo_org`, `get_branch_protection` |
 
@@ -235,6 +300,20 @@ leo-claude-mktplace/
 | `staging` | Staging | Read-only code, can create issues |
 | `main`, `master` | Production | Read-only, emergency only |
 
+### RFC System
+
+Wiki-based Request for Comments system for tracking feature ideas from proposal through implementation.
+
+**RFC Wiki Naming:**
+- RFC pages: `RFC-NNNN: Short Title` (4-digit zero-padded)
+- Index page: `RFC-Index` (auto-maintained)
+
+**Lifecycle:** Draft → Review → Approved → Implementing → Implemented
+
+**Integration with Sprint Planning:**
+- `/sprint-plan` detects approved RFCs and offers selection
+- `/sprint-close` updates RFC status on completion
+
 ## Label Taxonomy
 
 43 labels total: 27 organization + 16 repository
@@ -259,16 +338,15 @@ Stored in Gitea Wiki under `lessons-learned/sprints/`.
 
 1. Create `plugins/{name}/.claude-plugin/plugin.json`
 2. Add entry to `.claude-plugin/marketplace.json` with category, tags, license
-3. Create `README.md` and `claude-md-integration.md`
-4. If using MCP server, create symlink: `ln -s ../../../mcp-servers/{server} plugins/{name}/mcp-servers/{server}`
+3. Create `claude-md-integration.md`
+4. If using new MCP server, add to root `mcp-servers/` and update `.mcp.json`
 5. Run `./scripts/validate-marketplace.sh`
 6. Update `CHANGELOG.md`
 
 ### Adding a Command to projman
 
 1. Create `plugins/projman/commands/{name}.md`
-2. Update `plugins/projman/README.md`
-3. Update marketplace description if significant
+2. Update marketplace description if significant
 
 ### Validation
 
@@ -295,7 +373,6 @@ Stored in Gitea Wiki under `lessons-learned/sprints/`.
 | `docs/DEBUGGING-CHECKLIST.md` | Systematic troubleshooting guide |
 | `docs/UPDATING.md` | Update guide for the marketplace |
 | `plugins/projman/CONFIGURATION.md` | Projman quick reference (links to central) |
-| `plugins/projman/README.md` | Projman full documentation |
 
 ## Installation Paths
 
@@ -317,12 +394,12 @@ See `docs/DEBUGGING-CHECKLIST.md` for systematic troubleshooting.
 | Symptom | Likely Cause | Fix |
 |---------|--------------|-----|
 | "X MCP servers failed" | Missing venv in installed path | `cd ~/.claude/plugins/marketplaces/leo-claude-mktplace && ./scripts/setup.sh` |
-| MCP tools not available | Symlink broken or venv missing | Run `/debug-report` to diagnose |
+| MCP tools not available | Venv missing or .mcp.json misconfigured | Run `/debug report` to diagnose |
 | Changes not taking effect | Editing source, not installed | Reinstall plugin or edit installed path |
 
 **Debug Commands:**
-- `/debug-report` - Run full diagnostics, create issue if needed
-- `/debug-review` - Investigate and propose fixes
+- `/debug report` - Run full diagnostics, create issue if needed
+- `/debug review` - Investigate and propose fixes
 
 ## Versioning Workflow
 
@@ -376,4 +453,4 @@ The script will:
 
 ---
 
-**Last Updated:** 2026-01-24
+**Last Updated:** 2026-01-30

README.md

@@ -1,4 +1,4 @@
-# Leo Claude Marketplace - v5.1.0
+# Leo Claude Marketplace - v5.6.0
 
 A collection of Claude Code plugins for project management, infrastructure automation, and development workflows.
 
@@ -6,7 +6,7 @@ A collection of Claude Code plugins for project management, infrastructure autom
 
 ### Development & Project Management
 
-#### [projman](./plugins/projman/README.md)
+#### [projman](./plugins/projman)
 **Sprint Planning and Project Management**
 
 AI-guided sprint planning with full Gitea integration. Transforms a proven 15-sprint workflow into a distributable plugin.
@@ -19,9 +19,9 @@ AI-guided sprint planning with full Gitea integration. Transforms a proven 15-sp
 - Branch-aware security (development/staging/production)
 - Pre-sprint-close code quality review and test verification
 
-**Commands:** `/sprint-plan`, `/sprint-start`, `/sprint-status`, `/sprint-close`, `/labels-sync`, `/initial-setup`, `/project-init`, `/project-sync`, `/review`, `/test-check`, `/test-gen`, `/debug-report`, `/debug-review`
+**Commands:** `/sprint-plan`, `/sprint-start`, `/sprint-status`, `/sprint-close`, `/labels-sync`, `/setup`, `/review`, `/test`, `/debug`, `/suggest-version`, `/proposal-status`, `/clear-cache`, `/rfc-create`, `/rfc-list`, `/rfc-review`, `/rfc-approve`, `/rfc-reject`
 
-#### [git-flow](./plugins/git-flow/README.md) *NEW in v3.0.0*
+#### [git-flow](./plugins/git-flow) *NEW in v3.0.0*
 **Git Workflow Automation**
 
 Smart git operations with intelligent commit messages and branch management.
@@ -34,7 +34,7 @@ Smart git operations with intelligent commit messages and branch management.
 
 **Commands:** `/commit`, `/commit-push`, `/commit-merge`, `/commit-sync`, `/branch-start`, `/branch-cleanup`, `/git-status`, `/git-config`
 
-#### [pr-review](./plugins/pr-review/README.md) *NEW in v3.0.0*
+#### [pr-review](./plugins/pr-review) *NEW in v3.0.0*
 **Multi-Agent PR Review**
 
 Comprehensive pull request review using specialized agents.
@@ -44,16 +44,16 @@ Comprehensive pull request review using specialized agents.
 - Actionable feedback with suggested fixes
 - Gitea integration for automated review submission
 
-**Commands:** `/pr-review`, `/pr-summary`, `/pr-findings`, `/initial-setup`, `/project-init`, `/project-sync`
+**Commands:** `/pr-review`, `/pr-summary`, `/pr-findings`, `/pr-diff`, `/initial-setup`, `/project-init`, `/project-sync`
 
-#### [claude-config-maintainer](./plugins/claude-config-maintainer/README.md)
+#### [claude-config-maintainer](./plugins/claude-config-maintainer)
 **CLAUDE.md Optimization and Maintenance**
 
 Analyze, optimize, and create CLAUDE.md configuration files for Claude Code projects.
 
-**Commands:** `/config-analyze`, `/config-optimize`, `/config-init`
+**Commands:** `/config-analyze`, `/config-optimize`, `/config-init`, `/config-diff`, `/config-lint`
 
-#### [contract-validator](./plugins/contract-validator/README.md) *NEW in v5.0.0*
+#### [contract-validator](./plugins/contract-validator) *NEW in v5.0.0*
 **Cross-Plugin Compatibility Validation**
 
 Validate plugin marketplaces for command conflicts, tool overlaps, and broken agent references.
@@ -64,11 +64,11 @@ Validate plugin marketplaces for command conflicts, tool overlaps, and broken ag
 - Data flow validation for agent sequences
 - Markdown or JSON reports with actionable suggestions
 
-**Commands:** `/validate-contracts`, `/check-agent`, `/list-interfaces`, `/initial-setup`
+**Commands:** `/validate-contracts`, `/check-agent`, `/list-interfaces`, `/dependency-graph`, `/initial-setup`
 
 ### Productivity
 
-#### [clarity-assist](./plugins/clarity-assist/README.md) *NEW in v3.0.0*
+#### [clarity-assist](./plugins/clarity-assist) *NEW in v3.0.0*
 **Prompt Optimization with ND Accommodations**
 
 Transform vague requests into clear specifications using structured methodology.
@@ -79,21 +79,21 @@ Transform vague requests into clear specifications using structured methodology.
 
 **Commands:** `/clarify`, `/quick-clarify`
 
-#### [doc-guardian](./plugins/doc-guardian/README.md)
+#### [doc-guardian](./plugins/doc-guardian)
 **Documentation Lifecycle Management**
 
 Automatic documentation drift detection and synchronization.
 
-**Commands:** `/doc-audit`, `/doc-sync`
+**Commands:** `/doc-audit`, `/doc-sync`, `/changelog-gen`, `/doc-coverage`, `/stale-docs`
 
-#### [project-hygiene](./plugins/project-hygiene/README.md)
+#### [project-hygiene](./plugins/project-hygiene)
 **Post-Task Cleanup Automation**
 
 Hook-based cleanup that runs after Claude completes work.
 
 ### Security
 
-#### [code-sentinel](./plugins/code-sentinel/README.md)
+#### [code-sentinel](./plugins/code-sentinel)
 **Security Scanning & Refactoring**
 
 Security vulnerability detection and code refactoring tools.
@@ -102,16 +102,16 @@ Security vulnerability detection and code refactoring tools.
 
 ### Infrastructure
 
-#### [cmdb-assistant](./plugins/cmdb-assistant/README.md)
+#### [cmdb-assistant](./plugins/cmdb-assistant)
 **NetBox CMDB Integration**
 
 Full CRUD operations for network infrastructure management directly from Claude Code.
 
-**Commands:** `/initial-setup`, `/cmdb-search`, `/cmdb-device`, `/cmdb-ip`, `/cmdb-site`
+**Commands:** `/initial-setup`, `/cmdb-search`, `/cmdb-device`, `/cmdb-ip`, `/cmdb-site`, `/cmdb-audit`, `/cmdb-register`, `/cmdb-sync`, `/cmdb-topology`, `/change-audit`, `/ip-conflicts`
 
 ### Data Engineering
 
-#### [data-platform](./plugins/data-platform/README.md) *NEW in v4.0.0*
+#### [data-platform](./plugins/data-platform) *NEW in v4.0.0*
 **pandas, PostgreSQL/PostGIS, and dbt Integration**
 
 Comprehensive data engineering toolkit with persistent DataFrame storage.
@@ -122,11 +122,11 @@ Comprehensive data engineering toolkit with persistent DataFrame storage.
 - 100k row limit with chunking support
 - Auto-detection of dbt projects
 
-**Commands:** `/ingest`, `/profile`, `/schema`, `/explain`, `/lineage`, `/run`
+**Commands:** `/ingest`, `/profile`, `/schema`, `/explain`, `/lineage`, `/lineage-viz`, `/run`, `/dbt-test`, `/data-quality`, `/initial-setup`
 
 ### Visualization
 
-#### [viz-platform](./plugins/viz-platform/README.md) *NEW in v4.0.0*
+#### [viz-platform](./plugins/viz-platform) *NEW in v4.0.0*
 **Dash Mantine Components Validation and Theming**
 
 Visualization toolkit with version-locked component validation and design token theming.
@@ -138,11 +138,26 @@ Visualization toolkit with version-locked component validation and design token
 - 5 Page tools for multi-page app structure
 - Dual theme storage: user-level and project-level
 
-**Commands:** `/chart`, `/dashboard`, `/theme`, `/theme-new`, `/theme-css`, `/component`, `/initial-setup`
+**Commands:** `/chart`, `/chart-export`, `/dashboard`, `/theme`, `/theme-new`, `/theme-css`, `/component`, `/accessibility-check`, `/breakpoints`, `/design-review`, `/design-gate`, `/initial-setup`
+
+## Domain Advisory Pattern
+
+The marketplace supports cross-plugin domain advisory integration:
+
+- **Domain Detection**: projman automatically detects when issues involve specialized domains (frontend/viz, data engineering)
+- **Acceptance Criteria**: Domain-specific acceptance criteria are added to issues during planning
+- **Execution Gates**: Domain validation gates (`/design-gate`, `/data-gate`) run before issue completion
+- **Extensible**: New domains can be added by creating advisory agents and gate commands
+
+**Current Domains:**
+| Domain | Plugin | Gate Command |
+|--------|--------|--------------|
+| Visualization | viz-platform | `/design-gate` |
+| Data | data-platform | `/data-gate` |
 
 ## MCP Servers
 
-MCP servers are **shared at repository root** with **symlinks** from plugins that use them.
+MCP servers are **shared at repository root** and configured in `.mcp.json`.
 
 ### Gitea MCP Server (shared)
 

docs/CANONICAL-PATHS.md

@@ -2,7 +2,7 @@
 
 **This file defines ALL valid paths in this repository. No exceptions. No inference. No assumptions.**
 
-Last Updated: 2026-01-26 (v5.0.0)
+Last Updated: 2026-01-30 (v5.4.1)
 
 ---
 
@@ -76,9 +76,6 @@ leo-claude-mktplace/
 ├── plugins/                    # ALL plugins
 │   ├── projman/                # Sprint management
 │   │   ├── .claude-plugin/
-│   │   ├── .mcp.json
-│   │   ├── mcp-servers/
-│   │   │   └── gitea -> ../../../mcp-servers/gitea  # SYMLINK
 │   │   ├── commands/
 │   │   ├── agents/
 │   │   ├── skills/
@@ -99,9 +96,6 @@ leo-claude-mktplace/
 │   │   └── claude-md-integration.md
 │   ├── cmdb-assistant/         # NetBox CMDB integration
 │   │   ├── .claude-plugin/
-│   │   ├── .mcp.json
-│   │   ├── mcp-servers/
-│   │   │   └── netbox -> ../../../mcp-servers/netbox  # SYMLINK
 │   │   ├── commands/
 │   │   ├── agents/
 │   │   └── claude-md-integration.md
@@ -114,58 +108,49 @@ leo-claude-mktplace/
 │   │   ├── .claude-plugin/
 │   │   ├── hooks/
 │   │   └── claude-md-integration.md
-│   ├── clarity-assist/         # NEW in v3.0.0
+│   ├── clarity-assist/
 │   │   ├── .claude-plugin/
 │   │   ├── commands/
 │   │   ├── agents/
 │   │   ├── skills/
 │   │   └── claude-md-integration.md
-│   ├── git-flow/               # NEW in v3.0.0
+│   ├── git-flow/
 │   │   ├── .claude-plugin/
 │   │   ├── commands/
 │   │   ├── agents/
 │   │   ├── skills/
 │   │   └── claude-md-integration.md
-│   ├── pr-review/              # NEW in v3.0.0
+│   ├── pr-review/
 │   │   ├── .claude-plugin/
-│   │   ├── .mcp.json
-│   │   ├── mcp-servers/
-│   │   │   └── gitea -> ../../../mcp-servers/gitea  # SYMLINK
 │   │   ├── commands/
 │   │   ├── agents/
 │   │   ├── skills/
 │   │   └── claude-md-integration.md
-│   ├── data-platform/          # NEW in v4.0.0
+│   ├── data-platform/
 │   │   ├── .claude-plugin/
-│   │   ├── .mcp.json
-│   │   ├── mcp-servers/
-│   │   │   └── data-platform -> ../../../mcp-servers/data-platform  # SYMLINK
 │   │   ├── commands/
 │   │   ├── agents/
 │   │   ├── hooks/
 │   │   └── claude-md-integration.md
-│   ├── contract-validator/     # NEW in v5.0.0
+│   ├── contract-validator/
 │   │   ├── .claude-plugin/
-│   │   ├── .mcp.json
-│   │   ├── mcp-servers/
-│   │   │   └── contract-validator -> ../../../mcp-servers/contract-validator  # SYMLINK
 │   │   ├── commands/
 │   │   ├── agents/
 │   │   └── claude-md-integration.md
-│   └── viz-platform/           # NEW in v4.1.0
+│   └── viz-platform/
 │       ├── .claude-plugin/
-│       ├── .mcp.json
-│       ├── mcp-servers/
-│       │   └── viz-platform -> ../../../mcp-servers/viz-platform  # SYMLINK
 │       ├── commands/
 │       ├── agents/
 │       ├── hooks/
 │       └── claude-md-integration.md
 ├── scripts/                    # Setup and maintenance scripts
 │   ├── setup.sh                # Initial setup (create venvs, config templates)
-│   ├── post-update.sh          # Post-update (rebuild venvs, verify symlinks)
-│   ├── check-venv.sh           # Check if venvs exist (for hooks)
-│   └── validate-marketplace.sh # Marketplace compliance validation
+│   ├── post-update.sh          # Post-update (clear cache, show changelog)
+│   ├── check-venv.sh           # Check if venvs exist (read-only)
+│   ├── validate-marketplace.sh # Marketplace compliance validation
+│   ├── verify-hooks.sh         # Verify all hooks use correct event types
+│   ├── setup-venvs.sh          # Setup MCP server venvs (create only, never delete)
+│   └── release.sh              # Release automation with version bumping
 ├── CLAUDE.md
 ├── README.md
 ├── LICENSE
@@ -185,29 +170,21 @@ leo-claude-mktplace/
 | Plugin manifest | `plugins/{plugin-name}/.claude-plugin/plugin.json` | `plugins/projman/.claude-plugin/plugin.json` |
 | Plugin commands | `plugins/{plugin-name}/commands/` | `plugins/projman/commands/` |
 | Plugin agents | `plugins/{plugin-name}/agents/` | `plugins/projman/agents/` |
-| Plugin .mcp.json | `plugins/{plugin-name}/.mcp.json` | `plugins/projman/.mcp.json` |
+| Plugin skills | `plugins/{plugin-name}/skills/` | `plugins/projman/skills/` |
 | Plugin integration snippet | `plugins/{plugin-name}/claude-md-integration.md` | `plugins/projman/claude-md-integration.md` |
 
-### MCP Server Paths (v3.0.0 Architecture)
+### MCP Server Paths
 
-MCP servers are **shared at repository root** with **symlinks** from plugins.
+MCP servers are **shared at repository root** and configured in `.mcp.json`.
 
 | Context | Pattern | Example |
 |---------|---------|---------|
+| MCP configuration | `.mcp.json` | `.mcp.json` (at repo root) |
 | Shared MCP server | `mcp-servers/{server}/` | `mcp-servers/gitea/` |
 | MCP server code | `mcp-servers/{server}/mcp_server/` | `mcp-servers/gitea/mcp_server/` |
 | MCP venv | `mcp-servers/{server}/.venv/` | `mcp-servers/gitea/.venv/` |
-| Plugin symlink | `plugins/{plugin}/mcp-servers/{server}` | `plugins/projman/mcp-servers/gitea` |
 
-### Symlink Pattern
-
-Plugins that use MCP servers create symlinks:
-```bash
-# From plugin directory
-ln -s ../../../mcp-servers/gitea plugins/projman/mcp-servers/gitea
-```
-
-The symlink target is relative: `../../../mcp-servers/{server}`
+**Note:** Plugins do NOT have their own `mcp-servers/` directories. All MCP servers are shared at root and configured via `.mcp.json`.
 
 ### Documentation Paths
 
@@ -236,15 +213,12 @@ The symlink target is relative: `../../../mcp-servers/{server}`
 2. Verify each path against patterns in this file
 3. Show verification to user before proceeding
 
-### Relative Path Calculation (v3.0.0)
+### Relative Path Calculation
 
-From `plugins/projman/.mcp.json` to shared `mcp-servers/gitea/`:
+From `.mcp.json` (at root) to `mcp-servers/gitea/`:
 ```
-plugins/projman/.mcp.json
-  → Uses ${CLAUDE_PLUGIN_ROOT}/mcp-servers/gitea/
-  → Symlink at plugins/projman/mcp-servers/gitea points to ../../../mcp-servers/gitea
-
-Result in .mcp.json: ${CLAUDE_PLUGIN_ROOT}/mcp-servers/gitea/.venv/bin/python
+.mcp.json (at repository root)
+  → Uses absolute installed path: ~/.claude/plugins/marketplaces/.../mcp-servers/gitea/run.sh
 ```
 
 From `.claude-plugin/marketplace.json` to `plugins/projman/`:
@@ -263,30 +237,34 @@ Result: ./plugins/projman
 | Wrong | Why | Correct |
 |-------|-----|---------|
 | `projman/` at root | Plugins go in `plugins/` | `plugins/projman/` |
-| Direct path in .mcp.json to root mcp-servers | Use symlink | Symlink at `plugins/{plugin}/mcp-servers/` |
-| Creating new mcp-servers inside plugins | Use shared + symlink | Symlink to `mcp-servers/` |
-| Hardcoding absolute paths | Breaks portability | Use `${CLAUDE_PLUGIN_ROOT}` |
+| `mcp-servers/` inside plugins | MCP servers are shared at root | Use root `mcp-servers/` |
+| Plugin-level `.mcp.json` | MCP config is at root | Use root `.mcp.json` |
+| Hardcoding absolute paths in source | Breaks portability | Use relative paths or `${CLAUDE_PLUGIN_ROOT}` |
 
 ---
 
-## Architecture Note (v3.0.0)
+## Architecture Note
 
-MCP servers are now **shared at repository root** with **symlinks** from plugins:
+MCP servers are **shared at repository root** and configured in a single `.mcp.json` file.
 
 **Benefits:**
 - Single source of truth for each MCP server
 - Updates apply to all plugins automatically
-- Reduced duplication
-- Symlinks work with Claude Code caching
+- No duplication - clean plugin structure
+- Simple configuration in one place
 
-**Symlink Pattern:**
-```
-plugins/projman/mcp-servers/gitea -> ../../../mcp-servers/gitea
-plugins/cmdb-assistant/mcp-servers/netbox -> ../../../mcp-servers/netbox
-plugins/pr-review/mcp-servers/gitea -> ../../../mcp-servers/gitea
-plugins/data-platform/mcp-servers/data-platform -> ../../../mcp-servers/data-platform
-plugins/viz-platform/mcp-servers/viz-platform -> ../../../mcp-servers/viz-platform
-plugins/contract-validator/mcp-servers/contract-validator -> ../../../mcp-servers/contract-validator
+**Configuration:**
+All MCP servers are defined in `.mcp.json` at repository root:
+```json
+{
+  "mcpServers": {
+    "gitea": { "command": ".../mcp-servers/gitea/run.sh" },
+    "netbox": { "command": ".../mcp-servers/netbox/run.sh" },
+    "data-platform": { "command": ".../mcp-servers/data-platform/run.sh" },
+    "viz-platform": { "command": ".../mcp-servers/viz-platform/run.sh" },
+    "contract-validator": { "command": ".../mcp-servers/contract-validator/run.sh" }
+  }
+}
 ```
 
 ---
@@ -295,6 +273,7 @@ plugins/contract-validator/mcp-servers/contract-validator -> ../../../mcp-server
 
 | Date | Change | By |
 |------|--------|-----|
+| 2026-01-30 | v5.5.0: Removed plugin-level mcp-servers symlinks - all MCP config now in root .mcp.json | Claude Code |
 | 2026-01-26 | v5.0.0: Added contract-validator plugin and MCP server | Claude Code |
 | 2026-01-26 | v4.1.0: Added viz-platform plugin and MCP server | Claude Code |
 | 2026-01-25 | v4.0.0: Added data-platform plugin and MCP server | Claude Code |

docs/COMMANDS-CHEATSHEET.md

@@ -10,19 +10,22 @@ Quick reference for all commands in the Leo Claude Marketplace.
 |--------|---------|:----:|:------:|-------------|
 | **projman** | `/sprint-plan` | | X | Start sprint planning with AI-guided architecture analysis and issue creation |
 | **projman** | `/sprint-start` | | X | Begin sprint execution with dependency analysis and parallel task coordination |
-| **projman** | `/sprint-status` | | X | Check current sprint progress and identify blockers |
+| **projman** | `/sprint-status` | | X | Check current sprint progress (add `--diagram` for Mermaid visualization) |
 | **projman** | `/review` | | X | Pre-sprint-close code quality review (debug artifacts, security, error handling) |
-| **projman** | `/test-check` | | X | Run tests and verify coverage before sprint close |
+| **projman** | `/test` | | X | Run tests (`/test run`) or generate tests (`/test gen <target>`) |
 | **projman** | `/sprint-close` | | X | Complete sprint and capture lessons learned to Gitea Wiki |
 | **projman** | `/labels-sync` | | X | Synchronize label taxonomy from Gitea |
-| **projman** | `/initial-setup` | | X | Full setup wizard: MCP server + system config + project config |
-| **projman** | `/project-init` | | X | Quick project setup (assumes system config exists) |
-| **projman** | `/project-sync` | | X | Sync config with git remote after repo move/rename |
-| **projman** | *SessionStart hook* | X | | Detects git remote vs .env mismatch, warns to run /project-sync |
-| **projman** | `/test-gen` | | X | Generate comprehensive tests for specified code |
-| **projman** | `/debug-report` | | X | Run diagnostics and create structured issue in marketplace |
-| **projman** | `/debug-review` | | X | Investigate diagnostic issues and propose fixes with approval gates |
+| **projman** | `/setup` | | X | Auto-detect mode or use `--full`, `--quick`, `--sync` |
+| **projman** | *SessionStart hook* | X | | Detects git remote vs .env mismatch, warns to run `/setup --sync` |
+| **projman** | `/debug` | | X | Diagnostics (`/debug report`) or investigate (`/debug review`) |
 | **projman** | `/suggest-version` | | X | Analyze CHANGELOG and recommend semantic version bump |
+| **projman** | `/proposal-status` | | X | View proposal and implementation hierarchy with status |
+| **projman** | `/clear-cache` | | X | Clear plugin cache to force fresh configuration reload |
+| **projman** | `/rfc-create` | | X | Create new RFC from conversation or clarified spec |
+| **projman** | `/rfc-list` | | X | List all RFCs grouped by status |
+| **projman** | `/rfc-review` | | X | Submit Draft RFC for review |
+| **projman** | `/rfc-approve` | | X | Approve RFC in Review status for sprint planning |
+| **projman** | `/rfc-reject` | | X | Reject RFC with documented reason |
 | **git-flow** | `/commit` | | X | Create commit with auto-generated conventional message |
 | **git-flow** | `/commit-push` | | X | Commit and push to remote in one operation |
 | **git-flow** | `/commit-merge` | | X | Commit current changes, then merge into target branch |
@@ -38,10 +41,14 @@ Quick reference for all commands in the Leo Claude Marketplace.
 | **pr-review** | `/pr-review` | | X | Full multi-agent PR review with confidence scoring |
 | **pr-review** | `/pr-summary` | | X | Quick summary of PR changes |
 | **pr-review** | `/pr-findings` | | X | List and filter review findings by category/severity |
+| **pr-review** | `/pr-diff` | | X | Formatted diff with inline review comments and annotations |
 | **clarity-assist** | `/clarify` | | X | Full 4-D prompt optimization with ND accommodations |
 | **clarity-assist** | `/quick-clarify` | | X | Rapid single-pass clarification for simple requests |
 | **doc-guardian** | `/doc-audit` | | X | Full documentation audit - scans for doc drift |
 | **doc-guardian** | `/doc-sync` | | X | Synchronize pending documentation updates |
+| **doc-guardian** | `/changelog-gen` | | X | Generate changelog from conventional commits |
+| **doc-guardian** | `/doc-coverage` | | X | Documentation coverage metrics by function/class |
+| **doc-guardian** | `/stale-docs` | | X | Flag documentation behind code changes |
 | **doc-guardian** | *PostToolUse hook* | X | | Silently detects doc drift on Write/Edit |
 | **code-sentinel** | `/security-scan` | | X | Full security audit (SQL injection, XSS, secrets, etc.) |
 | **code-sentinel** | `/refactor` | | X | Apply refactoring patterns to improve code |
@@ -50,11 +57,19 @@ Quick reference for all commands in the Leo Claude Marketplace.
 | **claude-config-maintainer** | `/config-analyze` | | X | Analyze CLAUDE.md for optimization opportunities |
 | **claude-config-maintainer** | `/config-optimize` | | X | Optimize CLAUDE.md structure with preview/backup |
 | **claude-config-maintainer** | `/config-init` | | X | Initialize new CLAUDE.md for a project |
+| **claude-config-maintainer** | `/config-diff` | | X | Track CLAUDE.md changes over time with behavioral impact |
+| **claude-config-maintainer** | `/config-lint` | | X | Lint CLAUDE.md for anti-patterns and best practices |
 | **cmdb-assistant** | `/initial-setup` | | X | Setup wizard for NetBox MCP server |
 | **cmdb-assistant** | `/cmdb-search` | | X | Search NetBox for devices, IPs, sites |
 | **cmdb-assistant** | `/cmdb-device` | | X | Manage network devices (create, view, update, delete) |
 | **cmdb-assistant** | `/cmdb-ip` | | X | Manage IP addresses and prefixes |
 | **cmdb-assistant** | `/cmdb-site` | | X | Manage sites, locations, racks, and regions |
+| **cmdb-assistant** | `/cmdb-audit` | | X | Data quality analysis (VMs, devices, naming, roles) |
+| **cmdb-assistant** | `/cmdb-register` | | X | Register current machine into NetBox with running apps |
+| **cmdb-assistant** | `/cmdb-sync` | | X | Sync machine state with NetBox (detect drift, update) |
+| **cmdb-assistant** | `/cmdb-topology` | | X | Infrastructure topology diagrams (rack, network, site views) |
+| **cmdb-assistant** | `/change-audit` | | X | NetBox audit trail queries with filtering |
+| **cmdb-assistant** | `/ip-conflicts` | | X | Detect IP conflicts and overlapping prefixes |
 | **project-hygiene** | *PostToolUse hook* | X | | Removes temp files, warns about unexpected root files |
 | **data-platform** | `/ingest` | | X | Load data from CSV, Parquet, JSON into DataFrame |
 | **data-platform** | `/profile` | | X | Generate data profiling report with statistics |
@@ -62,6 +77,9 @@ Quick reference for all commands in the Leo Claude Marketplace.
 | **data-platform** | `/explain` | | X | Explain query execution plan |
 | **data-platform** | `/lineage` | | X | Show dbt model lineage and dependencies |
 | **data-platform** | `/run` | | X | Run dbt models with validation |
+| **data-platform** | `/lineage-viz` | | X | dbt lineage visualization as Mermaid diagrams |
+| **data-platform** | `/dbt-test` | | X | Formatted dbt test runner with summary and failure details |
+| **data-platform** | `/data-quality` | | X | DataFrame quality checks (nulls, duplicates, types, outliers) |
 | **data-platform** | `/initial-setup` | | X | Setup wizard for data-platform MCP servers |
 | **data-platform** | *SessionStart hook* | X | | Checks PostgreSQL connection (non-blocking warning) |
 | **viz-platform** | `/initial-setup` | | X | Setup wizard for viz-platform MCP server |
@@ -71,7 +89,15 @@ Quick reference for all commands in the Leo Claude Marketplace.
 | **viz-platform** | `/theme-new` | | X | Create new custom theme with design tokens |
 | **viz-platform** | `/theme-css` | | X | Export theme as CSS custom properties |
 | **viz-platform** | `/component` | | X | Inspect DMC component props and validation |
+| **viz-platform** | `/chart-export` | | X | Export charts to PNG, SVG, PDF via kaleido |
+| **viz-platform** | `/accessibility-check` | | X | Color blind validation (WCAG contrast ratios) |
+| **viz-platform** | `/breakpoints` | | X | Configure responsive layout breakpoints |
 | **viz-platform** | *SessionStart hook* | X | | Checks DMC version (non-blocking warning) |
+| **contract-validator** | `/validate-contracts` | | X | Full marketplace compatibility validation |
+| **contract-validator** | `/check-agent` | | X | Validate single agent definition |
+| **contract-validator** | `/list-interfaces` | | X | Show all plugin interfaces |
+| **contract-validator** | `/dependency-graph` | | X | Mermaid visualization of plugin dependencies |
+| **contract-validator** | `/initial-setup` | | X | Setup wizard for contract-validator MCP |
 
 ---
 
@@ -79,7 +105,7 @@ Quick reference for all commands in the Leo Claude Marketplace.
 
 | Category | Plugins | Primary Use |
 |----------|---------|-------------|
-| **Setup** | projman, pr-review, cmdb-assistant, data-platform | `/initial-setup`, `/project-init` |
+| **Setup** | projman, pr-review, cmdb-assistant, data-platform | `/setup`, `/initial-setup` |
 | **Task Planning** | projman, clarity-assist | Sprint management, requirement clarification |
 | **Code Quality** | code-sentinel, pr-review | Security scanning, PR reviews |
 | **Documentation** | doc-guardian, claude-config-maintainer | Doc sync, CLAUDE.md maintenance |
@@ -87,6 +113,7 @@ Quick reference for all commands in the Leo Claude Marketplace.
 | **Infrastructure** | cmdb-assistant | NetBox CMDB management |
 | **Data Engineering** | data-platform | pandas, PostgreSQL, dbt operations |
 | **Visualization** | viz-platform | DMC validation, Plotly charts, theming |
+| **Validation** | contract-validator | Cross-plugin compatibility checks |
 | **Maintenance** | project-hygiene | Automatic cleanup |
 
 ---
@@ -107,6 +134,22 @@ Quick reference for all commands in the Leo Claude Marketplace.
 
 ## Dev Workflow Examples
 
+### Example 0: RFC-Driven Feature Development
+
+Full workflow from idea to implementation using RFCs:
+
+```
+1. /clarify                  # Clarify the feature idea
+2. /rfc-create               # Create RFC from clarified spec
+   ... refine RFC content ...
+3. /rfc-review 0001          # Submit RFC for review
+   ... review discussion ...
+4. /rfc-approve 0001         # Approve RFC for implementation
+5. /sprint-plan              # Select approved RFC for sprint
+   ... implement feature ...
+6. /sprint-close             # Complete sprint, RFC marked Implemented
+```
+
 ### Example 1: Starting a New Feature Sprint
 
 A typical workflow for planning and executing a feature sprint:
@@ -119,9 +162,9 @@ A typical workflow for planning and executing a feature sprint:
 5. /branch-start feat/...    # Create feature branch
    ... implement features ...
 6. /commit                   # Commit with conventional message
-7. /sprint-status            # Check progress mid-sprint
+7. /sprint-status --diagram  # Check progress with visualization
 8. /review                   # Pre-close quality review
-9. /test-check               # Verify test coverage
+9. /test run                 # Verify test coverage
 10. /sprint-close            # Capture lessons learned
 ```
 
@@ -168,7 +211,7 @@ Safe refactoring with preview:
 1. /refactor-dry             # Preview opportunities
 2. /security-scan            # Baseline security check
 3. /refactor                 # Apply improvements
-4. /test-check               # Verify nothing broke
+4. /test run                 # Verify nothing broke
 5. /commit                   # Commit with descriptive message
 ```
 
@@ -201,7 +244,7 @@ Working with data pipelines:
 Setting up the marketplace for the first time:
 
 ```
-1. /initial-setup            # Full setup: MCP + system config + project
+1. /setup --full             # Full setup: MCP + system config + project
    # → Follow prompts for Gitea URL, org
    # → Add token manually when prompted
    # → Confirm repository name
@@ -215,7 +258,7 @@ Setting up the marketplace for the first time:
 Adding a new project when system config exists:
 
 ```
-1. /project-init             # Quick project setup
+1. /setup --quick            # Quick project setup (auto-detected)
    # → Confirms detected repo name
    # → Creates .env
 2. /labels-sync              # Sync Gitea labels
@@ -245,9 +288,10 @@ Some plugins require MCP server connectivity:
 | cmdb-assistant | NetBox | Infrastructure CMDB |
 | data-platform | pandas, PostgreSQL, dbt | DataFrames, database queries, dbt builds |
 | viz-platform | viz-platform | DMC validation, charts, layouts, themes, pages |
+| contract-validator | contract-validator | Plugin interface parsing, compatibility validation |
 
 Ensure credentials are configured in `~/.config/claude/gitea.env`, `~/.config/claude/netbox.env`, or `~/.config/claude/postgres.env`.
 
 ---
 
-*Last Updated: 2026-01-26*
+*Last Updated: 2026-01-30*

docs/CONFIGURATION.md

@@ -9,10 +9,10 @@ Centralized configuration documentation for all plugins and MCP servers in the L
 **After installing the marketplace and plugins via Claude Code:**
 
 ```
-/initial-setup
+/setup
 ```
 
-The interactive wizard handles everything except manually adding your API tokens.
+The interactive wizard auto-detects what's needed and handles everything except manually adding your API tokens.
 
 ---
 
@@ -25,7 +25,8 @@ The interactive wizard handles everything except manually adding your API tokens
 └─────────────────────────────────────────────────────────────────────────────┘
                                     │
                                     ▼
-                            /initial-setup
+                              /setup --full
+                          (or /setup auto-detects)
                                     │
      ┌──────────────────────────────┼──────────────────────────────┐
      ▼                              ▼                              ▼
@@ -78,8 +79,8 @@ The interactive wizard handles everything except manually adding your API tokens
                                     │
                     ┌───────────────┴───────────────┐
                     ▼                               ▼
-             /project-init                   /initial-setup
-             (direct path)                   (smart detection)
+             /setup --quick                     /setup
+             (explicit mode)               (auto-detects mode)
                     │                               │
                     │                    ┌──────────┴──────────┐
                     │                    ▼                     ▼
@@ -108,7 +109,7 @@ The interactive wizard handles everything except manually adding your API tokens
 
 ## What Runs Automatically vs User Interaction
 
-### `/initial-setup` - Full Setup
+### `/setup --full` - Full Setup
 
 | Phase | Type | What Happens |
 |-------|------|--------------|
@@ -120,7 +121,7 @@ The interactive wizard handles everything except manually adding your API tokens
 | **6. Project Config** | Automated | Creates `.env` file, checks `.gitignore` |
 | **7. Validation** | Automated | Tests API connectivity, shows summary |
 
-### `/project-init` - Quick Project Setup
+### `/setup --quick` - Quick Project Setup
 
 | Phase | Type | What Happens |
 |-------|------|--------------|
@@ -131,23 +132,25 @@ The interactive wizard handles everything except manually adding your API tokens
 
 ---
 
-## Three Commands for Different Scenarios
+## One Command, Three Modes
 
-| Command | When to Use | What It Does |
-|---------|-------------|--------------|
-| `/initial-setup` | First time on a machine | Full setup: MCP server + system config + project config |
-| `/project-init` | Starting a new project | Quick setup: project config only (assumes system is ready) |
-| `/project-sync` | After repo move/rename | Updates .env to match current git remote |
+| Mode | When to Use | What It Does |
+|------|-------------|--------------|
+| `/setup` | Any time | Auto-detects: runs full, quick, or sync as needed |
+| `/setup --full` | First time on a machine | Full setup: MCP server + system config + project config |
+| `/setup --quick` | Starting a new project | Quick setup: project config only (assumes system is ready) |
+| `/setup --sync` | After repo move/rename | Updates .env to match current git remote |
+
+**Auto-detection logic:**
+1. No system config → **full** mode
+2. System config exists, no project config → **quick** mode
+3. Both exist, git remote differs → **sync** mode
+4. Both exist, match → already configured, offer to reconfigure
 
 **Typical workflow:**
-1. Install plugin → run `/initial-setup` (once per machine)
-2. Start new project → run `/project-init` (once per project)
-3. Repository moved? → run `/project-sync` (updates config)
-
-**Smart features:**
-- `/initial-setup` detects existing system config and offers quick project setup
-- All commands validate org/repo via Gitea API before saving (auto-fills if verified)
-- SessionStart hook automatically detects git remote vs .env mismatches
+1. Install plugin → run `/setup` (auto-runs full mode)
+2. Start new project → run `/setup` (auto-runs quick mode)
+3. Repository moved? → run `/setup` (auto-runs sync mode)
 
 ---
 
@@ -171,8 +174,7 @@ This marketplace uses a **hybrid configuration** approach:
 │                  PROJECT-LEVEL (once per project)              │
 │                  <project-root>/.env                            │
 ├─────────────────────────────────────────────────────────────────┤
-│  GITEA_ORG               │  Organization for this project      │
-│  GITEA_REPO              │  Repository name for this project   │
+│  GITEA_REPO              │  Repository as owner/repo format    │
 │  GIT_WORKFLOW_STYLE      │  (optional) Override system default │
 │  PR_REVIEW_*             │  (optional) PR review settings      │
 └─────────────────────────────────────────────────────────────────┘
@@ -180,7 +182,7 @@ This marketplace uses a **hybrid configuration** approach:
 
 **Benefits:**
 - Single token per service (update once, use everywhere)
-- Easy multi-project setup (just run `/project-init` in each project)
+- Easy multi-project setup (just run `/setup` in each project)
 - Security (tokens never committed to git, never typed into AI chat)
 - Project isolation (each project can override defaults)
 
@@ -188,7 +190,7 @@ This marketplace uses a **hybrid configuration** approach:
 
 ## Prerequisites
 
-Before running `/initial-setup`:
+Before running `/setup`:
 
 1. **Python 3.10+** installed
    ```bash
@@ -211,10 +213,10 @@ Before running `/initial-setup`:
 Run the setup wizard in Claude Code:
 
 ```
-/initial-setup
+/setup
 ```
 
-The wizard will guide you through each step interactively.
+The wizard will guide you through each step interactively and auto-detect the appropriate mode.
 
 **Note:** After first-time setup, you'll need to restart your Claude Code session for MCP tools to become available.
 
@@ -262,8 +264,7 @@ In each project root:
 
 ```bash
 cat > .env << 'EOF'
-GITEA_ORG=your-organization
-GITEA_REPO=your-repo-name
+GITEA_REPO=your-organization/your-repo-name
 EOF
 ```
 
@@ -307,7 +308,7 @@ GITEA_API_TOKEN=your_gitea_token_here
 | `GITEA_API_URL` | Gitea API endpoint (with `/api/v1`) | `https://gitea.example.com/api/v1` |
 | `GITEA_API_TOKEN` | Personal access token | `abc123...` |
 
-**Note:** `GITEA_ORG` is configured at the project level (see below) since different projects may belong to different organizations.
+**Note:** `GITEA_REPO` is configured at the project level in `owner/repo` format since different projects may belong to different organizations.
 
 **Generating a Gitea Token:**
 1. Log into Gitea → **User Icon** → **Settings**
@@ -362,9 +363,8 @@ GIT_CO_AUTHOR=true
 Create `.env` in each project root:
 
 ```bash
-# Required for projman, pr-review
-GITEA_ORG=your-organization
-GITEA_REPO=your-repo-name
+# Required for projman, pr-review (use owner/repo format)
+GITEA_REPO=your-organization/your-repo-name
 
 # Optional: Override git-flow defaults
 GIT_WORKFLOW_STYLE=pr-required
@@ -377,8 +377,7 @@ PR_REVIEW_AUTO_SUBMIT=false
 
 | Variable | Required | Description |
 |----------|----------|-------------|
-| `GITEA_ORG` | Yes | Gitea organization for this project |
-| `GITEA_REPO` | Yes | Repository name (must match Gitea exactly) |
+| `GITEA_REPO` | Yes | Repository in `owner/repo` format (e.g., `my-org/my-repo`) |
 | `GIT_WORKFLOW_STYLE` | No | Override system default |
 | `PR_REVIEW_*` | No | PR review settings |
 
@@ -386,10 +385,10 @@ PR_REVIEW_AUTO_SUBMIT=false
 
 ## Plugin Configuration Summary
 
-| Plugin | System Config | Project Config | Setup Commands |
-|--------|---------------|----------------|----------------|
-| **projman** | gitea.env | .env (GITEA_ORG, GITEA_REPO) | `/initial-setup`, `/project-init`, `/project-sync` |
-| **pr-review** | gitea.env | .env (GITEA_ORG, GITEA_REPO) | `/initial-setup`, `/project-init`, `/project-sync` |
+| Plugin | System Config | Project Config | Setup Command |
+|--------|---------------|----------------|---------------|
+| **projman** | gitea.env | .env (GITEA_REPO=owner/repo) | `/setup` |
+| **pr-review** | gitea.env | .env (GITEA_REPO=owner/repo) | `/initial-setup` |
 | **git-flow** | git-flow.env (optional) | .env (optional) | None needed |
 | **clarity-assist** | None | None | None needed |
 | **cmdb-assistant** | netbox.env | None | `/initial-setup` |
@@ -406,21 +405,12 @@ PR_REVIEW_AUTO_SUBMIT=false
 
 Once system-level config is set up, adding new projects is simple:
 
-**Option 1: Use `/project-init` (faster)**
 ```
 cd ~/projects/new-project
-/project-init
+/setup
 ```
 
-**Option 2: Use `/initial-setup` (auto-detects)**
-```
-cd ~/projects/new-project
-/initial-setup
-# → Detects system config exists
-# → Offers "Quick project setup" option
-```
-
-Both approaches work. Use `/project-init` when you know the system is already configured.
+The command auto-detects that system config exists and runs quick project setup.
 
 ---
 
@@ -428,12 +418,12 @@ Both approaches work. Use `/project-init` when you know the system is already co
 
 ### API Validation
 
-When running `/initial-setup`, `/project-init`, or `/project-sync`, the commands:
+When running `/setup`, the command:
 
-1. **Detect** organization and repository from git remote URL
-2. **Validate** via Gitea API: `GET /api/v1/repos/{org}/{repo}`
-3. **Auto-fill** if repository exists and is accessible (no confirmation needed)
-4. **Ask for confirmation** only if validation fails (404 or permission error)
+1. **Detects** organization and repository from git remote URL
+2. **Validates** via Gitea API: `GET /api/v1/repos/{org}/{repo}`
+3. **Auto-fills** if repository exists and is accessible (no confirmation needed)
+4. **Asks for confirmation** only if validation fails (404 or permission error)
 
 This catches typos and permission issues before saving configuration.
 
@@ -441,9 +431,9 @@ This catches typos and permission issues before saving configuration.
 
 When you start a Claude Code session, a hook automatically:
 
-1. Reads `GITEA_ORG` and `GITEA_REPO` from `.env`
+1. Reads `GITEA_REPO` (in `owner/repo` format) from `.env`
 2. Compares with current `git remote get-url origin`
-3. **Warns** if mismatch detected: "Repository location mismatch. Run `/project-sync` to update."
+3. **Warns** if mismatch detected: "Repository location mismatch. Run `/setup --sync` to update."
 
 This helps when you:
 - Move a repository to a different organization
@@ -505,9 +495,8 @@ If you get 401, regenerate your token in Gitea.
 # Check venv exists
 ls /path/to/mcp-servers/gitea/.venv
 
-# Reinstall if missing
+# If missing, create venv (do NOT delete existing venvs)
 cd /path/to/mcp-servers/gitea
-rm -rf .venv
 python3 -m venv .venv
 source .venv/bin/activate
 pip install -r requirements.txt
@@ -520,7 +509,8 @@ deactivate
 # Check project .env
 cat .env
 
-# Verify GITEA_REPO matches the Gitea repository name exactly
+# Verify GITEA_REPO is in owner/repo format and matches Gitea exactly
+# Example: GITEA_REPO=my-org/my-repo
 ```
 
 ---
@@ -538,7 +528,7 @@ cat .env
 
 3. **Never type tokens into AI chat**
    - Always edit config files directly in your editor
-   - The `/initial-setup` wizard respects this
+   - The `/setup` wizard respects this
 
 4. **Rotate tokens periodically**
    - Every 6-12 months

docs/DEBUGGING-CHECKLIST.md

@@ -2,7 +2,7 @@
 
 **Purpose:** Systematic approach to diagnose and fix plugin loading issues.
 
-Last Updated: 2026-01-22
+Last Updated: 2026-01-28
 
 ---
 
@@ -73,25 +73,19 @@ cd $RUNTIME && ./scripts/setup.sh
 
 ---
 
-## Step 4: Verify Symlink Resolution
+## Step 4: Verify MCP Configuration
 
-Plugins use symlinks to shared MCP servers. Verify they resolve correctly:
+Check `.mcp.json` at marketplace root is correctly configured:
 
 ```bash
 RUNTIME=~/.claude/plugins/marketplaces/leo-claude-mktplace
 
-# Check symlinks exist and resolve
-readlink -f $RUNTIME/plugins/projman/mcp-servers/gitea
-readlink -f $RUNTIME/plugins/pr-review/mcp-servers/gitea
-readlink -f $RUNTIME/plugins/cmdb-assistant/mcp-servers/netbox
+# Check .mcp.json exists and has valid content
+cat $RUNTIME/.mcp.json | jq '.mcpServers | keys'
 
-# Should resolve to:
-# $RUNTIME/mcp-servers/gitea
-# $RUNTIME/mcp-servers/netbox
+# Should list: gitea, netbox, data-platform, viz-platform, contract-validator
 ```
 
-**If broken:** Symlinks are relative. If directory structure differs, they'll break.
-
 ---
 
 ## Step 5: Test MCP Server Startup
@@ -128,7 +122,7 @@ cat ~/.config/claude/netbox.env
 
 # Project-level config (in target project)
 cat /path/to/project/.env
-# Should contain: GITEA_ORG, GITEA_REPO
+# Should contain: GITEA_REPO=owner/repo (e.g., my-org/my-repo)
 ```
 
 ---
@@ -165,10 +159,8 @@ echo -e "\n=== Virtual Environments ==="
 [ -f "$RUNTIME/mcp-servers/gitea/.venv/bin/python" ] && echo "Gitea venv: OK" || echo "Gitea venv: MISSING"
 [ -f "$RUNTIME/mcp-servers/netbox/.venv/bin/python" ] && echo "NetBox venv: OK" || echo "NetBox venv: MISSING"
 
-echo -e "\n=== Symlinks ==="
-[ -L "$RUNTIME/plugins/projman/mcp-servers/gitea" ] && echo "projman->gitea: OK" || echo "projman->gitea: MISSING"
-[ -L "$RUNTIME/plugins/pr-review/mcp-servers/gitea" ] && echo "pr-review->gitea: OK" || echo "pr-review->gitea: MISSING"
-[ -L "$RUNTIME/plugins/cmdb-assistant/mcp-servers/netbox" ] && echo "cmdb-assistant->netbox: OK" || echo "cmdb-assistant->netbox: MISSING"
+echo -e "\n=== MCP Configuration ==="
+[ -f "$RUNTIME/.mcp.json" ] && echo ".mcp.json: OK" || echo ".mcp.json: MISSING"
 
 echo -e "\n=== Config Files ==="
 [ -f ~/.config/claude/gitea.env ] && echo "gitea.env: OK" || echo "gitea.env: MISSING"
@@ -182,10 +174,51 @@ echo -e "\n=== Config Files ==="
 | Issue | Symptom | Fix |
 |-------|---------|-----|
 | Missing venvs | "X MCP servers failed" | `cd ~/.claude/plugins/marketplaces/leo-claude-mktplace && ./scripts/setup.sh` |
-| Broken symlinks | MCP tools not available | Reinstall marketplace or manually recreate symlinks |
+| Missing .mcp.json | MCP tools not available | Check `.mcp.json` exists at marketplace root |
 | Wrong path edits | Changes don't take effect | Edit installed path or reinstall after source changes |
 | Missing credentials | MCP connection errors | Create `~/.config/claude/gitea.env` with API credentials |
 | Invalid hook events | Hooks don't fire | Use only valid event names (see Step 7) |
+| Gitea issues not closing | Merged to non-default branch | Manually close issues (see below) |
+| MCP changes not taking effect | Session caching | Restart Claude Code session (see below) |
+
+### Gitea Auto-Close Behavior
+
+**Issue:** Using `Closes #XX` or `Fixes #XX` in commit/PR messages does NOT auto-close issues when merging to `development`.
+
+**Root Cause:** Gitea only auto-closes issues when merging to the **default branch** (typically `main` or `master`). Merging to `development`, `staging`, or any other branch will NOT trigger auto-close.
+
+**Workaround:**
+1. Use the Gitea MCP tool to manually close issues after merging to development:
+   ```
+   mcp__plugin_projman_gitea__update_issue(issue_number=XX, state="closed")
+   ```
+2. Or close issues via the Gitea web UI
+3. The auto-close keywords will still work when the changes are eventually merged to `main`
+
+**Recommendation:** Include the `Closes #XX` keywords in commits anyway - they'll work when the final merge to `main` happens.
+
+### MCP Session Restart Requirement
+
+**Issue:** Changes to MCP servers, hooks, or plugin configuration don't take effect immediately.
+
+**Root Cause:** Claude Code loads MCP tools and plugin configuration at session start. These are cached in session memory and not reloaded dynamically.
+
+**What requires a session restart:**
+- MCP server code changes (Python files in `mcp-servers/`)
+- Changes to `.mcp.json` files
+- Changes to `hooks/hooks.json`
+- Changes to `plugin.json`
+- Adding new MCP tools or modifying tool signatures
+
+**What does NOT require a restart:**
+- Command/skill markdown files (`.md`) - these are read on invocation
+- Agent markdown files - read when agent is invoked
+
+**Correct workflow after plugin changes:**
+1. Make changes to source files
+2. Run `./scripts/verify-hooks.sh` to validate
+3. Inform user: "Please restart Claude Code for changes to take effect"
+4. **Do NOT clear cache mid-session** - see "Cache Clearing" section
 
 ---
 
@@ -246,8 +279,8 @@ Error: Could not find a suitable TLS CA certificate bundle, invalid path:
 
 Use these commands for automated checking:
 
-- `/debug-report` - Run full diagnostics, create issue if problems found
-- `/debug-review` - Investigate existing diagnostic issues and propose fixes
+- `/debug report` - Run full diagnostics, create issue if problems found
+- `/debug review` - Investigate existing diagnostic issues and propose fixes
 
 ---
 

docs/UPDATING.md

@@ -132,10 +132,8 @@ When updating, review if changes affect the setup workflow:
 ### Dependencies fail to install
 
 ```bash
-# Rebuild virtual environment
+# Install missing dependencies (do NOT delete .venv)
 cd mcp-servers/gitea
-rm -rf .venv
-python3 -m venv .venv
 source .venv/bin/activate
 pip install -r requirements.txt
 deactivate
@@ -164,7 +162,7 @@ If that doesn't work:
    ls ~/.claude/plugins/marketplaces/leo-claude-mktplace/mcp-servers/gitea/.venv
    ls ~/.claude/plugins/marketplaces/leo-claude-mktplace/mcp-servers/netbox/.venv
    ```
-3. If missing, the symlinks won't resolve. Run setup.sh as shown above.
+3. If missing, run setup.sh as shown above.
 4. Restart Claude Code session
 5. Check logs for specific errors
 

mcp-servers/contract-validator/run.sh

@@ -1,4 +1,8 @@
 #!/bin/bash
+# Capture original working directory before any cd operations
+# This should be the user's project directory when launched by Claude Code
+export CLAUDE_PROJECT_DIR="${CLAUDE_PROJECT_DIR:-$PWD}"
+
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 CACHE_VENV="$HOME/.cache/claude-mcp-venvs/leo-claude-mktplace/contract-validator/.venv"
 LOCAL_VENV="$SCRIPT_DIR/.venv"

mcp-servers/data-platform/run.sh

@@ -1,4 +1,8 @@
 #!/bin/bash
+# Capture original working directory before any cd operations
+# This should be the user's project directory when launched by Claude Code
+export CLAUDE_PROJECT_DIR="${CLAUDE_PROJECT_DIR:-$PWD}"
+
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 CACHE_VENV="$HOME/.cache/claude-mcp-venvs/leo-claude-mktplace/data-platform/.venv"
 LOCAL_VENV="$SCRIPT_DIR/.venv"

mcp-servers/gitea/mcp_server/gitea_client.py

@@ -53,6 +53,7 @@ class GiteaClient:
         self,
         state: str = 'open',
         labels: Optional[List[str]] = None,
+        milestone: Optional[str] = None,
         repo: Optional[str] = None
     ) -> List[Dict]:
         """
@@ -61,6 +62,7 @@ class GiteaClient:
         Args:
             state: Issue state (open, closed, all)
             labels: Filter by labels
+            milestone: Filter by milestone title (exact match)
             repo: Repository in 'owner/repo' format
 
         Returns:
@@ -71,6 +73,8 @@ class GiteaClient:
         params = {'state': state}
         if labels:
             params['labels'] = ','.join(labels)
+        if milestone:
+            params['milestones'] = milestone
         logger.info(f"Listing issues from {owner}/{target_repo} with state={state}")
         response = self.session.get(url, params=params)
         response.raise_for_status()
@@ -135,9 +139,24 @@ class GiteaClient:
         body: Optional[str] = None,
         state: Optional[str] = None,
         labels: Optional[List[str]] = None,
+        milestone: Optional[int] = None,
         repo: Optional[str] = None
     ) -> Dict:
-        """Update existing issue. Repo must be 'owner/repo' format."""
+        """
+        Update existing issue.
+
+        Args:
+            issue_number: Issue number to update
+            title: New title (optional)
+            body: New body (optional)
+            state: New state - 'open' or 'closed' (optional)
+            labels: New labels (optional)
+            milestone: Milestone ID to assign (optional)
+            repo: Repository in 'owner/repo' format
+
+        Returns:
+            Updated issue dictionary
+        """
         owner, target_repo = self._parse_repo(repo)
         url = f"{self.base_url}/repos/{owner}/{target_repo}/issues/{issue_number}"
         data = {}
@@ -149,6 +168,8 @@ class GiteaClient:
             data['state'] = state
         if labels is not None:
             data['labels'] = labels
+        if milestone is not None:
+            data['milestone'] = milestone
         logger.info(f"Updating issue #{issue_number} in {owner}/{target_repo}")
         response = self.session.patch(url, json=data)
         response.raise_for_status()

mcp-servers/gitea/mcp_server/server.py

@@ -26,6 +26,44 @@ logging.getLogger("mcp").setLevel(logging.ERROR)
 logger = logging.getLogger(__name__)
 
 
+def _coerce_types(arguments: dict) -> dict:
+    """
+    Coerce argument types to handle MCP serialization quirks.
+
+    MCP sometimes passes integers as strings and arrays as JSON strings.
+    This function normalizes them to the expected Python types.
+    """
+    coerced = {}
+    for key, value in arguments.items():
+        if value is None:
+            coerced[key] = value
+            continue
+
+        # Coerce integer fields
+        int_fields = {'issue_number', 'milestone_id', 'pr_number', 'depends_on', 'milestone', 'limit'}
+        if key in int_fields and isinstance(value, str):
+            try:
+                coerced[key] = int(value)
+                continue
+            except ValueError:
+                pass
+
+        # Coerce array fields that might be JSON strings
+        array_fields = {'labels', 'tags', 'issue_numbers', 'comments'}
+        if key in array_fields and isinstance(value, str):
+            try:
+                parsed = json.loads(value)
+                if isinstance(parsed, list):
+                    coerced[key] = parsed
+                    continue
+            except json.JSONDecodeError:
+                pass
+
+        coerced[key] = value
+
+    return coerced
+
+
 class GiteaMCPServer:
     """MCP Server for Gitea integration"""
 
@@ -88,6 +126,10 @@ class GiteaMCPServer:
                                 "items": {"type": "string"},
                                 "description": "Filter by labels"
                             },
+                            "milestone": {
+                                "type": "string",
+                                "description": "Filter by milestone title (exact match)"
+                            },
                             "repo": {
                                 "type": "string",
                                 "description": "Repository name (for PMO mode)"
@@ -102,7 +144,7 @@ class GiteaMCPServer:
                         "type": "object",
                         "properties": {
                             "issue_number": {
-                                "type": "integer",
+                                "type": ["integer", "string"],
                                 "description": "Issue number"
                             },
                             "repo": {
@@ -147,7 +189,7 @@ class GiteaMCPServer:
                         "type": "object",
                         "properties": {
                             "issue_number": {
-                                "type": "integer",
+                                "type": ["integer", "string"],
                                 "description": "Issue number"
                             },
                             "title": {
@@ -168,6 +210,10 @@ class GiteaMCPServer:
                                 "items": {"type": "string"},
                                 "description": "New labels"
                             },
+                            "milestone": {
+                                "type": ["integer", "string"],
+                                "description": "Milestone ID to assign"
+                            },
                             "repo": {
                                 "type": "string",
                                 "description": "Repository name (for PMO mode)"
@@ -183,7 +229,7 @@ class GiteaMCPServer:
                         "type": "object",
                         "properties": {
                             "issue_number": {
-                                "type": "integer",
+                                "type": ["integer", "string"],
                                 "description": "Issue number"
                             },
                             "comment": {
@@ -378,7 +424,7 @@ class GiteaMCPServer:
                                 "description": "Tags to filter by (optional)"
                             },
                             "limit": {
-                                "type": "integer",
+                                "type": ["integer", "string"],
                                 "default": 20,
                                 "description": "Maximum results"
                             },
@@ -389,6 +435,19 @@ class GiteaMCPServer:
                         }
                     }
                 ),
+                Tool(
+                    name="allocate_rfc_number",
+                    description="Allocate the next available RFC number by scanning existing RFC wiki pages",
+                    inputSchema={
+                        "type": "object",
+                        "properties": {
+                            "repo": {
+                                "type": "string",
+                                "description": "Repository name (owner/repo format)"
+                            }
+                        }
+                    }
+                ),
                 # Milestone Tools
                 Tool(
                     name="list_milestones",
@@ -416,7 +475,7 @@ class GiteaMCPServer:
                         "type": "object",
                         "properties": {
                             "milestone_id": {
-                                "type": "integer",
+                                "type": ["integer", "string"],
                                 "description": "Milestone ID"
                             },
                             "repo": {
@@ -460,7 +519,7 @@ class GiteaMCPServer:
                         "type": "object",
                         "properties": {
                             "milestone_id": {
-                                "type": "integer",
+                                "type": ["integer", "string"],
                                 "description": "Milestone ID"
                             },
                             "title": {
@@ -495,7 +554,7 @@ class GiteaMCPServer:
                         "type": "object",
                         "properties": {
                             "milestone_id": {
-                                "type": "integer",
+                                "type": ["integer", "string"],
                                 "description": "Milestone ID"
                             },
                             "repo": {
@@ -514,7 +573,7 @@ class GiteaMCPServer:
                         "type": "object",
                         "properties": {
                             "issue_number": {
-                                "type": "integer",
+                                "type": ["integer", "string"],
                                 "description": "Issue number"
                             },
                             "repo": {
@@ -532,11 +591,11 @@ class GiteaMCPServer:
                         "type": "object",
                         "properties": {
                             "issue_number": {
-                                "type": "integer",
+                                "type": ["integer", "string"],
                                 "description": "Issue that will depend on another"
                             },
                             "depends_on": {
-                                "type": "integer",
+                                "type": ["integer", "string"],
                                 "description": "Issue that blocks issue_number"
                             },
                             "repo": {
@@ -554,11 +613,11 @@ class GiteaMCPServer:
                         "type": "object",
                         "properties": {
                             "issue_number": {
-                                "type": "integer",
+                                "type": ["integer", "string"],
                                 "description": "Issue that depends on another"
                             },
                             "depends_on": {
-                                "type": "integer",
+                                "type": ["integer", "string"],
                                 "description": "Issue being depended on"
                             },
                             "repo": {
@@ -736,7 +795,7 @@ class GiteaMCPServer:
                         "type": "object",
                         "properties": {
                             "pr_number": {
-                                "type": "integer",
+                                "type": ["integer", "string"],
                                 "description": "Pull request number"
                             },
                             "repo": {
@@ -754,7 +813,7 @@ class GiteaMCPServer:
                         "type": "object",
                         "properties": {
                             "pr_number": {
-                                "type": "integer",
+                                "type": ["integer", "string"],
                                 "description": "Pull request number"
                             },
                             "repo": {
@@ -772,7 +831,7 @@ class GiteaMCPServer:
                         "type": "object",
                         "properties": {
                             "pr_number": {
-                                "type": "integer",
+                                "type": ["integer", "string"],
                                 "description": "Pull request number"
                             },
                             "repo": {
@@ -790,7 +849,7 @@ class GiteaMCPServer:
                         "type": "object",
                         "properties": {
                             "pr_number": {
-                                "type": "integer",
+                                "type": ["integer", "string"],
                                 "description": "Pull request number"
                             },
                             "body": {
@@ -809,7 +868,7 @@ class GiteaMCPServer:
                                     "type": "object",
                                     "properties": {
                                         "path": {"type": "string"},
-                                        "position": {"type": "integer"},
+                                        "position": {"type": ["integer", "string"]},
                                         "body": {"type": "string"}
                                     }
                                 },
@@ -830,7 +889,7 @@ class GiteaMCPServer:
                         "type": "object",
                         "properties": {
                             "pr_number": {
-                                "type": "integer",
+                                "type": ["integer", "string"],
                                 "description": "Pull request number"
                             },
                             "body": {
@@ -895,6 +954,9 @@ class GiteaMCPServer:
                 List of TextContent with results
             """
             try:
+                # Coerce types to handle MCP serialization quirks
+                arguments = _coerce_types(arguments)
+
                 # Route to appropriate tool handler
                 if name == "list_issues":
                     result = await self.issue_tools.list_issues(**arguments)
@@ -931,6 +993,10 @@ class GiteaMCPServer:
                         limit=arguments.get('limit', 20),
                         repo=arguments.get('repo')
                     )
+                elif name == "allocate_rfc_number":
+                    result = await self.wiki_tools.allocate_rfc_number(
+                        repo=arguments.get('repo')
+                    )
                 # Milestone tools
                 elif name == "list_milestones":
                     result = await self.milestone_tools.list_milestones(**arguments)

mcp-servers/gitea/mcp_server/tools/issues.py

@@ -7,6 +7,7 @@ Provides async wrappers for issue CRUD operations with:
 - Comprehensive error handling
 """
 import asyncio
+import os
 import subprocess
 import logging
 from typing import List, Dict, Optional
@@ -27,19 +28,34 @@ class IssueTools:
         """
         self.gitea = gitea_client
 
+    def _get_project_directory(self) -> Optional[str]:
+        """
+        Get the user's project directory from environment.
+
+        Returns:
+            Project directory path or None if not set
+        """
+        return os.environ.get('CLAUDE_PROJECT_DIR')
+
     def _get_current_branch(self) -> str:
         """
-        Get current git branch.
+        Get current git branch from user's project directory.
+
+        Uses CLAUDE_PROJECT_DIR environment variable to determine the correct
+        directory for git operations, avoiding the bug where git runs from
+        the installed plugin directory instead of the user's project.
 
         Returns:
             Current branch name or 'unknown' if not in a git repo
         """
         try:
+            project_dir = self._get_project_directory()
             result = subprocess.run(
                 ['git', 'rev-parse', '--abbrev-ref', 'HEAD'],
                 capture_output=True,
                 text=True,
-                check=True
+                check=True,
+                cwd=project_dir  # Run git in project directory, not plugin directory
             )
             return result.stdout.strip()
         except subprocess.CalledProcessError:
@@ -82,6 +98,7 @@ class IssueTools:
         self,
         state: str = 'open',
         labels: Optional[List[str]] = None,
+        milestone: Optional[str] = None,
         repo: Optional[str] = None
     ) -> List[Dict]:
         """
@@ -90,6 +107,7 @@ class IssueTools:
         Args:
             state: Issue state (open, closed, all)
             labels: Filter by labels
+            milestone: Filter by milestone title (exact match)
             repo: Override configured repo (for PMO multi-repo)
 
         Returns:
@@ -108,7 +126,7 @@ class IssueTools:
         loop = asyncio.get_event_loop()
         return await loop.run_in_executor(
             None,
-            lambda: self.gitea.list_issues(state, labels, repo)
+            lambda: self.gitea.list_issues(state, labels, milestone, repo)
         )
 
     async def get_issue(
@@ -184,6 +202,7 @@ class IssueTools:
         body: Optional[str] = None,
         state: Optional[str] = None,
         labels: Optional[List[str]] = None,
+        milestone: Optional[int] = None,
         repo: Optional[str] = None
     ) -> Dict:
         """
@@ -195,6 +214,7 @@ class IssueTools:
             body: New body (optional)
             state: New state - 'open' or 'closed' (optional)
             labels: New labels (optional)
+            milestone: Milestone ID to assign (optional)
             repo: Override configured repo (for PMO multi-repo)
 
         Returns:
@@ -213,7 +233,7 @@ class IssueTools:
         loop = asyncio.get_event_loop()
         return await loop.run_in_executor(
             None,
-            lambda: self.gitea.update_issue(issue_number, title, body, state, labels, repo)
+            lambda: self.gitea.update_issue(issue_number, title, body, state, labels, milestone, repo)
         )
 
     async def add_comment(

mcp-servers/gitea/mcp_server/tools/pull_requests.py

@@ -7,6 +7,7 @@ Provides async wrappers for PR operations with:
 - Comprehensive error handling
 """
 import asyncio
+import os
 import subprocess
 import logging
 from typing import List, Dict, Optional
@@ -27,19 +28,34 @@ class PullRequestTools:
         """
         self.gitea = gitea_client
 
+    def _get_project_directory(self) -> Optional[str]:
+        """
+        Get the user's project directory from environment.
+
+        Returns:
+            Project directory path or None if not set
+        """
+        return os.environ.get('CLAUDE_PROJECT_DIR')
+
     def _get_current_branch(self) -> str:
         """
-        Get current git branch.
+        Get current git branch from user's project directory.
+
+        Uses CLAUDE_PROJECT_DIR environment variable to determine the correct
+        directory for git operations, avoiding the bug where git runs from
+        the installed plugin directory instead of the user's project.
 
         Returns:
             Current branch name or 'unknown' if not in a git repo
         """
         try:
+            project_dir = self._get_project_directory()
             result = subprocess.run(
                 ['git', 'rev-parse', '--abbrev-ref', 'HEAD'],
                 capture_output=True,
                 text=True,
-                check=True
+                check=True,
+                cwd=project_dir  # Run git in project directory, not plugin directory
             )
             return result.stdout.strip()
         except subprocess.CalledProcessError:

mcp-servers/gitea/mcp_server/tools/wiki.py

@@ -4,9 +4,11 @@ Wiki management tools for MCP server.
 Provides async wrappers for wiki operations to support lessons learned:
 - Page CRUD operations
 - Lessons learned creation and search
+- RFC number allocation
 """
 import asyncio
 import logging
+import re
 from typing import List, Dict, Optional
 
 logging.basicConfig(level=logging.INFO)
@@ -147,3 +149,39 @@ class WikiTools:
             lambda: self.gitea.search_lessons(query, tags, repo)
         )
         return results[:limit]
+
+    async def allocate_rfc_number(self, repo: Optional[str] = None) -> Dict:
+        """
+        Allocate the next available RFC number.
+
+        Scans existing wiki pages for RFC-NNNN pattern and returns
+        the next sequential number.
+
+        Args:
+            repo: Repository in owner/repo format
+
+        Returns:
+            Dict with 'next_number' (int) and 'formatted' (str like 'RFC-0001')
+        """
+        pages = await self.list_wiki_pages(repo)
+
+        # Extract RFC numbers from page titles
+        rfc_numbers = []
+        rfc_pattern = re.compile(r'^RFC-(\d{4})')
+
+        for page in pages:
+            title = page.get('title', '')
+            match = rfc_pattern.match(title)
+            if match:
+                rfc_numbers.append(int(match.group(1)))
+
+        # Calculate next number
+        if rfc_numbers:
+            next_num = max(rfc_numbers) + 1
+        else:
+            next_num = 1
+
+        return {
+            'next_number': next_num,
+            'formatted': f'RFC-{next_num:04d}'
+        }

mcp-servers/gitea/run.sh

@@ -1,4 +1,8 @@
 #!/bin/bash
+# Capture original working directory before any cd operations
+# This should be the user's project directory when launched by Claude Code
+export CLAUDE_PROJECT_DIR="${CLAUDE_PROJECT_DIR:-$PWD}"
+
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 CACHE_VENV="$HOME/.cache/claude-mcp-venvs/leo-claude-mktplace/gitea/.venv"
 LOCAL_VENV="$SCRIPT_DIR/.venv"

mcp-servers/netbox/run.sh

@@ -1,4 +1,8 @@
 #!/bin/bash
+# Capture original working directory before any cd operations
+# This should be the user's project directory when launched by Claude Code
+export CLAUDE_PROJECT_DIR="${CLAUDE_PROJECT_DIR:-$PWD}"
+
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 CACHE_VENV="$HOME/.cache/claude-mcp-venvs/leo-claude-mktplace/netbox/.venv"
 LOCAL_VENV="$SCRIPT_DIR/.venv"

mcp-servers/viz-platform/README.md

@@ -112,4 +112,4 @@ pytest tests/ -v
 
 ## Usage
 
-This MCP server is used by the `viz-platform` plugin. See [plugins/viz-platform/README.md](../../plugins/viz-platform/README.md) for usage instructions.
+This MCP server is used by the `viz-platform` plugin. See the plugin's commands in `plugins/viz-platform/commands/` for usage.

mcp-servers/viz-platform/mcp_server/accessibility_tools.py

@@ -0,0 +1,479 @@
+"""
+Accessibility validation tools for color blindness and WCAG compliance.
+
+Provides tools for validating color palettes against color blindness
+simulations and WCAG contrast requirements.
+"""
+import logging
+import math
+from typing import Dict, List, Optional, Any, Tuple
+
+logger = logging.getLogger(__name__)
+
+
+# Color-blind safe palettes
+SAFE_PALETTES = {
+    "categorical": {
+        "name": "Paul Tol's Qualitative",
+        "colors": ["#4477AA", "#EE6677", "#228833", "#CCBB44", "#66CCEE", "#AA3377", "#BBBBBB"],
+        "description": "Distinguishable for all types of color blindness"
+    },
+    "ibm": {
+        "name": "IBM Design",
+        "colors": ["#648FFF", "#785EF0", "#DC267F", "#FE6100", "#FFB000"],
+        "description": "IBM's accessible color palette"
+    },
+    "okabe_ito": {
+        "name": "Okabe-Ito",
+        "colors": ["#E69F00", "#56B4E9", "#009E73", "#F0E442", "#0072B2", "#D55E00", "#CC79A7", "#000000"],
+        "description": "Optimized for all color vision deficiencies"
+    },
+    "tableau_colorblind": {
+        "name": "Tableau Colorblind 10",
+        "colors": ["#006BA4", "#FF800E", "#ABABAB", "#595959", "#5F9ED1",
+                   "#C85200", "#898989", "#A2C8EC", "#FFBC79", "#CFCFCF"],
+        "description": "Industry-standard accessible palette"
+    }
+}
+
+
+# Simulation matrices for color blindness (LMS color space transformation)
+# These approximate how colors appear to people with different types of color blindness
+SIMULATION_MATRICES = {
+    "deuteranopia": {
+        # Green-blind (most common)
+        "severity": "common",
+        "population": "6% males, 0.4% females",
+        "description": "Difficulty distinguishing red from green (green-blind)",
+        "matrix": [
+            [0.625, 0.375, 0.0],
+            [0.700, 0.300, 0.0],
+            [0.0, 0.300, 0.700]
+        ]
+    },
+    "protanopia": {
+        # Red-blind
+        "severity": "common",
+        "population": "2.5% males, 0.05% females",
+        "description": "Difficulty distinguishing red from green (red-blind)",
+        "matrix": [
+            [0.567, 0.433, 0.0],
+            [0.558, 0.442, 0.0],
+            [0.0, 0.242, 0.758]
+        ]
+    },
+    "tritanopia": {
+        # Blue-blind (rare)
+        "severity": "rare",
+        "population": "0.01% total",
+        "description": "Difficulty distinguishing blue from yellow",
+        "matrix": [
+            [0.950, 0.050, 0.0],
+            [0.0, 0.433, 0.567],
+            [0.0, 0.475, 0.525]
+        ]
+    }
+}
+
+
+class AccessibilityTools:
+    """
+    Color accessibility validation tools.
+
+    Validates colors for WCAG compliance and color blindness accessibility.
+    """
+
+    def __init__(self, theme_store=None):
+        """
+        Initialize accessibility tools.
+
+        Args:
+            theme_store: Optional ThemeStore for theme color extraction
+        """
+        self.theme_store = theme_store
+
+    def _hex_to_rgb(self, hex_color: str) -> Tuple[int, int, int]:
+        """Convert hex color to RGB tuple."""
+        hex_color = hex_color.lstrip('#')
+        if len(hex_color) == 3:
+            hex_color = ''.join([c * 2 for c in hex_color])
+        return tuple(int(hex_color[i:i+2], 16) for i in (0, 2, 4))
+
+    def _rgb_to_hex(self, rgb: Tuple[int, int, int]) -> str:
+        """Convert RGB tuple to hex color."""
+        return '#{:02x}{:02x}{:02x}'.format(
+            max(0, min(255, int(rgb[0]))),
+            max(0, min(255, int(rgb[1]))),
+            max(0, min(255, int(rgb[2])))
+        )
+
+    def _get_relative_luminance(self, rgb: Tuple[int, int, int]) -> float:
+        """
+        Calculate relative luminance per WCAG 2.1.
+
+        https://www.w3.org/WAI/GL/wiki/Relative_luminance
+        """
+        def channel_luminance(value: int) -> float:
+            v = value / 255
+            return v / 12.92 if v <= 0.03928 else ((v + 0.055) / 1.055) ** 2.4
+
+        r, g, b = rgb
+        return (
+            0.2126 * channel_luminance(r) +
+            0.7152 * channel_luminance(g) +
+            0.0722 * channel_luminance(b)
+        )
+
+    def _get_contrast_ratio(self, color1: str, color2: str) -> float:
+        """
+        Calculate contrast ratio between two colors per WCAG 2.1.
+
+        Returns ratio between 1:1 and 21:1.
+        """
+        rgb1 = self._hex_to_rgb(color1)
+        rgb2 = self._hex_to_rgb(color2)
+
+        l1 = self._get_relative_luminance(rgb1)
+        l2 = self._get_relative_luminance(rgb2)
+
+        lighter = max(l1, l2)
+        darker = min(l1, l2)
+
+        return (lighter + 0.05) / (darker + 0.05)
+
+    def _simulate_color_blindness(
+        self,
+        hex_color: str,
+        deficiency_type: str
+    ) -> str:
+        """
+        Simulate how a color appears with a specific color blindness type.
+
+        Uses linear RGB transformation approximation.
+        """
+        if deficiency_type not in SIMULATION_MATRICES:
+            return hex_color
+
+        rgb = self._hex_to_rgb(hex_color)
+        matrix = SIMULATION_MATRICES[deficiency_type]["matrix"]
+
+        # Apply transformation matrix
+        r = rgb[0] * matrix[0][0] + rgb[1] * matrix[0][1] + rgb[2] * matrix[0][2]
+        g = rgb[0] * matrix[1][0] + rgb[1] * matrix[1][1] + rgb[2] * matrix[1][2]
+        b = rgb[0] * matrix[2][0] + rgb[1] * matrix[2][1] + rgb[2] * matrix[2][2]
+
+        return self._rgb_to_hex((r, g, b))
+
+    def _get_color_distance(self, color1: str, color2: str) -> float:
+        """
+        Calculate perceptual color distance (CIE76 approximation).
+
+        Returns a value where < 20 means colors may be hard to distinguish.
+        """
+        rgb1 = self._hex_to_rgb(color1)
+        rgb2 = self._hex_to_rgb(color2)
+
+        # Simple Euclidean distance in RGB space (approximation)
+        # For production, should use CIEDE2000
+        return math.sqrt(
+            (rgb1[0] - rgb2[0]) ** 2 +
+            (rgb1[1] - rgb2[1]) ** 2 +
+            (rgb1[2] - rgb2[2]) ** 2
+        )
+
+    async def accessibility_validate_colors(
+        self,
+        colors: List[str],
+        check_types: Optional[List[str]] = None,
+        min_contrast_ratio: float = 4.5
+    ) -> Dict[str, Any]:
+        """
+        Validate a list of colors for accessibility.
+
+        Args:
+            colors: List of hex colors to validate
+            check_types: Color blindness types to check (default: all)
+            min_contrast_ratio: Minimum WCAG contrast ratio (default: 4.5 for AA)
+
+        Returns:
+            Dict with:
+                - issues: List of accessibility issues found
+                - simulations: How colors appear under each deficiency
+                - recommendations: Suggestions for improvement
+                - safe_palettes: Color-blind safe palette suggestions
+        """
+        check_types = check_types or list(SIMULATION_MATRICES.keys())
+        issues = []
+        simulations = {}
+
+        # Normalize colors
+        normalized_colors = [c.upper() if c.startswith('#') else f'#{c.upper()}' for c in colors]
+
+        # Simulate each color blindness type
+        for deficiency in check_types:
+            if deficiency not in SIMULATION_MATRICES:
+                continue
+
+            simulated = [self._simulate_color_blindness(c, deficiency) for c in normalized_colors]
+            simulations[deficiency] = {
+                "original": normalized_colors,
+                "simulated": simulated,
+                "info": SIMULATION_MATRICES[deficiency]
+            }
+
+            # Check if any color pairs become indistinguishable
+            for i in range(len(normalized_colors)):
+                for j in range(i + 1, len(normalized_colors)):
+                    distance = self._get_color_distance(simulated[i], simulated[j])
+                    if distance < 30:  # Threshold for distinguishability
+                        issues.append({
+                            "type": "distinguishability",
+                            "severity": "warning" if distance > 15 else "error",
+                            "colors": [normalized_colors[i], normalized_colors[j]],
+                            "affected_by": [deficiency],
+                            "simulated_colors": [simulated[i], simulated[j]],
+                            "distance": round(distance, 1),
+                            "message": f"Colors may be hard to distinguish for {deficiency} ({SIMULATION_MATRICES[deficiency]['description']})"
+                        })
+
+        # Check contrast ratios against white and black backgrounds
+        for color in normalized_colors:
+            white_contrast = self._get_contrast_ratio(color, "#FFFFFF")
+            black_contrast = self._get_contrast_ratio(color, "#000000")
+
+            if white_contrast < min_contrast_ratio and black_contrast < min_contrast_ratio:
+                issues.append({
+                    "type": "contrast_ratio",
+                    "severity": "error",
+                    "colors": [color],
+                    "white_contrast": round(white_contrast, 2),
+                    "black_contrast": round(black_contrast, 2),
+                    "required": min_contrast_ratio,
+                    "message": f"Insufficient contrast against both white ({white_contrast:.1f}:1) and black ({black_contrast:.1f}:1) backgrounds"
+                })
+
+        # Generate recommendations
+        recommendations = self._generate_recommendations(issues)
+
+        # Calculate overall score
+        error_count = sum(1 for i in issues if i["severity"] == "error")
+        warning_count = sum(1 for i in issues if i["severity"] == "warning")
+
+        if error_count == 0 and warning_count == 0:
+            score = "A"
+        elif error_count == 0 and warning_count <= 2:
+            score = "B"
+        elif error_count <= 2:
+            score = "C"
+        else:
+            score = "D"
+
+        return {
+            "colors_checked": normalized_colors,
+            "overall_score": score,
+            "issue_count": len(issues),
+            "issues": issues,
+            "simulations": simulations,
+            "recommendations": recommendations,
+            "safe_palettes": SAFE_PALETTES
+        }
+
+    async def accessibility_validate_theme(
+        self,
+        theme_name: str
+    ) -> Dict[str, Any]:
+        """
+        Validate a theme's colors for accessibility.
+
+        Args:
+            theme_name: Theme name to validate
+
+        Returns:
+            Dict with accessibility validation results
+        """
+        if not self.theme_store:
+            return {
+                "error": "Theme store not configured",
+                "theme_name": theme_name
+            }
+
+        theme = self.theme_store.get_theme(theme_name)
+        if not theme:
+            available = self.theme_store.list_themes()
+            return {
+                "error": f"Theme '{theme_name}' not found. Available: {available}",
+                "theme_name": theme_name
+            }
+
+        # Extract colors from theme
+        colors = []
+        tokens = theme.get("tokens", {})
+        color_tokens = tokens.get("colors", {})
+
+        def extract_colors(obj, prefix=""):
+            """Recursively extract color values."""
+            if isinstance(obj, str) and (obj.startswith('#') or len(obj) == 6):
+                colors.append(obj if obj.startswith('#') else f'#{obj}')
+            elif isinstance(obj, dict):
+                for key, value in obj.items():
+                    extract_colors(value, f"{prefix}.{key}")
+            elif isinstance(obj, list):
+                for item in obj:
+                    extract_colors(item, prefix)
+
+        extract_colors(color_tokens)
+
+        # Validate extracted colors
+        result = await self.accessibility_validate_colors(colors)
+        result["theme_name"] = theme_name
+
+        # Add theme-specific checks
+        primary = color_tokens.get("primary")
+        background = color_tokens.get("background", {})
+        text = color_tokens.get("text", {})
+
+        if primary and background:
+            bg_color = background.get("base") if isinstance(background, dict) else background
+            if bg_color:
+                contrast = self._get_contrast_ratio(primary, bg_color)
+                if contrast < 4.5:
+                    result["issues"].append({
+                        "type": "primary_contrast",
+                        "severity": "error",
+                        "colors": [primary, bg_color],
+                        "ratio": round(contrast, 2),
+                        "required": 4.5,
+                        "message": f"Primary color has insufficient contrast ({contrast:.1f}:1) against background"
+                    })
+
+        return result
+
+    async def accessibility_suggest_alternative(
+        self,
+        color: str,
+        deficiency_type: str
+    ) -> Dict[str, Any]:
+        """
+        Suggest accessible alternative colors.
+
+        Args:
+            color: Original hex color
+            deficiency_type: Type of color blindness to optimize for
+
+        Returns:
+            Dict with alternative color suggestions
+        """
+        rgb = self._hex_to_rgb(color)
+
+        suggestions = []
+
+        # Suggest shifting hue while maintaining saturation and brightness
+        # For red-green deficiency, shift toward blue or yellow
+        if deficiency_type in ["deuteranopia", "protanopia"]:
+            # Shift toward blue
+            blue_shift = self._rgb_to_hex((
+                max(0, rgb[0] - 50),
+                max(0, rgb[1] - 30),
+                min(255, rgb[2] + 80)
+            ))
+            suggestions.append({
+                "color": blue_shift,
+                "description": "Blue-shifted alternative",
+                "preserves": "approximate brightness"
+            })
+
+            # Shift toward yellow/orange
+            yellow_shift = self._rgb_to_hex((
+                min(255, rgb[0] + 50),
+                min(255, rgb[1] + 30),
+                max(0, rgb[2] - 80)
+            ))
+            suggestions.append({
+                "color": yellow_shift,
+                "description": "Yellow-shifted alternative",
+                "preserves": "approximate brightness"
+            })
+
+        elif deficiency_type == "tritanopia":
+            # For blue-yellow deficiency, shift toward red or green
+            red_shift = self._rgb_to_hex((
+                min(255, rgb[0] + 60),
+                max(0, rgb[1] - 20),
+                max(0, rgb[2] - 40)
+            ))
+            suggestions.append({
+                "color": red_shift,
+                "description": "Red-shifted alternative",
+                "preserves": "approximate brightness"
+            })
+
+        # Add safe palette suggestions
+        for palette_name, palette in SAFE_PALETTES.items():
+            # Find closest color in safe palette
+            min_distance = float('inf')
+            closest = None
+            for safe_color in palette["colors"]:
+                distance = self._get_color_distance(color, safe_color)
+                if distance < min_distance:
+                    min_distance = distance
+                    closest = safe_color
+
+            if closest:
+                suggestions.append({
+                    "color": closest,
+                    "description": f"From {palette['name']} palette",
+                    "palette": palette_name
+                })
+
+        return {
+            "original_color": color,
+            "deficiency_type": deficiency_type,
+            "suggestions": suggestions[:5]  # Limit to 5 suggestions
+        }
+
+    def _generate_recommendations(self, issues: List[Dict[str, Any]]) -> List[str]:
+        """Generate actionable recommendations based on issues."""
+        recommendations = []
+
+        # Check for distinguishability issues
+        distinguishability_issues = [i for i in issues if i["type"] == "distinguishability"]
+        if distinguishability_issues:
+            affected_types = set()
+            for issue in distinguishability_issues:
+                affected_types.update(issue.get("affected_by", []))
+
+            if "deuteranopia" in affected_types or "protanopia" in affected_types:
+                recommendations.append(
+                    "Avoid using red and green as the only differentiators - "
+                    "add patterns, shapes, or labels"
+                )
+
+            recommendations.append(
+                "Consider using a color-blind safe palette like Okabe-Ito or IBM Design"
+            )
+
+        # Check for contrast issues
+        contrast_issues = [i for i in issues if i["type"] in ["contrast_ratio", "primary_contrast"]]
+        if contrast_issues:
+            recommendations.append(
+                "Increase contrast by darkening colors for light backgrounds "
+                "or lightening for dark backgrounds"
+            )
+            recommendations.append(
+                "Use WCAG contrast checker tools to verify text readability"
+            )
+
+        # General recommendations
+        if len(issues) > 0:
+            recommendations.append(
+                "Add secondary visual cues (icons, patterns, labels) "
+                "to not rely solely on color"
+            )
+
+        if not recommendations:
+            recommendations.append(
+                "Color palette appears accessible! Consider adding patterns "
+                "for additional distinguishability"
+            )
+
+        return recommendations

mcp-servers/viz-platform/mcp_server/chart_tools.py

@@ -3,11 +3,21 @@ Chart creation tools using Plotly.
 
 Provides tools for creating data visualizations with automatic theme integration.
 """
+import base64
 import logging
+import os
 from typing import Dict, List, Optional, Any, Union
 
 logger = logging.getLogger(__name__)
 
+# Check for kaleido availability
+KALEIDO_AVAILABLE = False
+try:
+    import kaleido
+    KALEIDO_AVAILABLE = True
+except ImportError:
+    logger.debug("kaleido not installed - chart export will be unavailable")
+
 
 # Default color palette based on Mantine theme
 DEFAULT_COLORS = [
@@ -395,3 +405,129 @@ class ChartTools:
                 "figure": figure,
                 "interactions_added": []
             }
+
+    async def chart_export(
+        self,
+        figure: Dict[str, Any],
+        format: str = "png",
+        width: Optional[int] = None,
+        height: Optional[int] = None,
+        scale: float = 2.0,
+        output_path: Optional[str] = None
+    ) -> Dict[str, Any]:
+        """
+        Export a Plotly chart to a static image format.
+
+        Args:
+            figure: Plotly figure JSON to export
+            format: Output format - png, svg, or pdf
+            width: Image width in pixels (default: from figure or 1200)
+            height: Image height in pixels (default: from figure or 800)
+            scale: Resolution scale factor (default: 2 for retina)
+            output_path: Optional file path to save the image
+
+        Returns:
+            Dict with:
+                - image_data: Base64-encoded image (if no output_path)
+                - file_path: Path to saved file (if output_path provided)
+                - format: Export format used
+                - dimensions: {width, height, scale}
+                - error: Error message if export failed
+        """
+        # Validate format
+        valid_formats = ['png', 'svg', 'pdf']
+        format = format.lower()
+        if format not in valid_formats:
+            return {
+                "error": f"Invalid format '{format}'. Must be one of: {valid_formats}",
+                "format": format,
+                "image_data": None
+            }
+
+        # Check kaleido availability
+        if not KALEIDO_AVAILABLE:
+            return {
+                "error": "kaleido package not installed. Install with: pip install kaleido",
+                "format": format,
+                "image_data": None,
+                "install_hint": "pip install kaleido"
+            }
+
+        # Validate figure
+        if not figure or 'data' not in figure:
+            return {
+                "error": "Invalid figure: must contain 'data' key",
+                "format": format,
+                "image_data": None
+            }
+
+        try:
+            import plotly.graph_objects as go
+            import plotly.io as pio
+
+            # Create Plotly figure object
+            fig = go.Figure(figure)
+
+            # Determine dimensions
+            layout = figure.get('layout', {})
+            export_width = width or layout.get('width') or 1200
+            export_height = height or layout.get('height') or 800
+
+            # Export to bytes
+            image_bytes = pio.to_image(
+                fig,
+                format=format,
+                width=export_width,
+                height=export_height,
+                scale=scale
+            )
+
+            result = {
+                "format": format,
+                "dimensions": {
+                    "width": export_width,
+                    "height": export_height,
+                    "scale": scale,
+                    "effective_width": int(export_width * scale),
+                    "effective_height": int(export_height * scale)
+                }
+            }
+
+            # Save to file or return base64
+            if output_path:
+                # Ensure directory exists
+                output_dir = os.path.dirname(output_path)
+                if output_dir and not os.path.exists(output_dir):
+                    os.makedirs(output_dir, exist_ok=True)
+
+                # Add extension if missing
+                if not output_path.endswith(f'.{format}'):
+                    output_path = f"{output_path}.{format}"
+
+                with open(output_path, 'wb') as f:
+                    f.write(image_bytes)
+
+                result["file_path"] = output_path
+                result["file_size_bytes"] = len(image_bytes)
+            else:
+                # Return as base64
+                result["image_data"] = base64.b64encode(image_bytes).decode('utf-8')
+                result["data_uri"] = f"data:image/{format};base64,{result['image_data']}"
+
+            return result
+
+        except ImportError as e:
+            logger.error(f"Chart export failed - missing dependency: {e}")
+            return {
+                "error": f"Missing dependency for export: {e}",
+                "format": format,
+                "image_data": None,
+                "install_hint": "pip install plotly kaleido"
+            }
+        except Exception as e:
+            logger.error(f"Chart export failed: {e}")
+            return {
+                "error": str(e),
+                "format": format,
+                "image_data": None
+            }

mcp-servers/viz-platform/mcp_server/layout_tools.py

@@ -10,6 +10,46 @@ from uuid import uuid4
 logger = logging.getLogger(__name__)
 
 
+# Standard responsive breakpoints (Mantine/Bootstrap-aligned)
+DEFAULT_BREAKPOINTS = {
+    "xs": {
+        "min_width": "0px",
+        "max_width": "575px",
+        "cols": 1,
+        "spacing": "xs",
+        "description": "Extra small devices (phones, portrait)"
+    },
+    "sm": {
+        "min_width": "576px",
+        "max_width": "767px",
+        "cols": 2,
+        "spacing": "sm",
+        "description": "Small devices (phones, landscape)"
+    },
+    "md": {
+        "min_width": "768px",
+        "max_width": "991px",
+        "cols": 6,
+        "spacing": "md",
+        "description": "Medium devices (tablets)"
+    },
+    "lg": {
+        "min_width": "992px",
+        "max_width": "1199px",
+        "cols": 12,
+        "spacing": "md",
+        "description": "Large devices (desktops)"
+    },
+    "xl": {
+        "min_width": "1200px",
+        "max_width": None,
+        "cols": 12,
+        "spacing": "lg",
+        "description": "Extra large devices (large desktops)"
+    }
+}
+
+
 # Layout templates
 TEMPLATES = {
     "dashboard": {
@@ -365,3 +405,149 @@ class LayoutTools:
             }
             for name, config in FILTER_TYPES.items()
         }
+
+    async def layout_set_breakpoints(
+        self,
+        layout_ref: str,
+        breakpoints: Dict[str, Dict[str, Any]],
+        mobile_first: bool = True
+    ) -> Dict[str, Any]:
+        """
+        Configure responsive breakpoints for a layout.
+
+        Args:
+            layout_ref: Layout name to configure
+            breakpoints: Breakpoint configuration dict:
+                {
+                    "xs": {"cols": 1, "spacing": "xs"},
+                    "sm": {"cols": 2, "spacing": "sm"},
+                    "md": {"cols": 6, "spacing": "md"},
+                    "lg": {"cols": 12, "spacing": "md"},
+                    "xl": {"cols": 12, "spacing": "lg"}
+                }
+            mobile_first: If True, use min-width media queries (default)
+
+        Returns:
+            Dict with:
+                - breakpoints: Complete breakpoint configuration
+                - css_media_queries: Generated CSS media queries
+                - mobile_first: Whether mobile-first approach is used
+        """
+        # Validate layout exists
+        if layout_ref not in self._layouts:
+            return {
+                "error": f"Layout '{layout_ref}' not found. Create it first with layout_create.",
+                "breakpoints": None
+            }
+
+        layout = self._layouts[layout_ref]
+
+        # Validate breakpoint names
+        valid_breakpoints = ["xs", "sm", "md", "lg", "xl"]
+        for bp_name in breakpoints.keys():
+            if bp_name not in valid_breakpoints:
+                return {
+                    "error": f"Invalid breakpoint '{bp_name}'. Must be one of: {valid_breakpoints}",
+                    "breakpoints": layout.get("breakpoints")
+                }
+
+        # Merge with defaults
+        merged_breakpoints = {}
+        for bp_name in valid_breakpoints:
+            default = DEFAULT_BREAKPOINTS[bp_name].copy()
+            if bp_name in breakpoints:
+                default.update(breakpoints[bp_name])
+            merged_breakpoints[bp_name] = default
+
+        # Validate spacing values
+        valid_spacing = ["xs", "sm", "md", "lg", "xl"]
+        for bp_name, bp_config in merged_breakpoints.items():
+            if "spacing" in bp_config and bp_config["spacing"] not in valid_spacing:
+                return {
+                    "error": f"Invalid spacing '{bp_config['spacing']}' for breakpoint '{bp_name}'. Must be one of: {valid_spacing}",
+                    "breakpoints": layout.get("breakpoints")
+                }
+
+        # Validate column counts
+        for bp_name, bp_config in merged_breakpoints.items():
+            if "cols" in bp_config:
+                cols = bp_config["cols"]
+                if not isinstance(cols, int) or cols < 1 or cols > 24:
+                    return {
+                        "error": f"Invalid cols '{cols}' for breakpoint '{bp_name}'. Must be integer between 1 and 24.",
+                        "breakpoints": layout.get("breakpoints")
+                    }
+
+        # Generate CSS media queries
+        css_queries = self._generate_media_queries(merged_breakpoints, mobile_first)
+
+        # Store in layout
+        layout["breakpoints"] = merged_breakpoints
+        layout["mobile_first"] = mobile_first
+        layout["responsive_css"] = css_queries
+
+        return {
+            "layout_ref": layout_ref,
+            "breakpoints": merged_breakpoints,
+            "mobile_first": mobile_first,
+            "css_media_queries": css_queries
+        }
+
+    def _generate_media_queries(
+        self,
+        breakpoints: Dict[str, Dict[str, Any]],
+        mobile_first: bool
+    ) -> List[str]:
+        """Generate CSS media queries for breakpoints."""
+        queries = []
+        bp_order = ["xs", "sm", "md", "lg", "xl"]
+
+        if mobile_first:
+            # Use min-width queries (mobile-first)
+            for bp_name in bp_order[1:]:  # Skip xs (base styles)
+                bp = breakpoints[bp_name]
+                min_width = bp.get("min_width", DEFAULT_BREAKPOINTS[bp_name]["min_width"])
+                if min_width and min_width != "0px":
+                    queries.append(f"@media (min-width: {min_width}) {{ /* {bp_name} styles */ }}")
+        else:
+            # Use max-width queries (desktop-first)
+            for bp_name in reversed(bp_order[:-1]):  # Skip xl (base styles)
+                bp = breakpoints[bp_name]
+                max_width = bp.get("max_width", DEFAULT_BREAKPOINTS[bp_name]["max_width"])
+                if max_width:
+                    queries.append(f"@media (max-width: {max_width}) {{ /* {bp_name} styles */ }}")
+
+        return queries
+
+    async def layout_get_breakpoints(self, layout_ref: str) -> Dict[str, Any]:
+        """
+        Get the breakpoint configuration for a layout.
+
+        Args:
+            layout_ref: Layout name
+
+        Returns:
+            Dict with breakpoint configuration
+        """
+        if layout_ref not in self._layouts:
+            return {
+                "error": f"Layout '{layout_ref}' not found.",
+                "breakpoints": None
+            }
+
+        layout = self._layouts[layout_ref]
+
+        return {
+            "layout_ref": layout_ref,
+            "breakpoints": layout.get("breakpoints", DEFAULT_BREAKPOINTS.copy()),
+            "mobile_first": layout.get("mobile_first", True),
+            "css_media_queries": layout.get("responsive_css", [])
+        }
+
+    def get_default_breakpoints(self) -> Dict[str, Any]:
+        """Get the default breakpoint configuration."""
+        return {
+            "breakpoints": DEFAULT_BREAKPOINTS.copy(),
+            "description": "Standard responsive breakpoints aligned with Mantine/Bootstrap",
+            "mobile_first": True
+        }

mcp-servers/viz-platform/mcp_server/server.py

@@ -17,6 +17,7 @@ from .chart_tools import ChartTools
 from .layout_tools import LayoutTools
 from .theme_tools import ThemeTools
 from .page_tools import PageTools
+from .accessibility_tools import AccessibilityTools
 
 # Suppress noisy MCP validation warnings on stderr
 logging.basicConfig(level=logging.INFO)
@@ -36,6 +37,7 @@ class VizPlatformMCPServer:
         self.layout_tools = LayoutTools()
         self.theme_tools = ThemeTools()
         self.page_tools = PageTools()
+        self.accessibility_tools = AccessibilityTools(theme_store=self.theme_tools.store)
 
     async def initialize(self):
         """Initialize server and load configuration."""
@@ -198,6 +200,46 @@ class VizPlatformMCPServer:
                 }
             ))
 
+            # Chart export tool (Issue #247)
+            tools.append(Tool(
+                name="chart_export",
+                description=(
+                    "Export a Plotly chart to static image format (PNG, SVG, PDF). "
+                    "Requires kaleido package. Returns base64 image data or saves to file."
+                ),
+                inputSchema={
+                    "type": "object",
+                    "properties": {
+                        "figure": {
+                            "type": "object",
+                            "description": "Plotly figure JSON to export"
+                        },
+                        "format": {
+                            "type": "string",
+                            "enum": ["png", "svg", "pdf"],
+                            "description": "Output format (default: png)"
+                        },
+                        "width": {
+                            "type": "integer",
+                            "description": "Image width in pixels (default: 1200)"
+                        },
+                        "height": {
+                            "type": "integer",
+                            "description": "Image height in pixels (default: 800)"
+                        },
+                        "scale": {
+                            "type": "number",
+                            "description": "Resolution scale factor (default: 2 for retina)"
+                        },
+                        "output_path": {
+                            "type": "string",
+                            "description": "Optional file path to save image"
+                        }
+                    },
+                    "required": ["figure"]
+                }
+            ))
+
             # Layout tools (Issue #174)
             tools.append(Tool(
                 name="layout_create",
@@ -280,6 +322,36 @@ class VizPlatformMCPServer:
                 }
             ))
 
+            # Responsive breakpoints tool (Issue #249)
+            tools.append(Tool(
+                name="layout_set_breakpoints",
+                description=(
+                    "Configure responsive breakpoints for a layout. "
+                    "Supports xs, sm, md, lg, xl breakpoints with mobile-first approach. "
+                    "Each breakpoint can define cols, spacing, and other grid properties."
+                ),
+                inputSchema={
+                    "type": "object",
+                    "properties": {
+                        "layout_ref": {
+                            "type": "string",
+                            "description": "Layout name to configure"
+                        },
+                        "breakpoints": {
+                            "type": "object",
+                            "description": (
+                                "Breakpoint config: {xs: {cols, spacing}, sm: {...}, md: {...}, lg: {...}, xl: {...}}"
+                            )
+                        },
+                        "mobile_first": {
+                            "type": "boolean",
+                            "description": "Use mobile-first (min-width) media queries (default: true)"
+                        }
+                    },
+                    "required": ["layout_ref", "breakpoints"]
+                }
+            ))
+
             # Theme tools (Issue #175)
             tools.append(Tool(
                 name="theme_create",
@@ -451,6 +523,77 @@ class VizPlatformMCPServer:
                 }
             ))
 
+            # Accessibility tools (Issue #248)
+            tools.append(Tool(
+                name="accessibility_validate_colors",
+                description=(
+                    "Validate colors for color blind accessibility. "
+                    "Checks contrast ratios for deuteranopia, protanopia, tritanopia. "
+                    "Returns issues, simulations, and accessible palette suggestions."
+                ),
+                inputSchema={
+                    "type": "object",
+                    "properties": {
+                        "colors": {
+                            "type": "array",
+                            "items": {"type": "string"},
+                            "description": "List of hex colors to validate (e.g., ['#228be6', '#40c057'])"
+                        },
+                        "check_types": {
+                            "type": "array",
+                            "items": {"type": "string"},
+                            "description": "Color blindness types to check: deuteranopia, protanopia, tritanopia (default: all)"
+                        },
+                        "min_contrast_ratio": {
+                            "type": "number",
+                            "description": "Minimum WCAG contrast ratio (default: 4.5 for AA)"
+                        }
+                    },
+                    "required": ["colors"]
+                }
+            ))
+
+            tools.append(Tool(
+                name="accessibility_validate_theme",
+                description=(
+                    "Validate a theme's colors for accessibility. "
+                    "Extracts all colors from theme tokens and checks for color blind safety."
+                ),
+                inputSchema={
+                    "type": "object",
+                    "properties": {
+                        "theme_name": {
+                            "type": "string",
+                            "description": "Theme name to validate"
+                        }
+                    },
+                    "required": ["theme_name"]
+                }
+            ))
+
+            tools.append(Tool(
+                name="accessibility_suggest_alternative",
+                description=(
+                    "Suggest accessible alternative colors for a given color. "
+                    "Provides alternatives optimized for specific color blindness types."
+                ),
+                inputSchema={
+                    "type": "object",
+                    "properties": {
+                        "color": {
+                            "type": "string",
+                            "description": "Hex color to find alternatives for"
+                        },
+                        "deficiency_type": {
+                            "type": "string",
+                            "enum": ["deuteranopia", "protanopia", "tritanopia"],
+                            "description": "Color blindness type to optimize for"
+                        }
+                    },
+                    "required": ["color", "deficiency_type"]
+                }
+            ))
+
             return tools
 
         @self.server.call_tool()
@@ -524,6 +667,26 @@ class VizPlatformMCPServer:
                         text=json.dumps(result, indent=2)
                     )]
 
+                elif name == "chart_export":
+                    figure = arguments.get('figure')
+                    if not figure:
+                        return [TextContent(
+                            type="text",
+                            text=json.dumps({"error": "figure is required"}, indent=2)
+                        )]
+                    result = await self.chart_tools.chart_export(
+                        figure=figure,
+                        format=arguments.get('format', 'png'),
+                        width=arguments.get('width'),
+                        height=arguments.get('height'),
+                        scale=arguments.get('scale', 2.0),
+                        output_path=arguments.get('output_path')
+                    )
+                    return [TextContent(
+                        type="text",
+                        text=json.dumps(result, indent=2)
+                    )]
+
                 # Layout tools
                 elif name == "layout_create":
                     layout_name = arguments.get('name')
@@ -568,6 +731,23 @@ class VizPlatformMCPServer:
                         text=json.dumps(result, indent=2)
                     )]
 
+                elif name == "layout_set_breakpoints":
+                    layout_ref = arguments.get('layout_ref')
+                    breakpoints = arguments.get('breakpoints', {})
+                    mobile_first = arguments.get('mobile_first', True)
+                    if not layout_ref:
+                        return [TextContent(
+                            type="text",
+                            text=json.dumps({"error": "layout_ref is required"}, indent=2)
+                        )]
+                    result = await self.layout_tools.layout_set_breakpoints(
+                        layout_ref, breakpoints, mobile_first
+                    )
+                    return [TextContent(
+                        type="text",
+                        text=json.dumps(result, indent=2)
+                    )]
+
                 # Theme tools
                 elif name == "theme_create":
                     theme_name = arguments.get('name')
@@ -669,6 +849,53 @@ class VizPlatformMCPServer:
                         text=json.dumps(result, indent=2)
                     )]
 
+                # Accessibility tools
+                elif name == "accessibility_validate_colors":
+                    colors = arguments.get('colors')
+                    if not colors:
+                        return [TextContent(
+                            type="text",
+                            text=json.dumps({"error": "colors list is required"}, indent=2)
+                        )]
+                    result = await self.accessibility_tools.accessibility_validate_colors(
+                        colors=colors,
+                        check_types=arguments.get('check_types'),
+                        min_contrast_ratio=arguments.get('min_contrast_ratio', 4.5)
+                    )
+                    return [TextContent(
+                        type="text",
+                        text=json.dumps(result, indent=2)
+                    )]
+
+                elif name == "accessibility_validate_theme":
+                    theme_name = arguments.get('theme_name')
+                    if not theme_name:
+                        return [TextContent(
+                            type="text",
+                            text=json.dumps({"error": "theme_name is required"}, indent=2)
+                        )]
+                    result = await self.accessibility_tools.accessibility_validate_theme(theme_name)
+                    return [TextContent(
+                        type="text",
+                        text=json.dumps(result, indent=2)
+                    )]
+
+                elif name == "accessibility_suggest_alternative":
+                    color = arguments.get('color')
+                    deficiency_type = arguments.get('deficiency_type')
+                    if not color or not deficiency_type:
+                        return [TextContent(
+                            type="text",
+                            text=json.dumps({"error": "color and deficiency_type are required"}, indent=2)
+                        )]
+                    result = await self.accessibility_tools.accessibility_suggest_alternative(
+                        color, deficiency_type
+                    )
+                    return [TextContent(
+                        type="text",
+                        text=json.dumps(result, indent=2)
+                    )]
+
                 raise ValueError(f"Unknown tool: {name}")
 
             except Exception as e:

mcp-servers/viz-platform/requirements.txt

@@ -5,6 +5,7 @@ mcp>=0.9.0
 plotly>=5.18.0
 dash>=2.14.0
 dash-mantine-components>=2.0.0
+kaleido>=0.2.1  # For chart export (PNG, SVG, PDF)
 
 # Utilities
 python-dotenv>=1.0.0

mcp-servers/viz-platform/run.sh

@@ -1,4 +1,8 @@
 #!/bin/bash
+# Capture original working directory before any cd operations
+# This should be the user's project directory when launched by Claude Code
+export CLAUDE_PROJECT_DIR="${CLAUDE_PROJECT_DIR:-$PWD}"
+
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 CACHE_VENV="$HOME/.cache/claude-mcp-venvs/leo-claude-mktplace/viz-platform/.venv"
 LOCAL_VENV="$SCRIPT_DIR/.venv"

mcp-servers/viz-platform/tests/test_accessibility_tools.py

@@ -0,0 +1,195 @@
+"""
+Tests for accessibility validation tools.
+"""
+import pytest
+from mcp_server.accessibility_tools import AccessibilityTools
+
+
+@pytest.fixture
+def tools():
+    """Create AccessibilityTools instance."""
+    return AccessibilityTools()
+
+
+class TestHexToRgb:
+    """Tests for _hex_to_rgb method."""
+
+    def test_hex_to_rgb_6_digit(self, tools):
+        """Test 6-digit hex conversion."""
+        assert tools._hex_to_rgb("#FF0000") == (255, 0, 0)
+        assert tools._hex_to_rgb("#00FF00") == (0, 255, 0)
+        assert tools._hex_to_rgb("#0000FF") == (0, 0, 255)
+
+    def test_hex_to_rgb_3_digit(self, tools):
+        """Test 3-digit hex conversion."""
+        assert tools._hex_to_rgb("#F00") == (255, 0, 0)
+        assert tools._hex_to_rgb("#0F0") == (0, 255, 0)
+        assert tools._hex_to_rgb("#00F") == (0, 0, 255)
+
+    def test_hex_to_rgb_lowercase(self, tools):
+        """Test lowercase hex conversion."""
+        assert tools._hex_to_rgb("#ff0000") == (255, 0, 0)
+
+
+class TestContrastRatio:
+    """Tests for _get_contrast_ratio method."""
+
+    def test_black_white_contrast(self, tools):
+        """Test black on white has maximum contrast."""
+        ratio = tools._get_contrast_ratio("#000000", "#FFFFFF")
+        assert ratio == pytest.approx(21.0, rel=0.01)
+
+    def test_same_color_contrast(self, tools):
+        """Test same color has minimum contrast."""
+        ratio = tools._get_contrast_ratio("#FF0000", "#FF0000")
+        assert ratio == pytest.approx(1.0, rel=0.01)
+
+    def test_symmetric_contrast(self, tools):
+        """Test contrast ratio is symmetric."""
+        ratio1 = tools._get_contrast_ratio("#228be6", "#FFFFFF")
+        ratio2 = tools._get_contrast_ratio("#FFFFFF", "#228be6")
+        assert ratio1 == pytest.approx(ratio2, rel=0.01)
+
+
+class TestColorBlindnessSimulation:
+    """Tests for _simulate_color_blindness method."""
+
+    def test_deuteranopia_simulation(self, tools):
+        """Test deuteranopia (green-blind) simulation."""
+        # Red and green should appear more similar
+        original_red = "#FF0000"
+        original_green = "#00FF00"
+
+        simulated_red = tools._simulate_color_blindness(original_red, "deuteranopia")
+        simulated_green = tools._simulate_color_blindness(original_green, "deuteranopia")
+
+        # They should be different from originals
+        assert simulated_red != original_red or simulated_green != original_green
+
+    def test_protanopia_simulation(self, tools):
+        """Test protanopia (red-blind) simulation."""
+        simulated = tools._simulate_color_blindness("#FF0000", "protanopia")
+        # Should return a modified color
+        assert simulated.startswith("#")
+        assert len(simulated) == 7
+
+    def test_tritanopia_simulation(self, tools):
+        """Test tritanopia (blue-blind) simulation."""
+        simulated = tools._simulate_color_blindness("#0000FF", "tritanopia")
+        # Should return a modified color
+        assert simulated.startswith("#")
+        assert len(simulated) == 7
+
+    def test_unknown_deficiency_returns_original(self, tools):
+        """Test unknown deficiency type returns original color."""
+        color = "#FF0000"
+        simulated = tools._simulate_color_blindness(color, "unknown")
+        assert simulated == color
+
+
+class TestAccessibilityValidateColors:
+    """Tests for accessibility_validate_colors method."""
+
+    @pytest.mark.asyncio
+    async def test_validate_single_color(self, tools):
+        """Test validating a single color."""
+        result = await tools.accessibility_validate_colors(["#228be6"])
+        assert "colors_checked" in result
+        assert "overall_score" in result
+        assert "issues" in result
+        assert "safe_palettes" in result
+
+    @pytest.mark.asyncio
+    async def test_validate_problematic_colors(self, tools):
+        """Test similar colors trigger warnings."""
+        # Use colors that are very close in hue, which should be harder to distinguish
+        result = await tools.accessibility_validate_colors(["#FF5555", "#FF6666"])
+        # Similar colors should trigger distinguishability warnings
+        assert "issues" in result
+        # The validation should at least run without errors
+        assert "colors_checked" in result
+        assert len(result["colors_checked"]) == 2
+
+    @pytest.mark.asyncio
+    async def test_validate_contrast_issue(self, tools):
+        """Test low contrast colors trigger contrast warnings."""
+        # Yellow on white has poor contrast
+        result = await tools.accessibility_validate_colors(["#FFFF00"])
+        # Check for contrast issues (yellow may have issues with both black and white)
+        assert "issues" in result
+
+    @pytest.mark.asyncio
+    async def test_validate_with_specific_types(self, tools):
+        """Test validating for specific color blindness types."""
+        result = await tools.accessibility_validate_colors(
+            ["#FF0000", "#00FF00"],
+            check_types=["deuteranopia"]
+        )
+        assert "simulations" in result
+        assert "deuteranopia" in result["simulations"]
+        assert "protanopia" not in result["simulations"]
+
+    @pytest.mark.asyncio
+    async def test_overall_score(self, tools):
+        """Test overall score is calculated."""
+        result = await tools.accessibility_validate_colors(["#228be6", "#ffffff"])
+        assert result["overall_score"] in ["A", "B", "C", "D"]
+
+    @pytest.mark.asyncio
+    async def test_recommendations_generated(self, tools):
+        """Test recommendations are generated for issues."""
+        result = await tools.accessibility_validate_colors(["#FF0000", "#00FF00"])
+        assert "recommendations" in result
+        assert len(result["recommendations"]) > 0
+
+
+class TestAccessibilitySuggestAlternative:
+    """Tests for accessibility_suggest_alternative method."""
+
+    @pytest.mark.asyncio
+    async def test_suggest_alternative_deuteranopia(self, tools):
+        """Test suggesting alternatives for deuteranopia."""
+        result = await tools.accessibility_suggest_alternative("#FF0000", "deuteranopia")
+        assert "original_color" in result
+        assert result["deficiency_type"] == "deuteranopia"
+        assert "suggestions" in result
+        assert len(result["suggestions"]) > 0
+
+    @pytest.mark.asyncio
+    async def test_suggest_alternative_tritanopia(self, tools):
+        """Test suggesting alternatives for tritanopia."""
+        result = await tools.accessibility_suggest_alternative("#0000FF", "tritanopia")
+        assert "suggestions" in result
+        assert len(result["suggestions"]) > 0
+
+    @pytest.mark.asyncio
+    async def test_suggestions_include_safe_palettes(self, tools):
+        """Test suggestions include colors from safe palettes."""
+        result = await tools.accessibility_suggest_alternative("#FF0000", "deuteranopia")
+        palette_suggestions = [
+            s for s in result["suggestions"]
+            if "palette" in s
+        ]
+        assert len(palette_suggestions) > 0
+
+
+class TestSafePalettes:
+    """Tests for safe palette constants."""
+
+    def test_safe_palettes_exist(self, tools):
+        """Test that safe palettes are defined."""
+        from mcp_server.accessibility_tools import SAFE_PALETTES
+        assert "categorical" in SAFE_PALETTES
+        assert "ibm" in SAFE_PALETTES
+        assert "okabe_ito" in SAFE_PALETTES
+        assert "tableau_colorblind" in SAFE_PALETTES
+
+    def test_safe_palettes_have_colors(self, tools):
+        """Test that safe palettes have color lists."""
+        from mcp_server.accessibility_tools import SAFE_PALETTES
+        for palette_name, palette in SAFE_PALETTES.items():
+            assert "colors" in palette
+            assert len(palette["colors"]) > 0
+            # All colors should be valid hex
+            for color in palette["colors"]:
+                assert color.startswith("#")

plugins/clarity-assist/README.md

@@ -1,99 +0,0 @@
-# clarity-assist
-
-Prompt optimization and requirement clarification plugin with neurodivergent-friendly accommodations.
-
-## Overview
-
-clarity-assist helps transform vague, incomplete, or ambiguous requests into clear, actionable specifications. It uses a structured 4-D methodology (Deconstruct, Diagnose, Develop, Deliver) and ND-friendly communication patterns.
-
-## Commands
-
-| Command | Description |
-|---------|-------------|
-| `/clarify` | Full 4-D prompt optimization for complex requests |
-| `/quick-clarify` | Rapid single-pass clarification for simple requests |
-
-## Features
-
-### 4-D Methodology
-
-1. **Deconstruct** - Break down the request into components
-2. **Diagnose** - Analyze gaps and potential issues
-3. **Develop** - Gather clarifications through structured questions
-4. **Deliver** - Produce refined specification
-
-### ND-Friendly Design
-
-- **Option-based questioning** - Always provide 2-4 concrete choices
-- **Chunked questions** - Ask 1-2 questions at a time
-- **Context for questions** - Explain why you're asking
-- **Conflict detection** - Check previous answers before new questions
-- **Progress acknowledgment** - Summarize frequently
-
-### Escalation Protocol
-
-When requests are complex or users seem overwhelmed:
-- Acknowledge complexity
-- Offer to focus on one aspect at a time
-- Build incrementally
-
-## Installation
-
-Add to your project's `.claude/settings.json`:
-
-```json
-{
-  "plugins": ["clarity-assist"]
-}
-```
-
-## Usage
-
-### Full Clarification
-
-```
-/clarify
-
-[Your vague or complex request here]
-```
-
-### Quick Clarification
-
-```
-/quick-clarify
-
-[Your mostly-clear request here]
-```
-
-## Configuration
-
-No configuration required. The plugin uses sensible defaults.
-
-## Output Format
-
-After clarification, you receive a structured specification:
-
-```markdown
-## Clarified Request
-
-### Summary
-[Description of what will be built]
-
-### Scope
-**In Scope:** [items]
-**Out of Scope:** [items]
-
-### Requirements
-[Prioritized table]
-
-### Assumptions
-[List of assumptions]
-```
-
-## Integration
-
-For CLAUDE.md integration instructions, see `claude-md-integration.md`.
-
-## License
-
-MIT

plugins/clarity-assist/agents/clarity-coach.md

@@ -1,5 +1,15 @@
 # Clarity Coach Agent
 
+## Visual Output Requirements
+
+**MANDATORY: Display header at start of every response.**
+
+```
+┌──────────────────────────────────────────────────────────────────┐
+│  💬 CLARITY-ASSIST · Clarity Coach                               │
+└──────────────────────────────────────────────────────────────────┘
+```
+
 ## Role
 
 You are a patient, structured coach specializing in helping users articulate their requirements clearly. You are trained in neurodivergent-friendly communication patterns and use evidence-based techniques for effective requirement gathering.

plugins/clarity-assist/commands/clarify.md

@@ -1,5 +1,13 @@
 # /clarify - Full Prompt Optimization
 
+## Visual Output
+
+```
++----------------------------------------------------------------------+
+|  CLARITY-ASSIST - Prompt Optimization                                |
++----------------------------------------------------------------------+
+```
+
 ## Purpose
 
 Transform vague, incomplete, or ambiguous requests into clear, actionable specifications using the 4-D methodology with neurodivergent-friendly accommodations.
@@ -11,127 +19,46 @@ Transform vague, incomplete, or ambiguous requests into clear, actionable specif
 - Tasks requiring significant context gathering
 - When user seems uncertain about what they want
 
-## 4-D Methodology
+## Skills to Load
 
-### Phase 1: Deconstruct
+Load these skills before proceeding:
 
-Break down the user's request into components:
+- `skills/4d-methodology.md` - Core 4-phase process
+- `skills/nd-accommodations.md` - ND-friendly question patterns
+- `skills/clarification-techniques.md` - Anti-patterns and templates
+- `skills/escalation-patterns.md` - When to adjust approach
 
-1. **Extract explicit requirements** - What was directly stated
-2. **Identify implicit assumptions** - What seems assumed but not stated
-3. **Note ambiguities** - Points that could go multiple ways
-4. **List dependencies** - External factors that might affect implementation
+## Workflow
 
-### Phase 2: Diagnose
-
-Analyze gaps and potential issues:
-
-1. **Missing information** - What do we need to know?
-2. **Conflicting requirements** - Do any stated goals contradict?
-3. **Scope boundaries** - What's in/out of scope?
-4. **Technical constraints** - Platform, language, architecture limits
-
-### Phase 3: Develop
-
-Gather clarifications through structured questioning:
-
-**ND-Friendly Question Rules:**
-- Present 2-4 concrete options (never open-ended alone)
-- Include "Other" for custom responses
-- Ask 1-2 questions at a time maximum
-- Provide brief context for why you're asking
-- Check for conflicts with previous answers
-
-**Example Format:**
-```
-To help me understand the scope better:
-
-**How should errors be handled?**
-1. Silent logging (user sees nothing)
-2. Toast notifications (brief, dismissible)
-3. Modal dialogs (requires user action)
-4. Other
-
-[Context: This affects both UX and how much error-handling code we need]
-```
-
-### Phase 4: Deliver
-
-Produce the refined specification:
-
-```markdown
-## Clarified Request
-
-### Summary
-[1-2 sentence description of what will be built]
-
-### Scope
-**In Scope:**
-- [Item 1]
-- [Item 2]
-
-**Out of Scope:**
-- [Item 1]
-
-### Requirements
-
-| # | Requirement | Priority | Notes |
-|---|-------------|----------|-------|
-| 1 | ... | Must | ... |
-| 2 | ... | Should | ... |
-
-### Assumptions
-- [Assumption made based on conversation]
-
-### Open Questions
-- [Any remaining ambiguities, if any]
-```
-
-## Conflict Detection
-
-Before each question, review previous answers for conflicts:
-
-```
-[Internal check]
-Previous: User said "keep it simple"
-Current question about: Adding configuration options
-Potential conflict: More options = more complexity
-→ Acknowledge: "Earlier you mentioned keeping it simple. With that in mind..."
-```
-
-## Escalation Protocol
-
-If the request is particularly messy or the user seems overwhelmed:
-
-1. Acknowledge the complexity
-2. Offer to start with just ONE aspect
-3. Build incrementally
-
-```
-"This touches a lot of areas. Rather than tackle everything at once,
-let's start with [most critical piece]. Once that's clear, we can
-add the other parts. Sound good?"
-```
-
-## Example Interaction
-
-**User:** Make the app faster
-
-**Clarify Response:**
-
-```
-Let me help clarify what kind of performance improvements you're looking for.
-
-**What type of slowness are you experiencing?**
-1. Initial page load takes too long
-2. Interactions feel sluggish (clicking, typing)
-3. API calls are slow
-4. All of the above
-5. Other
-
-[I'm asking because each has very different solutions]
-```
+1. **Deconstruct** - Break down request into components
+2. **Diagnose** - Identify gaps and conflicts
+3. **Develop** - Gather clarifications via structured questions
+4. **Deliver** - Present refined specification
+5. **Offer RFC Creation** - For feature work, offer to save as RFC
 
 ## Output Format
 
-After gathering all necessary information, use the Deliver phase format to present the clarified specification for user confirmation.
+Use the Deliver phase template from `skills/4d-methodology.md` to present the clarified specification for user confirmation.
+
+## RFC Creation Offer (Step 5)
+
+After presenting the clarified specification, if the request appears to be a feature or enhancement:
+
+```
+---
+
+Would you like to save this as an RFC for formal tracking?
+
+An RFC (Request for Comments) provides:
+- Structured documentation of the proposal
+- Review workflow before implementation
+- Integration with sprint planning
+
+[1] Yes, create RFC from this specification
+[2] No, proceed with implementation directly
+```
+
+If user selects [1]:
+- Pass clarified specification to `/rfc-create`
+- The Summary, Motivation, and Design sections will be populated from the clarified spec
+- User can then refine the RFC and submit for review

plugins/clarity-assist/commands/quick-clarify.md

@@ -1,5 +1,13 @@
 # /quick-clarify - Rapid Clarification Mode
 
+## Visual Output
+
+```
++----------------------------------------------------------------------+
+|  CLARITY-ASSIST - Quick Clarify                                      |
++----------------------------------------------------------------------+
+```
+
 ## Purpose
 
 Single-pass clarification for requests that are mostly clear but need minor disambiguation.
@@ -11,74 +19,27 @@ Single-pass clarification for requests that are mostly clear but need minor disa
 - Follow-up to an already-clarified request
 - Simple feature additions or bug fixes
 
-## Process
+## Skills to Load
 
-### Step 1: Echo Understanding
+- `skills/nd-accommodations.md` - ND-friendly question patterns
+- `skills/clarification-techniques.md` - Echo and micro-summary techniques
+- `skills/escalation-patterns.md` - When to escalate to full /clarify
 
-Restate what you understood in a single sentence:
+## Workflow
 
-```
-"I understand you want [X] that does [Y]."
-```
-
-### Step 2: Quick Disambiguation
-
-If needed, ask ONE multiple-choice question:
-
-```
-**Just to confirm:** Should this [A] or [B]?
-1. [Option A with brief description]
-2. [Option B with brief description]
-3. Both
-4. Neither / Other approach
-```
-
-### Step 3: Proceed or Confirm
-
-If confident (>90%), proceed with a brief confirmation:
-
-```
-"Got it. I'll implement [X with chosen option]. Starting now."
-```
-
-If less confident, offer a micro-summary:
-
-```
-"Quick summary before I start:
-- [Key point 1]
-- [Key point 2]
-- [Assumption made]
-
-Proceed? (Or clarify anything)"
-```
-
-## Example Interaction
-
-**User:** Add a delete button to the user list
-
-**Quick-Clarify Response:**
-
-```
-I'll add a delete button to each row in the user list.
-
-**Should deletion require confirmation?**
-1. Yes - show confirmation dialog (Recommended)
-2. No - delete immediately
-3. Soft delete - mark as deleted but keep data
-
-[Asking because accidental deletions can be problematic]
-```
-
-## Escalation to Full /clarify
-
-If quick-clarify reveals complexity:
-
-```
-"This is more involved than it first appeared - there are
-several decisions to make. Want me to switch to a more
-thorough clarification process? (Just say 'yes' or 'clarify')"
-```
+1. **Echo Understanding** - Restate in a single sentence
+2. **Quick Disambiguation** - Ask ONE multiple-choice question if needed
+3. **Proceed or Confirm** - Start work or offer micro-summary
 
 ## Output Format
 
-For quick-clarify, no formal specification document is needed. Just proceed with the task after brief confirmation, documenting assumptions inline with the work.
+No formal specification document needed. Proceed after brief confirmation, documenting assumptions inline with the work.
+
+## Escalation
+
+If complexity emerges, offer to switch to full `/clarify`:
+
+```
+"This is more involved than it first appeared. Want me to switch
+to a more thorough clarification process?"
+```

plugins/clarity-assist/docs/ND-SUPPORT.md

@@ -0,0 +1,328 @@
+# Neurodivergent Support in clarity-assist
+
+This document describes how clarity-assist is designed to support users with neurodivergent traits, including ADHD, autism, anxiety, and other conditions that affect executive function, sensory processing, or cognitive style.
+
+## Overview
+
+### Purpose
+
+clarity-assist exists to help all users transform vague or incomplete requests into clear, actionable specifications. For neurodivergent users specifically, it addresses common challenges:
+
+- **Executive function difficulties** - Breaking down complex tasks, getting started, managing scope
+- **Working memory limitations** - Keeping track of context across long conversations
+- **Decision fatigue** - Facing too many open-ended choices
+- **Processing style differences** - Preferring structured, predictable interactions
+- **Anxiety around uncertainty** - Needing clear expectations and explicit confirmation
+
+### Philosophy
+
+Our design philosophy centers on three principles:
+
+1. **Reduce cognitive load** - Never force the user to hold too much in their head at once
+2. **Provide structure** - Use consistent, predictable patterns for all interactions
+3. **Respect different communication styles** - Accommodate rather than assume one "right" way to think
+
+## Features for ND Users
+
+### 1. Reduced Cognitive Load
+
+**Prompt Simplification**
+- The 4-D methodology (Deconstruct, Diagnose, Develop, Deliver) breaks down complex requests into manageable phases
+- Users never need to specify everything upfront - clarification happens incrementally
+
+**Task Breakdown**
+- Large requests are decomposed into explicit components
+- Dependencies and relationships are surfaced rather than left implicit
+- Scope boundaries are clearly defined (in-scope vs. out-of-scope)
+
+### 2. Structured Output
+
+**Consistent Formatting**
+- Every clarification session produces the same structured specification:
+  - Summary (1-2 sentences)
+  - Scope (In/Out)
+  - Requirements table (numbered, prioritized)
+  - Assumptions list
+- This predictability reduces the mental effort of parsing responses
+
+**Predictable Patterns**
+- Questions always follow the same format
+- Progress summaries appear at regular intervals
+- Escalation (simple to complex) is always offered, never forced
+
+**Bulleted Lists Over Prose**
+- Requirements are presented as scannable lists, not paragraphs
+- Options are numbered for easy reference
+- Key information is highlighted with bold labels
+
+### 3. Customizable Verbosity
+
+**Detail Levels**
+- `/clarify` - Full methodology for complex requests (more thorough, more questions)
+- `/quick-clarify` - Rapid mode for simple disambiguation (fewer questions, faster)
+
+**User Control**
+- Users can always say "that's enough detail" to end questioning early
+- The plugin offers to break sessions into smaller parts
+- "Good enough for now" is explicitly validated as an acceptable outcome
+
+### 4. Vagueness Detection
+
+The `UserPromptSubmit` hook automatically detects prompts that might benefit from clarification and gently suggests using `/clarify`.
+
+**Detection Signals**
+- Short prompts (< 10 words) without specific technical terms
+- Vague action phrases: "help me", "fix this", "make it better"
+- Ambiguous scope words: "somehow", "something", "stuff", "etc."
+- Open questions without context
+
+**Non-Blocking Approach**
+- The hook never prevents you from proceeding
+- It provides a suggestion with a vagueness score (percentage)
+- You can disable auto-suggestions entirely via environment variable
+
+### 5. Focus Aids
+
+**Task Prioritization**
+- Requirements are tagged as Must/Should/Could/Won't (MoSCoW)
+- Critical items are separated from nice-to-haves
+- Scope creep is explicitly called out and deferred
+
+**Context Switching Warnings**
+- When questions touch multiple areas, the plugin acknowledges the complexity
+- Offers to focus on one aspect at a time
+- Summarizes frequently to rebuild context after interruptions
+
+## How It Works
+
+### The UserPromptSubmit Hook
+
+When you submit a prompt, the vagueness detection hook (`hooks/vagueness-check.sh`) runs automatically:
+
+```
+User submits prompt
+       |
+       v
+Hook reads prompt from stdin
+       |
+       v
+Skip if: empty, starts with /, or contains file paths
+       |
+       v
+Calculate vagueness score (0.0 - 1.0)
+  - Short prompts: +0.3
+  - Vague action phrases: +0.2
+  - Ambiguous scope words: +0.15
+  - Missing technical specifics: +0.2
+  - Short questions without context: +0.15
+       |
+       v
+If score >= threshold (default 0.6):
+  - Output gentle suggestion with [clarity-assist] prefix
+  - Show vagueness percentage
+       |
+       v
+Exit 0 (always non-blocking)
+```
+
+### Example Hook Output
+
+```
+[clarity-assist] Your prompt could benefit from more clarity.
+[clarity-assist] Consider running /clarity-assist to refine your request.
+[clarity-assist] (Vagueness score: 65% - this is a suggestion, not a block)
+```
+
+### The 4-D Methodology
+
+| Phase | What Happens | ND Benefit |
+|-------|--------------|------------|
+| **Deconstruct** | Break request into components | Shows the full picture without overwhelming |
+| **Diagnose** | Identify gaps and conflicts | Surfaces hidden assumptions |
+| **Develop** | Ask structured questions | Option-based, chunked, contextual |
+| **Deliver** | Produce specification | Consistent, scannable format |
+
+## Usage Examples
+
+### Before: Vague Request
+
+```
+User: Make the app faster
+```
+
+This triggers vagueness detection because:
+- Short (4 words)
+- Vague action ("make")
+- No specific technical context
+- No measurable outcome
+
+### After: Clarified with /clarify
+
+```
+User: /clarify Make the app faster
+
+Claude: Let me help clarify what kind of performance improvements you're looking for.
+
+**What type of slowness are you experiencing?**
+1. Initial page load takes too long
+2. Interactions feel sluggish (clicking, typing)
+3. API calls are slow
+4. All of the above
+5. Other
+
+[I'm asking because each has very different solutions]
+```
+
+```
+User: 1
+
+Claude: Initial page load - got it.
+
+**What's an acceptable load time for you?**
+1. Under 1 second (aggressive)
+2. Under 2 seconds (standard)
+3. Under 3 seconds (relaxed)
+4. I don't have a specific target
+
+[This helps me know whether to suggest quick wins or a major optimization effort]
+```
+
+After 2-3 more questions, the user receives:
+
+```markdown
+## Clarified Request
+
+### Summary
+Optimize initial page load time to under 2 seconds by addressing bundle size and initial render blocking resources.
+
+### Scope
+**In Scope:**
+- Bundle analysis and splitting
+- Lazy loading non-critical components
+- Image optimization
+- CSS/JS minification check
+
+**Out of Scope:**
+- Backend API optimization
+- Database query performance
+- CDN setup
+
+### Requirements
+| # | Requirement | Priority | Notes |
+|---|-------------|----------|-------|
+| 1 | Page loads in < 2s on 4G | Must | Measured via Lighthouse |
+| 2 | Largest contentful paint < 1.5s | Should | Core Web Vital |
+| 3 | No layout shift after load | Should | CLS < 0.1 |
+
+### Assumptions
+- Current load time is > 3 seconds (based on "too long" description)
+- Target browsers: modern evergreen (Chrome, Firefox, Safari)
+- Build tooling already configured (webpack/vite)
+```
+
+### Common Patterns Detected
+
+| Pattern | Example | What It Triggers |
+|---------|---------|------------------|
+| Missing context | "Fix the bug" | "Which bug? In which file or feature?" |
+| Ambiguous scope | "Update the user stuff" | "What specifically needs updating?" |
+| Unclear goals | "Make it better" | "Better in what way? Faster? Cleaner? More features?" |
+| Implicit knowledge | "Do it like last time" | "I don't have context from previous sessions" |
+| Conflicting requests | "Keep it simple but add everything" | "Which matters more: simplicity or completeness?" |
+
+### Quick-Clarify Example
+
+For simpler requests that just need minor disambiguation:
+
+```
+User: /quick-clarify Add a delete button to the user list
+
+Claude: I'll add a delete button to each row in the user list.
+
+**Should deletion require confirmation?**
+1. Yes - show confirmation dialog (Recommended)
+2. No - delete immediately
+3. Soft delete - mark as deleted but keep data
+
+[Asking because accidental deletions can be problematic]
+```
+
+```
+User: 1
+
+Claude: Got it. I'll implement a delete button with confirmation dialog. Starting now.
+```
+
+## Configuration Options
+
+### Environment Variables
+
+| Variable | Default | Description |
+|----------|---------|-------------|
+| `CLARITY_ASSIST_AUTO_SUGGEST` | `true` | Enable/disable automatic vagueness detection |
+| `CLARITY_ASSIST_VAGUENESS_THRESHOLD` | `0.6` | Score threshold to trigger suggestion (0.0-1.0) |
+
+### Disabling Auto-Suggestions
+
+If you find the vagueness detection unhelpful, disable it in your shell profile or `.env`:
+
+```bash
+export CLARITY_ASSIST_AUTO_SUGGEST=false
+```
+
+### Adjusting Sensitivity
+
+To make detection more or less sensitive:
+
+```bash
+# More sensitive (suggests more often)
+export CLARITY_ASSIST_VAGUENESS_THRESHOLD=0.4
+
+# Less sensitive (only very vague prompts)
+export CLARITY_ASSIST_VAGUENESS_THRESHOLD=0.8
+```
+
+## Tips for ND Users
+
+### If You're Feeling Overwhelmed
+
+- Use `/quick-clarify` instead of `/clarify` for faster interactions
+- Say "let's focus on just one thing" to narrow scope
+- Ask to "pause and summarize" at any point
+- It's OK to say "I don't know" - the plugin will offer concrete alternatives
+
+### If You Have Executive Function Challenges
+
+- Start with `/clarify` even for tasks you think are simple - it helps with planning
+- The structured specification can serve as a checklist
+- Use the scope boundaries to prevent scope creep
+
+### If You Prefer Detailed Structure
+
+- The 4-D methodology provides a predictable framework
+- All output follows consistent formatting
+- Questions always offer numbered options
+
+### If You Have Anxiety About Getting It Right
+
+- The plugin validates "good enough for now" as acceptable
+- You can always revisit and change earlier answers
+- Assumptions are explicitly listed - nothing is hidden
+
+## Accessibility Notes
+
+- All output uses standard markdown that works with screen readers
+- No time pressure - take as long as you need between responses
+- Questions are designed to be answerable without deep context retrieval
+- Visual patterns (bold, bullets, tables) create scannable structure
+
+## Feedback
+
+If you have suggestions for improving neurodivergent support in clarity-assist, please open an issue at:
+
+https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace/issues
+
+Include the label `clarity-assist` and describe:
+- What challenge you faced
+- What would have helped
+- Any specific accommodations you'd like to see

plugins/clarity-assist/hooks/hooks.json

@@ -0,0 +1,15 @@
+{
+  "hooks": {
+    "UserPromptSubmit": [
+      {
+        "matcher": "",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "${CLAUDE_PLUGIN_ROOT}/hooks/vagueness-check.sh"
+          }
+        ]
+      }
+    ]
+  }
+}

plugins/clarity-assist/hooks/vagueness-check.sh

@@ -0,0 +1,256 @@
+#!/bin/bash
+# clarity-assist vagueness detection hook
+# Analyzes user prompts for vagueness and suggests /clarity-assist when beneficial
+# All output MUST have [clarity-assist] prefix
+# This is a NON-BLOCKING hook - always exits 0
+
+PREFIX="[clarity-assist]"
+
+# Check if auto-suggest is enabled (default: true)
+AUTO_SUGGEST="${CLARITY_ASSIST_AUTO_SUGGEST:-true}"
+if [[ "$AUTO_SUGGEST" != "true" ]]; then
+    exit 0
+fi
+
+# Threshold for vagueness score (default: 0.6)
+THRESHOLD="${CLARITY_ASSIST_VAGUENESS_THRESHOLD:-0.6}"
+
+# Read user prompt from stdin
+PROMPT=""
+if [[ -t 0 ]]; then
+    # No stdin available
+    exit 0
+else
+    PROMPT=$(cat)
+fi
+
+# Skip empty prompts
+if [[ -z "$PROMPT" ]]; then
+    exit 0
+fi
+
+# Skip if prompt is a command (starts with /)
+if [[ "$PROMPT" =~ ^[[:space:]]*/[a-zA-Z] ]]; then
+    exit 0
+fi
+
+# Skip if prompt mentions specific files or paths
+if [[ "$PROMPT" =~ \.(py|js|ts|sh|md|json|yaml|yml|txt|css|html|go|rs|java|c|cpp|h)([[:space:]]|$|[^a-zA-Z]) ]] || \
+   [[ "$PROMPT" =~ [/\\][a-zA-Z0-9_-]+[/\\] ]] || \
+   [[ "$PROMPT" =~ (src|lib|test|docs|plugins|hooks|commands)/ ]]; then
+    exit 0
+fi
+
+# Initialize vagueness score
+SCORE=0
+
+# Count words in the prompt
+WORD_COUNT=$(echo "$PROMPT" | wc -w | tr -d ' ')
+
+# ============================================================================
+# Vagueness Signal Detection
+# ============================================================================
+
+# Signal 1: Very short prompts (< 10 words) are often vague
+if [[ "$WORD_COUNT" -lt 10 ]]; then
+    # But very short specific commands are OK
+    if [[ "$WORD_COUNT" -lt 3 ]]; then
+        # Extremely short - probably intentional or a command
+        :
+    else
+        SCORE=$(echo "$SCORE + 0.3" | bc)
+    fi
+fi
+
+# Signal 2: Vague action phrases (no specific outcome)
+VAGUE_ACTIONS=(
+    "help me"
+    "help with"
+    "do something"
+    "work on"
+    "look at"
+    "check this"
+    "fix it"
+    "fix this"
+    "make it better"
+    "make this better"
+    "improve it"
+    "improve this"
+    "update this"
+    "update it"
+    "change it"
+    "change this"
+    "can you"
+    "could you"
+    "would you"
+    "please help"
+)
+
+PROMPT_LOWER=$(echo "$PROMPT" | tr '[:upper:]' '[:lower:]')
+
+for phrase in "${VAGUE_ACTIONS[@]}"; do
+    if [[ "$PROMPT_LOWER" == *"$phrase"* ]]; then
+        SCORE=$(echo "$SCORE + 0.2" | bc)
+        break
+    fi
+done
+
+# Signal 3: Ambiguous scope indicators
+AMBIGUOUS_SCOPE=(
+    "somehow"
+    "something"
+    "somewhere"
+    "anything"
+    "whatever"
+    "stuff"
+    "things"
+    "etc"
+    "and so on"
+)
+
+for word in "${AMBIGUOUS_SCOPE[@]}"; do
+    if [[ "$PROMPT_LOWER" == *"$word"* ]]; then
+        SCORE=$(echo "$SCORE + 0.15" | bc)
+        break
+    fi
+done
+
+# Signal 4: Missing context indicators (no reference to what/where)
+# Check if prompt lacks specificity markers
+HAS_SPECIFICS=false
+
+# Specific technical terms suggest clarity
+SPECIFIC_MARKERS=(
+    "function"
+    "class"
+    "method"
+    "variable"
+    "error"
+    "bug"
+    "test"
+    "api"
+    "endpoint"
+    "database"
+    "query"
+    "component"
+    "module"
+    "service"
+    "config"
+    "install"
+    "deploy"
+    "build"
+    "run"
+    "execute"
+    "create"
+    "delete"
+    "add"
+    "remove"
+    "implement"
+    "refactor"
+    "migrate"
+    "upgrade"
+    "debug"
+    "log"
+    "exception"
+    "stack"
+    "memory"
+    "performance"
+    "security"
+    "auth"
+    "token"
+    "session"
+    "route"
+    "controller"
+    "model"
+    "view"
+    "template"
+    "schema"
+    "migration"
+    "commit"
+    "branch"
+    "merge"
+    "pull"
+    "push"
+)
+
+for marker in "${SPECIFIC_MARKERS[@]}"; do
+    if [[ "$PROMPT_LOWER" == *"$marker"* ]]; then
+        HAS_SPECIFICS=true
+        break
+    fi
+done
+
+if [[ "$HAS_SPECIFICS" == false ]] && [[ "$WORD_COUNT" -gt 3 ]]; then
+    SCORE=$(echo "$SCORE + 0.2" | bc)
+fi
+
+# Signal 5: Question without context
+if [[ "$PROMPT" =~ \?$ ]] && [[ "$WORD_COUNT" -lt 8 ]]; then
+    # Short questions without specifics are often vague
+    if [[ "$HAS_SPECIFICS" == false ]]; then
+        SCORE=$(echo "$SCORE + 0.15" | bc)
+    fi
+fi
+
+# Cap score at 1.0
+if (( $(echo "$SCORE > 1.0" | bc -l) )); then
+    SCORE="1.0"
+fi
+
+# ============================================================================
+# Feature Request Detection (for RFC suggestion)
+# ============================================================================
+
+FEATURE_REQUEST=false
+
+# Feature request phrases
+FEATURE_PHRASES=(
+    "we should"
+    "it would be nice"
+    "feature request"
+    "idea:"
+    "suggestion:"
+    "what if we"
+    "wouldn't it be great"
+    "i think we need"
+    "we need to add"
+    "we could add"
+    "how about adding"
+    "can we add"
+    "new feature"
+    "enhancement"
+    "proposal"
+)
+
+for phrase in "${FEATURE_PHRASES[@]}"; do
+    if [[ "$PROMPT_LOWER" == *"$phrase"* ]]; then
+        FEATURE_REQUEST=true
+        break
+    fi
+done
+
+# ============================================================================
+# Output suggestion if score exceeds threshold
+# ============================================================================
+
+# Compare score to threshold using bc
+if (( $(echo "$SCORE >= $THRESHOLD" | bc -l) )); then
+    # Format score as percentage for display
+    SCORE_PCT=$(echo "$SCORE * 100" | bc | cut -d'.' -f1)
+
+    # Gentle, non-blocking suggestion
+    echo "$PREFIX Your prompt could benefit from more clarity."
+    echo "$PREFIX Consider running /clarify to refine your request."
+    echo "$PREFIX (Vagueness score: ${SCORE_PCT}% - this is a suggestion, not a block)"
+
+    # Additional RFC suggestion if feature request detected
+    if [[ "$FEATURE_REQUEST" == true ]]; then
+        echo "$PREFIX This looks like a feature idea. Consider /rfc-create to track it formally."
+    fi
+elif [[ "$FEATURE_REQUEST" == true ]]; then
+    # Feature request detected but not vague - still suggest RFC
+    echo "$PREFIX This looks like a feature idea. Consider /rfc-create to track it formally."
+fi
+
+# Always exit 0 - this hook is non-blocking
+exit 0

plugins/clarity-assist/skills/4d-methodology.md

@@ -0,0 +1,76 @@
+# 4-D Methodology for Prompt Clarification
+
+The 4-D methodology transforms vague requests into actionable specifications.
+
+## Phase 1: Deconstruct
+
+Break down the user's request into components:
+
+1. **Extract explicit requirements** - What was directly stated
+2. **Identify implicit assumptions** - What seems assumed but not stated
+3. **Note ambiguities** - Points that could go multiple ways
+4. **List dependencies** - External factors that might affect implementation
+
+## Phase 2: Diagnose
+
+Analyze gaps and potential issues:
+
+1. **Missing information** - What do we need to know?
+2. **Conflicting requirements** - Do any stated goals contradict?
+3. **Scope boundaries** - What is in/out of scope?
+4. **Technical constraints** - Platform, language, architecture limits
+
+## Phase 3: Develop
+
+Gather clarifications through structured questioning:
+
+- Present 2-4 concrete options (never open-ended alone)
+- Include "Other" for custom responses
+- Ask 1-2 questions at a time maximum
+- Provide brief context for why you are asking
+- Check for conflicts with previous answers
+
+**Example Format:**
+```
+To help me understand the scope better:
+
+**How should errors be handled?**
+1. Silent logging (user sees nothing)
+2. Toast notifications (brief, dismissible)
+3. Modal dialogs (requires user action)
+4. Other
+
+[Context: This affects both UX and how much error-handling code we need]
+```
+
+## Phase 4: Deliver
+
+Produce the refined specification:
+
+```markdown
+## Clarified Request
+
+### Summary
+[1-2 sentence description of what will be built]
+
+### Scope
+**In Scope:**
+- [Item 1]
+- [Item 2]
+
+**Out of Scope:**
+- [Item 1]
+
+### Requirements
+
+| # | Requirement | Priority | Notes |
+|---|-------------|----------|-------|
+| 1 | ... | Must | ... |
+| 2 | ... | Should | ... |
+
+### Assumptions
+- [Assumption made based on conversation]
+
+### Open Questions
+- [Any remaining ambiguities, if any]
+```

plugins/clarity-assist/skills/clarification-techniques.md

@@ -0,0 +1,86 @@
+# Clarification Techniques
+
+Structured approaches for disambiguating user requests.
+
+## Anti-Patterns to Detect
+
+### Vague Requests
+**Triggers:** "improve", "fix", "update", "change", "better", "faster", "cleaner"
+
+**Response:** Ask for specific metrics or outcomes
+
+### Scope Creep Signals
+**Triggers:** "while you're at it", "also", "might as well", "and another thing"
+
+**Response:** Acknowledge, then isolate: "I'll note that for after the main task"
+
+### Assumption Gaps
+**Triggers:** References to "the" thing (which thing?), "it" (what?), "there" (where?)
+
+**Response:** Echo back specific understanding
+
+### Conflicting Requirements
+**Triggers:** "Simple but comprehensive", "Fast but thorough", "Minimal but complete"
+
+**Response:** Prioritize: "Which matters more: simplicity or completeness?"
+
+## Question Templates
+
+### For Unclear Purpose
+```
+**What problem does this solve?**
+1. [Specific problem A]
+2. [Specific problem B]
+3. Combination
+4. Different problem: ____
+```
+
+### For Missing Scope
+```
+**What should this include?**
+- [ ] Feature A
+- [ ] Feature B
+- [ ] Feature C
+- [ ] Other: ____
+```
+
+### For Ambiguous Behavior
+```
+**When [trigger event], what should happen?**
+1. [Behavior option A]
+2. [Behavior option B]
+3. Nothing (ignore)
+4. Depends on: ____
+```
+
+### For Technical Decisions
+```
+**Implementation approach:**
+1. [Approach A] - pros: X, cons: Y
+2. [Approach B] - pros: X, cons: Y
+3. Let me decide based on codebase
+4. Need more info about: ____
+```
+
+## Echo Understanding Technique
+
+Before diving into questions, restate understanding:
+
+```
+"I understand you want [X] that does [Y]."
+```
+
+This validates comprehension and gives user a chance to correct early.
+
+## Micro-Summary Technique
+
+For quick confirmations before proceeding:
+
+```
+"Quick summary before I start:
+- [Key point 1]
+- [Key point 2]
+- [Assumption made]
+
+Proceed? (Or clarify anything)"
+```

plugins/clarity-assist/skills/escalation-patterns.md

@@ -0,0 +1,57 @@
+# Escalation Patterns
+
+Guidelines for when to escalate between clarification modes.
+
+## Quick-Clarify to Full Clarify
+
+Escalate when quick-clarify reveals unexpected complexity:
+
+```
+"This is more involved than it first appeared - there are
+several decisions to make. Want me to switch to a more
+thorough clarification process? (Just say 'yes' or 'clarify')"
+```
+
+### Triggers for Escalation
+
+- Multiple ambiguities discovered during quick pass
+- User's answer reveals hidden dependencies
+- Scope expands beyond original understanding
+- Technical constraints emerge that need discussion
+- Conflicting requirements surface
+
+## Full Clarify to Incremental
+
+When user is overwhelmed by full 4-D process:
+
+```
+"This touches a lot of areas. Rather than tackle everything at once,
+let's start with [most critical piece]. Once that's clear, we can
+add the other parts. Sound good?"
+```
+
+### Signs of Overwhelm
+
+- Long pauses or hesitation
+- "I don't know" responses
+- Requesting breaks
+- Contradicting earlier answers
+- Expressing frustration
+
+## Choosing Initial Mode
+
+### Use /quick-clarify When
+
+- Request is fairly clear, just one or two ambiguities
+- User is in a hurry
+- Follow-up to an already-clarified request
+- Simple feature additions or bug fixes
+- Confidence is high (>90%)
+
+### Use /clarify When
+
+- Complex multi-step requests
+- Requirements with multiple possible interpretations
+- Tasks requiring significant context gathering
+- User seems uncertain about what they want
+- First time working on this feature/area

plugins/clarity-assist/skills/nd-accommodations.md

@@ -0,0 +1,74 @@
+# Neurodivergent-Friendly Accommodations
+
+Guidelines for making clarification interactions accessible and comfortable for neurodivergent users.
+
+## Core Principles
+
+### Reduce Cognitive Load
+- Maximum 4 options per question
+- Always include "Other" escape hatch
+- Provide examples, not just descriptions
+- Use numbered lists for easy reference
+
+### Support Working Memory
+- Summarize frequently
+- Reference earlier decisions explicitly
+- Do not assume user remembers context from many turns ago
+- Echo back understanding before proceeding
+
+### Allow Processing Time
+- Do not rapid-fire questions
+- Validate answers before moving on
+- Offer to revisit or change earlier answers
+- One question block at a time
+
+### Manage Overwhelm
+- Offer to break into smaller sessions
+- Prioritize must-haves vs nice-to-haves
+- Provide "good enough for now" options
+- Acknowledge complexity openly
+
+## Question Formatting Rules
+
+**Always do:**
+```
+**How should errors be handled?**
+1. Silent logging (user sees nothing)
+2. Toast notifications (brief, dismissible)
+3. Modal dialogs (requires user action)
+4. Other
+
+[Context: This affects both UX and error-handling complexity]
+```
+
+**Never do:**
+```
+How do you want to handle errors? There are many approaches...
+```
+
+## Conflict Acknowledgment
+
+Before asking about something that might conflict with a previous answer:
+
+```
+[Internal check]
+Previous: User said "keep it simple"
+Current question about: Adding configuration options
+Potential conflict: More options = more complexity
+```
+
+Then acknowledge: "Earlier you mentioned keeping it simple. With that in mind..."
+
+## Escalation for Overwhelm
+
+If the request is particularly complex or user seems overwhelmed:
+
+1. Acknowledge the complexity openly
+2. Offer to start with just ONE aspect
+3. Build incrementally
+
+```
+"This touches a lot of areas. Rather than tackle everything at once,
+let's start with [most critical piece]. Once that's clear, we can
+add the other parts. Sound good?"
+```

plugins/claude-config-maintainer/README.md

@@ -1,99 +0,0 @@
-# Claude Config Maintainer
-
-A Claude Code plugin for creating and maintaining optimized CLAUDE.md configuration files.
-
-## Overview
-
-CLAUDE.md files provide instructions to Claude Code when working with a project. This plugin helps you:
-
-- **Analyze** existing CLAUDE.md files for improvement opportunities
-- **Optimize** structure, clarity, and conciseness
-- **Initialize** new CLAUDE.md files with project-specific content
-
-## Installation
-
-This plugin is part of the Leo Claude Marketplace. Install the marketplace and the plugin will be available.
-
-## Commands
-
-### `/config-analyze`
-Analyze your CLAUDE.md and get a detailed report with scores and recommendations.
-
-```
-/config-analyze
-```
-
-### `/config-optimize`
-Automatically optimize your CLAUDE.md based on best practices.
-
-```
-/config-optimize
-```
-
-### `/config-init`
-Create a new CLAUDE.md tailored to your project.
-
-```
-/config-init
-```
-
-## Best Practices
-
-A good CLAUDE.md should be:
-
-- **Clear** - Easy to understand at a glance
-- **Concise** - No unnecessary content
-- **Complete** - All essential information included
-- **Current** - Up to date with the project
-
-### Recommended Structure
-
-```markdown
-# CLAUDE.md
-
-## Project Overview
-What does this project do?
-
-## Quick Start
-Essential build/test/run commands.
-
-## Critical Rules
-What must Claude NEVER do?
-
-## Architecture (optional)
-Key technical decisions.
-
-## Common Operations (optional)
-Frequent tasks and workflows.
-```
-
-### Length Guidelines
-
-| Project Size | Recommended Lines |
-|-------------|------------------|
-| Small | 50-100 |
-| Medium | 100-200 |
-| Large | 200-400 |
-
-## Scoring System
-
-The analyzer scores CLAUDE.md files on:
-
-- **Structure** (25 pts) - Organization and navigation
-- **Clarity** (25 pts) - Clear, unambiguous instructions
-- **Completeness** (25 pts) - Essential sections present
-- **Conciseness** (25 pts) - Efficient information density
-
-Target score: **70+** for effective Claude Code usage.
-
-## Tips
-
-1. Run `/config-analyze` periodically to maintain quality
-2. Update CLAUDE.md when adding major features
-3. Keep critical rules prominent and clear
-4. Include examples where they add clarity
-5. Remove generic advice that applies to all projects
-
-## Contributing
-
-This plugin is part of the personal-projects/leo-claude-mktplace repository.

plugins/claude-config-maintainer/agents/maintainer.md

@@ -7,6 +7,16 @@ description: CLAUDE.md optimization and maintenance agent
 
 You are the **Maintainer Agent** - a specialist in creating and optimizing CLAUDE.md configuration files for Claude Code projects. Your role is to ensure CLAUDE.md files are clear, concise, well-structured, and follow best practices.
 
+## Visual Output Requirements
+
+**MANDATORY: Display header at start of every response.**
+
+```
+┌──────────────────────────────────────────────────────────────────┐
+│  ⚙️ CONFIG-MAINTAINER · CLAUDE.md Optimization                   │
+└──────────────────────────────────────────────────────────────────┘
+```
+
 ## Your Personality
 
 **Optimization-Focused:**
@@ -267,6 +277,39 @@ Every CLAUDE.md should have:
 1. **Project Overview** - What is this?
 2. **Quick Start** - How do I build/test/run?
 3. **Important Rules** - What must I NOT do?
+4. **Pre-Change Protocol** - Mandatory dependency check before code changes
+
+### Pre-Change Protocol Section (MANDATORY)
+
+**This section is REQUIRED in every CLAUDE.md.** It ensures Claude performs comprehensive dependency analysis before making any code changes.
+
+```markdown
+## ⛔ MANDATORY: Before Any Code Change
+
+**Claude MUST show this checklist BEFORE editing any file:**
+
+### 1. Impact Search Results
+Run and show output of:
+```bash
+grep -rn "PATTERN" --include="*.sh" --include="*.md" --include="*.json" --include="*.py" | grep -v ".git"
+```
+
+### 2. Files That Will Be Affected
+Numbered list of every file to be modified, with the specific change for each.
+
+### 3. Files Searched But Not Changed (and why)
+Proof that related files were checked and determined unchanged.
+
+### 4. Documentation That References This
+List of docs that mention this feature/script/function.
+
+**User verifies this list before Claude proceeds. If Claude skips this, stop immediately.**
+
+### After Changes
+Run the same grep and show results proving no references remain unaddressed.
+```
+
+**When analyzing a CLAUDE.md, flag as HIGH priority issue if this section is missing.**
 
 ### Optional Sections (as needed)
 

plugins/claude-config-maintainer/commands/analyze.md

@@ -4,17 +4,18 @@ description: Analyze CLAUDE.md for optimization opportunities and plugin integra
 
 # Analyze CLAUDE.md
 
-This command analyzes your project's CLAUDE.md file and provides a detailed report on optimization opportunities and plugin integration status.
+Analyze your CLAUDE.md and provide a scored report with recommendations.
 
-## What This Command Does
+## Skills to Load
 
-1. **Read CLAUDE.md** - Locates and reads the project's CLAUDE.md file
-2. **Analyze Structure** - Evaluates organization, headers, and flow
-3. **Check Content** - Reviews clarity, completeness, and conciseness
-4. **Identify Issues** - Finds redundancy, verbosity, and missing sections
-5. **Detect Active Plugins** - Identifies marketplace plugins enabled in the project
-6. **Check Plugin Integration** - Verifies CLAUDE.md references active plugins
-7. **Generate Report** - Provides scored assessment with recommendations
+- skills/visual-header.md
+- skills/analysis-workflow.md
+- skills/optimization-patterns.md
+- skills/pre-change-protocol.md
+
+## Visual Output
+
+Display: `CONFIG-MAINTAINER - CLAUDE.md Analysis`
 
 ## Usage
 
@@ -22,165 +23,27 @@ This command analyzes your project's CLAUDE.md file and provides a detailed repo
 /config-analyze
 ```
 
-Or invoke the maintainer agent directly:
+## Workflow
 
-```
-Analyze the CLAUDE.md file in this project
-```
+1. Locate and parse CLAUDE.md
+2. Evaluate structure, clarity, completeness, conciseness
+3. Find redundancy, verbosity, missing sections
+4. Detect active marketplace plugins
+5. Verify plugin integration in CLAUDE.md
+6. Generate scored report with recommendations
 
-## Analysis Criteria
+## Scoring (100 points)
 
-### Structure (25 points)
-- Logical section ordering
-- Clear header hierarchy
-- Easy navigation
-- Appropriate grouping
-
-### Clarity (25 points)
-- Clear instructions
-- Good examples
-- Unambiguous language
-- Appropriate detail level
-
-### Completeness (25 points)
-- Project overview present
-- Quick start commands documented
-- Critical rules highlighted
-- Key workflows covered
-
-### Conciseness (25 points)
-- No unnecessary repetition
-- Efficient information density
-- Appropriate length for project size
-- No generic filler content
-
-## Plugin Integration Analysis
-
-After the content analysis, the command detects and analyzes marketplace plugin integration:
-
-### Detection Method
-
-1. **Read `.claude/settings.local.json`** - Check for enabled MCP servers
-2. **Map MCP servers to plugins** - Use marketplace registry to identify active plugins:
-   - `gitea` → projman
-   - `netbox` → cmdb-assistant
-3. **Check for hooks** - Identify hook-based plugins (project-hygiene)
-4. **Scan CLAUDE.md** - Look for plugin integration content
-
-### Plugin Coverage Scoring
-
-For each detected plugin, verify CLAUDE.md contains:
-- Plugin section header or mention
-- Available commands documentation
-- MCP tools reference (if applicable)
-- Usage guidelines
-
-Coverage is reported as percentage: `(plugins referenced / plugins detected) * 100`
-
-## Expected Output
-
-```
-CLAUDE.md Analysis Report
-=========================
-
-File: /path/to/project/CLAUDE.md
-Lines: 245
-Last Modified: 2025-01-18
-
-Overall Score: 72/100
-
-Category Scores:
-- Structure:    20/25 (Good)
-- Clarity:      18/25 (Good)
-- Completeness: 22/25 (Excellent)
-- Conciseness:  12/25 (Needs Work)
-
-Strengths:
-+ Clear project overview with good context
-+ Critical rules prominently displayed
-+ Comprehensive coverage of workflows
-
-Issues Found:
-
-1. [HIGH] Verbose explanations (lines 45-78)
-   Section "Running Tests" has 34 lines that could be 8 lines.
-   Impact: Harder to scan, important info buried
-
-2. [MEDIUM] Duplicate content (lines 102-115, 189-200)
-   Same git workflow documented twice.
-   Impact: Maintenance burden, inconsistency risk
-
-3. [MEDIUM] Missing Quick Start section
-   No clear "how to get started" instructions.
-   Impact: Slower onboarding for Claude
-
-4. [LOW] Inconsistent header formatting
-   Mix of "## Title" and "## Title:" styles.
-   Impact: Minor readability issue
-
-Recommendations:
-1. Add Quick Start section at top (priority: high)
-2. Condense Testing section to essentials (priority: high)
-3. Remove duplicate git workflow (priority: medium)
-4. Standardize header formatting (priority: low)
-
-Estimated improvement: 15-20 points after changes
-
----
-
-Plugin Integration Analysis
-===========================
-
-Detected Active Plugins:
-  ✓ projman (via gitea MCP server)
-  ✓ cmdb-assistant (via netbox MCP server)
-  ✓ project-hygiene (via PostToolUse hook)
-
-Plugin Coverage: 33% (1/3 plugins referenced)
-
-  ✓ projman - Referenced in CLAUDE.md
-  ✗ cmdb-assistant - NOT referenced
-  ✗ project-hygiene - NOT referenced
-
-Missing Integration Content:
-
-1. cmdb-assistant
-   Add infrastructure management commands and NetBox MCP tools reference.
-
-2. project-hygiene
-   Add cleanup hook documentation and configuration options.
-
----
-
-Would you like me to:
-[1] Implement all content recommendations
-[2] Add missing plugin integrations to CLAUDE.md
-[3] Do both (recommended)
-[4] Show preview of changes first
-```
-
-## When to Use
-
-Run `/config-analyze` when:
-- Setting up a new project with existing CLAUDE.md
-- CLAUDE.md feels too long or hard to use
-- Claude seems to miss instructions
-- Before major project changes
-- Periodic maintenance (quarterly)
-- After installing new marketplace plugins
-- When Claude doesn't seem to use available plugin tools
+| Category | Points |
+|----------|--------|
+| Structure | 25 |
+| Clarity | 25 |
+| Completeness | 25 |
+| Conciseness | 25 |
 
 ## Follow-Up Actions
 
-After analysis, you can:
-- Run `/config-optimize` to automatically improve the file
-- Manually address specific issues
-- Request detailed recommendations for any section
-- Compare with best practice templates
-
-## Tips
-
-- Run analysis after significant project changes
-- Address HIGH priority issues first
-- Keep scores above 70/100 for best results
-- Re-analyze after making changes to verify improvement
+1. Implement content recommendations
+2. Add missing plugin integrations
+3. Do both (recommended)
+4. Show preview first

plugins/claude-config-maintainer/commands/config-diff.md

@@ -0,0 +1,48 @@
+---
+description: Show diff between current CLAUDE.md and last commit
+---
+
+# Compare CLAUDE.md Changes
+
+Show differences between CLAUDE.md versions to track configuration drift.
+
+## Skills to Load
+
+- skills/visual-header.md
+- skills/diff-analysis.md
+
+## Visual Output
+
+Display: `CONFIG-MAINTAINER - CLAUDE.md Diff`
+
+## Usage
+
+```
+/config-diff                           # Working vs last commit
+/config-diff --commit=abc1234          # Working vs specific commit
+/config-diff --from=v1.0 --to=v2.0     # Compare two commits
+/config-diff --section="Critical Rules"  # Specific section only
+```
+
+## Workflow
+
+1. Find project's CLAUDE.md file
+2. Show diff against target revision
+3. Group changes by affected sections
+4. Explain behavioral implications
+
+## Options
+
+| Option | Description |
+|--------|-------------|
+| `--commit=REF` | Compare against specific commit |
+| `--from=REF` | Starting point |
+| `--to=REF` | Ending point (default: HEAD) |
+| `--section=NAME` | Show only specific section |
+| `--stat` | Statistics only |
+
+## When to Use
+
+- Before committing CLAUDE.md changes
+- Reviewing changes after pull
+- Debugging unexpected behavior

plugins/claude-config-maintainer/commands/config-lint.md

@@ -0,0 +1,48 @@
+---
+description: Lint CLAUDE.md for common anti-patterns and best practices
+---
+
+# Lint CLAUDE.md
+
+Check CLAUDE.md against best practices and detect common anti-patterns.
+
+## Skills to Load
+
+- skills/visual-header.md
+- skills/lint-rules.md
+
+## Visual Output
+
+Display: `CONFIG-MAINTAINER - CLAUDE.md Lint`
+
+## Usage
+
+```
+/config-lint                         # Full lint
+/config-lint --fix                   # Auto-fix issues
+/config-lint --rules=security        # Check specific category
+```
+
+## Workflow
+
+1. Parse markdown structure and hierarchy
+2. Check for hardcoded paths, secrets, sensitive data
+3. Identify content anti-patterns
+4. Verify consistent formatting
+5. Generate report with fix suggestions
+
+## Options
+
+| Option | Description |
+|--------|-------------|
+| `--fix` | Auto-fix issues |
+| `--rules=LIST` | Check specific categories |
+| `--ignore=LIST` | Skip specified rules |
+| `--severity=LEVEL` | Filter by severity |
+| `--strict` | Treat warnings as errors |
+
+## When to Use
+
+- Before committing CLAUDE.md changes
+- During code review
+- Periodically as maintenance

plugins/claude-config-maintainer/commands/init.md

@@ -4,208 +4,46 @@ description: Initialize a new CLAUDE.md file for a project
 
 # Initialize CLAUDE.md
 
-This command creates a new CLAUDE.md file tailored to your project, gathering context and generating appropriate content.
+Create a new CLAUDE.md file tailored to your project.
 
-## What This Command Does
+## Skills to Load
 
-1. **Gather Context** - Analyzes project structure and asks clarifying questions
-2. **Detect Stack** - Identifies technologies, frameworks, and tools
-3. **Generate Content** - Creates tailored CLAUDE.md sections
-4. **Review & Refine** - Allows customization before saving
-5. **Save File** - Creates the CLAUDE.md in project root
+- skills/visual-header.md
+- skills/claude-md-structure.md
+- skills/pre-change-protocol.md
+
+## Visual Output
+
+Display: `CONFIG-MAINTAINER - CLAUDE.md Initialization`
 
 ## Usage
 
 ```
-/config-init
+/config-init                    # Interactive
+/config-init --minimal          # Minimal version
+/config-init --comprehensive    # Detailed version
 ```
 
-Or with options:
+## Workflow
 
-```
-/config-init --template=api        # Use API project template
-/config-init --minimal             # Create minimal version
-/config-init --comprehensive       # Create detailed version
-```
-
-## Initialization Workflow
-
-```
-CLAUDE.md Initialization
-========================
-
-Step 1: Project Analysis
-------------------------
-Scanning project structure...
-
-Detected:
-- Language: Python 3.11
-- Framework: FastAPI
-- Package Manager: pip (requirements.txt found)
-- Testing: pytest
-- Docker: Yes (Dockerfile found)
-- Git: Yes (.git directory)
-
-Step 2: Clarifying Questions
-----------------------------
-
-1. Project Description:
-   What does this project do? (1-2 sentences)
-   > [User provides description]
-
-2. Build/Run Commands:
-   Detected commands - are these correct?
-   - Install: pip install -r requirements.txt
-   - Test: pytest
-   - Run: uvicorn main:app --reload
-   [Y/n/edit]
-
-3. Critical Rules:
-   Any rules Claude MUST follow?
-   Examples: "Never modify migrations", "Always use type hints"
-   > [User provides rules]
-
-4. Sensitive Areas:
-   Any files/directories Claude should be careful with?
-   > [User provides or skips]
-
-Step 3: Generate CLAUDE.md
---------------------------
-
-Generating content based on:
-- Project type: FastAPI web API
-- Detected technologies
-- Your provided context
-
-Preview:
-
----
-# CLAUDE.md
-
-## Project Overview
-[Generated description]
-
-## Quick Start
-
-```bash
-pip install -r requirements.txt  # Install dependencies
-pytest                           # Run tests
-uvicorn main:app --reload        # Start dev server
-```
-
-## Architecture
-[Generated based on structure]
-
-## Critical Rules
-[Your provided rules]
-
-## File Structure
-[Generated from analysis]
----
-
-Save this CLAUDE.md? [Y/n/edit]
-
-Step 4: Complete
-----------------
-
-CLAUDE.md created successfully!
-
-Location: /path/to/project/CLAUDE.md
-Lines: 87
-Score: 85/100 (following best practices)
-
-Recommendations:
-- Run /config-analyze periodically to maintain quality
-- Update when adding major features
-- Add troubleshooting section as issues are discovered
-```
+1. Analyze project structure, ask clarifying questions
+2. Detect technologies, frameworks, tools
+3. Generate tailored CLAUDE.md sections
+4. Allow review and customization
+5. Save file in project root
 
 ## Templates
 
-### Minimal Template
-For small projects or when starting fresh:
-- Project Overview (required)
-- Quick Start (required)
-- Critical Rules (required)
+| Template | Sections |
+|----------|----------|
+| Minimal | Overview, Quick Start, Critical Rules, Pre-Change Protocol |
+| Standard | + Architecture, Common Operations, File Structure |
+| Comprehensive | + Troubleshooting, Integration Points, Workflow |
 
-### Standard Template (default)
-For typical projects:
-- Project Overview
-- Quick Start
-- Architecture
-- Critical Rules
-- Common Operations
-- File Structure
-
-### Comprehensive Template
-For large or complex projects:
-- All standard sections plus:
-- Detailed Architecture
-- Troubleshooting
-- Integration Points
-- Development Workflow
-- Deployment Notes
-
-## Auto-Detection
-
-The command automatically detects:
-
-| What | How |
-|------|-----|
-| Language | File extensions, config files |
-| Framework | package.json, requirements.txt, etc. |
-| Build system | Makefile, package.json scripts, etc. |
-| Testing | pytest.ini, jest.config, etc. |
-| Docker | Dockerfile, docker-compose.yml |
-| Database | Connection strings, ORM configs |
-
-## Customization
-
-After generation, you can:
-- Edit any section before saving
-- Add additional sections
-- Remove unnecessary sections
-- Adjust detail level
-- Add project-specific content
+**Note:** Pre-Change Protocol is MANDATORY in all templates.
 
 ## When to Use
 
-Run `/config-init` when:
 - Starting a new project
 - Project lacks CLAUDE.md
-- Existing CLAUDE.md is outdated/poor quality
-- Taking over an unfamiliar project
-
-## Tips
-
-1. **Provide accurate description** - This shapes the whole file
-2. **Include critical rules** - What must Claude never do?
-3. **Review generated content** - Auto-detection isn't perfect
-4. **Start minimal, grow as needed** - Add sections when required
-5. **Keep it current** - Update when project changes significantly
-
-## Examples
-
-### For a CLI Tool
-```
-/config-init
-
-> Description: CLI tool for managing cloud infrastructure
-> Critical rules: Never delete resources without confirmation, always show dry-run first
-```
-
-### For a Web App
-```
-/config-init
-
-> Description: E-commerce platform with React frontend and Node.js backend
-> Critical rules: Never expose API keys, always validate user input, follow the existing component patterns
-```
-
-### For a Library
-```
-/config-init --template=minimal
-
-> Description: Python library for parsing log files
-> Critical rules: Maintain backward compatibility, all public functions need docstrings
-```
+- Taking over unfamiliar project

plugins/claude-config-maintainer/commands/optimize.md

@@ -4,175 +4,47 @@ description: Optimize CLAUDE.md structure and content
 
 # Optimize CLAUDE.md
 
-This command automatically optimizes your project's CLAUDE.md file based on best practices and identified issues.
+Automatically optimize CLAUDE.md based on best practices.
 
-## What This Command Does
+## Skills to Load
 
-1. **Analyze Current File** - Identifies all optimization opportunities
-2. **Plan Changes** - Determines what to restructure, condense, or add
-3. **Show Preview** - Displays before/after comparison
-4. **Apply Changes** - Updates the file with your approval
-5. **Verify Results** - Confirms improvements achieved
+- skills/visual-header.md
+- skills/optimization-patterns.md
+- skills/pre-change-protocol.md
+- skills/claude-md-structure.md
+
+## Visual Output
+
+Display: `CONFIG-MAINTAINER - CLAUDE.md Optimization`
 
 ## Usage
 
 ```
-/config-optimize
+/config-optimize                # Full optimization
+/config-optimize --condense     # Reduce verbosity
+/config-optimize --dry-run      # Preview only
 ```
 
-Or specify specific optimizations:
+## Workflow
 
-```
-/config-optimize --condense        # Focus on reducing verbosity
-/config-optimize --restructure     # Focus on reorganization
-/config-optimize --add-missing     # Focus on adding missing sections
-```
-
-## Optimization Actions
-
-### Restructure
-- Reorder sections by importance
-- Group related content together
-- Improve header hierarchy
-- Add navigation aids
-
-### Condense
-- Remove redundant explanations
-- Convert verbose text to bullet points
-- Eliminate duplicate content
-- Shorten overly detailed sections
-
-### Enhance
-- Add missing essential sections
-- Improve unclear instructions
-- Add helpful examples
-- Highlight critical rules
-
-### Format
-- Standardize header styles
-- Fix code block formatting
-- Align list formatting
-- Improve table layouts
-
-## Expected Output
-
-```
-CLAUDE.md Optimization
-======================
-
-Current Analysis:
-- Score: 72/100
-- Lines: 245
-- Issues: 4
-
-Planned Optimizations:
-
-1. ADD: Quick Start section (new, ~15 lines)
-   + Build command
-   + Test command
-   + Run command
-
-2. CONDENSE: Testing section (34 → 8 lines)
-   Before: Verbose explanation with redundant setup info
-   After: Concise command reference with comments
-
-3. REMOVE: Duplicate git workflow (lines 189-200)
-   Keeping: Original at lines 102-115
-
-4. FORMAT: Standardize headers
-   Changing 12 headers from "## Title:" to "## Title"
-
-Preview Changes? [Y/n] y
-
---- CLAUDE.md (before)
-+++ CLAUDE.md (after)
-
-@@ -1,5 +1,20 @@
- # CLAUDE.md
-
-+## Quick Start
-+
-+```bash
-+# Install dependencies
-+pip install -r requirements.txt
-+
-+# Run tests
-+pytest
-+
-+# Start development server
-+python manage.py runserver
-+```
-+
- ## Project Overview
- ...
-
-[Full diff shown]
-
-Apply these changes? [Y/n] y
-
-Optimization Complete!
-- Previous score: 72/100
-- New score: 89/100
-- Lines reduced: 245 → 198 (-19%)
-- Issues resolved: 4/4
-
-Backup saved to: .claude/backups/CLAUDE.md.2025-01-18
-```
-
-## Safety Features
-
-### Backup Creation
-- Automatic backup before changes
-- Stored in `.claude/backups/`
-- Easy restoration if needed
-
-### Preview Mode
-- All changes shown before applying
-- Diff format for easy review
-- Option to approve/reject
-
-### Selective Application
-- Can apply individual changes
-- Skip specific optimizations
-- Iterative refinement
+1. Identify optimization opportunities
+2. Plan restructure, condense, or add actions
+3. Show before/after preview
+4. Apply changes with approval
+5. Verify improvements
 
 ## Options
 
 | Option | Description |
 |--------|-------------|
-| `--dry-run` | Show changes without applying |
-| `--no-backup` | Skip backup creation |
+| `--dry-run` | Preview without applying |
+| `--no-backup` | Skip backup |
 | `--aggressive` | Maximum condensation |
-| `--preserve-comments` | Keep all existing comments |
-| `--section=NAME` | Optimize specific section only |
+| `--section=NAME` | Optimize specific section |
 
-## When to Use
+**Priority:** Add Pre-Change Protocol if missing.
 
-Run `/config-optimize` when:
-- Analysis shows score below 70
-- File has grown too long
-- Structure needs reorganization
-- Missing critical sections
-- After major refactoring
+## Safety
 
-## Best Practices
-
-1. **Run analysis first** - Understand current state
-2. **Review preview carefully** - Ensure nothing important lost
-3. **Test after changes** - Verify Claude follows instructions
-4. **Keep backups** - Restore if issues arise
-5. **Iterate** - Multiple small optimizations beat one large one
-
-## Rollback
-
-If optimization causes issues:
-
-```bash
-# Restore from backup
-cp .claude/backups/CLAUDE.md.TIMESTAMP ./CLAUDE.md
-```
-
-Or ask:
-```
-Restore CLAUDE.md from the most recent backup
-```
+- Auto backup to `.claude/backups/`
+- Preview before applying

plugins/claude-config-maintainer/hooks/hooks.json

@@ -2,8 +2,13 @@
   "hooks": {
     "SessionStart": [
       {
-        "type": "command",
-        "command": "${CLAUDE_PLUGIN_ROOT}/hooks/enforce-rules.sh"
+        "matcher": "",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "${CLAUDE_PLUGIN_ROOT}/hooks/enforce-rules.sh"
+          }
+        ]
       }
     ]
   }

plugins/claude-config-maintainer/skills/analysis-workflow.md

@@ -0,0 +1,112 @@
+# CLAUDE.md Analysis Workflow
+
+This skill defines the workflow for analyzing CLAUDE.md files.
+
+## Analysis Steps
+
+1. **Locate File** - Find CLAUDE.md in project root
+2. **Parse Structure** - Extract headers and sections
+3. **Evaluate Content** - Score against criteria
+4. **Detect Plugins** - Identify active marketplace plugins
+5. **Check Integration** - Verify plugin references
+6. **Generate Report** - Provide scored assessment
+
+## Content Analysis
+
+### What to Check
+
+| Area | Check For |
+|------|-----------|
+| Structure | Header hierarchy, section ordering, grouping |
+| Clarity | Clear instructions, examples, unambiguous language |
+| Completeness | Required sections present, workflows documented |
+| Conciseness | No redundancy, efficient density, appropriate length |
+
+### Required Sections Check
+
+1. Project Overview - present?
+2. Quick Start - present with commands?
+3. Critical Rules - present?
+4. **Pre-Change Protocol** - present? (HIGH PRIORITY if missing)
+
+## Plugin Integration Analysis
+
+### Detection Method
+
+1. Read `.claude/settings.local.json` for enabled MCP servers
+2. Map MCP servers to plugins:
+   - `gitea` -> projman
+   - `netbox` -> cmdb-assistant
+3. Check for hook-based plugins (project-hygiene)
+4. Scan CLAUDE.md for plugin references
+
+### Coverage Scoring
+
+For each detected plugin, verify CLAUDE.md contains:
+- Plugin section header or mention
+- Available commands documentation
+- MCP tools reference (if applicable)
+- Usage guidelines
+
+Coverage = (plugins referenced / plugins detected) * 100%
+
+## Report Format
+
+```
+CLAUDE.md Analysis Report
+=========================
+
+File: /path/to/project/CLAUDE.md
+Lines: N
+Last Modified: YYYY-MM-DD
+
+Overall Score: NN/100
+
+Category Scores:
+- Structure:    NN/25 (Rating)
+- Clarity:      NN/25 (Rating)
+- Completeness: NN/25 (Rating)
+- Conciseness:  NN/25 (Rating)
+
+Strengths:
++ [Positive finding]
+
+Issues Found:
+
+N. [SEVERITY] Issue description (location)
+   Context explaining the problem.
+   Impact: What happens if not fixed.
+
+Recommendations:
+N. Action to take (priority: high/medium/low)
+
+---
+
+Plugin Integration Analysis
+===========================
+
+Detected Active Plugins:
+  [check] plugin-name (via detection method)
+
+Plugin Coverage: NN% (N/N plugins referenced)
+
+Missing Integration Content:
+N. plugin-name
+   What to add.
+```
+
+## Issue Severity
+
+| Level | When to Use |
+|-------|-------------|
+| HIGH | Missing mandatory sections, security issues |
+| MEDIUM | Missing recommended content, duplicate content |
+| LOW | Formatting issues, minor improvements |
+
+## Follow-Up Actions
+
+After analysis, offer:
+1. Implement all content recommendations
+2. Add missing plugin integrations
+3. Do both (recommended)
+4. Show preview of changes first

plugins/claude-config-maintainer/skills/claude-md-structure.md

@@ -0,0 +1,113 @@
+# CLAUDE.md Structure Reference
+
+This skill defines the standard structure, required sections, and templates for CLAUDE.md files.
+
+## Required Sections
+
+Every CLAUDE.md MUST have these sections:
+
+| Section | Purpose | Priority |
+|---------|---------|----------|
+| Project Overview | What the project does | Required |
+| Quick Start | Build/test/run commands | Required |
+| Critical Rules | Must-follow constraints | Required |
+| Pre-Change Protocol | Dependency check before edits | **MANDATORY** |
+
+## Recommended Sections
+
+| Section | When to Include |
+|---------|-----------------|
+| Architecture | Complex projects with multiple components |
+| Common Operations | Projects with repetitive tasks |
+| File Structure | Large codebases |
+| Troubleshooting | Projects with known gotchas |
+| Integration Points | Projects with external dependencies |
+
+## Header Hierarchy
+
+```
+# CLAUDE.md (H1 - only one)
+## Section (H2 - main sections)
+### Subsection (H3 - within sections)
+#### Detail (H4 - rarely needed)
+```
+
+**Rules:**
+- Never skip levels (no H3 before H2)
+- Maximum depth: 4 levels
+- No orphaned content before first header
+
+## Templates
+
+### Minimal Template
+For small projects:
+```markdown
+# CLAUDE.md
+
+## Project Overview
+[Description]
+
+## Quick Start
+[Commands]
+
+## Critical Rules
+[Constraints]
+
+## Pre-Change Protocol
+[Mandatory section - see pre-change-protocol.md]
+```
+
+### Standard Template (Default)
+```markdown
+# CLAUDE.md
+
+## Project Overview
+## Quick Start
+## Architecture
+## Critical Rules
+## Pre-Change Protocol
+## Common Operations
+## File Structure
+```
+
+### Comprehensive Template
+For large projects - adds:
+- Detailed Architecture
+- Troubleshooting
+- Integration Points
+- Development Workflow
+- Deployment Notes
+
+## Auto-Detection Signals
+
+| Technology | Detection Method |
+|------------|------------------|
+| Language | File extensions, config files |
+| Framework | package.json, requirements.txt, Cargo.toml |
+| Build system | Makefile, scripts in package.json |
+| Testing | pytest.ini, jest.config.js, go.mod |
+| Docker | Dockerfile, docker-compose.yml |
+| Database | ORM configs, connection strings |
+
+## Section Content Guidelines
+
+### Project Overview
+- 1-3 sentences describing purpose
+- Target audience if relevant
+- Key technologies used
+
+### Quick Start
+- Install command
+- Test command
+- Run command
+- Each with brief inline comment
+
+### Critical Rules
+- Numbered or bulleted list
+- Specific, actionable constraints
+- Include rationale for non-obvious rules
+
+### Architecture
+- High-level component diagram (ASCII or description)
+- Data flow explanation
+- Key file/directory purposes

plugins/claude-config-maintainer/skills/diff-analysis.md

@@ -0,0 +1,97 @@
+# CLAUDE.md Diff Analysis
+
+This skill defines how to analyze and present CLAUDE.md differences.
+
+## Comparison Modes
+
+| Mode | Command | Description |
+|------|---------|-------------|
+| Working vs HEAD | `/config-diff` | Uncommitted changes |
+| Working vs Commit | `--commit=REF` | Changes since specific point |
+| Commit to Commit | `--from=X --to=Y` | Historical comparison |
+| Branch Comparison | `--branch=NAME` | Cross-branch differences |
+
+## Change Indicators
+
+| Symbol | Meaning |
+|--------|---------|
+| `+` | Line added |
+| `-` | Line removed |
+| `@@` | Location marker (line numbers) |
+| `[MODIFIED]` | Section has changes |
+| `[ADDED]` | New section created |
+| `[REMOVED]` | Section deleted |
+| `[UNCHANGED]` | No changes to section |
+
+## Impact Categories
+
+| Category | Meaning |
+|----------|---------|
+| NEW REQUIREMENT | Claude will need to do something new |
+| REMOVED REQUIREMENT | Claude no longer needs to do something |
+| MODIFIED | Existing behavior changed |
+| NEW RULE | New constraint added |
+| RELAXED RULE | Constraint removed or softened |
+
+## Report Format
+
+```
+CLAUDE.md Diff Report
+=====================
+
+File: /path/to/project/CLAUDE.md
+Comparing: [mode description]
+Commit: [ref] "[message]" (time ago)
+
+Summary:
+- Lines added: N
+- Lines removed: N
+- Net change: +/-N lines
+- Sections affected: N
+
+Section Changes:
+----------------
+
+## Section Name [STATUS]
+  +/- Change description
+
+Detailed Diff:
+--------------
+
+--- CLAUDE.md (before)
++++ CLAUDE.md (after)
+
+@@ -N,M +N,M @@
+ context
+-removed
++added
+ context
+
+Behavioral Impact:
+------------------
+
+These changes will affect Claude's behavior:
+
+N. [CATEGORY] Description of impact
+```
+
+## Section-Focused View
+
+When using `--section=NAME`:
+- Filter diff to only that section
+- Show section-specific statistics
+- Highlight behavioral impact for that area
+
+## Troubleshooting
+
+### No changes detected
+- File matches comparison target
+- Verify comparing correct commits
+
+### File not found in commit
+- CLAUDE.md didn't exist at that point
+- Use `git log -- CLAUDE.md` to find creation
+
+### Not a git repository
+- Command requires git history
+- Initialize git or use file backup comparison

plugins/claude-config-maintainer/skills/lint-rules.md

@@ -0,0 +1,136 @@
+# CLAUDE.md Lint Rules
+
+This skill defines all linting rules for validating CLAUDE.md files.
+
+## Rule Categories
+
+### Security Rules (SEC)
+
+| Rule | Description | Severity | Auto-fix |
+|------|-------------|----------|----------|
+| SEC001 | Hardcoded absolute paths | Warning | Yes |
+| SEC002 | Potential secrets/API keys | Error | No |
+| SEC003 | Hardcoded IP addresses | Warning | No |
+| SEC004 | Exposed credentials patterns | Error | No |
+| SEC005 | Hardcoded URLs with tokens | Error | No |
+| SEC006 | Environment variable values (not names) | Warning | No |
+
+### Structure Rules (STR)
+
+| Rule | Description | Severity | Auto-fix |
+|------|-------------|----------|----------|
+| STR001 | Missing required sections | Error | Yes |
+| STR002 | Invalid header hierarchy (h3 before h2) | Warning | Yes |
+| STR003 | Orphaned content before first header | Info | No |
+| STR004 | Excessive nesting depth (>4 levels) | Warning | No |
+| STR005 | Empty sections | Warning | Yes |
+| STR006 | Missing section content | Warning | No |
+
+### Content Rules (CNT)
+
+| Rule | Description | Severity | Auto-fix |
+|------|-------------|----------|----------|
+| CNT001 | Contradictory instructions | Error | No |
+| CNT002 | Vague or ambiguous rules | Warning | No |
+| CNT003 | Overly long sections (>100 lines) | Info | No |
+| CNT004 | Duplicate content | Warning | No |
+| CNT005 | TODO/FIXME in production config | Warning | No |
+| CNT006 | Outdated version references | Info | No |
+| CNT007 | Broken internal links | Warning | No |
+
+### Format Rules (FMT)
+
+| Rule | Description | Severity | Auto-fix |
+|------|-------------|----------|----------|
+| FMT001 | Inconsistent header styles | Info | Yes |
+| FMT002 | Inconsistent list markers | Info | Yes |
+| FMT003 | Missing code block language | Info | Yes |
+| FMT004 | Trailing whitespace | Info | Yes |
+| FMT005 | Missing blank lines around headers | Info | Yes |
+| FMT006 | Inconsistent indentation | Info | Yes |
+
+### Best Practice Rules (BPR)
+
+| Rule | Description | Severity | Auto-fix |
+|------|-------------|----------|----------|
+| BPR001 | No Quick Start section | Warning | No |
+| BPR002 | No Critical Rules section | Warning | No |
+| BPR003 | Instructions without examples | Info | No |
+| BPR004 | Commands without explanation | Info | No |
+| BPR005 | Rules without rationale | Info | No |
+| BPR006 | Missing plugin integration docs | Info | No |
+
+## Anti-Pattern Examples
+
+### SEC002: Hardcoded Secrets
+```markdown
+# BAD
+API_KEY=sk-1234567890abcdef
+
+# GOOD
+API_KEY=$OPENAI_API_KEY  # Set via environment
+```
+
+### SEC001: Hardcoded Paths
+```markdown
+# BAD
+Config file: /home/john/projects/myapp/config.yml
+
+# GOOD
+Config file: ./config.yml
+Config file: $PROJECT_ROOT/config.yml
+```
+
+### CNT001: Contradictory Rules
+```markdown
+# BAD
+- Always use TypeScript
+- JavaScript files are acceptable for scripts
+
+# GOOD
+- Always use TypeScript for source code
+- JavaScript (.js) is acceptable only for config files and scripts
+```
+
+### CNT002: Vague Instructions
+```markdown
+# BAD
+- Be careful with the database
+
+# GOOD
+- Never run DELETE without WHERE clause
+- Always backup before migrations
+```
+
+### STR002: Invalid Hierarchy
+```markdown
+# BAD
+# Main Title
+### Skipped Level
+
+# GOOD
+# Main Title
+## Section
+### Subsection
+```
+
+## Output Format
+
+```
+[SEVERITY] RULE_ID: Description (line N)
+  | Context line showing issue
+  |          ^^^^^^ indicator
+  +-- Explanation of problem
+
+  Suggested fix:
+  - old line
+  + new line
+```
+
+## Severity Levels
+
+| Level | Meaning | Action |
+|-------|---------|--------|
+| Error | Must fix | Blocks commit |
+| Warning | Should fix | Review recommended |
+| Info | Consider fixing | Optional improvement |

plugins/claude-config-maintainer/skills/optimization-patterns.md

@@ -0,0 +1,136 @@
+# CLAUDE.md Optimization Patterns
+
+This skill defines patterns for optimizing CLAUDE.md files.
+
+## Optimization Categories
+
+### Restructure
+- Reorder sections by importance (Quick Start near top)
+- Group related content together
+- Improve header hierarchy
+- Add navigation aids (TOC for long files)
+
+### Condense
+- Remove redundant explanations
+- Convert verbose text to bullet points
+- Eliminate duplicate content
+- Shorten overly detailed sections
+
+### Enhance
+- Add missing essential sections
+- **Add Pre-Change Protocol if missing (HIGH PRIORITY)**
+- Improve unclear instructions
+- Add helpful examples
+- Highlight critical rules
+
+### Format
+- Standardize header styles (no trailing colons)
+- Fix code block formatting (add language tags)
+- Align list formatting (consistent markers)
+- Improve table layouts
+
+## Scoring Criteria
+
+### Structure (25 points)
+- Logical section ordering
+- Clear header hierarchy
+- Easy navigation
+- Appropriate grouping
+
+### Clarity (25 points)
+- Clear instructions
+- Good examples
+- Unambiguous language
+- Appropriate detail level
+
+### Completeness (25 points)
+- Project overview present
+- Quick start commands documented
+- Critical rules highlighted
+- Key workflows covered
+- Pre-Change Protocol present (MANDATORY)
+
+### Conciseness (25 points)
+- No unnecessary repetition
+- Efficient information density
+- Appropriate length for project size
+- No generic filler content
+
+## Score Interpretation
+
+| Score | Rating | Action |
+|-------|--------|--------|
+| 90-100 | Excellent | Maintenance only |
+| 70-89 | Good | Minor improvements |
+| 50-69 | Needs Work | Optimization recommended |
+| Below 50 | Poor | Major restructuring needed |
+
+## Common Optimizations
+
+### Verbose to Concise
+```markdown
+# Before (34 lines)
+## Running Tests
+To run the tests, you first need to make sure you have all the
+dependencies installed. The dependencies are listed in requirements.txt.
+Once you have installed the dependencies, you can run the tests using
+pytest. Pytest will automatically discover all test files...
+
+# After (8 lines)
+## Running Tests
+```bash
+pip install -r requirements.txt  # Install dependencies
+pytest                           # Run all tests
+pytest -v                        # Verbose output
+pytest tests/unit/               # Run specific directory
+```
+```
+
+### Duplicate Removal
+- Keep first occurrence
+- Add cross-reference if needed: "See [Section Name] above"
+
+### Header Standardization
+```markdown
+# Before
+## Quick Start:
+## Architecture
+## Testing:
+
+# After
+## Quick Start
+## Architecture
+## Testing
+```
+
+### Code Block Enhancement
+```markdown
+# Before
+```
+npm install
+npm test
+```
+
+# After
+```bash
+npm install  # Install dependencies
+npm test     # Run test suite
+```
+```
+
+## Safety Features
+
+### Backup Creation
+- Always backup before changes
+- Store in `.claude/backups/CLAUDE.md.TIMESTAMP`
+- Easy restoration if needed
+
+### Preview Mode
+- Show all changes before applying
+- Use diff format for easy review
+- Allow approve/reject per change
+
+### Selective Application
+- Can apply individual changes
+- Skip specific optimizations
+- Iterative refinement supported

plugins/claude-config-maintainer/skills/pre-change-protocol.md

@@ -0,0 +1,83 @@
+# Pre-Change Protocol
+
+This skill defines the mandatory Pre-Change Protocol section that MUST be included in every CLAUDE.md file.
+
+## Why This Is Mandatory
+
+The Pre-Change Protocol prevents the #1 cause of bugs from AI-assisted coding: **incomplete changes where Claude modifies some files but misses others that reference the same code**.
+
+Without this protocol:
+- Claude may rename a function but miss callers
+- Claude may modify a config but miss documentation
+- Claude may update a schema but miss dependent code
+
+## Detection
+
+Search CLAUDE.md for these indicators:
+- Header containing "Pre-Change" or "Before Any Code Change"
+- References to `grep -rn` or impact search
+- Checklist with "Files That Will Be Affected"
+- User verification checkpoint
+
+## Required Section Content
+
+```markdown
+## MANDATORY: Before Any Code Change
+
+**Claude MUST show this checklist BEFORE editing any file:**
+
+### 1. Impact Search Results
+Run and show output of:
+```bash
+grep -rn "PATTERN" --include="*.sh" --include="*.md" --include="*.json" --include="*.py" | grep -v ".git"
+```
+
+### 2. Files That Will Be Affected
+Numbered list of every file to be modified, with the specific change for each.
+
+### 3. Files Searched But Not Changed (and why)
+Proof that related files were checked and determined unchanged.
+
+### 4. Documentation That References This
+List of docs that mention this feature/script/function.
+
+**User verifies this list before Claude proceeds. If Claude skips this, stop immediately.**
+
+### After Changes
+Run the same grep and show results proving no references remain unaddressed.
+```
+
+## Placement
+
+Insert Pre-Change Protocol section:
+- **After:** Critical Rules section
+- **Before:** Common Operations section
+
+## If Missing During Analysis
+
+Flag as **HIGH PRIORITY** issue:
+
+```
+1. [HIGH] Missing Pre-Change Protocol section
+   CLAUDE.md lacks mandatory dependency-check protocol.
+   Impact: Claude may miss file references when making changes,
+   leading to broken dependencies and incomplete updates.
+
+   Recommendation: Add Pre-Change Protocol section immediately.
+   This is the #1 cause of cascading bugs from incomplete changes.
+```
+
+## If Missing During Optimization
+
+**Automatically add the section** at the correct position. This is the highest priority enhancement.
+
+## Variations
+
+The exact wording can vary, but these elements are required:
+
+1. **Search requirement** - Must run grep/search before changes
+2. **Affected files list** - Must enumerate all files to modify
+3. **Non-affected files proof** - Must show what was checked but unchanged
+4. **Documentation check** - Must list referencing docs
+5. **User checkpoint** - Must pause for user verification
+6. **Post-change verification** - Must verify after changes

plugins/claude-config-maintainer/skills/visual-header.md

@@ -0,0 +1,52 @@
+# Visual Header Display
+
+This skill defines the standard visual header for claude-config-maintainer commands.
+
+## Header Format
+
+```
++-----------------------------------------------------------------+
+|  CONFIG-MAINTAINER - [Command Name]                              |
++-----------------------------------------------------------------+
+```
+
+## Command-Specific Headers
+
+### /config-analyze
+```
++-----------------------------------------------------------------+
+|  CONFIG-MAINTAINER - CLAUDE.md Analysis                          |
++-----------------------------------------------------------------+
+```
+
+### /config-optimize
+```
++-----------------------------------------------------------------+
+|  CONFIG-MAINTAINER - CLAUDE.md Optimization                      |
++-----------------------------------------------------------------+
+```
+
+### /config-lint
+```
++-----------------------------------------------------------------+
+|  CONFIG-MAINTAINER - CLAUDE.md Lint                              |
++-----------------------------------------------------------------+
+```
+
+### /config-diff
+```
++-----------------------------------------------------------------+
+|  CONFIG-MAINTAINER - CLAUDE.md Diff                              |
++-----------------------------------------------------------------+
+```
+
+### /config-init
+```
++-----------------------------------------------------------------+
+|  CONFIG-MAINTAINER - CLAUDE.md Initialization                    |
++-----------------------------------------------------------------+
+```
+
+## Usage
+
+Display the header at the start of command execution, before any analysis or output.

plugins/cmdb-assistant/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "cmdb-assistant",
-  "version": "1.1.0",
+  "version": "1.2.0",
   "description": "NetBox CMDB integration with data quality validation - query, create, update, and manage network devices, IP addresses, sites, and more with best practices enforcement",
   "author": {
     "name": "Leo Miranda",
@@ -19,6 +19,5 @@
     "data-quality",
     "validation"
   ],
-  "commands": ["./commands/"],
-  "mcpServers": ["./.mcp.json"]
+  "commands": ["./commands/"]
 }

plugins/cmdb-assistant/.mcp.json

@@ -1,8 +0,0 @@
-{
-  "mcpServers": {
-    "netbox": {
-      "command": "${CLAUDE_PLUGIN_ROOT}/mcp-servers/netbox/run.sh",
-      "args": []
-    }
-  }
-}

plugins/cmdb-assistant/README.md

@@ -1,205 +0,0 @@
-# CMDB Assistant
-
-A Claude Code plugin for NetBox CMDB integration - query, create, update, and manage your network infrastructure directly from Claude Code.
-
-## What's New in v1.1.0
-
-- **Data Quality Validation**: Hooks for SessionStart and PreToolUse that check data quality and warn about missing fields
-- **Best Practices Skill**: Reference documentation for NetBox patterns (naming conventions, dependency order, role management)
-- **`/cmdb-audit`**: Analyze data quality across VMs, devices, naming conventions, and roles
-- **`/cmdb-register`**: Register the current machine into NetBox with all running applications (Docker containers, systemd services)
-- **`/cmdb-sync`**: Synchronize existing machine state with NetBox (detect drift, update with confirmation)
-
-## Features
-
-- **Full CRUD Operations**: Create, read, update, and delete across all NetBox modules
-- **Smart Search**: Find devices, IPs, sites, and more with natural language queries
-- **IP Management**: Allocate IPs, manage prefixes, track VLANs
-- **Infrastructure Documentation**: Document servers, network devices, and connections
-- **Audit Trail**: Review changes and maintain infrastructure history
-- **Data Quality Validation**: Proactive checks for missing site, tenant, platform assignments
-- **Machine Registration**: Auto-discover and register servers with running applications
-- **Drift Detection**: Sync machine state and detect changes over time
-
-## Installation
-
-### Prerequisites
-
-1. A running NetBox instance (v4.x recommended)
-2. NetBox API token with appropriate permissions
-3. The NetBox MCP server configured (see below)
-
-### Configure NetBox Credentials
-
-Create the configuration file:
-
-```bash
-mkdir -p ~/.config/claude
-cat > ~/.config/claude/netbox.env << 'EOF'
-NETBOX_API_URL=https://your-netbox-instance/api
-NETBOX_API_TOKEN=your-api-token-here
-NETBOX_VERIFY_SSL=true
-NETBOX_TIMEOUT=30
-EOF
-```
-
-### Install the Plugin
-
-Add to your Claude Code plugins or marketplace configuration.
-
-## Commands
-
-| Command | Description |
-|---------|-------------|
-| `/initial-setup` | Interactive setup wizard for NetBox MCP server |
-| `/cmdb-search <query>` | Search for devices, IPs, sites, or any CMDB object |
-| `/cmdb-device <action>` | Manage network devices (list, create, update, delete) |
-| `/cmdb-ip <action>` | Manage IP addresses and prefixes |
-| `/cmdb-site <action>` | Manage sites and locations |
-| `/cmdb-audit [scope]` | Data quality analysis (all, vms, devices, naming, roles) |
-| `/cmdb-register` | Register current machine into NetBox with running apps |
-| `/cmdb-sync` | Sync machine state with NetBox (detect drift, update) |
-
-## Agent
-
-The **cmdb-assistant** agent provides conversational infrastructure management:
-
-```
-@cmdb-assistant Show me all devices at the headquarters site
-@cmdb-assistant Allocate the next available IP from 10.0.1.0/24 for the new web server
-@cmdb-assistant What changes were made to the network today?
-```
-
-## Usage Examples
-
-### Search for Infrastructure
-
-```
-/cmdb-search router
-/cmdb-search 10.0.1.0/24
-/cmdb-search datacenter
-```
-
-### Device Management
-
-```
-/cmdb-device list
-/cmdb-device show core-router-01
-/cmdb-device create web-server-03
-/cmdb-device at headquarters
-```
-
-### IP Address Management
-
-```
-/cmdb-ip prefixes
-/cmdb-ip available in 10.0.1.0/24
-/cmdb-ip allocate from 10.0.1.0/24
-```
-
-### Site Management
-
-```
-/cmdb-site list
-/cmdb-site show headquarters
-/cmdb-site racks at datacenter-east
-```
-
-## NetBox Coverage
-
-This plugin provides access to the full NetBox API:
-
-- **DCIM**: Sites, Locations, Racks, Devices, Interfaces, Cables, Power
-- **IPAM**: IP Addresses, Prefixes, VLANs, VRFs, ASNs, Services
-- **Circuits**: Providers, Circuits, Terminations
-- **Virtualization**: Clusters, Virtual Machines, VM Interfaces
-- **Tenancy**: Tenants, Contacts
-- **VPN**: Tunnels, L2VPNs, IKE/IPSec Policies
-- **Wireless**: WLANs, Wireless Links
-- **Extras**: Tags, Custom Fields, Journal Entries, Audit Log
-
-## Hooks
-
-| Event | Purpose |
-|-------|---------|
-| `SessionStart` | Test NetBox connectivity, report data quality issues |
-| `PreToolUse` | Validate VM/device parameters before create/update |
-
-Hooks are **non-blocking** - they emit warnings but never prevent operations.
-
-## Architecture
-
-```
-cmdb-assistant/
-├── .claude-plugin/
-│   └── plugin.json          # Plugin manifest
-├── .mcp.json                 # MCP server configuration
-├── commands/
-│   ├── initial-setup.md     # Setup wizard
-│   ├── cmdb-search.md       # Search command
-│   ├── cmdb-device.md       # Device management
-│   ├── cmdb-ip.md           # IP management
-│   ├── cmdb-site.md         # Site management
-│   ├── cmdb-audit.md        # Data quality audit (NEW)
-│   ├── cmdb-register.md     # Machine registration (NEW)
-│   └── cmdb-sync.md         # Machine sync (NEW)
-├── hooks/
-│   ├── hooks.json           # Hook configuration
-│   ├── startup-check.sh     # SessionStart validation
-│   └── validate-input.sh    # PreToolUse validation
-├── skills/
-│   └── netbox-patterns/
-│       └── SKILL.md         # NetBox best practices reference
-├── agents/
-│   └── cmdb-assistant.md    # Main assistant agent
-└── README.md
-```
-
-The plugin uses the shared NetBox MCP server at `mcp-servers/netbox/`.
-
-## Configuration
-
-### Required Environment Variables
-
-| Variable | Description |
-|----------|-------------|
-| `NETBOX_API_URL` | Full URL to NetBox API (e.g., `https://netbox.example.com/api`) |
-| `NETBOX_API_TOKEN` | API authentication token |
-
-### Optional Environment Variables
-
-| Variable | Default | Description |
-|----------|---------|-------------|
-| `NETBOX_VERIFY_SSL` | `true` | Verify SSL certificates |
-| `NETBOX_TIMEOUT` | `30` | Request timeout in seconds |
-
-## Getting a NetBox API Token
-
-1. Log into your NetBox instance
-2. Navigate to your profile (top-right menu)
-3. Go to "API Tokens"
-4. Click "Add a token"
-5. Set appropriate permissions (read-only or read-write)
-6. Copy the generated token
-
-## Troubleshooting
-
-### Connection Issues
-
-- Verify `NETBOX_API_URL` is correct and accessible
-- Check firewall rules allow access to NetBox
-- For self-signed certificates, set `NETBOX_VERIFY_SSL=false`
-
-### Authentication Errors
-
-- Ensure API token is valid and not expired
-- Check token has required permissions for the operation
-
-### Timeout Errors
-
-- Increase `NETBOX_TIMEOUT` for slow connections
-- Check network latency to NetBox instance
-
-## License
-
-MIT License - Part of the Leo Claude Marketplace.

plugins/cmdb-assistant/agents/cmdb-assistant.md

@@ -1,11 +1,20 @@
 # CMDB Assistant Agent
 
-You are an infrastructure management assistant specialized in NetBox CMDB operations. You help users query, document, and manage their network infrastructure.
+You are an infrastructure management assistant specialized in NetBox CMDB operations.
+
+## Skills to Load
+
+- `skills/visual-header.md`
+- `skills/netbox-patterns/SKILL.md`
+- `skills/mcp-tools-reference.md`
+
+## Visual Output
+
+Execute `skills/visual-header.md` with context "Infrastructure Management".
 
 ## Capabilities
 
-You have full access to NetBox via MCP tools covering:
-
+Full access to NetBox via MCP tools covering:
 - **DCIM**: Sites, locations, racks, devices, interfaces, cables, power
 - **IPAM**: IP addresses, prefixes, VLANs, VRFs, ASNs, services
 - **Circuits**: Providers, circuits, terminations
@@ -19,183 +28,66 @@ You have full access to NetBox via MCP tools covering:
 
 ### Query Operations
 - Start with list operations to find objects
-- Use filters to narrow results (name, status, site_id, etc.)
-- Follow up with get operations for detailed information
-- Present results in clear, organized format
+- Use filters to narrow results
+- Follow up with get operations for details
 
 ### Create Operations
-- Always confirm required fields with user before creating
-- Look up related object IDs (device_type, role, site) first
-- Provide the created object details after success
-- Suggest follow-up actions (add interfaces, assign IPs, etc.)
+- Confirm required fields before creating
+- Look up related object IDs first
+- Suggest follow-up actions after success
 
 ### Update Operations
 - Show current values before updating
 - Confirm changes with user
-- Report what was changed after success
 
 ### Delete Operations
-- ALWAYS ask for explicit confirmation before deleting
-- Show what will be deleted
-- Warn about dependent objects that may be affected
-
-## Common Workflows
-
-### Document a New Server
-1. Create device with `dcim_create_device`
-2. Add interfaces with `dcim_create_interface`
-3. Assign IPs with `ipam_create_ip_address`
-4. Add journal entry with `extras_create_journal_entry`
-
-### Allocate IP Space
-1. Find available prefixes with `ipam_list_available_prefixes`
-2. Create prefix with `ipam_create_prefix` or `ipam_create_available_prefix`
-3. Allocate IPs with `ipam_create_available_ip`
-
-### Audit Infrastructure
-1. List recent changes with `extras_list_object_changes`
-2. Review devices by site with `dcim_list_devices`
-3. Check IP utilization with prefix operations
-
-### Cable Management
-1. List interfaces with `dcim_list_interfaces`
-2. Create cable with `dcim_create_cable`
-3. Verify connectivity
-
-## Response Format
-
-When presenting data:
-- Use tables for lists
-- Highlight key fields (name, status, IPs)
-- Include IDs for reference in follow-up operations
-- Suggest next steps when appropriate
-
-## Error Handling
-
-- If an operation fails, explain why clearly
-- Suggest corrective actions
-- For permission errors, note what access is needed
-- For validation errors, explain required fields/formats
+- ALWAYS ask for explicit confirmation
+- Warn about dependent objects
 
 ## Data Quality Validation
 
-**IMPORTANT:** Load the `netbox-patterns` skill for best practice reference.
+Reference `skills/netbox-patterns/SKILL.md` for best practices:
 
-Before ANY create or update operation, validate against NetBox best practices:
+### Before VM Operations
+1. Cluster/Site assignment required
+2. Recommend tenant if not provided
+3. Check naming convention
 
-### VM Operations
+### Before Device Operations
+1. Site is REQUIRED
+2. Recommend platform
+3. Check naming convention
+4. Offer to set primary IP after creation
 
-**Required checks before `virt_create_vm` or `virt_update_vm`:**
+### Before Creating Roles
+1. List existing roles first
+2. Recommend consolidation if >10 specific roles
 
-1. **Cluster/Site Assignment** - VMs must have either cluster or site
-2. **Tenant Assignment** - Recommend if not provided
-3. **Platform Assignment** - Recommend for OS tracking
-4. **Naming Convention** - Check against `{env}-{app}-{number}` pattern
-5. **Role Assignment** - Recommend appropriate role
-
-**If user provides no site/tenant, ASK:**
-
-> "This VM has no site or tenant assigned. NetBox best practices recommend:
-> - **Site**: For location-based queries and power budgeting
-> - **Tenant**: For resource isolation and ownership tracking
->
-> Would you like me to:
-> 1. Assign to an existing site/tenant (list available)
-> 2. Create new site/tenant first
-> 3. Proceed without (not recommended for production use)"
-
-### Device Operations
-
-**Required checks before `dcim_create_device` or `dcim_update_device`:**
-
-1. **Site is REQUIRED** - Fail without it
-2. **Platform Assignment** - Recommend for OS tracking
-3. **Naming Convention** - Check against `{role}-{location}-{number}` pattern
-4. **Role Assignment** - Ensure appropriate role selected
-5. **After Creation** - Offer to set primary IP
-
-### Cluster Operations
-
-**Required checks before `virt_create_cluster`:**
-
-1. **Site Scope** - Recommend assigning to site
-2. **Cluster Type** - Ensure appropriate type selected
-3. **Device Association** - Recommend linking to host device
-
-### Role Management
-
-**Before creating a new device role:**
-
-1. List existing roles with `dcim_list_device_roles`
-2. Check if a more general role already exists
-3. Recommend role consolidation if >10 specific roles exist
-
-**Example guidance:**
-
-> "You're creating role 'nginx-web-server'. An existing 'web-server' role exists.
-> Consider using 'web-server' and tracking nginx via the platform field instead.
-> This reduces role fragmentation and improves maintainability."
-
-## Dependency Order Enforcement
-
-When creating multiple objects, follow this order:
+## Dependency Order
 
+Follow order from `skills/netbox-patterns/SKILL.md`:
 ```
-1. Regions → Sites → Locations → Racks
-2. Tenant Groups → Tenants
-3. Manufacturers → Device Types
+1. Regions -> Sites -> Locations -> Racks
+2. Tenant Groups -> Tenants
+3. Manufacturers -> Device Types
 4. Device Roles, Platforms
 5. Devices (with site, role, type)
 6. Clusters (with type, optional site)
 7. VMs (with cluster)
-8. Interfaces → IP Addresses → Primary IP assignment
+8. Interfaces -> IP Addresses -> Primary IP
 ```
 
-**CRITICAL Rules:**
-- NEVER create a VM before its cluster exists
-- NEVER create a device before its site exists
-- NEVER create an interface before its device exists
-- NEVER create an IP before its interface exists (if assigning)
-
-## Naming Convention Enforcement
-
-When user provides a name, check against patterns:
-
-| Object Type | Pattern | Example |
-|-------------|---------|---------|
-| Device | `{role}-{site}-{number}` | `web-dc1-01` |
-| VM | `{env}-{app}-{number}` or `{prefix}_{service}` | `prod-api-01` |
-| Cluster | `{site}-{type}` | `dc1-vmware`, `home-docker` |
-| Prefix | Include purpose in description | "Production /24 for web tier" |
-
-**If name doesn't match patterns, warn:**
-
-> "The name 'HotServ' doesn't follow naming conventions.
-> Suggested: `prod-hotserv-01` or `hotserv-cloud-01`.
-> Consistent naming improves searchability and automation compatibility.
-> Proceed with original name? [Y/n]"
-
 ## Duplicate Prevention
 
-Before creating objects, always check for existing duplicates:
-
+Before creating, check for existing:
 ```
-# Before creating device
 dcim_list_devices name=<proposed-name>
-
-# Before creating VM
 virt_list_vms name=<proposed-name>
-
-# Before creating prefix
 ipam_list_prefixes prefix=<proposed-prefix>
 ```
 
-If duplicate found, inform user and suggest update instead of create.
-
 ## Available Commands
 
-Users can invoke these commands for structured workflows:
-
 | Command | Purpose |
 |---------|---------|
 | `/cmdb-search <query>` | Search across all CMDB objects |
@@ -205,3 +97,6 @@ Users can invoke these commands for structured workflows:
 | `/cmdb-audit [scope]` | Data quality analysis |
 | `/cmdb-register` | Register current machine |
 | `/cmdb-sync` | Sync machine state with NetBox |
+| `/cmdb-topology <view>` | Generate infrastructure diagrams |
+| `/change-audit [filters]` | Audit NetBox changes |
+| `/ip-conflicts [scope]` | Detect IP conflicts |

plugins/cmdb-assistant/commands/change-audit.md

@@ -0,0 +1,57 @@
+---
+description: Audit NetBox changes with filtering by date, user, or object type
+---
+
+# CMDB Change Audit
+
+Query and analyze the NetBox audit log for change tracking and compliance.
+
+## Skills to Load
+
+- `skills/visual-header.md`
+- `skills/change-audit.md`
+- `skills/mcp-tools-reference.md`
+
+## Usage
+
+```
+/change-audit [filters]
+```
+
+**Filters:**
+- `last <N> days/hours` - Changes within time period
+- `by <username>` - Changes by specific user
+- `type <object-type>` - Changes to specific object type
+- `action <create|update|delete>` - Filter by action type
+- `object <name>` - Search for changes to specific object
+
+## Instructions
+
+Execute `skills/visual-header.md` with context "Change Audit".
+
+Execute `skills/change-audit.md` which covers:
+1. Parse user request for filters
+2. Query object changes via MCP
+3. Enrich data with detailed records
+4. Analyze patterns
+5. Generate report
+
+## Security Audit Mode
+
+If user asks for "security audit" or "compliance report":
+- Focus on deletions and permission-sensitive changes
+- Highlight changes to critical objects (firewalls, VRFs, prefixes)
+- Flag changes outside business hours
+- Identify users with high change counts
+
+## Examples
+
+- `/change-audit` - Recent changes (last 24 hours)
+- `/change-audit last 7 days` - Past week
+- `/change-audit by admin` - All changes by admin
+- `/change-audit type dcim.device` - Device changes only
+- `/change-audit action delete` - All deletions
+
+## User Request
+
+$ARGUMENTS

plugins/cmdb-assistant/commands/cmdb-audit.md

@@ -6,6 +6,13 @@ description: Audit NetBox data quality and identify consistency issues
 
 Analyze NetBox data for quality issues and best practice violations.
 
+## Skills to Load
+
+- `skills/visual-header.md`
+- `skills/audit-workflow.md`
+- `skills/netbox-patterns/SKILL.md`
+- `skills/mcp-tools-reference.md`
+
 ## Usage
 
 ```
@@ -21,174 +28,30 @@ Analyze NetBox data for quality issues and best practice violations.
 
 ## Instructions
 
-You are a data quality auditor for NetBox. Your job is to identify consistency issues and best practice violations.
+Execute `skills/visual-header.md` with context "Data Quality Audit".
 
-**IMPORTANT:** Load the `netbox-patterns` skill for best practice reference.
+Execute `skills/audit-workflow.md` which covers:
+1. Data collection via MCP
+2. Quality checks by severity (CRITICAL, HIGH, MEDIUM, LOW)
+3. Naming convention analysis
+4. Role fragmentation analysis
+5. Report generation with recommendations
 
-### Phase 1: Data Collection
+## Scope-Specific Focus
 
-Run these MCP tool calls to gather data for analysis:
+| Scope | Focus |
+|-------|-------|
+| `all` | Full audit across all categories |
+| `vms` | Virtual Machine checks only |
+| `devices` | Device checks only |
+| `naming` | Naming convention analysis |
+| `roles` | Role fragmentation analysis |
 
-```
-1. virt_list_vms (no filters - get all)
-2. dcim_list_devices (no filters - get all)
-3. virt_list_clusters (no filters)
-4. dcim_list_sites
-5. tenancy_list_tenants
-6. dcim_list_device_roles
-7. dcim_list_platforms
-```
+## Examples
 
-Store the results for analysis.
-
-### Phase 2: Quality Checks
-
-Analyze collected data for these issues by severity:
-
-#### CRITICAL Issues (must fix immediately)
-
-| Check | Detection |
-|-------|-----------|
-| VMs without cluster | `cluster` field is null AND `site` field is null |
-| Devices without site | `site` field is null |
-| Active devices without primary IP | `status=active` AND `primary_ip4` is null AND `primary_ip6` is null |
-
-#### HIGH Issues (should fix soon)
-
-| Check | Detection |
-|-------|-----------|
-| VMs without site | VM has no site (neither direct nor via cluster.site) |
-| VMs without tenant | `tenant` field is null |
-| Devices without platform | `platform` field is null |
-| Clusters not scoped to site | `site` field is null on cluster |
-| VMs without role | `role` field is null |
-
-#### MEDIUM Issues (plan to address)
-
-| Check | Detection |
-|-------|-----------|
-| Inconsistent naming | Names don't match patterns: devices=`{role}-{site}-{num}`, VMs=`{env}-{app}-{num}` |
-| Role fragmentation | More than 10 device roles with <3 assignments each |
-| Missing tags on production | Active resources without any tags |
-| Mixed naming separators | Some names use `_`, others use `-` |
-
-#### LOW Issues (informational)
-
-| Check | Detection |
-|-------|-----------|
-| Docker containers as VMs | Cluster type is "Docker Compose" - document this modeling choice |
-| VMs without description | `description` field is empty |
-| Sites without physical address | `physical_address` is empty |
-| Devices without serial | `serial` field is empty |
-
-### Phase 3: Naming Convention Analysis
-
-For naming scope, analyze patterns:
-
-1. **Extract naming patterns** from existing objects
-2. **Identify dominant patterns** (most common conventions)
-3. **Flag outliers** that don't match dominant patterns
-4. **Suggest standardization** based on best practices
-
-**Expected Patterns:**
-- Devices: `{role}-{location}-{number}` (e.g., `web-dc1-01`)
-- VMs: `{prefix}_{service}` or `{env}-{app}-{number}` (e.g., `prod-api-01`)
-- Clusters: `{site}-{type}` (e.g., `home-docker`)
-
-### Phase 4: Role Analysis
-
-For roles scope, analyze fragmentation:
-
-1. **List all device roles** with assignment counts
-2. **Identify single-use roles** (only 1 device/VM)
-3. **Identify similar roles** that could be consolidated
-4. **Suggest consolidation** based on patterns
-
-**Red Flags:**
-- More than 15 highly specific roles
-- Roles with technology in name (use platform instead)
-- Roles that duplicate functionality
-
-### Phase 5: Report Generation
-
-Present findings in this structure:
-
-```markdown
-## CMDB Data Quality Audit Report
-
-**Generated:** [timestamp]
-**Scope:** [scope parameter]
-
-### Summary
-
-| Metric | Count |
-|--------|-------|
-| Total VMs | X |
-| Total Devices | Y |
-| Total Clusters | Z |
-| **Total Issues** | **N** |
-
-| Severity | Count |
-|----------|-------|
-| Critical | A |
-| High | B |
-| Medium | C |
-| Low | D |
-
-### Critical Issues
-
-[List each with specific object names and IDs]
-
-**Example:**
-- VM `HotServ` (ID: 1) - No cluster or site assignment
-- Device `server-01` (ID: 5) - No site assignment
-
-### High Issues
-
-[List each with specific object names]
-
-### Medium Issues
-
-[Grouped by category with counts]
-
-### Recommendations
-
-1. **[Most impactful fix]** - affects N objects
-2. **[Second priority]** - affects M objects
-...
-
-### Quick Fixes
-
-Commands to fix common issues:
-
-```
-# Assign site to VM
-virt_update_vm id=X site=Y
-
-# Assign platform to device
-dcim_update_device id=X platform=Y
-```
-
-### Next Steps
-
-- Run `/cmdb-register` to properly register new machines
-- Use `/cmdb-sync` to update existing registrations
-- Consider bulk updates via NetBox web UI for >10 items
-```
-
-## Scope-Specific Instructions
-
-### For `vms` scope:
-Focus only on Virtual Machine checks. Skip device and role analysis.
-
-### For `devices` scope:
-Focus only on Device checks. Skip VM and cluster analysis.
-
-### For `naming` scope:
-Focus on naming convention analysis across all objects. Generate detailed pattern report.
-
-### For `roles` scope:
-Focus on role fragmentation analysis. Generate consolidation recommendations.
+- `/cmdb-audit` - Full audit
+- `/cmdb-audit vms` - VM-specific checks
+- `/cmdb-audit naming` - Naming conventions
 
 ## User Request
 

plugins/cmdb-assistant/commands/cmdb-device.md

@@ -1,6 +1,11 @@
 # CMDB Device Management
 
-Manage network devices in NetBox - create, view, update, or delete.
+Manage network devices in NetBox.
+
+## Skills to Load
+
+- `skills/visual-header.md`
+- `skills/mcp-tools-reference.md`
 
 ## Usage
 
@@ -10,42 +15,40 @@ Manage network devices in NetBox - create, view, update, or delete.
 
 ## Instructions
 
-You are a device management assistant with full CRUD access to NetBox devices.
+Execute `skills/visual-header.md` with context "Device Management".
 
 ### Actions
 
 **List/View:**
-- `list` or `show all` - List all devices using `dcim_list_devices`
-- `show <name>` - Get device details using `dcim_list_devices` with name filter, then `dcim_get_device`
-- `at <site>` - List devices at a specific site
+- `list` or `show all` - List all devices: `dcim_list_devices`
+- `show <name>` - Get device details: `dcim_get_device`
+- `at <site>` - List devices at site
 
 **Create:**
-- `create <name>` - Create a new device
+- `create <name>` - Create new device
 - Required: name, device_type, role, site
-- Use `dcim_list_device_types`, `dcim_list_device_roles`, `dcim_list_sites` to help user find IDs
-- Then use `dcim_create_device`
+- Use `dcim_list_device_types`, `dcim_list_device_roles`, `dcim_list_sites` to find IDs
 
 **Update:**
 - `update <name>` - Update device properties
-- First get the device ID, then use `dcim_update_device`
+- Get device ID first, then use `dcim_update_device`
 
 **Delete:**
-- `delete <name>` - Delete a device (ask for confirmation first)
-- Use `dcim_delete_device`
+- `delete <name>` - Delete device (ask confirmation first)
 
 ### Related Operations
 
 After creating a device, offer to:
-- Add interfaces with `dcim_create_interface`
-- Assign IP addresses with `ipam_create_ip_address`
-- Add to a rack with `dcim_update_device`
+- Add interfaces: `dcim_create_interface`
+- Assign IP addresses: `ipam_create_ip_address`
+- Add to rack: `dcim_update_device`
 
 ## Examples
 
-- `/cmdb-device list` - Show all devices
-- `/cmdb-device show core-router-01` - Get details for specific device
-- `/cmdb-device create web-server-03` - Create a new device
-- `/cmdb-device at headquarters` - List devices at headquarters site
+- `/cmdb-device list`
+- `/cmdb-device show core-router-01`
+- `/cmdb-device create web-server-03`
+- `/cmdb-device at headquarters`
 
 ## User Request
 

plugins/cmdb-assistant/commands/cmdb-ip.md

@@ -2,6 +2,12 @@
 
 Manage IP addresses and prefixes in NetBox.
 
+## Skills to Load
+
+- `skills/visual-header.md`
+- `skills/ip-management.md`
+- `skills/mcp-tools-reference.md`
+
 ## Usage
 
 ```
@@ -10,43 +16,36 @@ Manage IP addresses and prefixes in NetBox.
 
 ## Instructions
 
-You are an IP address management (IPAM) assistant with access to NetBox.
+Execute `skills/visual-header.md` with context "IP Management".
+
+Execute operations from `skills/ip-management.md`.
 
 ### Actions
 
 **Prefixes:**
-- `prefixes` - List all prefixes using `ipam_list_prefixes`
-- `prefix <cidr>` - Get prefix details or find prefix containing address
-- `available in <prefix>` - Show available IPs in a prefix using `ipam_list_available_ips`
-- `create prefix <cidr>` - Create new prefix using `ipam_create_prefix`
+- `prefixes` - List all prefixes
+- `prefix <cidr>` - Get prefix details
+- `available in <prefix>` - Show available IPs
+- `create prefix <cidr>` - Create new prefix
 
 **IP Addresses:**
-- `list` - List all IP addresses using `ipam_list_ip_addresses`
+- `list` - List all IP addresses
 - `show <address>` - Get IP details
-- `allocate from <prefix>` - Auto-allocate next available IP using `ipam_create_available_ip`
-- `create <address>` - Create specific IP using `ipam_create_ip_address`
-- `assign <ip> to <device>` - Assign IP to device interface
+- `allocate from <prefix>` - Auto-allocate next available
+- `create <address>` - Create specific IP
+- `assign <ip> to <device> <interface>` - Assign IP to interface
 
-**VLANs:**
-- `vlans` - List VLANs using `ipam_list_vlans`
+**VLANs and VRFs:**
+- `vlans` - List VLANs
 - `vlan <id>` - Get VLAN details
-
-**VRFs:**
-- `vrfs` - List VRFs using `ipam_list_vrfs`
-
-### Workflow Examples
-
-**Allocate IP to new server:**
-1. Find available IPs in target prefix
-2. Create the IP address
-3. Assign to device interface
+- `vrfs` - List VRFs
 
 ## Examples
 
-- `/cmdb-ip prefixes` - List all prefixes
-- `/cmdb-ip available in 10.0.1.0/24` - Show available IPs
-- `/cmdb-ip allocate from 10.0.1.0/24` - Get next available IP
-- `/cmdb-ip assign 10.0.1.50/24 to web-server-01 eth0` - Assign IP to interface
+- `/cmdb-ip prefixes`
+- `/cmdb-ip available in 10.0.1.0/24`
+- `/cmdb-ip allocate from 10.0.1.0/24`
+- `/cmdb-ip assign 10.0.1.50/24 to web-server-01 eth0`
 
 ## User Request
 

plugins/cmdb-assistant/commands/cmdb-register.md

@@ -4,7 +4,15 @@ description: Register the current machine into NetBox with all running applicati
 
 # CMDB Machine Registration
 
-Register the current machine into NetBox, including hardware info, network interfaces, and running applications (Docker containers, services).
+Register the current machine into NetBox, including hardware info, network interfaces, and running applications.
+
+## Skills to Load
+
+- `skills/visual-header.md`
+- `skills/device-registration.md`
+- `skills/system-discovery.md`
+- `skills/netbox-patterns/SKILL.md`
+- `skills/mcp-tools-reference.md`
 
 ## Usage
 
@@ -19,303 +27,24 @@ Register the current machine into NetBox, including hardware info, network inter
 
 ## Instructions
 
-You are registering the current machine into NetBox. This is a multi-phase process that discovers local system information and creates corresponding NetBox objects.
-
-**IMPORTANT:** Load the `netbox-patterns` skill for best practice reference.
-
-### Phase 1: System Discovery (via Bash)
-
-Gather system information using these commands:
-
-#### 1.1 Basic Device Info
-
-```bash
-# Hostname
-hostname
-
-# OS/Platform info
-cat /etc/os-release 2>/dev/null || uname -a
-
-# Hardware model (varies by system)
-# Raspberry Pi:
-cat /proc/device-tree/model 2>/dev/null || echo "Unknown"
-
-# x86 systems:
-cat /sys/class/dmi/id/product_name 2>/dev/null || echo "Unknown"
-
-# Serial number
-# Raspberry Pi:
-cat /proc/device-tree/serial-number 2>/dev/null || cat /proc/cpuinfo | grep Serial | cut -d: -f2 | tr -d ' ' 2>/dev/null
-
-# x86 systems:
-cat /sys/class/dmi/id/product_serial 2>/dev/null || echo "Unknown"
-
-# CPU info
-nproc
-
-# Memory (MB)
-free -m | awk '/Mem:/ {print $2}'
-
-# Disk (GB, root filesystem)
-df -BG / | awk 'NR==2 {print $2}' | tr -d 'G'
-```
-
-#### 1.2 Network Interfaces
-
-```bash
-# Get interfaces with IPs (JSON format)
-ip -j addr show 2>/dev/null || ip addr show
-
-# Get default gateway interface
-ip route | grep default | awk '{print $5}' | head -1
-
-# Get MAC addresses
-ip -j link show 2>/dev/null || ip link show
-```
-
-#### 1.3 Running Applications
-
-```bash
-# Docker containers (if docker available)
-docker ps --format '{"name":"{{.Names}}","image":"{{.Image}}","status":"{{.Status}}","ports":"{{.Ports}}"}' 2>/dev/null || echo "Docker not available"
-
-# Docker Compose projects (check common locations)
-find ~/apps /home/*/apps -name "docker-compose.yml" -o -name "docker-compose.yaml" 2>/dev/null | head -20
-
-# Systemd services (running)
-systemctl list-units --type=service --state=running --no-pager --plain 2>/dev/null | grep -v "^UNIT" | head -30
-```
-
-### Phase 2: Pre-Registration Checks (via MCP)
-
-Before creating objects, verify prerequisites:
-
-#### 2.1 Check if Device Already Exists
-
-```
-dcim_list_devices name=<hostname>
-```
-
-**If device exists:**
-- Inform user and suggest `/cmdb-sync` instead
-- Ask if they want to proceed with re-registration (will update existing)
-
-#### 2.2 Verify/Create Site
-
-If `--site` provided:
-```
-dcim_list_sites name=<site-name>
-```
-
-If site doesn't exist, ask user if they want to create it.
-
-If no site provided, list available sites and ask user to choose:
-```
-dcim_list_sites
-```
-
-#### 2.3 Verify/Create Platform
-
-Based on OS detected, check if platform exists:
-```
-dcim_list_platforms name=<platform-name>
-```
-
-**Platform naming:**
-- `Raspberry Pi OS (Bookworm)` for Raspberry Pi
-- `Ubuntu 24.04 LTS` for Ubuntu
-- `Debian 12` for Debian
-- Use format: `{OS Name} {Version}`
-
-If platform doesn't exist, create it:
-```
-dcim_create_platform name=<platform-name> slug=<slug>
-```
-
-#### 2.4 Verify/Create Device Role
-
-Based on detected services:
-- If Docker containers found → `Docker Host`
-- If only basic services → `Server`
-- If specific role specified → Use that
-
-```
-dcim_list_device_roles name=<role-name>
-```
-
-### Phase 3: Device Registration (via MCP)
-
-#### 3.1 Get/Create Manufacturer and Device Type
-
-For Raspberry Pi:
-```
-dcim_list_manufacturers name="Raspberry Pi Foundation"
-dcim_list_device_types manufacturer_id=X model="Raspberry Pi 4 Model B"
-```
-
-Create if not exists.
-
-For generic x86:
-```
-dcim_list_manufacturers name=<detected-manufacturer>
-```
-
-#### 3.2 Create Device
-
-```
-dcim_create_device
-  name=<hostname>
-  device_type=<device_type_id>
-  role=<role_id>
-  site=<site_id>
-  platform=<platform_id>
-  tenant=<tenant_id>  # if provided
-  serial=<serial>
-  description="Registered via cmdb-assistant"
-```
-
-#### 3.3 Create Interfaces
-
-For each network interface discovered:
-```
-dcim_create_interface
-  device=<device_id>
-  name=<interface_name>  # eth0, wlan0, tailscale0, etc.
-  type=<type>            # 1000base-t, virtual, other
-  mac_address=<mac>
-  enabled=true
-```
-
-**Interface type mapping:**
-- `eth*`, `enp*` → `1000base-t`
-- `wlan*` → `ieee802.11ax` (or appropriate wifi type)
-- `tailscale*`, `docker*`, `br-*` → `virtual`
-- `lo` → skip (loopback)
-
-#### 3.4 Create IP Addresses
-
-For each IP on each interface:
-```
-ipam_create_ip_address
-  address=<ip/prefix>    # e.g., "192.168.1.100/24"
-  assigned_object_type="dcim.interface"
-  assigned_object_id=<interface_id>
-  status="active"
-  description="Discovered via cmdb-register"
-```
-
-#### 3.5 Set Primary IP
-
-Identify primary IP (interface with default route):
-```
-dcim_update_device
-  id=<device_id>
-  primary_ip4=<primary_ip_id>
-```
-
-### Phase 4: Container Registration (via MCP)
-
-If Docker containers were discovered:
-
-#### 4.1 Create/Get Cluster Type
-
-```
-virt_list_cluster_types name="Docker Compose"
-```
-
-Create if not exists:
-```
-virt_create_cluster_type name="Docker Compose" slug="docker-compose"
-```
-
-#### 4.2 Create Cluster
-
-For each Docker Compose project directory found:
-```
-virt_create_cluster
-  name=<project-name>  # e.g., "apps-hotport"
-  type=<cluster_type_id>
-  site=<site_id>
-  description="Docker Compose stack on <hostname>"
-```
-
-#### 4.3 Create VMs for Containers
-
-For each running container:
-```
-virt_create_vm
-  name=<container_name>
-  cluster=<cluster_id>
-  site=<site_id>
-  role=<role_id>        # Map container function to role
-  status="active"
-  vcpus=<cpu_shares>    # Default 1.0 if unknown
-  memory=<memory_mb>    # Default 256 if unknown
-  disk=<disk_gb>        # Default 5 if unknown
-  description=<container purpose>
-  comments=<image, ports, volumes info>
-```
-
-**Container role mapping:**
-- `*caddy*`, `*nginx*`, `*traefik*` → "Reverse Proxy"
-- `*db*`, `*postgres*`, `*mysql*`, `*redis*` → "Database"
-- `*webui*`, `*frontend*` → "Web Application"
-- Others → Infer from image name or use generic "Container"
-
-### Phase 5: Documentation
-
-#### 5.1 Add Journal Entry
-
-```
-extras_create_journal_entry
-  assigned_object_type="dcim.device"
-  assigned_object_id=<device_id>
-  comments="Device registered via /cmdb-register command\n\nDiscovered:\n- X network interfaces\n- Y IP addresses\n- Z Docker containers"
-```
-
-### Phase 6: Summary Report
-
-Present registration summary:
-
-```markdown
-## Machine Registration Complete
-
-### Device Created
-- **Name:** <hostname>
-- **Site:** <site>
-- **Platform:** <platform>
-- **Role:** <role>
-- **ID:** <device_id>
-- **URL:** https://netbox.example.com/dcim/devices/<id>/
-
-### Network Interfaces
-| Interface | Type | MAC | IP Address |
-|-----------|------|-----|------------|
-| eth0 | 1000base-t | aa:bb:cc:dd:ee:ff | 192.168.1.100/24 |
-| tailscale0 | virtual | - | 100.x.x.x/32 |
-
-### Primary IP: 192.168.1.100
-
-### Docker Containers Registered (if applicable)
-**Cluster:** <cluster_name> (ID: <cluster_id>)
-
-| Container | Role | vCPUs | Memory | Status |
-|-----------|------|-------|--------|--------|
-| media_jellyfin | Media Server | 2.0 | 2048MB | Active |
-| media_sonarr | Media Management | 1.0 | 512MB | Active |
-
-### Next Steps
-- Run `/cmdb-sync` periodically to keep data current
-- Run `/cmdb-audit` to check data quality
-- Add tags for classification (env:*, team:*, etc.)
-```
+Execute `skills/visual-header.md` with context "Machine Registration".
+
+Execute `skills/device-registration.md` which covers:
+1. System discovery via Bash (use `skills/system-discovery.md`)
+2. Pre-registration checks (device exists?, site?, platform?, role?)
+3. Device creation via MCP
+4. Interface and IP creation
+5. Container registration (if Docker found)
+6. Journal entry documentation
 
 ## Error Handling
 
-- **Device already exists:** Suggest `/cmdb-sync` or ask to proceed
-- **Site not found:** List available sites, offer to create new
-- **Docker not available:** Skip container registration, note in summary
-- **Permission denied:** Note which operations failed, suggest fixes
+| Error | Action |
+|-------|--------|
+| Device already exists | Suggest `/cmdb-sync` or ask to proceed |
+| Site not found | List available sites, offer to create new |
+| Docker not available | Skip container registration, note in summary |
+| Permission denied | Note which operations failed, suggest fixes |
 
 ## User Request
 

plugins/cmdb-assistant/commands/cmdb-search.md

@@ -1,5 +1,17 @@
 # CMDB Search
 
+## Visual Output
+
+When executing this command, display the plugin header:
+
+```
+┌──────────────────────────────────────────────────────────────────┐
+│  🖥️ CMDB-ASSISTANT · Search                                      │
+└──────────────────────────────────────────────────────────────────┘
+```
+
+Then proceed with the search.
+
 Search NetBox for devices, IPs, sites, or any CMDB object.
 
 ## Usage

plugins/cmdb-assistant/commands/cmdb-site.md

@@ -2,6 +2,11 @@
 
 Manage sites and locations in NetBox.
 
+## Skills to Load
+
+- `skills/visual-header.md`
+- `skills/mcp-tools-reference.md`
+
 ## Usage
 
 ```
@@ -10,46 +15,35 @@ Manage sites and locations in NetBox.
 
 ## Instructions
 
-You are a site/location management assistant with access to NetBox.
+Execute `skills/visual-header.md` with context "Site Management".
 
 ### Actions
 
 **Sites:**
-- `list` - List all sites using `dcim_list_sites`
-- `show <name>` - Get site details using `dcim_get_site`
-- `create <name>` - Create new site using `dcim_create_site`
-- `update <name>` - Update site using `dcim_update_site`
+- `list` - List all sites: `dcim_list_sites`
+- `show <name>` - Get site details: `dcim_get_site`
+- `create <name>` - Create new site: `dcim_create_site`
+- `update <name>` - Update site: `dcim_update_site`
 - `delete <name>` - Delete site (with confirmation)
 
-**Locations (within sites):**
-- `locations at <site>` - List locations using `dcim_list_locations`
-- `create location <name> at <site>` - Create location using `dcim_create_location`
+**Locations:**
+- `locations at <site>` - List locations: `dcim_list_locations`
+- `create location <name> at <site>` - Create location
 
 **Racks:**
-- `racks at <site>` - List racks using `dcim_list_racks`
-- `create rack <name> at <site>` - Create rack using `dcim_create_rack`
+- `racks at <site>` - List racks: `dcim_list_racks`
+- `create rack <name> at <site>` - Create rack
 
 **Regions:**
-- `regions` - List regions using `dcim_list_regions`
-- `create region <name>` - Create region using `dcim_create_region`
-
-### Site Properties
-
-When creating/updating sites:
-- name (required)
-- slug (required, auto-generated if not provided)
-- status: active, planned, staging, decommissioning, retired
-- region: parent region ID
-- facility: datacenter/building name
-- physical_address, shipping_address
-- time_zone
+- `regions` - List regions: `dcim_list_regions`
+- `create region <name>` - Create region
 
 ## Examples
 
-- `/cmdb-site list` - Show all sites
-- `/cmdb-site show headquarters` - Get HQ site details
-- `/cmdb-site create branch-office-nyc` - Create new site
-- `/cmdb-site racks at headquarters` - List racks at HQ
+- `/cmdb-site list`
+- `/cmdb-site show headquarters`
+- `/cmdb-site create branch-office-nyc`
+- `/cmdb-site racks at headquarters`
 
 ## User Request
 

plugins/cmdb-assistant/commands/cmdb-sync.md

@@ -4,7 +4,14 @@ description: Synchronize current machine state with existing NetBox record
 
 # CMDB Machine Sync
 
-Update an existing NetBox device record with the current machine state. Compares local system information with NetBox and applies changes.
+Update an existing NetBox device record with the current machine state.
+
+## Skills to Load
+
+- `skills/visual-header.md`
+- `skills/sync-workflow.md`
+- `skills/system-discovery.md`
+- `skills/mcp-tools-reference.md`
 
 ## Usage
 
@@ -18,318 +25,32 @@ Update an existing NetBox device record with the current machine state. Compares
 
 ## Instructions
 
-You are synchronizing the current machine's state with its NetBox record. This involves comparing current system state with stored data and updating differences.
-
-**IMPORTANT:** Load the `netbox-patterns` skill for best practice reference.
-
-### Phase 1: Device Lookup (via MCP)
-
-First, find the existing device record:
-
-```bash
-# Get current hostname
-hostname
-```
-
-```
-dcim_list_devices name=<hostname>
-```
-
-**If device not found:**
-- Inform user: "Device '<hostname>' not found in NetBox"
-- Suggest: "Run `/cmdb-register` to register this machine first"
-- Exit sync
-
-**If device found:**
-- Store device ID and all current field values
-- Fetch interfaces: `dcim_list_interfaces device_id=<device_id>`
-- Fetch IPs: `ipam_list_ip_addresses device_id=<device_id>`
-
-Also check for associated clusters/VMs:
-```
-virt_list_clusters  # Look for cluster associated with this device
-virt_list_vms cluster=<cluster_id>  # If cluster found
-```
-
-### Phase 2: Current State Discovery (via Bash)
-
-Gather current system information (same as `/cmdb-register`):
-
-```bash
-# Device info
-hostname
-cat /etc/os-release 2>/dev/null || uname -a
-nproc
-free -m | awk '/Mem:/ {print $2}'
-df -BG / | awk 'NR==2 {print $2}' | tr -d 'G'
-
-# Network interfaces with IPs
-ip -j addr show 2>/dev/null || ip addr show
-
-# Docker containers
-docker ps --format '{"name":"{{.Names}}","image":"{{.Image}}","status":"{{.Status}}"}' 2>/dev/null || echo "[]"
-```
-
-### Phase 3: Comparison
-
-Compare discovered state with NetBox record:
-
-#### 3.1 Device Attributes
-
-| Field | Compare |
-|-------|---------|
-| Platform | OS version changed? |
-| Status | Still active? |
-| Serial | Match? |
-| Description | Keep existing |
-
-#### 3.2 Network Interfaces
-
-| Change Type | Detection |
-|-------------|-----------|
-| New interface | Interface exists locally but not in NetBox |
-| Removed interface | Interface in NetBox but not locally |
-| Changed MAC | MAC address different |
-| Interface type | Type mismatch |
-
-#### 3.3 IP Addresses
-
-| Change Type | Detection |
-|-------------|-----------|
-| New IP | IP exists locally but not in NetBox |
-| Removed IP | IP in NetBox but not locally (on this device) |
-| Primary IP changed | Default route interface changed |
-
-#### 3.4 Docker Containers
-
-| Change Type | Detection |
-|-------------|-----------|
-| New container | Container running locally but no VM in cluster |
-| Stopped container | VM exists but container not running |
-| Resource change | vCPUs/memory different (if trackable) |
-
-### Phase 4: Diff Report
-
-Present changes to user:
-
-```markdown
-## Sync Diff Report
-
-**Device:** <hostname> (ID: <device_id>)
-**NetBox URL:** https://netbox.example.com/dcim/devices/<id>/
-
-### Device Attributes
-| Field | NetBox Value | Current Value | Action |
-|-------|--------------|---------------|--------|
-| Platform | Ubuntu 22.04 | Ubuntu 24.04 | UPDATE |
-| Status | active | active | - |
-
-### Network Interfaces
-
-#### New Interfaces (will create)
-| Interface | Type | MAC | IPs |
-|-----------|------|-----|-----|
-| tailscale0 | virtual | - | 100.x.x.x/32 |
-
-#### Removed Interfaces (will mark offline)
-| Interface | Type | Reason |
-|-----------|------|--------|
-| eth1 | 1000base-t | Not found locally |
-
-#### Changed Interfaces
-| Interface | Field | Old | New |
-|-----------|-------|-----|-----|
-| eth0 | mac_address | aa:bb:cc:00:00:00 | aa:bb:cc:11:11:11 |
-
-### IP Addresses
-
-#### New IPs (will create)
-- 192.168.1.150/24 on eth0
-
-#### Removed IPs (will unassign)
-- 192.168.1.100/24 from eth0
-
-### Docker Containers
-
-#### New Containers (will create VMs)
-| Container | Image | Role |
-|-----------|-------|------|
-| media_lidarr | linuxserver/lidarr | Media Management |
-
-#### Stopped Containers (will mark offline)
-| Container | Last Status |
-|-----------|-------------|
-| media_bazarr | Exited |
-
-### Summary
-- **Updates:** X
-- **Creates:** Y
-- **Removals/Offline:** Z
-```
-
-### Phase 5: User Confirmation
-
-If not `--dry-run`:
-
-```
-The following changes will be applied:
-- Update device platform to "Ubuntu 24.04"
-- Create interface "tailscale0"
-- Create IP "100.x.x.x/32" on tailscale0
-- Create VM "media_lidarr" in cluster
-- Mark VM "media_bazarr" as offline
-
-Proceed with sync? [Y/n]
-```
-
-**Use AskUserQuestion** to get confirmation.
-
-### Phase 6: Apply Updates (via MCP)
-
-Only if user confirms (or `--full` specified):
-
-#### 6.1 Device Updates
-
-```
-dcim_update_device
-  id=<device_id>
-  platform=<new_platform_id>
-  # ... other changed fields
-```
-
-#### 6.2 Interface Updates
-
-**For new interfaces:**
-```
-dcim_create_interface
-  device=<device_id>
-  name=<interface_name>
-  type=<type>
-  mac_address=<mac>
-  enabled=true
-```
-
-**For removed interfaces:**
-```
-dcim_update_interface
-  id=<interface_id>
-  enabled=false
-  description="Marked offline by cmdb-sync - interface no longer present"
-```
-
-**For changed interfaces:**
-```
-dcim_update_interface
-  id=<interface_id>
-  mac_address=<new_mac>
-```
-
-#### 6.3 IP Address Updates
-
-**For new IPs:**
-```
-ipam_create_ip_address
-  address=<ip/prefix>
-  assigned_object_type="dcim.interface"
-  assigned_object_id=<interface_id>
-  status="active"
-```
-
-**For removed IPs:**
-```
-ipam_update_ip_address
-  id=<ip_id>
-  assigned_object_type=null
-  assigned_object_id=null
-  description="Unassigned by cmdb-sync"
-```
-
-#### 6.4 Primary IP Update
-
-If primary IP changed:
-```
-dcim_update_device
-  id=<device_id>
-  primary_ip4=<new_primary_ip_id>
-```
-
-#### 6.5 Container/VM Updates
-
-**For new containers:**
-```
-virt_create_vm
-  name=<container_name>
-  cluster=<cluster_id>
-  status="active"
-  # ... other fields
-```
-
-**For stopped containers:**
-```
-virt_update_vm
-  id=<vm_id>
-  status="offline"
-  description="Container stopped - detected by cmdb-sync"
-```
-
-### Phase 7: Journal Entry
-
-Document the sync:
-
-```
-extras_create_journal_entry
-  assigned_object_type="dcim.device"
-  assigned_object_id=<device_id>
-  comments="Device synced via /cmdb-sync command\n\nChanges applied:\n- <list of changes>"
-```
-
-### Phase 8: Summary Report
-
-```markdown
-## Sync Complete
-
-**Device:** <hostname>
-**Sync Time:** <timestamp>
-
-### Changes Applied
-- Updated platform: Ubuntu 22.04 → Ubuntu 24.04
-- Created interface: tailscale0 (ID: X)
-- Created IP: 100.x.x.x/32 (ID: Y)
-- Created VM: media_lidarr (ID: Z)
-- Marked VM offline: media_bazarr (ID: W)
-
-### Current State
-- **Interfaces:** 4 (3 active, 1 offline)
-- **IP Addresses:** 5
-- **Containers/VMs:** 8 (7 active, 1 offline)
-
-### Next Sync
-Run `/cmdb-sync` again after:
-- Adding/removing Docker containers
-- Changing network configuration
-- OS upgrades
-```
-
-## Dry Run Mode
-
-If `--dry-run` specified:
-- Complete Phase 1-4 (lookup, discovery, compare, diff report)
-- Skip Phase 5-8 (no confirmation, no updates, no journal)
-- End with: "Dry run complete. No changes applied. Run without --dry-run to apply."
-
-## Full Sync Mode
-
-If `--full` specified:
-- Skip user confirmation
-- Update all fields even if unchanged (force refresh)
-- Useful for ensuring NetBox matches current state exactly
+Execute `skills/visual-header.md` with context "Machine Sync".
+
+Execute `skills/sync-workflow.md` which covers:
+1. Device lookup via MCP
+2. Current state discovery via Bash
+3. Comparison of NetBox vs local state
+4. Diff report generation
+5. User confirmation (unless dry-run)
+6. Apply updates via MCP
+7. Journal entry creation
+
+## Modes
+
+| Mode | Behavior |
+|------|----------|
+| Default | Show diff, ask confirmation, apply changes |
+| `--dry-run` | Show diff only, no changes applied |
+| `--full` | Skip confirmation, update all fields |
 
 ## Error Handling
 
-- **Device not found:** Suggest `/cmdb-register`
-- **Permission denied on updates:** Note which failed, continue with others
-- **Cluster not found:** Offer to create or skip container sync
-- **API errors:** Log error, continue with remaining updates
+| Error | Action |
+|-------|--------|
+| Device not found | Suggest `/cmdb-register` |
+| Permission denied | Note which failed, continue others |
+| Cluster not found | Offer to create or skip container sync |
 
 ## User Request
 

plugins/cmdb-assistant/commands/cmdb-topology.md

@@ -0,0 +1,54 @@
+---
+description: Generate infrastructure topology diagrams from NetBox data
+---
+
+# CMDB Topology Visualization
+
+Generate Mermaid diagrams showing infrastructure topology from NetBox.
+
+## Skills to Load
+
+- `skills/visual-header.md`
+- `skills/topology-generation.md`
+- `skills/mcp-tools-reference.md`
+
+## Usage
+
+```
+/cmdb-topology <view> [scope]
+```
+
+**Views:**
+- `rack <rack-name>` - Rack elevation showing devices and positions
+- `network [site]` - Network topology showing device connections
+- `site <site-name>` - Site overview with racks and device counts
+- `full` - Full infrastructure overview
+
+## Instructions
+
+Execute `skills/visual-header.md` with context "Topology".
+
+Execute `skills/topology-generation.md` which covers:
+- Data collection via MCP for each view type
+- Mermaid diagram generation with proper shapes
+- Legend and data notes
+
+## Output Format
+
+Always provide:
+1. **Summary** - Brief description
+2. **Mermaid Code Block** - The diagram
+3. **Legend** - Shape explanations
+4. **Data Notes** - Quality issues found
+
+## Examples
+
+- `/cmdb-topology rack server-rack-01` - Rack elevation
+- `/cmdb-topology network` - All network connections
+- `/cmdb-topology network Home` - Network for Home site
+- `/cmdb-topology site Headquarters` - Site overview
+- `/cmdb-topology full` - Full infrastructure
+
+## User Request
+
+$ARGUMENTS

plugins/cmdb-assistant/commands/initial-setup.md

@@ -1,164 +1,74 @@
 ---
-description: Interactive setup wizard for cmdb-assistant plugin - configures NetBox MCP server
+description: Interactive setup wizard for cmdb-assistant plugin
 ---
 
 # CMDB Assistant Setup Wizard
 
-This command sets up the cmdb-assistant plugin with NetBox integration.
+Configure the cmdb-assistant plugin with NetBox integration.
+
+## Skills to Load
+
+- `skills/visual-header.md`
 
 ## Important Context
 
-- **This command uses Bash, Read, Write, and AskUserQuestion tools** - NOT MCP tools
-- **MCP tools won't work until after setup + session restart**
-- **Uses NetBox MCP server (separate from Gitea MCP)**
+- **Uses Bash, Read, Write, AskUserQuestion tools** - NOT MCP tools
+- **MCP tools unavailable until after setup + session restart**
 
----
+## Usage
 
-## Phase 1: Environment Validation
+```
+/initial-setup
+```
 
-### Step 1.1: Check Python Version
+## Instructions
+
+Execute `skills/visual-header.md` with context "Setup Wizard".
+
+### Phase 1: Environment Validation
 
 ```bash
 python3 --version
 ```
+If below 3.10, stop and inform user.
 
-If below 3.10, stop setup and inform user.
+### Phase 2: MCP Server Setup
 
----
+1. Locate NetBox MCP server in marketplace
+2. Check virtual environment exists
+3. Create venv if missing: `python3 -m venv .venv && pip install -r requirements.txt`
 
-## Phase 2: MCP Server Setup
+### Phase 3: System Configuration
 
-### Step 2.1: Locate NetBox MCP Server
+1. Create config directory: `mkdir -p ~/.config/claude`
+2. Check `~/.config/claude/netbox.env` exists
+3. If missing, ask user for NetBox API URL (must include `/api`)
+4. Create config file with placeholder token
+5. Instruct user to add API token manually
 
-```bash
-find ~/.claude ~/.config/claude -name "mcp_server" -path "*netbox*" 2>/dev/null | head -5
-```
+### Phase 4: Validation
 
-If not found, ask user for marketplace location.
+1. Test API connection if token was added
+2. Report result (200=success, 403=invalid token)
+3. Display completion summary
+4. Remind user to restart session for MCP tools
 
-### Step 2.2: Check Virtual Environment
-
-```bash
-ls -la /path/to/mcp-servers/netbox/.venv/bin/python 2>/dev/null && echo "VENV_EXISTS" || echo "VENV_MISSING"
-```
-
-### Step 2.3: Create Virtual Environment (if missing)
-
-```bash
-cd /path/to/mcp-servers/netbox && python3 -m venv .venv && source .venv/bin/activate && pip install --upgrade pip && pip install -r requirements.txt && deactivate
-```
-
----
-
-## Phase 3: System Configuration
-
-### Step 3.1: Create Config Directory
-
-```bash
-mkdir -p ~/.config/claude
-```
-
-### Step 3.2: Check NetBox Configuration
-
-```bash
-cat ~/.config/claude/netbox.env 2>/dev/null || echo "FILE_NOT_FOUND"
-```
-
-**If file exists with valid values:** Skip to Phase 4.
-**If missing or has placeholders:** Continue.
-
-### Step 3.3: Gather NetBox Information
-
-Use AskUserQuestion:
-- Question: "What is your NetBox API URL? (e.g., https://netbox.company.com/api)"
-- Header: "NetBox URL"
-- Options:
-  - "Other (I'll provide the URL)"
-
-Ask user to provide the URL.
-
-**Important:** The URL must include `/api` at the end. If the user provides a URL without `/api`, append it automatically.
-
-### Step 3.4: Create Configuration File
-
-```bash
-cat > ~/.config/claude/netbox.env << 'EOF'
-# NetBox API Configuration
-# Generated by cmdb-assistant /initial-setup
-
-NETBOX_API_URL=<USER_PROVIDED_URL>
-NETBOX_API_TOKEN=PASTE_YOUR_TOKEN_HERE
-EOF
-chmod 600 ~/.config/claude/netbox.env
-```
-
-### Step 3.5: Token Instructions
-
----
-
-**Action Required: Add Your NetBox API Token**
-
-I've created `~/.config/claude/netbox.env` but you need to add your API token manually.
-
-**Steps:**
-1. Open: `nano ~/.config/claude/netbox.env`
-2. Generate token in NetBox: Admin → API Tokens → Add Token
-3. Replace `PASTE_YOUR_TOKEN_HERE` with your token
-4. Save the file
-
----
-
-Use AskUserQuestion:
-- Question: "Have you added your NetBox token?"
-- Header: "Token"
-- Options:
-  - "Yes, I've added the token"
-  - "Skip for now"
-
----
-
-## Phase 4: Validation
-
-### Step 4.1: Test Configuration (if token was added)
-
-```bash
-source ~/.config/claude/netbox.env && curl -s -o /dev/null -w "%{http_code}" -H "Authorization: Token $NETBOX_API_TOKEN" "$NETBOX_API_URL/"
-```
-
-**Note:** The URL already includes `/api`, so we just append `/` for the root API endpoint.
-
-Report result:
-- 200: Success
-- 403: Invalid token
-- Other: Connection issue
-
-### Step 4.2: Summary
+## Completion Summary
 
 ```
-╔════════════════════════════════════════════════════════════╗
-║              CMDB-ASSISTANT SETUP COMPLETE                 ║
-╠════════════════════════════════════════════════════════════╣
-║ MCP Server (NetBox):   ✓ Ready                             ║
-║ System Config:         ✓ ~/.config/claude/netbox.env       ║
-╚════════════════════════════════════════════════════════════╝
+CMDB-ASSISTANT SETUP COMPLETE
+MCP Server (NetBox):   Ready
+System Config:         ~/.config/claude/netbox.env
+
+Restart your Claude Code session for MCP tools.
+
+After restart, try:
+- /cmdb-device <hostname>
+- /cmdb-ip <address>
+- /cmdb-site <name>
+- /cmdb-search <query>
 ```
 
-### Step 4.3: Session Restart Notice
+## User Request
 
----
-
-**⚠️ Session Restart Required**
-
-Restart your Claude Code session for MCP tools to become available.
-
-**After restart, you can:**
-- Run `/cmdb-device <hostname>` to look up a device
-- Run `/cmdb-ip <address>` to look up an IP address
-- Run `/cmdb-site <name>` to look up a site
-- Run `/cmdb-search <query>` for general search
-
----
-
-## Note on Project Configuration
-
-cmdb-assistant does not require project-level configuration. The NetBox connection is system-wide and not tied to specific repositories.
+$ARGUMENTS

plugins/cmdb-assistant/commands/ip-conflicts.md

@@ -0,0 +1,58 @@
+---
+description: Detect IP address conflicts and overlapping prefixes in NetBox
+---
+
+# CMDB IP Conflict Detection
+
+Scan NetBox IPAM data to identify IP address conflicts and overlapping prefixes.
+
+## Skills to Load
+
+- `skills/visual-header.md`
+- `skills/ip-management.md`
+- `skills/mcp-tools-reference.md`
+
+## Usage
+
+```
+/ip-conflicts [scope]
+```
+
+**Scopes:**
+- `all` (default) - Full scan of all IP data
+- `addresses` - Check for duplicate IP addresses only
+- `prefixes` - Check for overlapping prefixes only
+- `vrf <name>` - Scan specific VRF only
+- `prefix <cidr>` - Scan within specific prefix
+
+## Instructions
+
+Execute `skills/visual-header.md` with context "IP Conflict Detection".
+
+Execute conflict detection from `skills/ip-management.md`:
+
+1. **Data Collection** - Fetch IPs, prefixes, VRFs via MCP
+2. **Duplicate Detection** - Group by address+VRF, flag >1 record
+3. **Overlap Detection** - Compare prefixes pairwise using CIDR math
+4. **Orphan IP Detection** - Find IPs without containing prefix
+5. **Generate Report** - Use template from skill
+
+## Conflict Types
+
+| Type | Severity |
+|------|----------|
+| Duplicate IP (same interface type) | CRITICAL |
+| Duplicate IP (different roles) | HIGH |
+| Overlapping prefixes (same status) | HIGH |
+| Overlapping prefixes (container ok) | LOW |
+| Orphan IP | MEDIUM |
+
+## Examples
+
+- `/ip-conflicts` - Full scan
+- `/ip-conflicts addresses` - Duplicate IPs only
+- `/ip-conflicts vrf Production` - Scan specific VRF
+
+## User Request
+
+$ARGUMENTS

plugins/cmdb-assistant/hooks/hooks.json

@@ -2,8 +2,13 @@
   "hooks": {
     "SessionStart": [
       {
-        "type": "command",
-        "command": "${CLAUDE_PLUGIN_ROOT}/hooks/startup-check.sh"
+        "matcher": "",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "${CLAUDE_PLUGIN_ROOT}/hooks/startup-check.sh"
+          }
+        ]
       }
     ],
     "PreToolUse": [

plugins/cmdb-assistant/hooks/startup-check.sh

@@ -25,11 +25,24 @@ if [[ -z "${NETBOX_API_URL:-}" ]] || [[ -z "${NETBOX_API_TOKEN:-}" ]]; then
     exit 0
 fi
 
+# Helper function to make authenticated API calls
+# Token passed via curl config to avoid exposure in process listings
+netbox_curl() {
+    local url="$1"
+    curl -s -K - <<EOF 2>/dev/null
+-H "Authorization: Token ${NETBOX_API_TOKEN}"
+-H "Accept: application/json"
+url = "${url}"
+EOF
+}
+
 # Quick API connectivity test (5s timeout)
-HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" -m 5 \
-    -H "Authorization: Token $NETBOX_API_TOKEN" \
-    -H "Accept: application/json" \
-    "${NETBOX_API_URL}/" 2>/dev/null || echo "000")
+HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" -m 5 -K - <<EOF 2>/dev/null || echo "000"
+-H "Authorization: Token ${NETBOX_API_TOKEN}"
+-H "Accept: application/json"
+url = "${NETBOX_API_URL}/"
+EOF
+)
 
 if [[ "$HTTP_CODE" == "000" ]]; then
     echo "$PREFIX NetBox API unreachable (timeout/connection error)"
@@ -40,10 +53,12 @@ elif [[ "$HTTP_CODE" != "200" ]]; then
 fi
 
 # Check for VMs without site assignment (data quality)
-VMS_RESPONSE=$(curl -s -m 5 \
-    -H "Authorization: Token $NETBOX_API_TOKEN" \
-    -H "Accept: application/json" \
-    "${NETBOX_API_URL}/virtualization/virtual-machines/?site__isnull=true&limit=1" 2>/dev/null || echo '{"count":0}')
+VMS_RESPONSE=$(curl -s -m 5 -K - <<EOF 2>/dev/null || echo '{"count":0}'
+-H "Authorization: Token ${NETBOX_API_TOKEN}"
+-H "Accept: application/json"
+url = "${NETBOX_API_URL}/virtualization/virtual-machines/?site__isnull=true&limit=1"
+EOF
+)
 
 VMS_NO_SITE=$(echo "$VMS_RESPONSE" | grep -o '"count":[0-9]*' | cut -d: -f2 || echo "0")
 
@@ -52,10 +67,12 @@ if [[ "$VMS_NO_SITE" -gt 0 ]]; then
 fi
 
 # Check for devices without platform
-DEVICES_RESPONSE=$(curl -s -m 5 \
-    -H "Authorization: Token $NETBOX_API_TOKEN" \
-    -H "Accept: application/json" \
-    "${NETBOX_API_URL}/dcim/devices/?platform__isnull=true&limit=1" 2>/dev/null || echo '{"count":0}')
+DEVICES_RESPONSE=$(curl -s -m 5 -K - <<EOF 2>/dev/null || echo '{"count":0}'
+-H "Authorization: Token ${NETBOX_API_TOKEN}"
+-H "Accept: application/json"
+url = "${NETBOX_API_URL}/dcim/devices/?platform__isnull=true&limit=1"
+EOF
+)
 
 DEVICES_NO_PLATFORM=$(echo "$DEVICES_RESPONSE" | grep -o '"count":[0-9]*' | cut -d: -f2 || echo "0")
 

plugins/cmdb-assistant/mcp-servers/netbox

@@ -1 +0,0 @@
-../../../mcp-servers/netbox

plugins/cmdb-assistant/skills/audit-workflow.md

@@ -0,0 +1,163 @@
+# Audit Workflow Skill
+
+How to audit NetBox data quality.
+
+## Prerequisites
+
+Load these skills:
+- `netbox-patterns` - Best practices reference
+- `mcp-tools-reference` - MCP tool reference
+
+## Data Collection
+
+```
+virt_list_vms
+dcim_list_devices
+virt_list_clusters
+dcim_list_sites
+tenancy_list_tenants
+dcim_list_device_roles
+dcim_list_platforms
+```
+
+## Quality Checks by Severity
+
+### CRITICAL (must fix immediately)
+
+| Check | Detection |
+|-------|-----------|
+| VMs without cluster | `cluster` is null AND `site` is null |
+| Devices without site | `site` is null |
+| Active devices without primary IP | `status=active` AND `primary_ip4` is null AND `primary_ip6` is null |
+
+### HIGH (should fix soon)
+
+| Check | Detection |
+|-------|-----------|
+| VMs without site | No site (neither direct nor via cluster.site) |
+| VMs without tenant | `tenant` is null |
+| Devices without platform | `platform` is null |
+| Clusters not scoped to site | `site` is null on cluster |
+| VMs without role | `role` is null |
+
+### MEDIUM (plan to address)
+
+| Check | Detection |
+|-------|-----------|
+| Inconsistent naming | Names don't match patterns |
+| Role fragmentation | >10 device roles with <3 assignments each |
+| Missing tags on production | Active resources without tags |
+| Mixed naming separators | Some `_`, others `-` |
+
+### LOW (informational)
+
+| Check | Detection |
+|-------|-----------|
+| Docker containers as VMs | Cluster type is "Docker Compose" |
+| VMs without description | `description` is empty |
+| Sites without physical address | `physical_address` is empty |
+| Devices without serial | `serial` is empty |
+
+## Naming Convention Analysis
+
+### Expected Patterns
+
+| Object Type | Pattern | Example |
+|-------------|---------|---------|
+| Devices | `{role}-{location}-{number}` | `web-dc1-01` |
+| VMs | `{env}-{app}-{number}` | `prod-api-01` |
+| Clusters | `{site}-{type}` | `home-docker` |
+
+### Analysis Steps
+
+1. Extract naming patterns from existing objects
+2. Identify dominant patterns (most common)
+3. Flag outliers that don't match
+4. Suggest standardization
+
+## Role Fragmentation Analysis
+
+### Red Flags
+
+- More than 15 highly specific roles
+- Roles with technology in name (use platform instead)
+- Roles that duplicate functionality
+- Single-use roles (only 1 device/VM)
+
+### Recommended Consolidation
+
+Use general roles + platform/tags for specificity:
+- Instead of `nginx-web-server`, use `web-server` + platform `nginx`
+
+## Report Template
+
+```markdown
+## CMDB Data Quality Audit Report
+
+**Generated:** [timestamp]
+**Scope:** [scope parameter]
+
+### Summary
+
+| Metric | Count |
+|--------|-------|
+| Total VMs | X |
+| Total Devices | Y |
+| Total Clusters | Z |
+| **Total Issues** | **N** |
+
+| Severity | Count |
+|----------|-------|
+| Critical | A |
+| High | B |
+| Medium | C |
+| Low | D |
+
+### Critical Issues
+
+[List each with specific object names and IDs]
+
+- VM `HotServ` (ID: 1) - No cluster or site assignment
+- Device `server-01` (ID: 5) - No site assignment
+
+### High Issues
+
+[List each with specific object names]
+
+### Medium Issues
+
+[Grouped by category with counts]
+
+### Recommendations
+
+1. **[Most impactful fix]** - affects N objects
+2. **[Second priority]** - affects M objects
+
+### Quick Fixes
+
+Commands to fix common issues:
+
+```
+# Assign site to VM
+virt_update_vm id=X site=Y
+
+# Assign platform to device
+dcim_update_device id=X platform=Y
+```
+
+### Next Steps
+
+- Run `/cmdb-register` to properly register new machines
+- Use `/cmdb-sync` to update existing registrations
+- Consider bulk updates via NetBox web UI for >10 items
+```
+
+## Scope-Specific Focus
+
+| Scope | Focus |
+|-------|-------|
+| `all` | Full audit across all categories |
+| `vms` | Virtual Machine checks only |
+| `devices` | Device checks only |
+| `naming` | Naming convention analysis |
+| `roles` | Role fragmentation analysis |

plugins/cmdb-assistant/skills/change-audit.md

@@ -0,0 +1,130 @@
+# Change Audit Skill
+
+Audit NetBox changes for tracking and compliance.
+
+## Prerequisites
+
+Load skill: `mcp-tools-reference`
+
+## MCP Tools
+
+| Tool | Purpose | Parameters |
+|------|---------|------------|
+| `extras_list_object_changes` | List changes | `user_id`, `changed_object_type`, `action` |
+| `extras_get_object_change` | Get change details | `id` |
+
+## Common Object Types
+
+| Category | Object Types |
+|----------|--------------|
+| DCIM | `dcim.device`, `dcim.interface`, `dcim.site`, `dcim.rack`, `dcim.cable` |
+| IPAM | `ipam.ipaddress`, `ipam.prefix`, `ipam.vlan`, `ipam.vrf` |
+| Virtualization | `virtualization.virtualmachine`, `virtualization.cluster` |
+| Tenancy | `tenancy.tenant`, `tenancy.contact` |
+
+## Audit Workflow
+
+1. **Parse user request** - Determine filters
+2. **Query object changes** - `extras_list_object_changes`
+3. **Enrich data** - Fetch detailed records if needed
+4. **Analyze patterns** - Identify bulk operations, unusual activity
+5. **Generate report** - Structured format
+
+## Report Template
+
+```markdown
+## NetBox Change Audit Report
+
+**Generated:** [timestamp]
+**Period:** [date range or "All time"]
+**Filters:** [applied filters]
+
+### Summary
+
+| Metric | Count |
+|--------|-------|
+| Total Changes | X |
+| Creates | Y |
+| Updates | Z |
+| Deletes | W |
+| Unique Users | N |
+| Object Types | M |
+
+### Changes by Action
+
+#### Created Objects (Y)
+
+| Time | User | Object Type | Object | Details |
+|------|------|-------------|--------|---------|
+| 2024-01-15 14:30 | admin | dcim.device | server-01 | Created device |
+
+#### Updated Objects (Z)
+
+| Time | User | Object Type | Object | Changed Fields |
+|------|------|-------------|--------|----------------|
+| 2024-01-15 15:00 | john | ipam.ipaddress | 10.0.1.50/24 | status, description |
+
+#### Deleted Objects (W)
+
+| Time | User | Object Type | Object | Details |
+|------|------|-------------|--------|---------|
+| 2024-01-14 09:00 | admin | dcim.interface | eth2 | Removed from server-01 |
+
+### Changes by User
+
+| User | Creates | Updates | Deletes | Total |
+|------|---------|---------|---------|-------|
+| admin | 5 | 10 | 2 | 17 |
+| john | 3 | 8 | 0 | 11 |
+
+### Changes by Object Type
+
+| Object Type | Creates | Updates | Deletes | Total |
+|-------------|---------|---------|---------|-------|
+| dcim.device | 2 | 5 | 0 | 7 |
+| ipam.ipaddress | 4 | 3 | 1 | 8 |
+
+### Timeline
+
+```
+2024-01-15: ######## 8 changes
+2024-01-14: ####     4 changes
+2024-01-13: ##       2 changes
+```
+
+### Notable Patterns
+
+- **Bulk operations:** [Many changes in short time]
+- **Unusual activity:** [Unexpected deletions, after-hours changes]
+- **Missing audit trail:** [Expected changes not logged]
+
+### Recommendations
+
+1. [Security or process recommendations based on findings]
+```
+
+## Enriching Change Details
+
+For detailed audit, use `extras_get_object_change` to see:
+- `prechange_data` - Object state before change
+- `postchange_data` - Object state after change
+- `request_id` - Links related changes in same request
+
+## Security Audit Mode
+
+When user asks for "security audit" or "compliance report":
+
+1. Focus on deletions and permission-sensitive changes
+2. Highlight changes to critical objects (firewalls, VRFs, prefixes)
+3. Flag changes outside business hours
+4. Identify users with high change counts
+
+## Filter Examples
+
+| Request | Filter |
+|---------|--------|
+| Recent changes | None (last 24 hours default) |
+| Last 7 days | Filter by `time` field |
+| By user | `user_id=<id>` |
+| Device changes | `changed_object_type=dcim.device` |
+| All deletions | `action=delete` |

plugins/cmdb-assistant/skills/device-registration.md

@@ -0,0 +1,177 @@
+# Device Registration Skill
+
+How to register devices into NetBox.
+
+## Prerequisites
+
+Load these skills:
+- `system-discovery` - Bash commands for gathering system info
+- `netbox-patterns` - Best practices for data quality
+- `mcp-tools-reference` - MCP tool reference
+
+## Registration Workflow
+
+### Phase 1: System Discovery
+
+Use commands from `system-discovery` skill to gather:
+- Hostname, OS, hardware model, serial number
+- CPU, memory, disk
+- Network interfaces with IPs
+- Running Docker containers
+
+### Phase 2: Pre-Registration Checks
+
+1. **Check if device exists:**
+   ```
+   dcim_list_devices name=<hostname>
+   ```
+   If exists, suggest `/cmdb-sync` instead.
+
+2. **Verify/Create site:**
+   ```
+   dcim_list_sites name=<site-name>
+   ```
+   If not found, list available sites or offer to create.
+
+3. **Verify/Create platform:**
+   ```
+   dcim_list_platforms name=<platform-name>
+   ```
+   Create if not exists with `dcim_create_platform`.
+
+4. **Verify/Create device role:**
+   ```
+   dcim_list_device_roles name=<role-name>
+   ```
+
+### Phase 3: Device Creation
+
+1. **Get/Create manufacturer and device type:**
+   ```
+   dcim_list_manufacturers name="<manufacturer>"
+   dcim_list_device_types manufacturer_id=X model="<model>"
+   ```
+
+2. **Create device:**
+   ```
+   dcim_create_device
+     name=<hostname>
+     device_type=<device_type_id>
+     role=<role_id>
+     site=<site_id>
+     platform=<platform_id>
+     tenant=<tenant_id>  # if provided
+     serial=<serial>
+     description="Registered via cmdb-assistant"
+   ```
+
+3. **Create interfaces:**
+   For each network interface:
+   ```
+   dcim_create_interface
+     device=<device_id>
+     name=<interface_name>
+     type=<type>
+     mac_address=<mac>
+     enabled=true
+   ```
+
+4. **Create IP addresses:**
+   For each IP:
+   ```
+   ipam_create_ip_address
+     address=<ip/prefix>
+     assigned_object_type="dcim.interface"
+     assigned_object_id=<interface_id>
+     status="active"
+   ```
+
+5. **Set primary IP:**
+   ```
+   dcim_update_device
+     id=<device_id>
+     primary_ip4=<primary_ip_id>
+   ```
+
+### Phase 4: Container Registration (if Docker)
+
+1. **Create/Get cluster type:**
+   ```
+   virt_list_cluster_types name="Docker Compose"
+   virt_create_cluster_type name="Docker Compose" slug="docker-compose"
+   ```
+
+2. **Create cluster:**
+   ```
+   virt_create_cluster
+     name=<project-name>
+     type=<cluster_type_id>
+     site=<site_id>
+     description="Docker Compose stack on <hostname>"
+   ```
+
+3. **Create VMs for containers:**
+   For each running container:
+   ```
+   virt_create_vm
+     name=<container_name>
+     cluster=<cluster_id>
+     site=<site_id>
+     role=<role_id>
+     status="active"
+     vcpus=<cpu_shares>
+     memory=<memory_mb>
+     disk=<disk_gb>
+   ```
+
+### Phase 5: Documentation
+
+Add journal entry:
+```
+extras_create_journal_entry
+  assigned_object_type="dcim.device"
+  assigned_object_id=<device_id>
+  comments="Device registered via /cmdb-register command\n\nDiscovered:\n- X network interfaces\n- Y IP addresses\n- Z Docker containers"
+```
+
+## Summary Report Template
+
+```markdown
+## Machine Registration Complete
+
+### Device Created
+- **Name:** <hostname>
+- **Site:** <site>
+- **Platform:** <platform>
+- **Role:** <role>
+- **ID:** <device_id>
+- **URL:** https://netbox.example.com/dcim/devices/<id>/
+
+### Network Interfaces
+| Interface | Type | MAC | IP Address |
+|-----------|------|-----|------------|
+| eth0 | 1000base-t | aa:bb:cc:dd:ee:ff | 192.168.1.100/24 |
+
+### Primary IP: 192.168.1.100
+
+### Docker Containers Registered (if applicable)
+**Cluster:** <cluster_name> (ID: <cluster_id>)
+
+| Container | Role | vCPUs | Memory | Status |
+|-----------|------|-------|--------|--------|
+| media_jellyfin | Media Server | 2.0 | 2048MB | Active |
+
+### Next Steps
+- Run `/cmdb-sync` periodically to keep data current
+- Run `/cmdb-audit` to check data quality
+- Add tags for classification
+```
+
+## Error Handling
+
+| Error | Action |
+|-------|--------|
+| Device already exists | Suggest `/cmdb-sync` or ask to proceed |
+| Site not found | List available sites, offer to create new |
+| Docker not available | Skip container registration, note in summary |
+| Permission denied | Note which operations failed, suggest fixes |

plugins/cmdb-assistant/skills/ip-management.md

@@ -0,0 +1,162 @@
+# IP Management Skill
+
+IP address and prefix management in NetBox.
+
+## Prerequisites
+
+Load skill: `mcp-tools-reference`
+
+## IPAM Operations
+
+### Prefix Management
+
+| Action | Tool | Key Parameters |
+|--------|------|----------------|
+| List prefixes | `ipam_list_prefixes` | `prefix`, `vrf_id`, `within`, `contains` |
+| Get details | `ipam_get_prefix` | `id` |
+| Find available child | `ipam_list_available_prefixes` | `prefix_id` |
+| Create prefix | `ipam_create_prefix` | `prefix`, `status`, `site`, `vrf` |
+| Allocate child | `ipam_create_available_prefix` | `prefix_id`, `prefix_length` |
+
+### IP Address Management
+
+| Action | Tool | Key Parameters |
+|--------|------|----------------|
+| List IPs | `ipam_list_ip_addresses` | `address`, `vrf_id`, `device_id` |
+| Get details | `ipam_get_ip_address` | `id` |
+| Find available | `ipam_list_available_ips` | `prefix_id` |
+| Create IP | `ipam_create_ip_address` | `address`, `assigned_object_type`, `assigned_object_id` |
+| Allocate next | `ipam_create_available_ip` | `prefix_id` |
+| Assign to interface | `ipam_update_ip_address` | `id`, `assigned_object_id` |
+
+### VLAN and VRF
+
+| Action | Tool |
+|--------|------|
+| List VLANs | `ipam_list_vlans` |
+| Get VLAN | `ipam_get_vlan` |
+| Create VLAN | `ipam_create_vlan` |
+| List VRFs | `ipam_list_vrfs` |
+| Get VRF | `ipam_get_vrf` |
+
+## IP Allocation Workflow
+
+1. **Find available IPs in target prefix:**
+   ```
+   ipam_list_available_ips prefix_id=<id>
+   ```
+
+2. **Create the IP address:**
+   ```
+   ipam_create_ip_address
+     address=<ip/prefix>
+     assigned_object_type="dcim.interface"
+     assigned_object_id=<interface_id>
+     status="active"
+   ```
+
+3. **Set as primary (if needed):**
+   ```
+   dcim_update_device id=<device_id> primary_ip4=<ip_id>
+   ```
+
+## IP Conflict Detection
+
+### Conflict Types
+
+1. **Duplicate IP Addresses**
+   - Multiple records with same address in same VRF
+   - Exception: Anycast addresses (check `role` field)
+
+2. **Overlapping Prefixes**
+   - Prefixes containing same address space in same VRF
+   - Legitimate: Parent/child hierarchy, different VRFs, "container" status
+
+3. **IPs Outside Prefix**
+   - IP addresses not within any defined prefix
+
+4. **Same Prefix in Multiple VRFs** (informational)
+
+### Detection Workflow
+
+1. **Duplicate Detection:**
+   - Get all addresses: `ipam_list_ip_addresses`
+   - Group by address + VRF
+   - Flag groups with >1 record
+
+2. **Overlap Detection:**
+   - Get all prefixes: `ipam_list_prefixes`
+   - For each VRF, compare prefixes pairwise
+   - Check if prefix A contains prefix B or vice versa
+   - Ignore legitimate hierarchies (status=container)
+
+3. **Orphan IP Detection:**
+   - For each IP, find containing prefix
+   - Flag IPs with no prefix match
+
+### CIDR Math Rules
+
+- Prefix A **contains** Prefix B if: `A.network <= B.network AND A.broadcast >= B.broadcast`
+- Two prefixes **overlap** if: `A.network <= B.broadcast AND B.network <= A.broadcast`
+
+### Severity Levels
+
+| Issue | Severity |
+|-------|----------|
+| Duplicate IP (same interface type) | CRITICAL |
+| Duplicate IP (different roles) | HIGH |
+| Overlapping prefixes (same status) | HIGH |
+| Overlapping prefixes (container ok) | LOW |
+| Orphan IP | MEDIUM |
+
+## Conflict Report Template
+
+```markdown
+## IP Conflict Detection Report
+
+**Generated:** [timestamp]
+**Scope:** [scope parameter]
+
+### Summary
+
+| Check | Status | Count |
+|-------|--------|-------|
+| Duplicate IPs | [PASS/FAIL] | X |
+| Overlapping Prefixes | [PASS/FAIL] | Y |
+| Orphan IPs | [PASS/FAIL] | Z |
+
+### Critical Issues
+
+#### Duplicate IP Addresses
+
+| Address | VRF | Count | Assigned To |
+|---------|-----|-------|-------------|
+| 10.0.1.50/24 | Global | 2 | server-01, server-02 |
+
+**Resolution:**
+- Determine which device should have the IP
+- Update or remove the duplicate
+
+#### Overlapping Prefixes
+
+| Prefix 1 | Prefix 2 | VRF | Type |
+|----------|----------|-----|------|
+| 10.0.0.0/24 | 10.0.0.0/25 | Global | Unstructured |
+
+**Resolution:**
+- For legitimate hierarchies: Mark parent as status="container"
+- For accidental: Consolidate or re-address
+
+### Remediation Commands
+
+```
+# Remove duplicate IP
+ipam_delete_ip_address id=123
+
+# Mark prefix as container
+ipam_update_prefix id=456 status=container
+
+# Create missing prefix
+ipam_create_prefix prefix=172.16.5.0/24 status=active
+```
+```

plugins/cmdb-assistant/skills/mcp-tools-reference.md

@@ -0,0 +1,281 @@
+# NetBox MCP Tools Reference
+
+Complete reference for NetBox MCP tools organized by category.
+
+## DCIM (Data Center Infrastructure Management)
+
+### Sites and Locations
+| Tool | Purpose | Key Parameters |
+|------|---------|----------------|
+| `dcim_list_sites` | List all sites | `name`, `status`, `region_id` |
+| `dcim_get_site` | Get site details | `id` |
+| `dcim_create_site` | Create new site | `name`, `slug`, `status` |
+| `dcim_update_site` | Update site | `id`, fields to update |
+| `dcim_delete_site` | Delete site | `id` |
+| `dcim_list_locations` | List locations within sites | `site_id`, `parent_id` |
+| `dcim_get_location` | Get location details | `id` |
+| `dcim_create_location` | Create location | `name`, `slug`, `site` |
+| `dcim_update_location` | Update location | `id`, fields to update |
+| `dcim_delete_location` | Delete location | `id` |
+| `dcim_list_regions` | List regions | `name` |
+| `dcim_get_region` | Get region details | `id` |
+| `dcim_create_region` | Create region | `name`, `slug` |
+| `dcim_update_region` | Update region | `id`, fields to update |
+| `dcim_delete_region` | Delete region | `id` |
+
+### Racks
+| Tool | Purpose | Key Parameters |
+|------|---------|----------------|
+| `dcim_list_racks` | List racks | `site_id`, `location_id`, `name` |
+| `dcim_get_rack` | Get rack details | `id` |
+| `dcim_create_rack` | Create rack | `name`, `site`, `u_height` |
+| `dcim_update_rack` | Update rack | `id`, fields to update |
+| `dcim_delete_rack` | Delete rack | `id` |
+
+### Devices
+| Tool | Purpose | Key Parameters |
+|------|---------|----------------|
+| `dcim_list_devices` | List devices | `name`, `site_id`, `role_id`, `status` |
+| `dcim_get_device` | Get device details | `id` |
+| `dcim_create_device` | Create device | `name`, `device_type`, `role`, `site` |
+| `dcim_update_device` | Update device | `id`, `primary_ip4`, etc. |
+| `dcim_delete_device` | Delete device | `id` |
+
+### Device Types and Roles
+| Tool | Purpose | Key Parameters |
+|------|---------|----------------|
+| `dcim_list_device_types` | List device types | `manufacturer_id`, `model` |
+| `dcim_get_device_type` | Get type details | `id` |
+| `dcim_create_device_type` | Create device type | `manufacturer`, `model`, `slug` |
+| `dcim_update_device_type` | Update device type | `id`, fields |
+| `dcim_delete_device_type` | Delete device type | `id` |
+| `dcim_list_device_roles` | List device roles | `name` |
+| `dcim_get_device_role` | Get role details | `id` |
+| `dcim_create_device_role` | Create device role | `name`, `slug` |
+| `dcim_update_device_role` | Update device role | `id`, fields |
+| `dcim_delete_device_role` | Delete device role | `id` |
+
+### Manufacturers and Platforms
+| Tool | Purpose | Key Parameters |
+|------|---------|----------------|
+| `dcim_list_manufacturers` | List manufacturers | `name` |
+| `dcim_get_manufacturer` | Get manufacturer details | `id` |
+| `dcim_create_manufacturer` | Create manufacturer | `name`, `slug` |
+| `dcim_update_manufacturer` | Update manufacturer | `id`, fields |
+| `dcim_delete_manufacturer` | Delete manufacturer | `id` |
+| `dcim_list_platforms` | List platforms | `name` |
+| `dcim_get_platform` | Get platform details | `id` |
+| `dcim_create_platform` | Create platform | `name`, `slug` |
+| `dcim_update_platform` | Update platform | `id`, fields |
+| `dcim_delete_platform` | Delete platform | `id` |
+
+### Interfaces and Cables
+| Tool | Purpose | Key Parameters |
+|------|---------|----------------|
+| `dcim_list_interfaces` | List interfaces | `device_id`, `name`, `type` |
+| `dcim_get_interface` | Get interface details | `id` |
+| `dcim_create_interface` | Create interface | `device`, `name`, `type` |
+| `dcim_update_interface` | Update interface | `id`, `enabled`, `mac_address` |
+| `dcim_delete_interface` | Delete interface | `id` |
+| `dcim_list_cables` | List cables | `device_id`, `site_id` |
+| `dcim_get_cable` | Get cable details | `id` |
+| `dcim_create_cable` | Create cable | `a_terminations`, `b_terminations` |
+| `dcim_update_cable` | Update cable | `id`, fields |
+| `dcim_delete_cable` | Delete cable | `id` |
+
+### Power
+| Tool | Purpose | Key Parameters |
+|------|---------|----------------|
+| `dcim_list_power_panels` | List power panels | `site_id` |
+| `dcim_get_power_panel` | Get panel details | `id` |
+| `dcim_create_power_panel` | Create power panel | `name`, `site` |
+| `dcim_list_power_feeds` | List power feeds | `power_panel_id` |
+| `dcim_get_power_feed` | Get feed details | `id` |
+| `dcim_create_power_feed` | Create power feed | `name`, `power_panel`, `supply` |
+
+### Other DCIM
+| Tool | Purpose | Key Parameters |
+|------|---------|----------------|
+| `dcim_list_virtual_chassis` | List virtual chassis | (varies) |
+| `dcim_get_virtual_chassis` | Get virtual chassis | `id` |
+| `dcim_list_inventory_items` | List inventory items | `device_id` |
+| `dcim_get_inventory_item` | Get inventory item | `id` |
+
+## IPAM (IP Address Management)
+
+### Prefixes
+| Tool | Purpose | Key Parameters |
+|------|---------|----------------|
+| `ipam_list_prefixes` | List prefixes | `prefix`, `vrf_id`, `within`, `contains` |
+| `ipam_get_prefix` | Get prefix details | `id` |
+| `ipam_create_prefix` | Create prefix | `prefix`, `status`, `site`, `vrf` |
+| `ipam_update_prefix` | Update prefix | `id`, `status`, etc. |
+| `ipam_delete_prefix` | Delete prefix | `id` |
+| `ipam_list_available_prefixes` | List available child prefixes | `prefix_id` |
+| `ipam_create_available_prefix` | Allocate from parent | `prefix_id`, `prefix_length` |
+
+### IP Addresses
+| Tool | Purpose | Key Parameters |
+|------|---------|----------------|
+| `ipam_list_ip_addresses` | List IP addresses | `address`, `vrf_id`, `device_id`, `status` |
+| `ipam_get_ip_address` | Get IP details | `id` |
+| `ipam_create_ip_address` | Create IP address | `address`, `assigned_object_type`, `assigned_object_id` |
+| `ipam_update_ip_address` | Update IP address | `id`, `status`, etc. |
+| `ipam_delete_ip_address` | Delete IP address | `id` |
+| `ipam_list_available_ips` | List available IPs in prefix | `prefix_id` |
+| `ipam_create_available_ip` | Allocate next available | `prefix_id` |
+
+### VLANs and VRFs
+| Tool | Purpose | Key Parameters |
+|------|---------|----------------|
+| `ipam_list_vlans` | List VLANs | `vid`, `name`, `site_id` |
+| `ipam_get_vlan` | Get VLAN details | `id` |
+| `ipam_create_vlan` | Create VLAN | `vid`, `name`, `site` |
+| `ipam_update_vlan` | Update VLAN | `id`, fields |
+| `ipam_delete_vlan` | Delete VLAN | `id` |
+| `ipam_list_vlan_groups` | List VLAN groups | `site_id` |
+| `ipam_get_vlan_group` | Get VLAN group | `id` |
+| `ipam_create_vlan_group` | Create VLAN group | `name`, `slug`, `scope_type` |
+| `ipam_list_vrfs` | List VRFs | `name` |
+| `ipam_get_vrf` | Get VRF details | `id` |
+| `ipam_create_vrf` | Create VRF | `name`, `rd` |
+| `ipam_update_vrf` | Update VRF | `id`, fields |
+| `ipam_delete_vrf` | Delete VRF | `id` |
+
+### Other IPAM
+| Tool | Purpose | Key Parameters |
+|------|---------|----------------|
+| `ipam_list_asns` | List ASNs | (varies) |
+| `ipam_get_asn` | Get ASN details | `id` |
+| `ipam_create_asn` | Create ASN | `asn`, `rir` |
+| `ipam_list_rirs` | List RIRs | `name` |
+| `ipam_get_rir` | Get RIR details | `id` |
+| `ipam_list_aggregates` | List aggregates | `prefix`, `rir_id` |
+| `ipam_get_aggregate` | Get aggregate | `id` |
+| `ipam_create_aggregate` | Create aggregate | `prefix`, `rir` |
+| `ipam_list_services` | List services | `device_id`, `name` |
+| `ipam_get_service` | Get service details | `id` |
+| `ipam_create_service` | Create service | `name`, `ports`, `protocol` |
+
+## Virtualization
+
+### Clusters
+| Tool | Purpose | Key Parameters |
+|------|---------|----------------|
+| `virt_list_cluster_types` | List cluster types | `name` |
+| `virt_get_cluster_type` | Get cluster type | `id` |
+| `virt_create_cluster_type` | Create cluster type | `name`, `slug` |
+| `virt_list_cluster_groups` | List cluster groups | `name` |
+| `virt_get_cluster_group` | Get cluster group | `id` |
+| `virt_create_cluster_group` | Create cluster group | `name`, `slug` |
+| `virt_list_clusters` | List clusters | `name`, `site_id`, `type_id` |
+| `virt_get_cluster` | Get cluster details | `id` |
+| `virt_create_cluster` | Create cluster | `name`, `type`, `site` |
+| `virt_update_cluster` | Update cluster | `id`, fields |
+| `virt_delete_cluster` | Delete cluster | `id` |
+
+### Virtual Machines
+| Tool | Purpose | Key Parameters |
+|------|---------|----------------|
+| `virt_list_vms` | List VMs | `name`, `cluster_id`, `site_id`, `status` |
+| `virt_get_vm` | Get VM details | `id` |
+| `virt_create_vm` | Create VM | `name`, `cluster`, `site`, `status` |
+| `virt_update_vm` | Update VM | `id`, `status`, etc. |
+| `virt_delete_vm` | Delete VM | `id` |
+| `virt_list_vm_ifaces` | List VM interfaces | `virtual_machine_id` |
+| `virt_get_vm_iface` | Get VM interface | `id` |
+| `virt_create_vm_iface` | Create VM interface | `virtual_machine`, `name` |
+
+## Circuits
+
+| Tool | Purpose | Key Parameters |
+|------|---------|----------------|
+| `circuits_list_providers` | List providers | `name` |
+| `circuits_get_provider` | Get provider | `id` |
+| `circuits_create_provider` | Create provider | `name`, `slug` |
+| `circuits_update_provider` | Update provider | `id`, fields |
+| `circuits_delete_provider` | Delete provider | `id` |
+| `circ_list_types` | List circuit types | `name` |
+| `circ_get_type` | Get circuit type | `id` |
+| `circ_create_type` | Create circuit type | `name`, `slug` |
+| `circuits_list_circuits` | List circuits | `provider_id`, `type_id` |
+| `circuits_get_circuit` | Get circuit | `id` |
+| `circuits_create_circuit` | Create circuit | `cid`, `provider`, `type` |
+| `circuits_update_circuit` | Update circuit | `id`, fields |
+| `circuits_delete_circuit` | Delete circuit | `id` |
+| `circ_list_terminations` | List terminations | `circuit_id` |
+| `circ_get_termination` | Get termination | `id` |
+| `circ_create_termination` | Create termination | `circuit`, `site`, `term_side` |
+
+## Tenancy
+
+| Tool | Purpose | Key Parameters |
+|------|---------|----------------|
+| `tenancy_list_tenant_groups` | List tenant groups | `name` |
+| `tenancy_get_tenant_group` | Get tenant group | `id` |
+| `tenancy_create_tenant_group` | Create tenant group | `name`, `slug` |
+| `tenancy_list_tenants` | List tenants | `name`, `group_id` |
+| `tenancy_get_tenant` | Get tenant | `id` |
+| `tenancy_create_tenant` | Create tenant | `name`, `slug` |
+| `tenancy_update_tenant` | Update tenant | `id`, fields |
+| `tenancy_delete_tenant` | Delete tenant | `id` |
+| `tenancy_list_contacts` | List contacts | `name` |
+| `tenancy_get_contact` | Get contact | `id` |
+| `tenancy_create_contact` | Create contact | `name` |
+
+## VPN
+
+| Tool | Purpose | Key Parameters |
+|------|---------|----------------|
+| `vpn_list_tunnels` | List VPN tunnels | `name` |
+| `vpn_get_tunnel` | Get tunnel | `id` |
+| `vpn_create_tunnel` | Create tunnel | `name`, `status` |
+| `vpn_list_l2vpns` | List L2VPNs | `name` |
+| `vpn_get_l2vpn` | Get L2VPN | `id` |
+| `vpn_create_l2vpn` | Create L2VPN | `name`, `type` |
+| `vpn_list_ike_policies` | List IKE policies | (varies) |
+| `vpn_list_ipsec_policies` | List IPSec policies | (varies) |
+| `vpn_list_ipsec_profiles` | List IPSec profiles | (varies) |
+
+## Wireless
+
+| Tool | Purpose | Key Parameters |
+|------|---------|----------------|
+| `wlan_list_groups` | List WLAN groups | `name` |
+| `wlan_get_group` | Get WLAN group | `id` |
+| `wlan_create_group` | Create WLAN group | `name`, `slug` |
+| `wlan_list_lans` | List WLANs | `ssid` |
+| `wlan_get_lan` | Get WLAN | `id` |
+| `wlan_create_lan` | Create WLAN | `ssid`, `group` |
+| `wlan_list_links` | List wireless links | (varies) |
+| `wlan_get_link` | Get wireless link | `id` |
+
+## Extras
+
+| Tool | Purpose | Key Parameters |
+|------|---------|----------------|
+| `extras_list_tags` | List tags | `name` |
+| `extras_get_tag` | Get tag | `id` |
+| `extras_create_tag` | Create tag | `name`, `slug`, `color` |
+| `extras_update_tag` | Update tag | `id`, fields |
+| `extras_delete_tag` | Delete tag | `id` |
+| `extras_list_custom_fields` | List custom fields | `name` |
+| `extras_get_custom_field` | Get custom field | `id` |
+| `extras_list_webhooks` | List webhooks | `name` |
+| `extras_get_webhook` | Get webhook | `id` |
+| `extras_list_journal_entries` | List journal entries | `assigned_object_type`, `assigned_object_id` |
+| `extras_get_journal_entry` | Get journal entry | `id` |
+| `extras_create_journal_entry` | Create journal entry | `assigned_object_type`, `assigned_object_id`, `comments` |
+| `extras_list_object_changes` | List audit log | `user_id`, `changed_object_type`, `action` |
+| `extras_get_object_change` | Get change details | `id` |
+| `extras_list_config_contexts` | List config contexts | `name` |
+| `extras_get_config_context` | Get config context | `id` |
+
+## Common Object Types for Filtering
+
+| Category | Object Types |
+|----------|--------------|
+| DCIM | `dcim.device`, `dcim.interface`, `dcim.site`, `dcim.rack`, `dcim.cable` |
+| IPAM | `ipam.ipaddress`, `ipam.prefix`, `ipam.vlan`, `ipam.vrf` |
+| Virtualization | `virtualization.virtualmachine`, `virtualization.cluster` |
+| Tenancy | `tenancy.tenant`, `tenancy.contact` |

plugins/cmdb-assistant/skills/sync-workflow.md

@@ -0,0 +1,191 @@
+# Sync Workflow Skill
+
+How to synchronize machine state with NetBox.
+
+## Prerequisites
+
+Load these skills:
+- `system-discovery` - Bash commands for system info
+- `mcp-tools-reference` - MCP tool reference
+
+## Sync Workflow
+
+### Phase 1: Device Lookup
+
+```
+dcim_list_devices name=<hostname>
+```
+
+If not found, suggest `/cmdb-register` first.
+
+If found:
+- Store device ID and current field values
+- Fetch interfaces: `dcim_list_interfaces device_id=<device_id>`
+- Fetch IPs: `ipam_list_ip_addresses device_id=<device_id>`
+- Check clusters/VMs: `virt_list_clusters`, `virt_list_vms cluster=<cluster_id>`
+
+### Phase 2: Current State Discovery
+
+Use commands from `system-discovery` skill.
+
+### Phase 3: Comparison
+
+#### Device Attributes
+| Field | Compare |
+|-------|---------|
+| Platform | OS version changed? |
+| Status | Still active? |
+| Serial | Match? |
+| Description | Keep existing |
+
+#### Network Interfaces
+| Change Type | Detection |
+|-------------|-----------|
+| New interface | Exists locally but not in NetBox |
+| Removed interface | In NetBox but not locally |
+| Changed MAC | MAC address different |
+| Interface type | Type mismatch |
+
+#### IP Addresses
+| Change Type | Detection |
+|-------------|-----------|
+| New IP | Exists locally but not in NetBox |
+| Removed IP | In NetBox but not locally |
+| Primary IP changed | Default route interface changed |
+
+#### Docker Containers
+| Change Type | Detection |
+|-------------|-----------|
+| New container | Running locally but no VM in cluster |
+| Stopped container | VM exists but container not running |
+| Resource change | vCPUs/memory different |
+
+### Phase 4: Diff Report
+
+```markdown
+## Sync Diff Report
+
+**Device:** <hostname> (ID: <device_id>)
+**NetBox URL:** https://netbox.example.com/dcim/devices/<id>/
+
+### Device Attributes
+| Field | NetBox Value | Current Value | Action |
+|-------|--------------|---------------|--------|
+| Platform | Ubuntu 22.04 | Ubuntu 24.04 | UPDATE |
+
+### Network Interfaces
+
+#### New Interfaces (will create)
+| Interface | Type | MAC | IPs |
+|-----------|------|-----|-----|
+| tailscale0 | virtual | - | 100.x.x.x/32 |
+
+#### Removed Interfaces (will mark offline)
+| Interface | Type | Reason |
+|-----------|------|--------|
+| eth1 | 1000base-t | Not found locally |
+
+#### Changed Interfaces
+| Interface | Field | Old | New |
+|-----------|-------|-----|-----|
+| eth0 | mac_address | aa:bb:cc:00:00:00 | aa:bb:cc:11:11:11 |
+
+### IP Addresses
+
+#### New IPs (will create)
+- 192.168.1.150/24 on eth0
+
+#### Removed IPs (will unassign)
+- 192.168.1.100/24 from eth0
+
+### Docker Containers
+
+#### New Containers (will create VMs)
+| Container | Image | Role |
+|-----------|-------|------|
+| media_lidarr | linuxserver/lidarr | Media Management |
+
+### Summary
+- **Updates:** X
+- **Creates:** Y
+- **Removals/Offline:** Z
+```
+
+### Phase 5: Apply Updates
+
+#### Device Updates
+```
+dcim_update_device id=<device_id> platform=<new_platform_id>
+```
+
+#### Interface Updates
+New:
+```
+dcim_create_interface device=<device_id> name=<name> type=<type>
+```
+
+Removed (mark offline):
+```
+dcim_update_interface id=<id> enabled=false description="Marked offline by cmdb-sync"
+```
+
+Changed:
+```
+dcim_update_interface id=<id> mac_address=<new_mac>
+```
+
+#### IP Address Updates
+New:
+```
+ipam_create_ip_address address=<ip/prefix> assigned_object_type="dcim.interface" assigned_object_id=<id>
+```
+
+Removed (unassign):
+```
+ipam_update_ip_address id=<id> assigned_object_type=null assigned_object_id=null
+```
+
+#### Primary IP Update
+```
+dcim_update_device id=<device_id> primary_ip4=<new_primary_ip_id>
+```
+
+#### Container/VM Updates
+New:
+```
+virt_create_vm name=<name> cluster=<cluster_id> status="active"
+```
+
+Stopped:
+```
+virt_update_vm id=<id> status="offline"
+```
+
+### Phase 6: Journal Entry
+
+```
+extras_create_journal_entry
+  assigned_object_type="dcim.device"
+  assigned_object_id=<device_id>
+  comments="Device synced via /cmdb-sync command\n\nChanges applied:\n- <list>"
+```
+
+## Sync Modes
+
+### Dry Run Mode
+- Complete phases 1-4 (lookup, discovery, compare, diff report)
+- Skip phases 5-6 (no updates, no journal)
+- End with: "Dry run complete. No changes applied."
+
+### Full Sync Mode
+- Skip user confirmation
+- Update all fields even if unchanged (force refresh)
+
+## Error Handling
+
+| Error | Action |
+|-------|--------|
+| Device not found | Suggest `/cmdb-register` |
+| Permission denied | Note which failed, continue others |
+| Cluster not found | Offer to create or skip container sync |
+| API errors | Log error, continue with remaining |

plugins/cmdb-assistant/skills/system-discovery.md

@@ -0,0 +1,101 @@
+# System Discovery Skill
+
+Bash commands for gathering system information from the current machine.
+
+## Basic Device Information
+
+```bash
+# Hostname
+hostname
+
+# OS/Platform info
+cat /etc/os-release 2>/dev/null || uname -a
+
+# Hardware model - Raspberry Pi
+cat /proc/device-tree/model 2>/dev/null || echo "Unknown"
+
+# Hardware model - x86 systems
+cat /sys/class/dmi/id/product_name 2>/dev/null || echo "Unknown"
+
+# Serial number - Raspberry Pi
+cat /proc/device-tree/serial-number 2>/dev/null || cat /proc/cpuinfo | grep Serial | cut -d: -f2 | tr -d ' ' 2>/dev/null
+
+# Serial number - x86 systems
+cat /sys/class/dmi/id/product_serial 2>/dev/null || echo "Unknown"
+
+# CPU count
+nproc
+
+# Memory in MB
+free -m | awk '/Mem:/ {print $2}'
+
+# Disk size in GB (root filesystem)
+df -BG / | awk 'NR==2 {print $2}' | tr -d 'G'
+```
+
+## Network Interfaces
+
+```bash
+# Get interfaces with IPs (JSON format)
+ip -j addr show 2>/dev/null || ip addr show
+
+# Get default gateway interface
+ip route | grep default | awk '{print $5}' | head -1
+
+# Get MAC addresses
+ip -j link show 2>/dev/null || ip link show
+```
+
+## Running Applications
+
+```bash
+# Docker containers (JSON format)
+docker ps --format '{"name":"{{.Names}}","image":"{{.Image}}","status":"{{.Status}}","ports":"{{.Ports}}"}' 2>/dev/null || echo "Docker not available"
+
+# Docker Compose projects (find compose files)
+find ~/apps /home/*/apps -name "docker-compose.yml" -o -name "docker-compose.yaml" 2>/dev/null | head -20
+
+# Running systemd services
+systemctl list-units --type=service --state=running --no-pager --plain 2>/dev/null | grep -v "^UNIT" | head -30
+```
+
+## Interface Type Mapping
+
+| Interface Pattern | NetBox Type |
+|-------------------|-------------|
+| `eth*`, `enp*` | `1000base-t` |
+| `wlan*` | `ieee802.11ax` |
+| `tailscale*`, `docker*`, `br-*` | `virtual` |
+| `lo` | Skip (loopback) |
+
+## Platform Detection
+
+Based on OS detected, determine platform name:
+
+| OS Detection | Platform Name |
+|--------------|---------------|
+| Raspberry Pi OS | `Raspberry Pi OS (Bookworm)` |
+| Ubuntu | `Ubuntu {version} LTS` |
+| Debian | `Debian {version}` |
+| Default | `{OS Name} {Version}` |
+
+## Device Role Auto-Detection
+
+Based on detected services:
+
+| Detection | Suggested Role |
+|-----------|----------------|
+| Docker containers found | `Docker Host` |
+| Only basic services | `Server` |
+| Specific role specified | Use specified |
+
+## Container Role Mapping
+
+Map container names/images to roles:
+
+| Container Pattern | Role |
+|-------------------|------|
+| `*caddy*`, `*nginx*`, `*traefik*` | Reverse Proxy |
+| `*db*`, `*postgres*`, `*mysql*`, `*redis*` | Database |
+| `*webui*`, `*frontend*` | Web Application |
+| Others | Infer from image or use "Container" |

plugins/cmdb-assistant/skills/topology-generation.md

@@ -0,0 +1,155 @@
+# Topology Generation Skill
+
+Generate Mermaid diagrams from NetBox data.
+
+## Prerequisites
+
+Load skill: `mcp-tools-reference`
+
+## View: Rack Elevation
+
+### Data Collection
+
+1. Find rack: `dcim_list_racks name=<name>`
+2. Get devices: `dcim_list_devices rack_id=<id>`
+3. Note for each: `position`, `u_height`, `face`, `name`, `role`
+
+### Mermaid Template
+
+```mermaid
+graph TB
+    subgraph rack["Rack: <rack-name> (U<height>)"]
+        direction TB
+        u42["U42: empty"]
+        u41["U41: empty"]
+        u40["U40: server-01 (Server)"]
+        u39["U39: server-01 (cont.)"]
+        u38["U38: switch-01 (Switch)"]
+    end
+```
+
+### Rules
+
+- Mark top U with device name and role
+- Mark subsequent Us as "(cont.)" for multi-U devices
+- Empty Us show "empty"
+
+## View: Network Topology
+
+### Data Collection
+
+1. List sites: `dcim_list_sites`
+2. List devices: `dcim_list_devices site_id=<id>`
+3. List cables: `dcim_list_cables`
+4. List interfaces: `dcim_list_interfaces device_id=<id>`
+
+### Mermaid Template
+
+```mermaid
+graph TD
+    subgraph site1["Site: Home"]
+        router1[("core-router-01<br/>Router")]
+        switch1[["dist-switch-01<br/>Switch"]]
+        server1["web-server-01<br/>Server"]
+        server2["db-server-01<br/>Server"]
+    end
+
+    router1 -->|"eth0 - eth1"| switch1
+    switch1 -->|"gi0/1 - eth0"| server1
+    switch1 -->|"gi0/2 - eth0"| server2
+```
+
+### Node Shapes by Role
+
+| Role | Shape | Mermaid Syntax |
+|------|-------|----------------|
+| Router | Cylinder | `[(" ")]` |
+| Switch | Double brackets | `[[ ]]` |
+| Server | Rectangle | `[ ]` |
+| Firewall | Hexagon | `{{ }}` |
+| Other | Rectangle | `[ ]` |
+
+### Edge Labels
+
+Show interface names: `A-side - B-side`
+
+## View: Site Overview
+
+### Data Collection
+
+1. Get site: `dcim_get_site id=<id>`
+2. List racks: `dcim_list_racks site_id=<id>`
+3. Count devices per rack: `dcim_list_devices rack_id=<id>`
+
+### Mermaid Template
+
+```mermaid
+graph TB
+    subgraph site["Site: Headquarters"]
+        subgraph row1["Row 1"]
+            rack1["Rack A1<br/>12/42 U used<br/>5 devices"]
+            rack2["Rack A2<br/>20/42 U used<br/>8 devices"]
+        end
+        subgraph row2["Row 2"]
+            rack3["Rack B1<br/>8/42 U used<br/>3 devices"]
+        end
+    end
+```
+
+## View: Full Infrastructure
+
+### Data Collection
+
+1. List regions: `dcim_list_regions`
+2. List sites: `dcim_list_sites`
+3. Count devices: `dcim_list_devices status=active`
+
+### Mermaid Template
+
+```mermaid
+graph TB
+    subgraph region1["Region: Americas"]
+        site1["Headquarters<br/>3 racks, 25 devices"]
+        site2["Branch Office<br/>1 rack, 5 devices"]
+    end
+    subgraph region2["Region: Europe"]
+        site3["EU Datacenter<br/>10 racks, 100 devices"]
+    end
+
+    site1 -.->|"WAN Link"| site3
+```
+
+## Output Format
+
+Always provide:
+
+1. **Summary** - Brief description of diagram content
+2. **Mermaid Code Block** - The diagram code
+3. **Legend** - Explanation of shapes and colors
+4. **Data Notes** - Any data quality issues
+
+### Example Output
+
+```markdown
+## Network Topology: Home Site
+
+This diagram shows network connections between 4 devices at Home site.
+
+```mermaid
+graph TD
+    router1[("core-router<br/>Router")]
+    switch1[["main-switch<br/>Switch"]]
+    server1["homelab-01<br/>Server"]
+
+    router1 -->|"eth0 - gi0/24"| switch1
+    switch1 -->|"gi0/1 - eth0"| server1
+```
+
+**Legend:**
+- Cylinder shape: Routers
+- Double brackets: Switches
+- Rectangle: Servers
+
+**Data Notes:**
+- 1 device (nas-01) has no cable connections documented
+```

plugins/cmdb-assistant/skills/visual-header.md

@@ -0,0 +1,32 @@
+# Visual Header Skill
+
+Standard visual header for cmdb-assistant commands.
+
+## Header Template
+
+```
++----------------------------------------------------------------------+
+|  CMDB-ASSISTANT - [Context]                                          |
++----------------------------------------------------------------------+
+```
+
+## Context Values by Command
+
+| Command | Context |
+|---------|---------|
+| `/cmdb-search` | Search |
+| `/cmdb-device` | Device Management |
+| `/cmdb-ip` | IP Management |
+| `/cmdb-site` | Site Management |
+| `/cmdb-audit` | Data Quality Audit |
+| `/cmdb-register` | Machine Registration |
+| `/cmdb-sync` | Machine Sync |
+| `/cmdb-topology` | Topology |
+| `/change-audit` | Change Audit |
+| `/ip-conflicts` | IP Conflict Detection |
+| `/initial-setup` | Setup Wizard |
+| Agent mode | Infrastructure Management |
+
+## Usage
+
+Display header at the start of every command response before proceeding with the operation.

plugins/code-sentinel/.claude-plugin/plugin.json

@@ -1,7 +1,7 @@
 {
   "name": "code-sentinel",
   "description": "Security scanning and code refactoring tools",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "author": {
     "name": "Leo Miranda",
     "email": "leobmiranda@gmail.com"

plugins/code-sentinel/README.md

@@ -1,47 +0,0 @@
-# code-sentinel
-
-Security scanning and code refactoring tools for Claude Code projects.
-
-## Features
-
-### Security Scanning
-- **PreToolUse Hook**: Catches vulnerabilities BEFORE code is written
-- **Full Audit**: `/security-scan` for comprehensive project review
-- **Pattern Detection**: SQL injection, XSS, command injection, secrets, and more
-
-### Refactoring
-- **Pattern Library**: Extract method, simplify conditionals, modernize syntax
-- **Safe Transforms**: Preview changes before applying
-- **Reference Updates**: Automatically updates all call sites
-
-## Commands
-
-| Command | Description |
-|---------|-------------|
-| `/security-scan` | Full project security audit |
-| `/refactor <target>` | Apply refactoring with pattern |
-| `/refactor-dry <target>` | Preview opportunities without changes |
-
-## Hooks
-
-- **PreToolUse (Write\|Edit)**: Scans code for security patterns before writing
-
-## Security Patterns Detected
-
-| Category | Examples |
-|----------|----------|
-| Injection | SQL, Command, Code (eval), XSS |
-| Secrets | Hardcoded API keys, passwords |
-| Deserialization | Pickle, unsafe YAML |
-| Path Traversal | Unsanitized file paths |
-
-## Installation
-
-```bash
-/plugin marketplace add https://gitea.hotserv.cloud/personal-projects/leo-claude-mktplace.git
-/plugin install code-sentinel
-```
-
-## Integration
-
-See claude-md-integration.md for CLAUDE.md additions.

plugins/code-sentinel/agents/refactor-advisor.md

@@ -6,6 +6,16 @@ description: Code structure and refactoring specialist
 
 You are a software architect specializing in code quality, design patterns, and refactoring.
 
+## Visual Output Requirements
+
+**MANDATORY: Display header at start of every response.**
+
+```
+┌──────────────────────────────────────────────────────────────────┐
+│  🔒 CODE-SENTINEL · Refactor Advisory                            │
+└──────────────────────────────────────────────────────────────────┘
+```
+
 ## Expertise
 
 - Martin Fowler's refactoring catalog

plugins/code-sentinel/agents/security-reviewer.md

@@ -1,4 +1,5 @@
 ---
+name: security-reviewer
 description: Security-focused code review agent
 ---
 
@@ -6,6 +7,16 @@ description: Security-focused code review agent
 
 You are a security engineer specializing in application security and secure coding practices.
 
+## Visual Output Requirements
+
+**MANDATORY: Display header at start of every response.**
+
+```
+┌──────────────────────────────────────────────────────────────────┐
+│  🔒 CODE-SENTINEL · Security Review                              │
+└──────────────────────────────────────────────────────────────────┘
+```
+
 ## Expertise
 
 - OWASP Top 10 vulnerabilities

plugins/code-sentinel/commands/refactor-dry.md

@@ -6,6 +6,14 @@ description: Preview refactoring changes without applying them
 
 Analyze and preview refactoring opportunities without making changes.
 
+## Visual Output
+
+```
++----------------------------------------------------------------------+
+|  CODE-SENTINEL - Refactor Preview                                    |
++----------------------------------------------------------------------+
+```
+
 ## Usage
 ```
 /refactor-dry <target> [--all]
@@ -14,44 +22,31 @@ Analyze and preview refactoring opportunities without making changes.
 **Target:** File path, function name, or "." for current file
 **--all:** Show all opportunities, not just recommended
 
+## Skills to Load
+
+- skills/refactoring-patterns.md
+- skills/dry-run-workflow.md
+
 ## Process
 
-1. **Scan Target**
-   Analyze code for refactoring opportunities.
+1. **Scan Target** - Analyze code using patterns from skill
+2. **Score Opportunities** - Rate by Impact/Risk/Effort (see dry-run-workflow skill)
+3. **Output** - Group by recommended vs optional
 
-2. **Score Opportunities**
-   Each opportunity rated by:
-   - Impact (how much it improves code)
-   - Risk (likelihood of breaking something)
-   - Effort (complexity of the refactoring)
+## Output Format
 
-3. **Output**
 ```
-## Refactoring Opportunities: src/handlers.py
+## Refactoring Opportunities: <target>
 
 ### Recommended (High Impact, Low Risk)
+1. **pattern** at lines X-Y
+   - Impact: High | Risk: Low
+   - Run: `/refactor <target> --pattern=<pattern>`
 
-1. **extract-method** at lines 45-67
-   - Extract order validation logic
-   - Impact: High (reduces complexity from 12 to 4)
-   - Risk: Low (pure function, no side effects)
-   - Run: `/refactor src/handlers.py:45 --pattern=extract-method`
-
-2. **use-dataclass** for OrderInput class
-   - Convert to dataclass with validation
-   - Impact: Medium (reduces boilerplate)
-   - Risk: Low
-   - Run: `/refactor src/models.py:OrderInput --pattern=use-dataclass`
-
-### Optional (Consider Later)
-
-3. **use-fstring** at 12 locations
-   - Modernize string formatting
-   - Impact: Low (readability only)
-   - Risk: None
+### Optional
+- Lower priority items
 
 ### Summary
-- 2 recommended refactorings
-- 1 optional improvement
-- Estimated complexity reduction: 35%
+- X recommended, Y optional
+- Estimated complexity reduction: Z%
 ```

plugins/code-sentinel/commands/refactor.md

@@ -6,6 +6,14 @@ description: Apply refactoring patterns to improve code structure and maintainab
 
 Apply refactoring transformations to specified code.
 
+## Visual Output
+
+```
++----------------------------------------------------------------------+
+|  CODE-SENTINEL - Refactor                                            |
++----------------------------------------------------------------------+
+```
+
 ## Usage
 ```
 /refactor <target> [--pattern=<pattern>]
@@ -14,68 +22,31 @@ Apply refactoring transformations to specified code.
 **Target:** File path, function name, or "." for current context
 **Pattern:** Specific refactoring pattern (optional)
 
-## Available Patterns
+## Skills to Load
 
-### Structure
-| Pattern | Description |
-|---------|-------------|
-| `extract-method` | Extract code block into named function |
-| `extract-class` | Move related methods to new class |
-| `inline` | Inline trivial function/variable |
-| `rename` | Rename with all references updated |
-| `move` | Move function/class to different module |
-
-### Simplification
-| Pattern | Description |
-|---------|-------------|
-| `simplify-conditional` | Flatten nested if/else |
-| `remove-dead-code` | Delete unreachable code |
-| `consolidate-duplicate` | Merge duplicate code blocks |
-| `decompose-conditional` | Break complex conditions into named parts |
-
-### Modernization
-| Pattern | Description |
-|---------|-------------|
-| `use-comprehension` | Convert loops to list/dict comprehensions |
-| `use-pathlib` | Replace os.path with pathlib |
-| `use-fstring` | Convert .format() to f-strings |
-| `use-typing` | Add type hints |
-| `use-dataclass` | Convert class to dataclass |
+- skills/refactoring-patterns.md
 
 ## Process
 
-1. **Analyze Target**
-   - Parse code structure
-   - Identify refactoring opportunities
-   - Check for side effects and dependencies
+1. **Analyze Target** - Parse code, identify opportunities from skill, check dependencies
+2. **Propose Changes** - Show before/after diff, explain improvement, list affected files
+3. **Apply (with confirmation)** - Make changes, update references, run tests
 
-2. **Propose Changes**
-   - Show before/after diff
-   - Explain the improvement
-   - List affected files/references
+## Output Format
 
-3. **Apply (with confirmation)**
-   - Make changes
-   - Update all references
-   - Run existing tests if available
-
-4. **Output**
 ```
-## Refactoring: extract-method
+## Refactoring: <pattern>
 
 ### Target
-src/handlers.py:create_order (lines 45-89)
+<file>:<function> (lines X-Y)
 
 ### Changes
-- Extracted validation logic → validate_order_input()
-- Extracted pricing logic → calculate_order_total()
-- Original function now 15 lines (was 44)
+- Change description
 
 ### Files Modified
-- src/handlers.py
-- tests/test_handlers.py (updated calls)
+- file1.py
 
 ### Metrics
-- Cyclomatic complexity: 12 → 4
-- Function length: 44 → 15 lines
+- Cyclomatic complexity: X -> Y
+- Function length: X -> Y lines
 ```

plugins/code-sentinel/commands/security-scan.md

@@ -6,51 +6,36 @@ description: Full security audit of codebase - scans all files for vulnerability
 
 Comprehensive security audit of the project.
 
+## Visual Output
+
+```
++----------------------------------------------------------------------+
+|  CODE-SENTINEL - Security Scan                                       |
++----------------------------------------------------------------------+
+```
+
+## Skills to Load
+
+- skills/security-patterns/SKILL.md
+
 ## Process
 
-1. **File Discovery**
-   Scan all code files: .py, .js, .ts, .jsx, .tsx, .go, .rs, .java, .rb, .php, .sh
+1. **File Discovery** - Scan: .py, .js, .ts, .jsx, .tsx, .go, .rs, .java, .rb, .php, .sh
+2. **Pattern Detection** - Apply patterns from skill (Critical/High/Medium severity)
+3. **Report** - Group by severity, include code snippets and fixes
 
-2. **Pattern Detection**
+## Output Format
 
-   ### Critical Vulnerabilities
-   | Pattern | Risk | Detection |
-   |---------|------|-----------|
-   | SQL Injection | High | String concat in SQL queries |
-   | Command Injection | High | shell=True, os.system with vars |
-   | XSS | High | innerHTML with user input |
-   | Code Injection | Critical | eval/exec with external input |
-   | Deserialization | Critical | pickle.loads, yaml.load unsafe |
-   | Path Traversal | High | File ops without sanitization |
-   | Hardcoded Secrets | High | API keys, passwords in code |
-   | SSRF | Medium | URL from user input in requests |
-
-   ### Code Quality Issues
-   | Pattern | Risk | Detection |
-   |---------|------|-----------|
-   | Broad Exceptions | Low | `except:` or `except Exception:` |
-   | Debug Statements | Low | print/console.log with data |
-   | TODO/FIXME Security | Medium | Comments mentioning security |
-   | Deprecated Functions | Medium | Known insecure functions |
-
-3. **Output Format**
 ```
 ## Security Scan Report
 
 ### Critical (Immediate Action Required)
-🔴 src/db.py:45 - SQL Injection
-   Code: `f"SELECT * FROM users WHERE id = {user_id}"`
-   Fix: Use parameterized query: `cursor.execute("SELECT * FROM users WHERE id = ?", (user_id,))`
+[red] file:line - Vulnerability Type
+   Code: `problematic code`
+   Fix: Recommended solution
 
-### High
-🟠 config.py:12 - Hardcoded Secret
-   Code: `API_KEY = "sk-1234..."`
-   Fix: Use environment variable: `API_KEY = os.environ.get("API_KEY")`
-
-### Medium
-🟡 utils.py:78 - Broad Exception
-   Code: `except:`
-   Fix: Catch specific exceptions
+### High / Medium / Low
+[Similar format]
 
 ### Summary
 - Critical: X (must fix before deploy)
@@ -58,7 +43,8 @@ Comprehensive security audit of the project.
 - Medium: X (improve when possible)
 ```
 
-4. **Exit Code Guidance**
-   - Critical findings: Recommend blocking merge/deploy
-   - High findings: Recommend fixing before release
-   - Medium/Low: Informational
+## Exit Guidance
+
+- Critical findings: Block merge/deploy
+- High findings: Fix before release
+- Medium/Low: Informational

plugins/code-sentinel/skills/dry-run-workflow.md

@@ -0,0 +1,99 @@
+---
+description: Workflow for previewing changes safely before applying them
+---
+
+# Dry Run Workflow Skill
+
+## Overview
+
+Dry run mode analyzes code and shows proposed changes without modifying files. Essential for reviewing impact before committing to changes.
+
+## Opportunity Scoring
+
+Rate each refactoring opportunity on three dimensions:
+
+### Impact Score (1-5)
+| Score | Meaning | Example |
+|-------|---------|---------|
+| 5 | Major improvement | Cyclomatic complexity 15 -> 3 |
+| 4 | Significant improvement | Function 50 lines -> 15 lines |
+| 3 | Moderate improvement | Better naming, clearer structure |
+| 2 | Minor improvement | Code style modernization |
+| 1 | Cosmetic only | Formatting changes |
+
+### Risk Score (1-5)
+| Score | Meaning | Example |
+|-------|---------|---------|
+| 5 | Very high risk | Changes to core business logic |
+| 4 | High risk | Modifies shared utilities |
+| 3 | Moderate risk | Changes function signatures |
+| 2 | Low risk | Internal implementation only |
+| 1 | Minimal risk | Pure functions, no side effects |
+
+### Effort Score (1-5)
+| Score | Meaning | Example |
+|-------|---------|---------|
+| 5 | Major effort | Requires architecture changes |
+| 4 | Significant effort | Many files affected |
+| 3 | Moderate effort | Multiple related changes |
+| 2 | Low effort | Single file, clear scope |
+| 1 | Trivial | Automated transformation |
+
+## Priority Calculation
+
+```
+Priority = (Impact * 2) - Risk - (Effort * 0.5)
+```
+
+| Priority Range | Recommendation |
+|---------------|----------------|
+| > 5 | Recommended - do it |
+| 3-5 | Optional - consider it |
+| < 3 | Skip - not worth it |
+
+## Output Format
+
+### Recommended Section
+High impact, low risk opportunities:
+```
+1. **pattern-name** at file:lines
+   - Description of the change
+   - Impact: High/Medium/Low (specific metric improvement)
+   - Risk: Low/Medium/High (why)
+   - Run: `/refactor <target> --pattern=<pattern>`
+```
+
+### Optional Section
+Lower priority opportunities grouped by type.
+
+### Summary
+- Count of recommended vs optional
+- Estimated overall improvement percentage
+- Any blockers or dependencies
+
+## Dependency Detection
+
+Before recommending changes, check for:
+
+1. **Test Coverage** - Does this code have tests?
+2. **Usage Scope** - Is it used elsewhere?
+3. **Side Effects** - Does it modify external state?
+4. **Breaking Changes** - Will it change public API?
+
+Flag dependencies in output:
+```
+Note: This refactoring requires updating 3 callers:
+  - src/api/handlers.py:45
+  - src/cli/commands.py:78
+  - tests/test_handlers.py:23
+```
+
+## Safety Checklist
+
+Before recommending any change:
+
+- [ ] All affected code locations identified
+- [ ] No breaking API changes without flag
+- [ ] Test coverage assessed
+- [ ] Side effects documented
+- [ ] Rollback path clear (git)

plugins/code-sentinel/skills/refactoring-patterns.md

@@ -0,0 +1,119 @@
+---
+description: Code refactoring patterns and techniques for improving structure and maintainability
+---
+
+# Refactoring Patterns Skill
+
+## Structure Patterns
+
+| Pattern | Description | When to Use |
+|---------|-------------|-------------|
+| `extract-method` | Extract code block into named function | Long functions, repeated logic |
+| `extract-class` | Move related methods to new class | Class doing too much |
+| `inline` | Inline trivial function/variable | Over-abstracted code |
+| `rename` | Rename with all references updated | Unclear naming |
+| `move` | Move function/class to different module | Misplaced code |
+
+### extract-method Example
+```python
+# BEFORE
+def process_order(order):
+    # Validate (extract this)
+    if not order.items:
+        raise ValueError("Empty order")
+    if order.total < 0:
+        raise ValueError("Invalid total")
+    # Process
+    for item in order.items:
+        inventory.reserve(item)
+    return create_invoice(order)
+
+# AFTER
+def validate_order(order):
+    if not order.items:
+        raise ValueError("Empty order")
+    if order.total < 0:
+        raise ValueError("Invalid total")
+
+def process_order(order):
+    validate_order(order)
+    for item in order.items:
+        inventory.reserve(item)
+    return create_invoice(order)
+```
+
+## Simplification Patterns
+
+| Pattern | Description | When to Use |
+|---------|-------------|-------------|
+| `simplify-conditional` | Flatten nested if/else | Deep nesting (>3 levels) |
+| `remove-dead-code` | Delete unreachable code | After refactoring |
+| `consolidate-duplicate` | Merge duplicate code blocks | DRY violations |
+| `decompose-conditional` | Break complex conditions into named parts | Long boolean expressions |
+
+### simplify-conditional Example
+```python
+# BEFORE
+if user:
+    if user.active:
+        if user.has_permission:
+            do_action()
+
+# AFTER (guard clauses)
+if not user:
+    return
+if not user.active:
+    return
+if not user.has_permission:
+    return
+do_action()
+```
+
+## Modernization Patterns
+
+| Pattern | Description | When to Use |
+|---------|-------------|-------------|
+| `use-comprehension` | Convert loops to list/dict comprehensions | Simple transformations |
+| `use-pathlib` | Replace os.path with pathlib | File path operations |
+| `use-fstring` | Convert .format() to f-strings | String formatting |
+| `use-typing` | Add type hints | Public APIs, complex functions |
+| `use-dataclass` | Convert class to dataclass | Data-holding classes |
+
+### use-dataclass Example
+```python
+# BEFORE
+class User:
+    def __init__(self, name, email, age):
+        self.name = name
+        self.email = email
+        self.age = age
+
+# AFTER
+@dataclass
+class User:
+    name: str
+    email: str
+    age: int
+```
+
+## Code Smell Detection
+
+| Smell | Indicators | Suggested Pattern |
+|-------|------------|-------------------|
+| Long Method | >20 lines, multiple responsibilities | extract-method |
+| Large Class | >10 methods, low cohesion | extract-class |
+| Primitive Obsession | Many related primitives | use-dataclass |
+| Nested Conditionals | >3 nesting levels | simplify-conditional |
+| Duplicate Code | Copy-pasted blocks | consolidate-duplicate |
+| Dead Code | Unreachable branches | remove-dead-code |
+
+## Metrics
+
+After refactoring, measure improvement:
+
+| Metric | Good Target | Tool |
+|--------|-------------|------|
+| Cyclomatic Complexity | <10 per function | radon, lizard |
+| Function Length | <25 lines | manual count |
+| Class Cohesion | LCOM <0.5 | pylint |
+| Duplication | <3% | jscpd, radon |

plugins/contract-validator/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "contract-validator",
-  "version": "1.0.0",
+  "version": "1.1.0",
   "description": "Cross-plugin compatibility validation and Claude.md agent verification",
   "author": {
     "name": "Leo Miranda",
@@ -17,6 +17,5 @@
     "interfaces",
     "cross-plugin"
   ],
-  "commands": ["./commands/"],
-  "mcpServers": ["./.mcp.json"]
+  "commands": ["./commands/"]
 }

plugins/contract-validator/.mcp.json

@@ -1,9 +0,0 @@
-{
-  "mcpServers": {
-    "contract-validator": {
-      "type": "stdio",
-      "command": "${CLAUDE_PLUGIN_ROOT}/mcp-servers/contract-validator/run.sh",
-      "args": []
-    }
-  }
-}

plugins/contract-validator/README.md

@@ -1,157 +0,0 @@
-# contract-validator Plugin
-
-Cross-plugin compatibility validation and CLAUDE.md agent verification for Claude Code plugin marketplaces.
-
-## Problem Statement
-
-As plugin marketplaces grow, several compatibility issues emerge:
-
-- **Command conflicts**: Multiple plugins defining the same slash command (e.g., `/initial-setup`)
-- **Tool name overlaps**: Different plugins using identical tool names with incompatible interfaces
-- **Undocumented dependencies**: Agents referencing tools that don't exist
-- **Broken data flows**: Agent sequences that expect outputs not produced by prior steps
-
-Contract-validator solves these by parsing plugin interfaces and validating compatibility before runtime.
-
-## Features
-
-- **Interface Parsing**: Extract commands, agents, and tools from plugin README.md files
-- **Agent Extraction**: Parse CLAUDE.md Four-Agent Model tables and Agents sections
-- **Compatibility Checks**: Pairwise validation between all plugins in a marketplace
-- **Data Flow Validation**: Verify agent tool sequences have valid data producers/consumers
-- **Comprehensive Reports**: Markdown or JSON reports with actionable suggestions
-
-## Installation
-
-This plugin is part of the leo-claude-mktplace. Install via:
-
-```bash
-# From marketplace
-claude plugins install leo-claude-mktplace/contract-validator
-
-# Setup MCP server venv
-cd ~/.claude/plugins/marketplaces/leo-claude-mktplace/mcp-servers/contract-validator
-python -m venv .venv
-source .venv/bin/activate
-pip install -r requirements.txt
-```
-
-## Commands
-
-| Command | Description |
-|---------|-------------|
-| `/initial-setup` | Interactive setup wizard |
-| `/validate-contracts` | Full marketplace compatibility validation |
-| `/check-agent` | Validate single agent definition |
-| `/list-interfaces` | Show all plugin interfaces |
-
-## Agents
-
-| Agent | Description |
-|-------|-------------|
-| `full-validation` | Complete cross-plugin compatibility validation |
-| `agent-check` | Single agent definition verification |
-
-## Tools Summary
-
-### Parse Tools (2)
-- `parse_plugin_interface` - Extract interface from plugin README.md
-- `parse_claude_md_agents` - Extract agents from CLAUDE.md
-
-### Validation Tools (3)
-- `validate_compatibility` - Check two plugins for conflicts
-- `validate_agent_refs` - Verify agent tool references exist
-- `validate_data_flow` - Check data flow through agent sequences
-
-### Report Tools (2)
-- `generate_compatibility_report` - Full marketplace validation report
-- `list_issues` - Filter issues by severity or type
-
-## Example Workflow
-
-```
-/validate-contracts ~/claude-plugins-work
-
-# Output:
-# Contract Validation Report
-#
-# | Metric     | Count |
-# |------------|-------|
-# | Plugins    | 12    |
-# | Commands   | 39    |
-# | Tools      | 32    |
-# | **Issues** | **7** |
-# | - Errors   | 3     |
-# | - Warnings | 0     |
-# | - Info     | 4     |
-#
-# ## Issues Found
-# [ERROR] Command conflict: projman and data-platform both define /initial-setup
-# [ERROR] Command conflict: projman and pr-review both define /initial-setup
-# ...
-```
-
-```
-/check-agent Planner ./CLAUDE.md
-
-# Output:
-# Agent: Planner
-# Status: VALID
-#
-# Tool References Found (3):
-# - create_issue ✓
-# - search_lessons ✓
-# - get_execution_order ✓
-#
-# Data Flow: No issues detected
-```
-
-## Issue Types
-
-| Type | Severity | Description |
-|------|----------|-------------|
-| `interface_mismatch` | ERROR | Command name conflict between plugins |
-| `missing_tool` | ERROR | Agent references non-existent tool |
-| `interface_mismatch` | WARNING | Tool name overlap (different plugins) |
-| `optional_dependency` | WARNING | Agent uses tool from non-required plugin |
-| `undeclared_output` | INFO | Agent has no documented tool references |
-
-## Parsed Interface Structure
-
-When parsing a plugin README.md, the following structure is extracted:
-
-```json
-{
-  "plugin_name": "data-platform",
-  "description": "Data engineering tools...",
-  "commands": [
-    {"name": "/ingest", "description": "Load data..."}
-  ],
-  "agents": [
-    {"name": "data-analysis", "description": "..."}
-  ],
-  "tools": [
-    {"name": "read_csv", "category": "pandas"}
-  ],
-  "tool_categories": {
-    "pandas": ["read_csv", "to_csv", ...],
-    "PostgreSQL": ["pg_query", ...]
-  },
-  "features": ["pandas Operations", "PostgreSQL/PostGIS", ...]
-}
-```
-
-## Best Practices
-
-### For Plugin Authors
-
-1. **Use unique command names**: Prefix with plugin name if generic (e.g., `/data-setup` vs `/initial-setup`)
-2. **Document all tools**: Include tool names in README.md with backticks
-3. **Specify tool categories**: Use `### Category (N tools)` headers
-4. **Declare agent tools**: List tools used by agents in their definitions
-
-### For Marketplace Maintainers
-
-1. **Run validation before merging**: Use `/validate-contracts` in CI/CD
-2. **Review warnings**: Tool overlaps may indicate design issues
-3. **Track issues over time**: Use JSON format for programmatic tracking

plugins/contract-validator/agents/agent-check.md

@@ -1,7 +1,22 @@
+---
+name: agent-check
+description: Agent definition validator for quick verification
+---
+
 # Agent Check Agent
 
 You are an agent definition validator. Your role is to verify that a specific agent's tool references and data flow are valid.
 
+## Visual Output Requirements
+
+**MANDATORY: Display header at start of every response.**
+
+```
+┌──────────────────────────────────────────────────────────────────┐
+│  ✅ CONTRACT-VALIDATOR · Agent Validation                        │
+└──────────────────────────────────────────────────────────────────┘
+```
+
 ## Capabilities
 
 - Parse agent definitions from CLAUDE.md

plugins/contract-validator/agents/full-validation.md

@@ -2,6 +2,16 @@
 
 You are a contract validation specialist. Your role is to perform comprehensive cross-plugin compatibility validation for the entire marketplace.
 
+## Visual Output Requirements
+
+**MANDATORY: Display header at start of every response.**
+
+```
+┌──────────────────────────────────────────────────────────────────┐
+│  ✅ CONTRACT-VALIDATOR · Full Validation                         │
+└──────────────────────────────────────────────────────────────────┘
+```
+
 ## Capabilities
 
 - Parse plugin interfaces from README.md files

plugins/contract-validator/commands/check-agent.md

@@ -1,6 +1,10 @@
 # /check-agent - Validate Agent Definition
 
-Validate a single agent's tool references and data flow.
+## Skills to Load
+- skills/visual-output.md
+- skills/interface-parsing.md
+- skills/validation-rules.md
+- skills/mcp-tools-reference.md
 
 ## Usage
 
@@ -10,30 +14,26 @@ Validate a single agent's tool references and data flow.
 
 ## Parameters
 
-- `agent_name` (required): Name of the agent to validate (e.g., "Planner", "Orchestrator")
-- `claude_md_path` (optional): Path to CLAUDE.md file. Defaults to `./CLAUDE.md`
+- `agent_name` (required): Agent to validate (e.g., "Planner", "Orchestrator")
+- `claude_md_path` (optional): Path to CLAUDE.md. Defaults to `./CLAUDE.md`
 
 ## Workflow
 
-1. **Parse agent definition**:
-   - Locate agent in CLAUDE.md (Four-Agent Model table or Agents section)
-   - Extract responsibilities, tool references, workflow steps
+1. **Display header** per `skills/visual-output.md`
 
-2. **Validate tool references**:
-   - Check each referenced tool exists in available plugins
-   - Report missing or misspelled tool names
-   - Suggest corrections for common mistakes
+2. **Parse agent** per `skills/interface-parsing.md`
+   - Use `parse_claude_md_agents` to extract agent definition
+   - Get responsibilities, tool references, workflow steps
 
-3. **Validate data flow**:
-   - Analyze sequence of tools in agent workflow
-   - Verify data producers precede data consumers
-   - Check for orphaned data references
+3. **Validate** per `skills/validation-rules.md`
+   - Use `validate_agent_refs` - check all tools exist
+   - Use `validate_data_flow` - verify producer/consumer order
 
 4. **Report findings**:
-   - List all tool references found
-   - List any missing tools
-   - Data flow validation results
-   - Suggestions for improvement
+   - Tool references found
+   - Missing tools (with suggestions)
+   - Data flow issues
+   - Recommendations
 
 ## Examples
 
@@ -42,10 +42,3 @@ Validate a single agent's tool references and data flow.
 /check-agent Orchestrator ./CLAUDE.md
 /check-agent data-analysis ~/project/CLAUDE.md
 ```
-
-## Available Tools
-
-Use these MCP tools:
-- `validate_agent_refs` - Check agent tool references exist
-- `validate_data_flow` - Verify data flow through agent sequence
-- `parse_claude_md_agents` - Parse all agents from CLAUDE.md

plugins/contract-validator/commands/dependency-graph.md

@@ -0,0 +1,55 @@
+# /dependency-graph - Generate Dependency Visualization
+
+## Skills to Load
+- skills/visual-output.md
+- skills/plugin-discovery.md
+- skills/interface-parsing.md
+- skills/dependency-analysis.md
+- skills/mcp-tools-reference.md
+
+## Usage
+
+```
+/dependency-graph [marketplace_path] [--format <mermaid|text>] [--show-tools]
+```
+
+## Parameters
+
+- `marketplace_path` (optional): Path to marketplace root. Defaults to current project root.
+- `--format` (optional): Output format - `mermaid` (default) or `text`
+- `--show-tools` (optional): Include individual tool nodes in the graph
+
+## Workflow
+
+1. **Display header** per `skills/visual-output.md`
+
+2. **Discover plugins** per `skills/plugin-discovery.md`
+
+3. **Parse interfaces** per `skills/interface-parsing.md`
+   - Use `parse_plugin_interface` for each plugin
+   - Use `parse_claude_md_agents` for CLAUDE.md
+
+4. **Analyze dependencies** per `skills/dependency-analysis.md`
+   - Identify shared MCP servers
+   - Detect data producers/consumers
+   - Categorize as required or optional
+
+5. **Generate output**:
+   - Mermaid: Create flowchart TD diagram with styled edges
+   - Text: Create text summary with counts and lists
+
+## Examples
+
+```
+/dependency-graph
+/dependency-graph --show-tools
+/dependency-graph --format text
+/dependency-graph ~/claude-plugins-work
+```
+
+## Integration
+
+Use with `/validate-contracts`:
+1. Run `/dependency-graph` to visualize
+2. Run `/validate-contracts` to find issues
+3. Fix and regenerate

plugins/contract-validator/commands/initial-setup.md

@@ -1,152 +1,49 @@
 ---
-description: Interactive setup wizard for contract-validator plugin - verifies MCP server and shows capabilities
+description: Interactive setup wizard for contract-validator plugin
 ---
 
-# Contract-Validator Setup Wizard
+# /initial-setup - Contract-Validator Setup Wizard
 
-This command sets up the contract-validator plugin for cross-plugin compatibility validation.
+## Skills to Load
+- skills/visual-output.md
+- skills/mcp-tools-reference.md
 
-## Important Context
+**Important:** This command uses Bash, Read, Write tools - NOT MCP tools (they work only after setup + restart).
 
-- **This command uses Bash, Read, Write, and AskUserQuestion tools** - NOT MCP tools
-- **MCP tools won't work until after setup + session restart**
-- **No external credentials required** - this plugin validates local files only
+## Workflow
 
----
+1. **Display header** per `skills/visual-output.md`
 
-## Phase 1: Environment Validation
+2. **Check Python version**:
+   ```bash
+   python3 --version
+   ```
+   Requires 3.10+. Stop if below.
 
-### Step 1.1: Check Python Version
+3. **Locate MCP server**:
+   - Installed: `~/.claude/plugins/marketplaces/leo-claude-mktplace/mcp-servers/contract-validator/`
+   - Source: `~/claude-plugins-work/mcp-servers/contract-validator/`
 
-```bash
-python3 --version
-```
+4. **Check/create venv**:
+   ```bash
+   ls .venv/bin/python || (python3 -m venv .venv && .venv/bin/pip install -r requirements.txt)
+   ```
 
-Requires Python 3.10+. If below, stop setup and inform user:
-```
-Python 3.10 or higher is required. Please install it and run /initial-setup again.
-```
+5. **Verify MCP server**:
+   ```bash
+   .venv/bin/python -c "from mcp_server.server import ContractValidatorMCPServer; print('OK')"
+   ```
 
----
+6. **Display success** per `skills/visual-output.md`
 
-## Phase 2: MCP Server Setup
+7. **Inform user**: Session restart required for MCP tools.
 
-### Step 2.1: Locate Contract-Validator MCP Server
+## Post-Setup Commands
 
-```bash
-# If running from installed marketplace
-ls -la ~/.claude/plugins/marketplaces/leo-claude-mktplace/mcp-servers/contract-validator/ 2>/dev/null || echo "NOT_FOUND_INSTALLED"
-
-# If running from source
-ls -la ~/claude-plugins-work/mcp-servers/contract-validator/ 2>/dev/null || echo "NOT_FOUND_SOURCE"
-```
-
-Determine which path exists and use that as the MCP server path.
-
-### Step 2.2: Check Virtual Environment
-
-```bash
-ls -la /path/to/mcp-servers/contract-validator/.venv/bin/python 2>/dev/null && echo "VENV_EXISTS" || echo "VENV_MISSING"
-```
-
-### Step 2.3: Create Virtual Environment (if missing)
-
-```bash
-cd /path/to/mcp-servers/contract-validator && python3 -m venv .venv && source .venv/bin/activate && pip install --upgrade pip && pip install -r requirements.txt && deactivate
-```
-
-**If pip install fails:**
-- Show the error to the user
-- Suggest: "Check your internet connection and try again."
-
----
-
-## Phase 3: Validation
-
-### Step 3.1: Verify MCP Server
-
-```bash
-cd /path/to/mcp-servers/contract-validator && .venv/bin/python -c "from mcp_server.server import ContractValidatorMCPServer; print('MCP Server OK')"
-```
-
-If this fails, check the error and report it to the user.
-
-### Step 3.2: Summary
-
-Display:
-
-```
-╔════════════════════════════════════════════════════════════════╗
-║          CONTRACT-VALIDATOR SETUP COMPLETE                      ║
-╠════════════════════════════════════════════════════════════════╣
-║ MCP Server:        ✓ Ready                                      ║
-║ Parse Tools:       ✓ Available (2 tools)                        ║
-║ Validation Tools:  ✓ Available (3 tools)                        ║
-║ Report Tools:      ✓ Available (2 tools)                        ║
-╚════════════════════════════════════════════════════════════════╝
-```
-
-### Step 3.3: Session Restart Notice
-
----
-
-**Session Restart Required**
-
-Restart your Claude Code session for MCP tools to become available.
-
-**After restart, you can:**
-- Run `/validate-contracts` to check all plugins for compatibility issues
-- Run `/check-agent` to validate a single agent definition
-- Run `/list-interfaces` to see all plugin commands and tools
-
----
-
-## Available Tools
-
-| Category | Tools | Description |
-|----------|-------|-------------|
-| Parse | `parse_plugin_interface`, `parse_claude_md_agents` | Extract interfaces from README.md and agents from CLAUDE.md |
-| Validation | `validate_compatibility`, `validate_agent_refs`, `validate_data_flow` | Check conflicts, tool references, and data flows |
-| Report | `generate_compatibility_report`, `list_issues` | Generate reports and filter issues |
-
----
-
-## Available Commands
-
-| Command | Description |
-|---------|-------------|
-| `/validate-contracts` | Full marketplace compatibility validation |
-| `/check-agent` | Validate single agent definition |
-| `/list-interfaces` | Show all plugin interfaces |
-
----
-
-## Use Cases
-
-### 1. Pre-Release Validation
-Run `/validate-contracts` before releasing a new marketplace version to catch:
-- Command name conflicts between plugins
-- Missing tool references in agents
-- Broken data flows
-
-### 2. Agent Development
-Run `/check-agent` when creating or modifying agents to verify:
-- All referenced tools exist
-- Data flows are valid
-- No undeclared dependencies
-
-### 3. Plugin Audit
-Run `/list-interfaces` to get a complete view of:
-- All commands across plugins
-- All tools available
-- Potential overlap areas
-
----
+- `/validate-contracts` - Full marketplace validation
+- `/check-agent` - Validate single agent
+- `/list-interfaces` - Show all plugin interfaces
 
 ## No Configuration Required
 
-This plugin doesn't require any configuration files. It reads plugin manifests and README files directly from the filesystem.
-
-**Paths it scans:**
-- Marketplace: `~/.claude/plugins/marketplaces/leo-claude-mktplace/plugins/`
-- Source (if available): `~/claude-plugins-work/plugins/`
+This plugin reads plugin manifests and README files directly - no credentials needed.

plugins/contract-validator/commands/list-interfaces.md

@@ -1,6 +1,10 @@
 # /list-interfaces - Show Plugin Interfaces
 
-Display what each plugin in the marketplace produces and accepts.
+## Skills to Load
+- skills/visual-output.md
+- skills/plugin-discovery.md
+- skills/interface-parsing.md
+- skills/mcp-tools-reference.md
 
 ## Usage
 
@@ -14,35 +18,25 @@ Display what each plugin in the marketplace produces and accepts.
 
 ## Workflow
 
-1. **Discover plugins**:
-   - Scan plugins directory for all plugins with `.claude-plugin/` marker
-   - Read each plugin's README.md
+1. **Display header** per `skills/visual-output.md`
 
-2. **Parse interfaces**:
-   - Extract commands (slash commands offered by plugin)
-   - Extract agents (autonomous agents defined)
-   - Extract tools (MCP tools provided)
-   - Identify tool categories and features
+2. **Discover plugins** per `skills/plugin-discovery.md`
 
-3. **Display summary**:
-   - Table of plugins with command/agent/tool counts
-   - Detailed breakdown per plugin
-   - Tool categories and their contents
+3. **Parse interfaces** per `skills/interface-parsing.md`
+   - Use `parse_plugin_interface` for each plugin README.md
+   - Extract commands, agents, tools
 
-## Output Format
+4. **Display summary table**:
+   ```
+   | Plugin      | Commands | Agents | Tools |
+   |-------------|----------|--------|-------|
+   | projman     | 12       | 4      | 26    |
+   ```
 
-```
-| Plugin      | Commands | Agents | Tools |
-|-------------|----------|--------|-------|
-| projman     | 12       | 4      | 26    |
-| data-platform| 7       | 2      | 32    |
-| ...         | ...      | ...    | ...   |
-
-## projman
-- Commands: /sprint-plan, /sprint-start, ...
-- Agents: Planner, Orchestrator, Executor, Code Reviewer
-- Tools: list_issues, create_issue, ...
-```
+5. **Display per-plugin details**:
+   - List of commands
+   - List of agents
+   - Tool categories
 
 ## Examples
 
@@ -50,9 +44,3 @@ Display what each plugin in the marketplace produces and accepts.
 /list-interfaces
 /list-interfaces ~/claude-plugins-work
 ```
-
-## Available Tools
-
-Use these MCP tools:
-- `parse_plugin_interface` - Parse individual plugin README
-- `generate_compatibility_report` - Get full interface data (JSON format)

plugins/contract-validator/commands/validate-contracts.md

@@ -1,6 +1,11 @@
 # /validate-contracts - Full Contract Validation
 
-Run comprehensive cross-plugin compatibility validation for the entire marketplace.
+## Skills to Load
+- skills/visual-output.md
+- skills/plugin-discovery.md
+- skills/interface-parsing.md
+- skills/validation-rules.md
+- skills/mcp-tools-reference.md
 
 ## Usage
 
@@ -14,25 +19,22 @@ Run comprehensive cross-plugin compatibility validation for the entire marketpla
 
 ## Workflow
 
-1. **Discover plugins**:
-   - Scan plugins directory for all plugins with `.claude-plugin/` marker
-   - Parse each plugin's README.md to extract interface
+1. **Display header** per `skills/visual-output.md`
 
-2. **Run compatibility checks**:
-   - Perform pairwise compatibility validation between all plugins
-   - Check for command name conflicts
-   - Check for tool name overlaps
-   - Identify interface mismatches
+2. **Discover plugins** per `skills/plugin-discovery.md`
 
-3. **Validate CLAUDE.md agents**:
-   - Parse agent definitions from CLAUDE.md
-   - Validate all tool references exist
-   - Check data flow through agent sequences
+3. **Parse interfaces** per `skills/interface-parsing.md`
+   - Use `parse_plugin_interface` for each plugin
 
-4. **Generate report**:
-   - Summary statistics (plugins, commands, tools, issues)
-   - Detailed findings by severity (error, warning, info)
-   - Actionable suggestions for each issue
+4. **Run validations** per `skills/validation-rules.md`
+   - Use `validate_compatibility` for pairwise checks
+   - Use `validate_agent_refs` for CLAUDE.md agents
+   - Use `validate_data_flow` for data sequences
+
+5. **Generate report**:
+   - Use `generate_compatibility_report` for full report
+   - Use `list_issues` to filter by severity
+   - Display summary and actionable suggestions
 
 ## Examples
 
@@ -40,11 +42,3 @@ Run comprehensive cross-plugin compatibility validation for the entire marketpla
 /validate-contracts
 /validate-contracts ~/claude-plugins-work
 ```
-
-## Available Tools
-
-Use these MCP tools:
-- `generate_compatibility_report` - Generate full marketplace report
-- `list_issues` - Filter issues by severity or type
-- `parse_plugin_interface` - Parse individual plugin interface
-- `validate_compatibility` - Check two plugins for conflicts

plugins/contract-validator/hooks/auto-validate.sh

@@ -0,0 +1,195 @@
+#!/bin/bash
+# contract-validator SessionStart auto-validate hook
+# Validates plugin contracts only when plugin files have changed since last check
+# All output MUST have [contract-validator] prefix
+
+PREFIX="[contract-validator]"
+
+# ============================================================================
+# Configuration
+# ============================================================================
+
+# Enable/disable auto-check (default: true)
+AUTO_CHECK="${CONTRACT_VALIDATOR_AUTO_CHECK:-true}"
+
+# Cache location for storing last check hash
+CACHE_DIR="$HOME/.cache/claude-plugins/contract-validator"
+HASH_FILE="$CACHE_DIR/last-check.hash"
+
+# Marketplace location (installed plugins)
+MARKETPLACE_PATH="$HOME/.claude/plugins/marketplaces/leo-claude-mktplace"
+
+# ============================================================================
+# Early exit if disabled
+# ============================================================================
+
+if [[ "$AUTO_CHECK" != "true" ]]; then
+    exit 0
+fi
+
+# ============================================================================
+# Smart mode: Check if plugin files have changed
+# ============================================================================
+
+# Function to compute hash of all plugin manifest files
+compute_plugin_hash() {
+    local hash_input=""
+
+    if [[ -d "$MARKETPLACE_PATH/plugins" ]]; then
+        # Hash all plugin.json, hooks.json, and agent files
+        while IFS= read -r -d '' file; do
+            if [[ -f "$file" ]]; then
+                hash_input+="$(md5sum "$file" 2>/dev/null | cut -d' ' -f1)"
+            fi
+        done < <(find "$MARKETPLACE_PATH/plugins" \
+            \( -name "plugin.json" -o -name "hooks.json" -o -name "*.md" -path "*/agents/*" \) \
+            -print0 2>/dev/null | sort -z)
+    fi
+
+    # Also include marketplace.json
+    if [[ -f "$MARKETPLACE_PATH/.claude-plugin/marketplace.json" ]]; then
+        hash_input+="$(md5sum "$MARKETPLACE_PATH/.claude-plugin/marketplace.json" 2>/dev/null | cut -d' ' -f1)"
+    fi
+
+    # Compute final hash
+    echo "$hash_input" | md5sum | cut -d' ' -f1
+}
+
+# Ensure cache directory exists
+mkdir -p "$CACHE_DIR" 2>/dev/null
+
+# Compute current hash
+CURRENT_HASH=$(compute_plugin_hash)
+
+# Check if we have a previous hash
+if [[ -f "$HASH_FILE" ]]; then
+    PREVIOUS_HASH=$(cat "$HASH_FILE" 2>/dev/null)
+
+    # If hashes match, no changes - skip validation
+    if [[ "$CURRENT_HASH" == "$PREVIOUS_HASH" ]]; then
+        exit 0
+    fi
+fi
+
+# ============================================================================
+# Run validation (hashes differ or no cache)
+# ============================================================================
+
+ISSUES_FOUND=0
+WARNINGS=""
+
+# Function to add warning
+add_warning() {
+    WARNINGS+="  - $1"$'\n'
+    ((ISSUES_FOUND++))
+}
+
+# 1. Check all installed plugins have valid plugin.json
+if [[ -d "$MARKETPLACE_PATH/plugins" ]]; then
+    for plugin_dir in "$MARKETPLACE_PATH/plugins"/*/; do
+        if [[ -d "$plugin_dir" ]]; then
+            plugin_name=$(basename "$plugin_dir")
+            plugin_json="$plugin_dir/.claude-plugin/plugin.json"
+
+            if [[ ! -f "$plugin_json" ]]; then
+                add_warning "$plugin_name: missing .claude-plugin/plugin.json"
+                continue
+            fi
+
+            # Basic JSON validation
+            if ! python3 -c "import json; json.load(open('$plugin_json'))" 2>/dev/null; then
+                add_warning "$plugin_name: invalid JSON in plugin.json"
+                continue
+            fi
+
+            # Check required fields
+            if ! python3 -c "
+import json
+with open('$plugin_json') as f:
+    data = json.load(f)
+required = ['name', 'version', 'description']
+missing = [r for r in required if r not in data]
+if missing:
+    exit(1)
+" 2>/dev/null; then
+                add_warning "$plugin_name: plugin.json missing required fields"
+            fi
+        fi
+    done
+fi
+
+# 2. Check hooks.json files are properly formatted
+if [[ -d "$MARKETPLACE_PATH/plugins" ]]; then
+    while IFS= read -r -d '' hooks_file; do
+        plugin_name=$(basename "$(dirname "$(dirname "$hooks_file")")")
+
+        # Validate JSON
+        if ! python3 -c "import json; json.load(open('$hooks_file'))" 2>/dev/null; then
+            add_warning "$plugin_name: invalid JSON in hooks/hooks.json"
+            continue
+        fi
+
+        # Validate hook structure
+        if ! python3 -c "
+import json
+with open('$hooks_file') as f:
+    data = json.load(f)
+if 'hooks' not in data:
+    exit(1)
+valid_events = ['PreToolUse', 'PostToolUse', 'UserPromptSubmit', 'SessionStart', 'SessionEnd', 'Notification', 'Stop', 'SubagentStop', 'PreCompact']
+for event in data['hooks']:
+    if event not in valid_events:
+        exit(1)
+    for hook in data['hooks'][event]:
+        # Support both flat structure (type at top) and nested structure (matcher + hooks array)
+        if 'type' in hook:
+            # Flat structure: {type: 'command', command: '...'}
+            pass
+        elif 'matcher' in hook and 'hooks' in hook:
+            # Nested structure: {matcher: '...', hooks: [{type: 'command', ...}]}
+            for nested_hook in hook['hooks']:
+                if 'type' not in nested_hook:
+                    exit(1)
+        else:
+            exit(1)
+" 2>/dev/null; then
+            add_warning "$plugin_name: hooks.json has invalid structure or events"
+        fi
+    done < <(find "$MARKETPLACE_PATH/plugins" -path "*/hooks/hooks.json" -print0 2>/dev/null)
+fi
+
+# 3. Check agent references are valid (agent files exist and are markdown)
+if [[ -d "$MARKETPLACE_PATH/plugins" ]]; then
+    while IFS= read -r -d '' agent_file; do
+        plugin_name=$(basename "$(dirname "$(dirname "$agent_file")")")
+        agent_name=$(basename "$agent_file")
+
+        # Check file is not empty
+        if [[ ! -s "$agent_file" ]]; then
+            add_warning "$plugin_name: empty agent file $agent_name"
+            continue
+        fi
+
+        # Check file has markdown content (at least a header)
+        if ! grep -q '^#' "$agent_file" 2>/dev/null; then
+            add_warning "$plugin_name: agent $agent_name missing markdown header"
+        fi
+    done < <(find "$MARKETPLACE_PATH/plugins" -path "*/agents/*.md" -print0 2>/dev/null)
+fi
+
+# ============================================================================
+# Store new hash and report results
+# ============================================================================
+
+# Always store the new hash (even if issues found - we don't want to recheck)
+echo "$CURRENT_HASH" > "$HASH_FILE"
+
+# Report any issues found (non-blocking warning)
+if [[ $ISSUES_FOUND -gt 0 ]]; then
+    echo "$PREFIX Plugin contract validation found $ISSUES_FOUND issue(s):"
+    echo "$WARNINGS"
+    echo "$PREFIX Run /validate-contracts for full details"
+fi
+
+# Always exit 0 (non-blocking)
+exit 0