v2.3.2 — /kb-harvest and /kb-discover skills

AI-Knowledge Plugin (v1.2.0)

New Skills

/kb-harvest — Harvest knowledge from external sources

Ingest documentation from sibling git repos, local directories, individual files, or web URLs into your centralized knowledge base.

• Scan sibling repos: C:/Source/*/docs/**/*.md
• Fetch and distill web pages (wikis, Confluence, internal docs)
• Auto-tag with module:{name} based on source directory structure
• Track provenance via source frontmatter field for future re-harvesting
• Discovery report with batch selection (pre-checked/unchecked sources)
• Per-article content preview and approval before writing
• Detects topic overlap with existing KB files and proposes appending

/kb-discover — Extract implicit knowledge from source code

Analyze source code to discover architecture patterns, naming conventions, API contracts, and unwritten rules — then distill them into KB articles.

• Targeted analysis (specific directories), focus areas (topics), or full codebase scan
• Auto-detects tech stack and prioritizes analysis targets
• Extracts 8 knowledge categories: architecture, naming, API contracts, data models, error handling, config, testing, cross-cutting conventions
• Groups findings into coherent KB articles (not raw category dumps)
• Per-article draft preview and approval before writing
• Evidence-based only — requires observed repetition across files
• Right-sizes articles to 50–150 lines for context-friendly loading
• Tracks provenance via discovered-from frontmatter field

Full Changelog: v2.3.1...v2.3.2

v2.3.1

AI-Knowledge Plugin (v1.1.0)

Added

• /kb-ingest - Ingest specific markdown files from anywhere in the project into the KB, as a targeted alternative to /kb-absorb
  • Accepts one or more file paths (e.g., /kb-ingest docs/api-guide.md)
  • Distills content into concise, actionable KB format with proper frontmatter
  • Detects overlap with existing KB files and proposes appending instead of creating duplicates
  • Registers new KB entries in the CLAUDE.md Knowledge Base table
  • Preserves source files (never modifies or deletes originals)

Fixed

• Fixed pinned file loading instruction in kb-init - The CLAUDE.md template previously told Claude to check frontmatter of every KB file to find pinned entries, defeating the purpose of the dynamic loading table. Now correctly directs Claude to use the "When to Load" column ("Always (pinned)") as the source of truth

v2.3.0 - AI Knowledge Plugin

New Plugin: AI Knowledge (v1.0.0)

Knowledge base management for Claude Code — capture conversation learnings, maintain topic-specific KB files, and dynamically reference institutional knowledge in CLAUDE.md.

10 New Skills

Command	Description
/kb-init	Initialize the KB section in CLAUDE.md and create docs/kb/ directory (idempotent)
/kb-learn	Analyze conversation to extract learnings into KB files
/kb-add	Quickly add a learning or rule with interactive location picker
/kb-import	Register existing KB files in CLAUDE.md (adds missing frontmatter)
/kb-absorb	Migrate existing CLAUDE.md sections and docs/ content into the KB
/kb-remove	Remove a KB file and its CLAUDE.md reference
/kb-list	List all registered KB files with status, tags, dates, and cross-references
/kb-search	Search across KB files by keyword, topic, or tag (tag:security)
/kb-prune	Interactive cleanup: stale refs, duplicates, merges, frontmatter health
/kb-auto	Toggle automatic knowledge capture at end of conversations

Key Features

• YAML Frontmatter on all KB files with tags, related, created, last-updated, pinned, and scope fields
• Cross-references between KB files via related: [[other-file]] for linked knowledge loading
• Pinned KB files (pinned: true) are always loaded regardless of work context
• Tag-based search for cross-cutting discovery across topics
• Security-aware — never stores secrets, API keys, or credentials in KB files
• Token-conscious — concise entries optimized for minimal context window usage

Install

/plugin marketplace add charlesjones-dev/claude-code-plugins-dev
/plugin install ai-knowledge@claude-code-plugins-dev

v2.2.2

Fixed

AI-ADO Plugin (v1.3.1)

• Fixed skill name parsing - Changed ado-work-items skill name from Azure DevOps Work Items (with spaces) to ado-work-items so Claude Code can parse it correctly (fixes #8)

v2.2.1

Fixed

AI-Statusline Plugin (v1.2.3)

• Fixed rate limit percentage display - Rate limit percentages now round to 2 decimal places instead of showing long floating-point numbers (e.g., 5h:12.35% instead of 5h:12.345678%)
  • Bash: uses jq (. * 100 | round) / 100 for rounding, extracts integer part for color threshold comparisons
  • PowerShell: uses [math]::Round($val, 2) instead of [int] cast which truncated to whole numbers

v2.2.0 - Supply Chain Security Hardening

What's New

AI-Security Plugin (v1.5.0)

New skill: /security-supply-chain - Harden your project against npm supply chain attacks.

• Detects package manager (pnpm, npm, Yarn, Bun) and validates compatibility
• Configures pnpm's minimum-release-age in .npmrc to quarantine newly published packages
• Interactive timeframe selection with previews (24 hours, 3 days, 7 days, or custom)
• Scans CI/CD configs for frozen lockfile usage and offers to add frozen-lockfile=true
• Checks pnpm version and offers upgrade if below 10.16.0 minimum
• Recommends pnpm migration for npm/Yarn/Bun users who lack quarantine protection
• Creates two defense layers: time-based quarantine (local dev) + frozen lockfile (CI/CD)

Background

Motivated by the axios@1.14.1 / axios@0.30.4 supply chain compromise on March 31, 2026, where malicious versions injected a remote access trojan via the plain-crypto-js dependency.

Learn more: Stop Supply Chain Attacks: Why Your Build Pipeline Should Use Locked Dependencies

Full Changelog: v2.1.0...v2.2.0

v2.1.0 - AI Modernize, AI Compliance & Workflow Principles

What's New

AI-Modernize Plugin (v1.0.0) - NEW

Codebase modernization assessment that identifies technical debt, anti-patterns, and quality issues from older AI-generated or legacy code.

• /modernize-audit - Full interactive assessment with 12 configurable categories:
  SOLID/DRY/KISS violations, type safety, error handling, security, performance, testing gaps, architecture debt, frontend debt, dependency health, AI hallucination artifacts, modern pattern gaps, configuration/DevOps
• /modernize-scan ./path - Quick scan that accepts a file or directory path, runs all categories with defaults
• Modernization Score (0-100) with category breakdown
• AI-assisted remediation time estimates (not manual development time)
• Phased modernization roadmap with prioritized checklist
• "Why Older AI Models Did This" educational context for each finding

AI-Compliance Plugin (v1.0.0) - NEW

Open-source license compliance auditing and attribution file generation.

• /compliance-license-audit - Interactive license audit across 8 package ecosystems (npm, pip, NuGet, Go, Rust, Ruby, PHP, Java)
  • Classifies licenses: Permissive, Weak Copyleft, Strong Copyleft, Unknown
  • License compatibility analysis against your project's license
  • Flags copyleft contamination risks with configurable risk tolerance
  • Direct and transitive dependency analysis via lock files
  • License Compliance Score (0-100)
• /compliance-notice-generate - Generates NOTICE, THIRD-PARTY-NOTICES.md, ATTRIBUTION.md, or licenses.json files to fulfill attribution obligations

AI-Workflow Plugin (v1.3.0 -> v1.4.0)

• /workflow-principles - Generate context-aware Development Principles for CLAUDE.md
  • Auto-discovers project structure (monorepo, tech stack, frameworks, shared packages, git config)
  • 10 principle categories: SOLID, DRY, KISS, YAGNI, Modularity, Component Architecture, Type Safety, Error Handling, Testing, Git Workflow
  • Uses real package names, paths, and library names from your project
  • Supports both project CLAUDE.md and user-level ~/.claude/CLAUDE.md
  • Smart merge with existing CLAUDE.md content

Full Changelog

https://github.com/charlesjones-dev/claude-code-plugins-dev/blob/main/CHANGELOG.md

v2.0.2

AI-Statusline Plugin v1.2.2 - Rate Limit Usage Display

What's New

Added rate limit usage display for Claude Code 2.1.80+. The status line now shows your 5-hour and 7-day rate limit consumption with color-coded thresholds:

• Green - under 50% usage
• Yellow - 50-79% usage
• Red - 80%+ usage

Example: 5h:12% 7d:4%

Details

• New SHOW_RATE_LIMITS configuration option (enabled by default)
• Reads rate_limits.five_hour.used_percentage and rate_limits.seven_day.used_percentage from the Claude Code statusline JSON
• Both Bash and PowerShell script templates updated
• Gracefully hidden on older Claude Code versions where the rate_limits field is absent
• Updated model name references from Opus 4.5 to Opus 4.6

Requirements

• Claude Code 2.1.80+ for rate limit display (all other features work on any version)

v2.0.1

Fixed

AI-Statusline Plugin (v1.2.1)

• Fixed PowerShell script template bugs
  • Fixed stdin reading using reserved $input automatic variable; replaced with [System.Console]::In.ReadToEnd() so the script actually receives JSON data when invoked via -File
  • Fixed progress bar using ASCII +/- instead of Unicode block characters to match bash template and documentation
  • Fixed segment separator using " | " instead of " · " to match bash template and README examples
  • Fixed unquoted paths in Split-Path and git -C that would break on directories with spaces
  • Fixed confusing cost format string '${0:F2}' that resembles a variable reference; clarified with string concatenation
  • Fixed Unicode character encoding by setting [Console]::OutputEncoding to UTF-8 and using [char] codes instead of literal Unicode in source file

v2.0.0

Breaking Changes

• Migrate all plugins from commands/ to skills/ directory structure - All plugins now use skills/{skill-name}/SKILL.md format instead of commands/{command-name}.md. This aligns with Claude Code's native skill system for better discoverability and execution.

New

• ai-writing plugin (v1.0.0) - Writing humanizer skill with interactive workflow

  • /writing-humanize: Detect and remove AI writing patterns from text
  • Interactive AskUserQuestion flow for input source, content type, and intensity
  • 6 grouped pattern categories (inflated language, fake depth, unnatural grammar, formatting tells, chatbot artifacts, weak endings)
  • Content-type rules (technical docs, README, blog post, PR/commit)
  • Developer-specific patterns for README inflation, doc over-explanation, PR padding

• workflow-ship skill - End-to-end shipping workflow (/workflow-ship)

  • Runs preflight checks, auto-fixes issues, commits, pushes, and creates a PR

• git-commit-push-pr skill - Interactive branch selection and PR creation (/git-commit-push-pr)

Improved

• security-audit: Structured report template with severity scoring, OWASP compliance matrix, and remediation roadmap
• accessibility-audit: Interactive WCAG version/level selection, Playwright MCP visual testing support, URL scanning
• performance-audit: Structured report template with Core Web Vitals analysis
• security-init: Rewritten with interactive AskUserQuestion flow
• statusline-wizard: Migrated to skills format

Removed

• ai-plugins plugin - Scaffolding tools removed (superseded by skills structure)
• All commands/ directories replaced by skills/ directories

Other

• Update copyright year to 2026 in all LICENSE files