Releases: charlesjones-dev/claude-code-plugins-dev
v1.9.1 - Security Scanning for Preflight Checks
What's New
AI-Workflow Plugin v1.1.0
The /workflow-preflight command now auto-detects and runs security scanning tools alongside type checking, linting, formatting, and tests.
Dependency Vulnerability Scanning:
- pnpm/npm/yarn audit for Node.js projects
- pip-audit and safety for Python
- cargo audit for Rust
Semgrep SAST Detection:
- Config files:
.semgreprc.yml,.semgrep.yml,.semgrep/ - CI workflows: Extracts
--configflags from GitHub Actions - README documentation: Finds documented security commands
- Docker fallback when CLI not installed
Platform Support:
- Windows Docker: Automatic
MSYS_NO_PATHCONV=1prefix to prevent Git Bash path
conversion errors
ESLint Security:
- Detects
eslint-plugin-securityin devDependencies and notes when security linting is
active
Full Changelog
v1.9.0 - AI-Learn: Socratic Learning Mode
A new plugin that transforms Claude from a code generator into a patient coding mentor, guiding you through problem-solving without giving direct answers.
Commands:
- /learn - Activates teaching mode with a 5-phase flow:
- Assessment → Foundation → Guided Implementation → Error Discovery → Reinforcement
- Uses Socratic questioning instead of direct answers
- Provides hints and guidance rather than solutions
- Includes escape hatch for users who explicitly need answers
- /learn-review - Socratic code review that helps you discover issues yourself:
- Reviews code through targeted questions
- Guides you to find bugs by tracing through edge cases
- Probes design decisions to deepen understanding
- Question banks for logic, performance, readability, and security
Why use it?
Research shows that productive struggle leads to better knowledge retention than passive consumption. This plugin helps you actually learn to code rather than just copy-paste solutions.
v1.8.0 - Section 508 / WCAG 2.0 AA Support
What's New
AI-Accessibility Plugin (v1.3.0)
- Added Section 508 / WCAG 2.0 AA option to
/accessibility-auditcommand- New "508 / WCAG 2.0 AA" option in WCAG version selection
- Supports US federal accessibility requirements aligned with WCAG 2.0 Level AA
Installation
/plugin marketplace add charlesjones-dev/claude-code-plugins-dev
/plugin install ai-accessibility@claude-code-plugins-devv1.7.1 - AI-Statusline Plugin Windows Fix
Fixed
AI-Statusline Plugin (v1.1.1)
- Fixed PowerShell progress bar using incompatible Unicode characters
- Replaced
▓and░with ASCII-compatible#and-characters - Ensures progress bar displays correctly on Windows environments
- Replaced
v1.7.0 - AI-Statusline Plugin
What's New
AI-Statusline Plugin (v1.1.0)
Customize your Claude Code status line with visual progress bars and configurable display options.
Commands:
/statusline-wizard- Interactive setup wizard for first-time configuration/statusline-edit- Edit existing statusline script configuration
Features:
- Cross-platform support (bash for Mac/Linux, PowerShell for Windows)
- Visual progress bar for context usage with color-coded thresholds (green → yellow → red)
- 9 configurable display elements:
- Model name (e.g., "Claude Opus 4.5")
- Token count (e.g., "50k/100k")
- Progress bar with percentage
- Current directory
- Git branch
- Session cost (hidden by default)
- Session duration
- Current time
- Claude Code version
Installation:
/plugin install ai-statusline@claude-code-plugins-devv1.6.3 - Fix sub-agent enforcement for workflow-implement-phases
Fixed
AI-Workflow Plugin (v1.0.3)
Fixed /workflow-implement-phases not using sub-agents for phase implementations
- Added explicit "Critical Requirements" section mandating Task() sub-agent usage for every phase
- Added "CRITICAL: Mandatory Sub-Agent Requirement" section to implement-phases skill
- Clarified orchestrator role: read plans, analyze dependencies, spawn sub-agents only
- Added correct/wrong pattern examples showing Task() usage vs direct implementation
- Updated parallel and sequential execution patterns with explicit Task() call examples
- Prevents main agent from implementing phases directly, ensuring context isolation
Full Changelog: v1.6.2...v1.6.3
v1.6.2 - AI-Workflow Bug Fixes
Fixed
AI-Workflow Plugin (v1.0.2)
-
/workflow-plan-phasesno longer auto-implements after planning- Added explicit Instructions and Important sections enforcing planning-only scope
- Command now stops after presenting the plan and directs users to
/workflow-implement-phasesfor execution
-
/workflow-implement-phasesnow properly reads plan file arguments- Added automatic plan discovery when no file is provided (searches
docs/plans/) - Plan file argument is now optional with interactive selection from available plans
- Added automatic plan discovery when no file is provided (searches
Documentation
- Updated all command references in ai-workflow README to use
workflow-prefix format
v1.6.1 - Command Metadata Standardization
What's Changed
Command Metadata Standardization
Added YAML frontmatter with name and description attributes to all 17 commands across 7 plugins. This standardizes command metadata for better discovery and documentation.
AI-Workflow Command Renaming
Renamed ai-workflow commands to use the workflow- prefix for consistency with other plugins:
| Old Command | New Command |
|---|---|
/plan-phases |
/workflow-plan-phases |
/implement-phases |
/workflow-implement-phases |
/preflight |
/workflow-preflight |
Version Updates
All plugins received patch version bumps:
- ai-ado: 1.2.2 → 1.2.3
- ai-accessibility: 1.2.0 → 1.2.1
- ai-git: 1.1.1 → 1.1.2
- ai-performance: 1.1.2 → 1.1.3
- ai-plugins: 1.2.2 → 1.2.3
- ai-security: 1.3.2 → 1.3.3
- ai-workflow: 1.0.0 → 1.0.1
Full Changelog: v1.6.0...v1.6.1
v1.6.0 - AI Workflow Plugin & Accessibility Enhancements
This release introduces the new ai-workflow plugin for structured, phase-based development workflows and enhances the ai-accessibility plugin with improved audit capabilities.
New Features
ai-workflow plugin (v1.0.0)
- /preflight - Run pre-implementation code quality and consistency checks before starting work
- /plan-phases - Break down complex tasks into structured implementation phases
- /implement-phases - Orchestrate multi-phase implementations with progress tracking
ai-accessibility improvements (v1.2.0)
- Enhanced Playwright MCP detection flow for more reliable browser-based audits
- Improved accessibility audit skill with better prompt engineering
- Updated accessibility-auditor agent with refined instructions
v1.5.4 - Security Scanner Tool Requirements Fix
🔧 Fixed
AI-Security Plugin (v1.3.2)
Fixed /security-scan-dependencies to require WebFetch or curl for HTTP header retrieval
The security dependency scanner now explicitly requires WebFetch or curl for retrieving HTTP response headers, preventing incomplete security scans.
What Changed
- ✅ Updated command and skill documentation to explicitly prohibit Playwright or MCP browser tools
- ✅ Added critical "Required Tools" section explaining that HTTP security headers (especially Content-Security-Policy) can ONLY be retrieved via WebFetch or curl
- ✅ Browser automation tools cannot access raw HTTP response headers needed for security header analysis
- ✅ Added "Required Tools" section to
security-dependency-scanningskill with approved/prohibited tool lists - ✅ Enhanced scanning methodology with explicit WebFetch/curl usage examples
- ✅ Updated quality assurance checklist to verify correct tool usage
Why This Matters
Browser automation tools like Playwright cannot access raw HTTP response headers, which are essential for analyzing security configurations like Content-Security-Policy, HSTS, X-Frame-Options, and other critical security headers. This fix ensures that security scans are always complete and accurate.