Automated audit: This issue was generated by NLPM, a natural language programming linter, running via claude-code-action. Please evaluate the findings on their merits.
About this audit
NLPM is a natural-language programming linter for Claude Code plugins. It applies a 100-point scoring model to agent .md files, command files, and plugin.json manifests, checking for structural correctness, naming consistency, and security patterns.
This collection scored 78/100 across 244 artifacts. The security scan came back CLEAR (no Critical or High findings). The issues below are the structural bugs — mechanical mismatches that affect runtime behavior, not style preferences.
Bugs found
Priority 1 — Agent name mismatches (agent routing breaks)
| # |
File |
Issue |
| 1 |
plugins/enterprise-integrator-architect/agents/enterprise-integrator-architect.md |
name: enterprise-integration-architect (missing "or") — should be enterprise-integrator-architect |
| 2 |
plugins/ceo-quality-controller-agent/agents/ceo-quality-controller-agent.md |
name: 1-ceo-quality-control-agent (numeric prefix, wrong suffix) — should be ceo-quality-controller-agent |
| 3 |
plugins/problem-solver-specialist/agents/problem-solver-specialist.md |
name: 1-problem-solver-specialist (numeric prefix) — should be problem-solver-specialist |
Claude Code registers agents by their name frontmatter field. A mismatch means sub-agent delegation via use <plugin-name> will fail to find the agent. Bug #3 is particularly notable because the agent's own body text chains to itself using 1-problem-solver-specialist, which means callers who use the undocumented prefixed form work, but anyone using the plugin name conventionally will get a silent failure.
Priority 2 — Missing tool declarations (agents silently skip key steps)
| # |
File |
Issue |
| 4 |
plugins/agent-sdk-dev/agents/agent-sdk-verifier-ts.md |
No tools: declared; body requires Bash (for npx tsc --noEmit) and WebFetch (for SDK docs) |
| 5 |
plugins/agent-sdk-dev/agents/agent-sdk-verifier-py.md |
No tools: declared; body requires Bash and WebFetch for the same reasons |
Without a tools: declaration, Claude Code does not grant the agent access to those tools. The type-checking and documentation-fetching steps silently produce no output.
Priority 3 — Shell injection via $ARGUMENTS (Medium security)
| # |
File |
Issue |
| 6 |
plugins/optimize/commands/optimize.md |
!du -h $ARGUMENTS and `!`wc -l $ARGUMENTS interpolate raw user input into pre-context shell execution |
The ! mechanism runs shell commands at prompt-build time, before Claude is invoked. The allowed-tools restriction applies to the Bash tool used during Claude's turn and does not protect against this. A crafted argument like "; rm -rf ~" would be executed.
Additional bugs (not PR'd — scope too large for automated fix)
| # |
File |
Issue |
| 7 |
plugins/context7-docs-fetcher/agents/context7-docs-fetcher.md |
Uses mcp__ide__getDiagnostics and mcp__ide__executeCode not declared in tools: |
| 8 |
~30 plugin.json files |
description truncated mid-sentence (e.g. ends with "Examples:") — likely a serialization bug where long strings were cut at a character limit |
| 9 |
plugins/planning-prd-agent/.claude-plugin/plugin.json |
description value wrapped in extra single-quote syntax: "'MUST BE USED PROACTIVELY...'" |
| 10 |
plugins/pr-issue-resolve/.claude-plugin/plugin.json |
Description contains trailing \n escape |
PRs submitted
Each PR is a minimal, targeted fix that matches your existing file style. The diffs are small and easy to review independently.
This is a high-quality collection — the best artifacts scored 91–98/100 and serve as clear reference implementations. The bugs above are mostly mechanical issues that would be easy to miss during authoring. Happy to provide more details on any finding.
About this audit
NLPM is a natural-language programming linter for Claude Code plugins. It applies a 100-point scoring model to agent
.mdfiles, command files, andplugin.jsonmanifests, checking for structural correctness, naming consistency, and security patterns.This collection scored 78/100 across 244 artifacts. The security scan came back CLEAR (no Critical or High findings). The issues below are the structural bugs — mechanical mismatches that affect runtime behavior, not style preferences.
Bugs found
Priority 1 — Agent name mismatches (agent routing breaks)
plugins/enterprise-integrator-architect/agents/enterprise-integrator-architect.mdname: enterprise-integration-architect(missing "or") — should beenterprise-integrator-architectplugins/ceo-quality-controller-agent/agents/ceo-quality-controller-agent.mdname: 1-ceo-quality-control-agent(numeric prefix, wrong suffix) — should beceo-quality-controller-agentplugins/problem-solver-specialist/agents/problem-solver-specialist.mdname: 1-problem-solver-specialist(numeric prefix) — should beproblem-solver-specialistClaude Code registers agents by their
namefrontmatter field. A mismatch means sub-agent delegation viause <plugin-name>will fail to find the agent. Bug #3 is particularly notable because the agent's own body text chains to itself using1-problem-solver-specialist, which means callers who use the undocumented prefixed form work, but anyone using the plugin name conventionally will get a silent failure.Priority 2 — Missing tool declarations (agents silently skip key steps)
plugins/agent-sdk-dev/agents/agent-sdk-verifier-ts.mdtools:declared; body requiresBash(fornpx tsc --noEmit) andWebFetch(for SDK docs)plugins/agent-sdk-dev/agents/agent-sdk-verifier-py.mdtools:declared; body requiresBashandWebFetchfor the same reasonsWithout a
tools:declaration, Claude Code does not grant the agent access to those tools. The type-checking and documentation-fetching steps silently produce no output.Priority 3 — Shell injection via $ARGUMENTS (Medium security)
plugins/optimize/commands/optimize.md!du -h $ARGUMENTSand `!`wc -l $ARGUMENTSinterpolate raw user input into pre-context shell executionThe
!mechanism runs shell commands at prompt-build time, before Claude is invoked. Theallowed-toolsrestriction applies to the Bash tool used during Claude's turn and does not protect against this. A crafted argument like"; rm -rf ~"would be executed.Additional bugs (not PR'd — scope too large for automated fix)
plugins/context7-docs-fetcher/agents/context7-docs-fetcher.mdmcp__ide__getDiagnosticsandmcp__ide__executeCodenot declared intools:plugin.jsonfilesdescriptiontruncated mid-sentence (e.g. ends with"Examples:") — likely a serialization bug where long strings were cut at a character limitplugins/planning-prd-agent/.claude-plugin/plugin.jsondescriptionvalue wrapped in extra single-quote syntax:"'MUST BE USED PROACTIVELY...'"plugins/pr-issue-resolve/.claude-plugin/plugin.json\nescapePRs submitted
enterprise-integrator-architectname mismatchceo-quality-controller-agentname mismatchproblem-solver-specialistname mismatchtools:declarations toagent-sdk-verifier-tsandagent-sdk-verifier-py$ARGUMENTSpath before shell interpolation inoptimizecommandEach PR is a minimal, targeted fix that matches your existing file style. The diffs are small and easy to review independently.
This is a high-quality collection — the best artifacts scored 91–98/100 and serve as clear reference implementations. The bugs above are mostly mechanical issues that would be easy to miss during authoring. Happy to provide more details on any finding.