Creating a CodeGuard Claude Code Skill and plugin structure and documentation#45
Merged
santosomar merged 9 commits intomainfrom Oct 21, 2025
Merged
Creating a CodeGuard Claude Code Skill and plugin structure and documentation#45santosomar merged 9 commits intomainfrom
santosomar merged 9 commits intomainfrom
Conversation
- Updated .gitattributes to improve language detection for markdown files and added documentation settings for the Claude plugin. - Modified .gitignore to include cache files for the Claude plugin and ensure proper exclusion of agent files. - Introduced new marketplace.json and plugin.json files for the Claude Code plugin, detailing plugin metadata and security rules. - Added comprehensive documentation for the CodeGuard Claude Code Plugin, including installation instructions and usage guidelines. - Created multiple security rules covering various aspects such as authentication, API security, data protection, and session management. - Implemented a script to prepare the CodeGuard plugin for distribution, ensuring all necessary files are in place. This commit lays the groundwork for a robust security framework within the Claude Code environment.
santosomar
requested review from
aacarter1,
Copilot,
disha-code347,
ramraaj25 and
thomas-bartlett
Contributor
There was a problem hiding this comment.
Pull Request Overview
Initial integration of Project CodeGuard into a Claude Code plugin/skill, adding metadata, documentation, packaging script, and a comprehensive set of security rule files to guide secure-by-default coding.
- Adds .claude-plugin metadata (plugin.json, marketplace.json) for marketplace discovery and install.
- Introduces the software-security skill (SKILL.md) and 22 rule files spanning core AppSec domains.
- Provides a packaging/prep script and documentation for setup and local testing; updates .gitattributes for linguist.
Reviewed Changes
Copilot reviewed 28 out of 29 changed files in this pull request and generated 10 comments.
Show a summary per file
| File | Description |
|---|---|
| src/prepare-claude-code-plugin.sh | Build/prep script to copy rules into the skill structure, verify required files, and print local testing instructions. |
| skills/software-security/SKILL.md | Defines the security skill, usage workflow, and how rules are applied. |
| skills/software-security/rules/codeguard-1-safe-c-functions.md | C/C++ memory/string safety guidance, insecure-to-safe replacements, examples, and checklists. |
| skills/software-security/rules/codeguard-1-hardcoded-credentials.md | Prohibits secrets in source; recognition patterns and guidance. |
| skills/software-security/rules/codeguard-1-digital-certificates.md | Certificate recognition and mandatory checks (expiry, key strength, signature, issuer type). |
| skills/software-security/rules/codeguard-1-crypto-algorithms.md | Crypto algorithms/APIs guidance and banned/deprecated lists. |
| skills/software-security/rules/codeguard-0-xml-and-serialization.md | XML hardening and safe deserialization guidelines per language. |
| skills/software-security/rules/codeguard-0-supply-chain-security.md | Dependency/SBOM/provenance and CI policy guidance. |
| skills/software-security/rules/codeguard-0-session-management-and-cookies.md | Session/cookie hardening and lifecycle controls. |
| skills/software-security/rules/codeguard-0-privacy-data-protection.md | Privacy/data protection guidance and auth UX notes. |
| skills/software-security/rules/codeguard-0-mobile-apps.md | iOS/Android security practices. |
| skills/software-security/rules/codeguard-0-logging.md | Structured logging/redaction/alerting guidance. |
| skills/software-security/rules/codeguard-0-input-validation-injection.md | Validation/parameterization and injection defenses. |
| skills/software-security/rules/codeguard-0-iac-security.md | IaC/cloud hardening controls. |
| skills/software-security/rules/codeguard-0-framework-and-languages.md | Framework-specific secure defaults (Django, Rails, .NET, etc.). |
| skills/software-security/rules/codeguard-0-file-handling-and-uploads.md | Secure upload/storage/validation guidance. |
| skills/software-security/rules/codeguard-0-devops-ci-cd-containers.md | CI/CD and container hardening. |
| skills/software-security/rules/codeguard-0-data-storage.md | DB hardening, TLS, least privilege, auditing. |
| skills/software-security/rules/codeguard-0-cloud-orchestration-kubernetes.md | Kubernetes RBAC/policy/networking/secrets guidance. |
| skills/software-security/rules/codeguard-0-client-side-web-security.md | Client-side XSS/CSP/CSRF/clickjacking/XS-Leaks controls. |
| skills/software-security/rules/codeguard-0-authorization-access-control.md | AuthZ, IDOR prevention, mass assignment, step-up. |
| skills/software-security/rules/codeguard-0-authentication-mfa.md | Auth/MFA, password hashing, federation, tokens. |
| skills/software-security/rules/codeguard-0-api-web-services.md | API security across REST/GraphQL/SOAP, SSRF, rate limits. |
| skills/software-security/rules/codeguard-0-additional-cryptography.md | TLS/HSTS/pinning, key mgmt, AEAD usage. |
| docs/claude-code-skill-plugin.md | Plugin overview, install, workflow, and team deployment docs. |
| .gitattributes | Linguist tuning for markdown and plugin docs. |
| .claude-plugin/plugin.json | Plugin metadata (name, version, author, keywords). |
| .claude-plugin/marketplace.json | Marketplace catalog entry for the plugin. |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
Contributor
Author
|
This PR successfully creates a comprehensive Claude Code plugin structure for Project CodeGuard. ✅ Excellent Structure & Documentation
✅ Comprehensive Security Coverage
✅ High-Quality Security Content
✅ Professional Implementation
✅ Technical Quality Check
|
Co-authored-by: Copilot <[email protected]>
Contributor
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 28 out of 29 changed files in this pull request and generated 6 comments.
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
- Added .claude/settings.local.json to the ignore list to prevent local configuration files from being tracked. - Ensured .claude-plugin/.cache is excluded to maintain a clean repository.
ramraaj25
reviewed
Oct 20, 2025
ramraaj25
reviewed
Oct 20, 2025
Contributor
Author
|
@ramraaj25 @thomas-bartlett - should we merge this one and then #46 and #47 ? |
Contributor
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 27 out of 28 changed files in this pull request and generated 2 comments.
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
Contributor
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 27 out of 28 changed files in this pull request and generated 2 comments.
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
feat: added support to generate language-rule mappings in SKILLS
ramraaj25
approved these changes
Oct 21, 2025
Collaborator
Yes, that would be great! Edit: Since our PR's target was |
Add ClaudeCodeFormat to unified build system
Contributor
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 33 out of 34 changed files in this pull request and generated 2 comments.
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
ramraaj25
approved these changes
Oct 21, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #42
This pull request introduces the initial integration of Project CodeGuard's security framework into a Claude Code plugin and related skill to provide comprehensive resources and configuration for secure AI-assisted coding.
The changes include new plugin metadata, documentation, and a set of foundational security rule files for software security skills. These resources are designed to help AI coding agents prevent vulnerabilities and enforce secure-by-default practices across authentication, authorization, cryptography, API/web services, and more.
Project CodeGuard Integration and Plugin Configuration
.claude-plugin/marketplace.jsonand.claude-plugin/plugin.jsonto register the newcodeguard-securityplugin, including metadata, ownership, repository links, and keywords for marketplace discovery. [1] [2]Documentation and Guidance
skills/software-security/SKILL.mdto document usage instructions, workflow, and guidance for applying Project CodeGuard rules during code writing and review.Security Rule Files (Software Security Skill)
skills/software-security/rules/covering:codeguard-0-authentication-mfa.md)codeguard-0-authorization-access-control.md)codeguard-0-api-web-services.md)codeguard-0-additional-cryptography.md)Repository and Linguist Configuration
.gitattributesto improve linguist detection for documentation and markdown files, and to exclude certain files from export. (.gitattributes)Some additional references: