ai-core
Core AI-agent safety and planning rails
Plugins: boundary-arch-hardening complexity-loc-budgets deadcode-orphan-api paranoid-tool-policy plan-diff-scope spec-adr-gate surface-contract-guard
Install (native, recommended)
Works directly with the signed registry (no cloning).
ai-dx-mcp plugins install --registry https://github.com/AmirTlinov/compas-plugin-registry/releases/latest/download/registry.manifest.v1.json --admin-lane --plugins <plugin-id> --repo-root /path/to/your/projectai-dx-mcp plugins install --registry https://github.com/AmirTlinov/compas-plugin-registry/releases/latest/download/registry.manifest.v1.json --admin-lane --packs <pack-id> --repo-root /path/to/your/projectPacks
ai-entropy
Entropy-control rails for long-lived typed AI-first repos; scans typed change memory, not legacy exec-plan or review JSON truth.
Plugins: context-budget docs-graph golden-principles-enforcer quality-summary-report stale-artifact-scanner
ai-proof-core
Flagship typed-change proof rails for AI-first repos, without legacy truth-surface shims.
Plugins: boundary-arch-hardening change-contract complexity-loc-budgets deadcode-orphan-api docs-graph lease-lock merge-truth-contract paranoid-tool-policy projection-integrity review-matrix structured-report-ingestion surface-contract-guard
ai-repo-quality
Quality-first non-authoring rails for code repositories; compas provides objective feedback without materializing repo truth surfaces.
Plugins: boundary-arch-hardening complexity-loc-budgets coverage-nonregression deadcode-orphan-api lint-unified-gate paranoid-tool-policy perf-regression-budget quality-summary-report reuse-report-gate surface-contract-guard tests-junit-gate worktree-isolation-guard
ai-runtime
Experimental runtime, observability, and UI harness rails for bootable AI-first repos.
Plugins: app-lifecycle-harness lease-lock observability-agent-gate ui-validation-gate worktree-isolation-guard
all
Install all registered plugins, including optional and advanced checks.
Plugins: app-lifecycle-harness boundary-arch-hardening change-contract complexity-loc-budgets context-budget coverage-nonregression deadcode-orphan-api docs-graph docs-no-drift exceptions-ttl-guard golden-principles-enforcer lease-lock lint-unified-gate log-pii-guard merge-truth-contract observability-agent-gate paranoid-tool-policy perf-regression-budget plan-diff-scope projection-integrity provenance-attestation quality-summary-report release-readiness-gate reuse-report-gate review-matrix sast-semgrep-gate sbom-gate secrets-leak-guard spec-adr-gate stale-artifact-scanner structured-report-ingestion supply-chain-hygiene surface-contract-guard tests-junit-gate ui-validation-gate worktree-isolation-guard
quality
Quality, test, docs, and non-regression checks
Plugins: coverage-nonregression docs-no-drift exceptions-ttl-guard lint-unified-gate perf-regression-budget quality-summary-report release-readiness-gate reuse-report-gate structured-report-ingestion tests-junit-gate
security
Security, secret-leak, and supply-chain safety gates
Plugins: log-pii-guard provenance-attestation sast-semgrep-gate sbom-gate secrets-leak-guard supply-chain-hygiene
starter-safe
Recommended safe defaults: community-stable checks only; no experimental/deprecated plugins.
Plugins: boundary-arch-hardening complexity-loc-budgets coverage-nonregression deadcode-orphan-api docs-no-drift exceptions-ttl-guard lint-unified-gate log-pii-guard paranoid-tool-policy plan-diff-scope provenance-attestation reuse-report-gate sast-semgrep-gate sbom-gate secrets-leak-guard spec-adr-gate supply-chain-hygiene surface-contract-guard tests-junit-gate
Plugins
Showing 38 of 38.
No plugins match your filters.
app-lifecycle-harness
Run a repo-declared start-readiness-smoke-teardown runtime harness
Why
Run a repo-declared start-readiness-smoke-teardown runtime harness
Aliases
p27
Tags
harnesslifecycleruntime
Maintainers
amirtlinov
Packs
ai-runtimeall
experimental
boundary-arch-hardening
Architecture layers + boundary policy hardening (anti-spaghetti) for polyglot projects
Why
Needed so the project does not turn into spaghetti: it keeps modules in their places and prevents chaotic coupling.
Aliases
p04
Tags
archboundaryhardening
Maintainers
amirtlinov
Packs
ai-coreai-proof-coreai-repo-qualityallstarter-safe
community
change-contract
Validate typed change capsule frontmatter, required sections, and lease declarations
Why
Validate typed change capsule frontmatter, required sections, and lease declarations
Aliases
p34
Tags
changecontracttyped
Maintainers
amirtlinov
Packs
ai-proof-coreall
community
complexity-loc-budgets
Complexity and LOC budgets for polyglot repositories to prevent AI-generated monoliths
Why
Needed to stop huge unreadable functions/files early, while changes are still cheap to fix.
Aliases
p06
Tags
budgetscomplexityloc
Maintainers
amirtlinov
Packs
ai-coreai-proof-coreai-repo-qualityallstarter-safe
community
context-budget
Validate typed context-budget limits across active change capsules and projection manifests
Why
Validate typed context-budget limits across active change capsules and projection manifests
Aliases
p35
Tags
budgetcontexttyped
Maintainers
amirtlinov
Packs
ai-entropyall
community
coverage-nonregression
Coverage non-regression guard for quality posture
Why
Needed so test coverage does not silently degrade from release to release.
Aliases
p15
Tags
coveragenonregression
Maintainers
amirtlinov
Packs
ai-repo-qualityallqualitystarter-safe
community
deadcode-orphan-api
Detect dead private symbols and orphaned public API in polyglot runtime sources
Why
Needed to clean dead code and unused public API, reducing maintenance cost and confusion.
Aliases
p07
Tags
apideadcodeorphan
Maintainers
amirtlinov
Packs
ai-coreai-proof-coreai-repo-qualityallstarter-safe
community
docs-graph
Validate docs-router, change-capsule graph files, and stale capsule freshness windows
Why
Validate docs-router, change-capsule graph files, and stale capsule freshness windows
Aliases
p36
Tags
docsgraphtyped
Maintainers
amirtlinov
Packs
ai-entropyai-proof-coreall
community
docs-no-drift
Docs sync no-drift checks for architecture and documentation contract health
Why
Needed to keep docs aligned with real behavior, so users and contributors trust what they read.
Aliases
p17
Tags
docsdriftno
Maintainers
amirtlinov
Packs
allqualitystarter-safe
community
example-minimal
Reference minimal plugin for community onboarding
Why
Needed as a minimal reference plugin so teams can quickly understand structure and start safely.
Aliases
—
Tags
exampleminimal
Maintainers
amirtlinov
Packs
—
certified
exceptions-ttl-guard
P16 enforce TTL, expiry and budget rules for allowlist exceptions
Why
Needed so temporary exceptions really stay temporary and do not become hidden permanent debt.
Aliases
p16
Tags
exceptionsguardttl
Maintainers
amirtlinov
Packs
allqualitystarter-safe
community
golden-principles-enforcer
Validate a compact PHILOSOPHY.md golden-principles contract for AI-first repositories
Why
Validate a compact PHILOSOPHY.md golden-principles contract for AI-first repositories
Aliases
p30
Tags
ai-firstgovernanceprinciples
Maintainers
amirtlinov
Packs
ai-entropyall
community
lease-lock
Validate typed lease policy and detect conflicting active change leases
Why
Validate typed lease policy and detect conflicting active change leases
Aliases
p37
Tags
coordinationleaselocking
Maintainers
amirtlinov
Packs
ai-proof-coreai-runtimeall
community
lint-unified-gate
P19 plugin wires a unified lint gate for rust, python, and js/ts quality checks
Why
Needed to enforce one clear quality style across the repo, instead of many conflicting local rules.
Aliases
p19
Tags
gatelintunified
Maintainers
amirtlinov
Packs
ai-repo-qualityallqualitystarter-safe
community
log-pii-guard
Prevent PII and secret leaks in logging output
Why
Needed to prevent personal or sensitive data leaks in logs before they become incidents.
Aliases
p18
Tags
guardlogpii
Maintainers
amirtlinov
Packs
allsecuritystarter-safe
community
merge-truth-contract
Assemble canonical merge-readiness proof from existing compas witness state and repo-local review truth
Why
Assemble canonical merge-readiness proof from existing compas witness state and repo-local review truth
Aliases
p33
Tags
merge-truthproofreview
Maintainers
amirtlinov
Packs
ai-proof-coreall
community
observability-agent-gate
Validate repo-local observability reports, logs, metrics, and traces
Why
Validate repo-local observability reports, logs, metrics, and traces
Aliases
p28
Tags
metricsobservabilitytraces
Maintainers
amirtlinov
Packs
ai-runtimeall
experimental
paranoid-tool-policy
Paranoid Tool Policy guardrail for strict tool execution
Why
Needed to block dangerous or unexpected tool execution paths and keep automation predictable.
Aliases
p01
Tags
paranoidpolicytool
Maintainers
amirtlinov
Packs
ai-coreai-proof-coreai-repo-qualityallstarter-safe
community
perf-regression-budget
Performance Regression Budget gate for AI edits and runtime-impact checks.
Why
Needed so the system does not become slower over time without anyone noticing.
Aliases
p20
Tags
budgetperfregression
Maintainers
amirtlinov
Packs
ai-repo-qualityallquality
community
plan-diff-scope
P03 plugin enforces plan-to-diff scope consistency checks
Why
Needed to ensure implementation matches the agreed plan and does not include hidden extra changes.
Aliases
p03
Tags
diffplanscope
Maintainers
amirtlinov
Packs
ai-coreallstarter-safe
community
projection-integrity
Validate typed projection manifest integrity for change-capsule projections
Why
Validate typed projection manifest integrity for change-capsule projections
Aliases
p38
Tags
integrityprojectiontyped
Maintainers
amirtlinov
Packs
ai-proof-coreall
community
provenance-attestation
Provenance and attestation gate for release artifact integrity and trust.
Why
Needed to prove where release artifacts came from and increase trust for users and auditors.
Aliases
p11
Tags
attestationprovenance
Maintainers
amirtlinov
Packs
allsecuritystarter-safe
community
quality-summary-report
Check and refresh the machine-readable quality summary witness from canonical compas gate outputs
Why
Check and refresh the machine-readable quality summary witness from canonical compas gate outputs
Aliases
—
Tags
posturequalitysummary
Maintainers
amirtlinov
Packs
ai-entropyai-repo-qualityallquality
community
release-readiness-gate
CI/CD release-readiness enforcement for deterministic publishing
Why
Needed to check real readiness before release, reducing rollback and hotfix stress.
Aliases
p21
Tags
gatereadinessrelease
Maintainers
amirtlinov
Packs
allquality
community
reuse-report-gate
P05 gate extension with reuse-report tool
Why
Needed to push reuse over copy-paste, so maintenance stays cheaper and behavior stays consistent.
Aliases
p05
Tags
gatereportreuse
Maintainers
amirtlinov
Packs
ai-repo-qualityallqualitystarter-safe
community
review-evidence-contract
Validate legacy JSON review artifacts and witness references for compatibility-mode merge lanes
Why
Validate legacy JSON review artifacts and witness references for compatibility-mode merge lanes
Aliases
p25
Tags
contractevidencelegacyreview
Maintainers
amirtlinov
Packs
—
sunset
review-matrix
Validate review-matrix policy and change-capsule lens requirements by risk tier
Why
Validate review-matrix policy and change-capsule lens requirements by risk tier
Aliases
p39
Tags
matrixreviewtyped
Maintainers
amirtlinov
Packs
ai-proof-coreall
community
sast-semgrep-gate
P12 wiring: add Semgrep security scan into gate flow
Why
Needed to catch common security issues early, before they reach production.
Aliases
p12
Tags
gatesastsemgrep
Maintainers
amirtlinov
Packs
allsecuritystarter-safe
community
sbom-gate
SBOM gate plugin for dependency manifests and lockfile traceability
Why
Needed to keep a clear inventory of dependencies for security, legal, and incident response work.
Aliases
p10
Tags
gatesbom
Maintainers
amirtlinov
Packs
allsecuritystarter-safe
community
secrets-leak-guard
Secrets Leakage Guard plugin for blocking secret exposure checks.
Why
Needed to prevent accidental leaks of tokens, passwords, and keys in code or artifacts.
Aliases
p13
Tags
guardleaksecrets
Maintainers
amirtlinov
Packs
allsecuritystarter-safe
community
spec-adr-gate
Spec/ADR gate plugin: enforce goal, non-goals, acceptance, edge-cases and rollback before implementation
Why
Needed so teams agree on goals, constraints, and rollback before coding starts.
Aliases
p02
Tags
adrgatespec
Maintainers
amirtlinov
Packs
ai-coreallstarter-safe
community
stale-artifact-scanner
Scan for stale plans, review artifacts, and orphaned evidence files
Why
Scan for stale plans, review artifacts, and orphaned evidence files
Aliases
p32
Tags
artifactsentropystale
Maintainers
amirtlinov
Packs
ai-entropyall
community
structured-report-ingestion
Validate and enforce structured report artifacts (SARIF/JUnit/JSON) in gates
Why
Needed to turn tool outputs into clear, comparable quality signals instead of noisy raw logs.
Aliases
p22
Tags
ingestionreportstructured
Maintainers
amirtlinov
Packs
ai-proof-coreallquality
community
supply-chain-hygiene
Supply-chain gate for deterministic dependency lockfiles and stable versions
Why
Needed to control dependency risk and avoid unstable or unsafe package drift.
Aliases
p09
Tags
chainhygienesupply
Maintainers
amirtlinov
Packs
allsecuritystarter-safe
community
surface-contract-guard
Guard public API surface growth and contract breaks with explicit baselines
Why
Needed to protect API contracts from accidental breaking changes that hurt users.
Aliases
p08
Tags
contractguardsurface
Maintainers
amirtlinov
Packs
ai-coreai-proof-coreai-repo-qualityallstarter-safe
community
tests-junit-gate
P14 enforces normalized JUnit-aware test execution in gate
Why
Needed to ensure tests run in a standard format so failures are visible and actionable for everyone.
Aliases
p14
Tags
gatejunittests
Maintainers
amirtlinov
Packs
ai-repo-qualityallqualitystarter-safe
community
ui-validation-gate
Validate repo-produced UI smoke reports, screenshots, and DOM assertions
Why
Validate repo-produced UI smoke reports, screenshots, and DOM assertions
Aliases
p29
Tags
browseruivalidation
Maintainers
amirtlinov
Packs
ai-runtimeall
experimental
worktree-isolation-guard
Validate deterministic per-worktree state, log, temp, and port isolation config
Why
Validate deterministic per-worktree state, log, temp, and port isolation config
Aliases
p26
Tags
isolationruntimeworktree
Maintainers
amirtlinov
Packs
ai-repo-qualityai-runtimeall
community