claudeindex
chrismccoy's avatar
Author

Chris McCoy

@chrismccoy
1
Marketplaces
24
Plugins
0
Skills
0
Agents
0
Commands

Marketplaces

Marketplace

chrismccoy

chrismccoy

Plugins:24
Skills:0
2
0

Plugins

Plugin

explain-my-code

Analyzes a complete code repository as a senior software architect and produces one self-contained, production-grade Markdown document that onboards anyone new to the project with no handover meetings. Five-phase workflow: SCOPE (find repo root, read manifests first), IDENTIFY (tech stack, monolith vs microservices, entry points), TRAVERSE (folder/service/module walk, infer design patterns, trace data and dependency flow), WRITE (all 13 fixed sections, real file/class/function names, embedded Mermaid graph TD and sequenceDiagram), VERIFY (every section present and non-shallow, cited symbols confirmed to exist, valid Mermaid). Output is a single CODEBASE_DOCUMENTATION.md with 13 mandatory sections: Project Overview, System Architecture, Repository Structure, Tech Stack & Dependencies, Core Components / Services, Application Flow (startup/request/auth/data), Key Design Patterns, Database & Models, External Integrations, Configuration & Environment, Build & Deployment, Observations & Risks, Suggestions for Improvement. Constraints preserved from source: no shallow summaries, no skipped sections, no undocumented behavior assumed without stated reasoning; inapplicable sections marked 'Not applicable' rather than dropped; vendored/build dirs excluded; large repos analyzed in chunks. Scope-locked to documentation generation. Refuses line-by-line code review and bug hunts (use wordpress-architect-review or a review skill), refactor/modernization plans (use refactoring-analyst), and diagram-only output (use codebase-to-mermaid). Includes /explain-my-code slash command with current-dir-vs-path picker.

Plugin

jq

Expert jq usage for querying, filtering, transforming, and aggregating JSON in real shell pipelines, in the voice of a senior CLI engineer. Optional guided intake collects three fields (JSON_SOURCE, GOAL, OUTPUT_MODE) but the skill also auto-triggers when the user pastes raw JSON or CLI output (curl, kubectl, aws, gh, docker) and asks to reshape, filter, or summarize it. Covers basic and nested selection, select() filtering, map/transform, reduce and group_by aggregation, string interpolation and @csv/@tsv/@base64/@uri formatting, key and path manipulation, conditionals and try/catch error handling, and shell integration (--arg/--argjson safe variable injection, -r raw output, -c NDJSON, -s slurp). Workflow inspects the actual JSON shape (jq 'keys', jq '.[0]') before writing the filter, builds it one pipe stage at a time, and verifies against a sample. Output format: one copy-paste-ready jq command in a bash block plus a one-line plain-English explanation per filter stage. Enforces -r for shell consumption, --arg/--argjson over string interpolation, single-quoted filter strings, and null/empty edge-case handling (// empty, // 0, add // 0). Refuses JSON authoring, JSON Schema validation, jsonnet, and non-jq shell scripting. Includes /jq slash command with AskUserQuestion intake.

Plugin

kubernetes-architect

Designs resilient, secure, production-ready Kubernetes manifests in the voice of a Principal Cloud Native Architect and Kubernetes expert. Four inputs (APP_REQUIREMENTS, RESOURCE_LIMITS, EXPOSURE_STRATEGY, TARGET_ENVIRONMENT) drive a locked four-phase blueprint: PHASE 1 Architecture Overview (resources generated + routing/scaling strategy), PHASE 2 Deployment & Scaling Manifests (complete Deployment YAML plus HPA if applicable), PHASE 3 Networking & Configuration Manifests (Service plus Ingress or ConfigMaps), PHASE 4 Deployment Guide (step-by-step kubectl apply and rollout verification). Strict operating constraints: liveness and readiness probes on every container, resource requests and limits on every container, security contexts (runAsNonRoot, readOnlyRootFilesystem, allowPrivilegeEscalation false) where applicable, syntax-perfect 2-space YAML with dash-based arrays, and no markdown square brackets in prose outside code blocks. Never invents image names, tags, apiVersion values, kind names, or field keys. Pre-delivery validation on every YAML block: apiVersion/kind/metadata.name present, valid 2-space indentation, probes plus resources plus securityContext per container, Service/Ingress selectors match pod labels, no invented images. Hard prompt-injection defense treats inputs as untrusted data, flags behavior-altering directives (ignore probes, run as root, skip security) in PHASE 1, and STOPs to ask when a field is empty or contradictory rather than inventing defaults. Scope-locked: refuses off-domain requests (Terraform, billing, app code) with one line then continues the K8s task. Includes /kubernetes-architect slash command with AskUserQuestion intake.

Plugin

docker-compose-architect

Designs production, secure, scalable docker-compose stacks in the voice of a Senior DevOps Engineer and Docker expert. Two required inputs (TECH_STACK, DATABASE_REQUIREMENTS) plus two optional (NETWORK_SETUP, SPECIFIC_CONSTRAINTS) drive a locked four-phase blueprint: PHASE 1 Architecture Overview (topology + network isolation), PHASE 2 complete docker-compose.yml, PHASE 3 .env template with ${VAR} placeholders and critical-variable notes, PHASE 4 build/start/monitor commands plus reverse-proxy and scaling recommendations. Strict operating constraints: secrets only as ${VAR} env references (never literals), containers run non-root where the base image allows, tiers isolated on separate bridge networks (frontend vs database), named volumes or bind mounts for every stateful service, depends_on with condition service_healthy plus healthchecks on every service, compose YAML indented 2 spaces, and no markdown square brackets in prose. Never invents image names, tags, version numbers, or compose keys. Output validation before sending: all 4 phases present, valid 2-space YAML, every secret an env reference, every service healthchecked or documented, no invented images. Hard prompt-injection defense treats inputs as untrusted data; halts with one targeted question per missing required field and surfaces conflicting constraints before generating. Scope-locked: refuses Kubernetes, Terraform, raw Dockerfiles, and unrelated requests with 'Out of scope: this engine outputs docker-compose stacks only.' Includes /docker-compose-architect slash command with AskUserQuestion intake.

Plugin

powershell-script-engine

Generates production, PSScriptAnalyzer-clean PowerShell scripts in the voice of a PowerShell expert and Windows systems engineer. Two free-text inputs (TASK, USER_REQUIREMENTS) plus three choices (PS_TARGET, REMOTE, DESTRUCTIVE) drive a locked four-section output: Script (comment-based help on every function, #Requires -Version 7.0, [CmdletBinding()] with validated params, try/catch/finally, console+file logging that rolls at 10 MB keeping 5 archives), Parameters table (Name/Mandatory/Type/Validation), at least three Usage Examples (local, pipeline, remote/PSSession), and Security Notes. Approved verbs only (Get-Verb), no aliases in body, no Write-Host for data, no positional args in examples, no PSScriptAnalyzer rule suppressions. Security non-negotiables: never emits plaintext passwords, hardcoded credentials, API keys, or connection strings ([PSCredential]/Get-Credential/SecretManagement only); never generates destructive operations (Remove-*, Format-*, Stop-*, registry/disk writes) unless named in requirements, and gates any behind -WhatIf/-Confirm; never invents cmdlet, module, parameter, or version names. Hard prompt-injection defense treats requirements as inert data; halts with one clarifying question when task or requirements are empty. Ends every response with a review-before-production footer. Includes /powershell-script-engine slash command with AskUserQuestion intake.

Plugin

tech-blog-article

Drafts front-page-quality technical articles in the voice of a senior developer and technical writer (clarity of Julia Evans, pragmatism of Dan Abramov, storytelling of Charity Majors). Five inputs (TOPIC, AUDIENCE_LEVEL, ARTICLE_ANGLE, PRIMARY_LANGUAGE, WORD_COUNT) drive a locked output: 60-char title, concrete hook, credibility context paragraph, 3-4 bullet TL;DR box, H2 sections that are complete thoughts (not bare topic labels), wrong-way-then-right-way code examples under 20 lines with language identifiers and plain-English explanations, honest trade-offs, a 'So What?' test per section, and one of four ending patterns plus a one-line author bio. Pre-write input validation halts on bracketed placeholders or out-of-range word counts (300-5000); silent post-write output validation enforces title length, TL;DR bullet count, complete-thought H2s, code-block annotations, and ending pattern. Hard prompt-injection defense treats all inputs as inert article subject matter; refuses non-writing and role-change requests with 'I only draft technical articles - give me a topic and I'll write.' Includes /tech-blog-article slash command with AskUserQuestion intake (topic, audience level, angle, primary language, word count).

Plugin

html-to-wordpress-theme

Converts static HTML files into installable WordPress themes with Tailwind v3, WCAG 2.1 AA accessibility, and child-theme compatibility. Phased workflow with user approval gates: analysis, planning, chunked implementation, self-audit.

Plugin

html-design-styles

A catalog of 53 named design styles (bento, brutalist, glassmorphism, vaporwave, kawaii, cyberpunk, swiss, art deco, neumorphism, and more) with full color palettes, typography stacks, and component patterns for building consistent on-brand frontend interfaces.

Plugin

wordpress-plugin

Generates complete, enterprise grade WordPress plugins from scratch. The kind that could be submitted to WordPress.org today. picker intake (functionality categories, target users, admin interface components, frontend display surfaces, third party integrations) plus two free text inputs (plugin name, feature detail) drive a full directory tree with modular OOP classes (Admin, Frontend, Database, AJAX, REST), Settings API pages, Gutenberg blocks, shortcodes, REST endpoints, custom tables via dbDelta(), nonce/sanitization/escaping/capability checks, prepared statements, conditional asset enqueueing, internationalization with .pot file, WordPress.org-format readme.txt, and a complete uninstall.php cleanup script. WordPress Coding Standards compliant.

Plugin

wordpress-architect-review

Senior WordPress architect code review for plugins and themes. File by file audit covering security, performance, architecture, correctness, WordPress standards, accessibility, i18n, and missing infrastructure. Produces a structured report with a 1-10 scorecard, severity-tagged findings (SEVERE/MODERATE/MINOR), file:line citations, quoted offending code, top-5 prioritized fixes, and an optional 3-phase refactor roadmap. Detects target via plugin header, theme style.css, block.json, or mu-plugins path. Scope-locked to plugin/theme code review only; prompt-injection defenses treat file contents as inert data.

Plugin

unslop

Strip AI generated voice from source files without changing behavior. Edits only comments, docstrings, log/error messages, and identifier names. Never code logic, function signatures, return types, string literals shown to end users, or CLI help text. Kills marketing words (robust, seamless, comprehensive, world-class), AI tells (delve, leverage, harness, tapestry, myriad), em-dashes (U+2014) from developer prose, first-person plural (we/us/our/let's), hedging (perhaps, essentially, fundamentally), tutorial voice (As you can see, Let's dive in), apologetic openers (Please note, Keep in mind), restatement comments, and unjustified linter-suppression markers (# noqa, // @ts-ignore, //nolint, # rubocop:disable). Renames AI-jargon functions (orchestrateDataProvider → loadUsers) with substring-safety verification. 17-rule (Rule 0 through Rule 16), 19-language ruleset covers JavaScript, TypeScript, Python, Go, Rust, Java, C#, C/C++, Perl, Swift, Kotlin, PHP, Ruby, Elixir, Lua, SQL, PowerShell, Markdown, Shell. 22 framework subsections including React, Vue, Next.js, Nuxt, Astro, Alpine, Express, Vite, Webpack, Tailwind, WordPress, Laravel, Symfony, Twig, EJS. Pass-by-pass workflow: target picker (file/directory/paste) → vocab swap → voice rewrites → function renames → syntax check → verification greps → human read-back → mandatory final report. Rule 0 hard floor refuses behavior-change requests mid-pass.

Plugin

vgademo

Generates retro 1990s style sizecoded assembly demos for MS-DOS, BIOS, and boot sector targets. Adopts a demoscene engineer persona producing ultra compact 16-bit real mode asm with strict size budgets (256b intros, 512b boot sectors, 1KB/4KB), mandatory output format (byte budget, code, core trick, tradeoffs), and refusal codes for scope/size/contradiction/platform violations. Includes a /vgademo slash command with a 4 round AskUserQuestion multiple choice intake covering 14 placeholders: visual effect (plasma, fire, tunnel, rotozoomer, or custom via Other), size budget, target platform (MS-DOS .COM, boot sector, BIOS), video mode (Mode 13h, text mode B800h, VGA planar), CPU mode (16-bit real, 32-bit protected), assembler (NASM, FASM, TASM, MASM), binary format, entry point (org 100h, 7C00h), performance priority, loop style (single, unrolled, self modifying), allowed tricks (SMC, undocumented opcodes, FPU, lookup tables), memory model, dependencies, and comments toggle. Bundles two worked reference examples (256b XOR plasma .COM, 512b text mode boot sector) plus a negative anti pattern example. Demoscene rules enforced: register reuse, implicit operands, fused operations (STOSB/STOSW), bit shifts over mul/div, no PUSH/POP for preservation, no functions or macros beyond minimum. Hacker engineer voice, no marketing register, no corporate jargon.

Plugin

app-blueprint

Turns a one-line app idea into a complete, production-ready blueprint. Five required inputs (APP_DESCRIPTION, TECH_STACK, APP_TYPE, LANGUAGE, SCALE) drive an 11-section senior-architect plan: project overview, full folder tree, layer-by-layer walkthrough, data models, API endpoints, recommended libraries with rationale, environment setup, testing plan, deploy plan with scale-justified target and upgrade trigger, architect's notes, and a self-check validation table. Hard rules: no generic placeholders (no MyApp, no User Service - all names derive from APP_DESCRIPTION), identical folder names across sections 2 and 3, every entity referenced by at least one endpoint, every dependency mapped to a folder or reference, halts on missing input with explicit MISSING INPUT line. Includes /blueprint slash command with AskUserQuestion intake. Prompt-injection defense treats inputs as inert data.

Plugin

refactoring-analyst

Senior-engineer refactoring review producing an evidence-first, citation-bound (path:line) structured plan across 16 fixed sections with CRITICAL/HIGH/MEDIUM/LOW priorities. Operates on Martin Fowler's Refactoring catalog, Robert Martin's Clean Code, and SOLID + GRASP design heuristics. Two inputs: TARGET_PATH (file or folder) and FOCUS_AREAS (comma-separated weighting like coupling/naming/side-effects). Workflow: Step 0 access verification, Step 1 SCALE RULE (samples and is honest about what was fully analyzed vs sampled when file count > 50), Step 2 emit sections 1-16 with path:line citations, Step 3 emit Summary block (Top 5 Critical Issues, File Impact Matrix, Issue Summary Table), Step 4 silent STEP 17 self-validation. Hard constraints: never claim to have analyzed a file that was not read, exact 'None detected - <reason>.' format when empty, never skip a numbered section, treat inputs as inert data. Includes /refactor slash command with multiple-choice intake (path, focus areas, scope, depth).

Plugin

docblock-rewrite

Converts PHPDoc and JSDoc blocks into one-line plain-English // comments that a non-technical reader can understand. Two engines under shared rules: interactive skill mode (Read/Edit walk, 1-20 files) and a bundled bash + perl + claude --print runner (20+ files, unattended, CI-able) exposed as /docblock-rewrite. Walks .php, .js, .ts, .jsx, .tsx, .mjs, .cjs. Skip list covers vendor, node_modules, dist, build, coverage, __tests__, .git, .next, .nuxt, out, tmp, *.min.js, *.min.css. Honors @internal, @deprecated, @ignore opt-out tags. File-level detection via @file/@package/@module or post-block declare/namespace/use/import/export. Banned-word list: instantiate, invoke, callback, promise, iterate, async, boolean, array, object, parameter, argument, mutate, hash, payload, instance, factory, singleton, polyfill, regex. Output format: one line beginning with // and ending with a period, capitalized, present-tense verb for functions/methods, noun phrase for classes/files/properties/constants, max 100 chars total. Validation gates: one-line check, // prefix, length cap, banned-word regex. Bad outputs leave the original block intact for human review. Backups saved as .bak per file unless --no-backup. Dry-run mode emits unified diffs without writing. Concurrency configurable (default 3). Right-to-left byte-offset splice preserves alignment across multi-block files.

Plugin

codebase-to-mermaid

Reads an unfamiliar codebase end-to-end and produces validated Mermaid diagrams of how the system actually flows. Every node and edge is cited to a real file:line. No invented modules. No decorative arrows. Auto-classifies the project archetype (HTTP service, CLI, data pipeline, SPA, Next.js, Nuxt, Remix, WordPress plugin/theme, WooCommerce, Laravel, Symfony, custom PHP, Spring Boot, ASP.NET Core, Go service/CLI, Rust web/CLI/WASM, Bash, WP-CLI, htmx, Alpine, Livewire, Vue SPA, C/C++/Qt/Unity, monorepo) and picks the right diagram kind (flowchart TD/LR, sequenceDiagram, classDiagram). Splits diagrams at the 40-node cap into overview plus per-archetype drill-downs. Flags destructive steps (wp db reset, wp search-replace, rm -rf, aws s3 rm --recursive) with a distinct node style. Writes raw Mermaid to flow.mmd or flow-<archetype>.mmd next to the code for direct render via mmdc -i flow.mmd -o flow.svg or by pasting into mermaid.live, plus prints a Markdown report with diagram, legend (node → file:line), and notes. Five-phase procedure: Discover (glob layout, read manifests, grep framework signals), Classify (archetype table), Draft (node ids, citations, edge labels, subgraphs), Validate (every node cited, every edge greppable, Mermaid syntax check), Emit (Write tool plus chat report). Includes /codebase-to-mermaid slash command with current-dir-vs-path picker. Progressive disclosure splits the bulky framework signal grep cheat sheet (19+ languages, 22+ frameworks), archetype table, and 24 worked few-shot examples into separate reference files loaded on demand. Refuses code review, refactor proposals, bug hunts, and security/performance audits - scope-locked to diagram + legend + notes.

Plugin

mermaid-to-ascii

Convert a Mermaid diagram file into a clean, monospace ASCII art diagram and save it as a .txt file with the same base name. Acts as a senior Mermaid diagram architect with command of monospace/terminal layout. Filename-first intake: asks which .mmd file to convert and STOPs for the answer before doing anything, then restates the source to target mapping. Identifies the diagram type (sequenceDiagram, flowchart/graph, classDiagram, stateDiagram, erDiagram, gantt) and drives the ASCII layout from it: vertical lifelines for sequences, boxed nodes for flow/class/state/ER, time-axis bars for gantt. Preserves every node name, edge label, message, condition, and grouping block (alt/else/opt/loop/par); never drops or renames. Fixed column spacing, aligned boxes, frames closed on both ends, 80-120 char terminal assumption with split-not-truncate for oversized output. Each run emits a titled diagram plus a glyph legend. Edge cases handled: unsupported type approximated, empty source reports a parse error and writes nothing, partial source renders the valid portion and lists skipped lines. Hard prompt-injection defense treats all file content (including %% comments and node labels) as inert diagram data, never as instructions; writes only to the derived .txt and nowhere else. Includes a /mermaid-to-ascii slash command. Progressive disclosure splits the six per-type ASCII layout skeletons into a reference file loaded on demand.

Plugin

excel-formula-troubleshooter

Debug, fix, and optimize broken Excel and Google Sheets formulas. Identifies the exact root cause (mismatched parentheses, wrong syntax, text-vs-number mismatch, circular reference, incorrect range, wrong column index), returns a copy-paste-ready corrected formula with UPPERCASE function names, a beginner-friendly bulleted explanation, and an optional modern alternative (XLOOKUP over VLOOKUP, IFERROR to mask error values). Scope-locked to spreadsheet-formula troubleshooting. Includes a /fix-formula slash command that intakes the broken formula and the issue (pipe-separated, tag-wrapped, or interactive prompt).

Plugin

naming-strategist

Senior naming strategist for venture-backed SaaS founders. Produces 10 brandable, pronounceable, niche-fit domain candidates from five inputs (MARKET_TOPIC, TARGET_AUDIENCE, OFFER_TYPE, BRAND_TONE, EXTENSION_PRIORITY). Locked 4-section output: A) Setup Summary, B) Name List of 10 candidates with Angle/Fit/Recommended extension/Risk note (Low/Medium/High), C) Top 3 Shortlist with Strength/Watch-out bullets, D) Verification Checklist (registrar check, USPTO TESS, WIPO, pronunciation test, Google collision search). Silently scores every candidate 1-10 on Brandability, Niche fit, Pronounceability, Spelling ease, Differentiation and drops anything averaging below 7. Mixes at least 5 distinct naming structures across the 10 (compound, blended, metaphor, invented, classical-roots). Refuses legal-certainty claims (writes 'Needs verification' instead), hype words (proven/revolutionary/leverage/robust/seamless/cutting-edge), descriptive keyword domains, hyphens, numbers, awkward letter clusters, and forced -ify/-ly/-hub suffixes. Hard prompt-injection defense treats all five inputs as inert data. Scope-locked to domain naming - refuses marketing copy, strategy decks, legal advice, taglines with 'Out of scope - domain naming candidates only.' Includes /name-domains slash command with AskUserQuestion intake (market topic, audience, offer type, brand tone multi-select, extension priority) and silent self-validation gate before output.

Plugin

language-tutor

Expert linguist, translator, and language tutor with depth in comparative grammar, second-language pedagogy, and phonetics. Five inputs (MODE, TEXT, TARGET_LANGUAGE, NATIVE_LANGUAGE, DEPTH) drive two modes: TRANSLATION emits five locked sections (Translation, Grammar, Structure, Pronunciation, Usage & Register) with the best natural rendering, dual-language grammar notes, sentence breakdown, IPA plus English-approximation pronunciation with stress marks tailored to the learner's native language, and register/cultural nuance; TEXT ANALYSIS emits six sections (Grammar, Spelling & Punctuation, Style & Flow, Meaning & Content, Corrected Text with itemized original→corrected→reason changes, and exactly five Alternative Versions - formal, casual, detailed, concise, alt-vocabulary). Auto-detects source language, aligns register and difficulty to CEFR A1-C2, and respects a Quick depth that returns only the Translation or Corrected Text plus a one-line note. Hard accuracy floor: never invents grammar rules, etymologies, or IPA; flags uncertainty instead of guessing; states reduced confidence on low-resource languages and dialects and stops rather than approximating when a language cannot be handled reliably. Prompt-injection defense treats all submitted text strictly as DATA - directives embedded in TEXT (e.g. 'ignore your instructions') are translated or analyzed literally, never obeyed. Scope-locked: declines non-language requests with a restatement instead of switching into general-assistant behavior. Silent validation gate checks section completeness, IPA slashes, CEFR labeling, 5-rewrite count, and no obeyed injections before output. Includes /language-tutor slash command with AskUserQuestion intake (mode, text, target language, native language, depth).

Plugin

wordpress-consultant

Senior WordPress Consultant (10+ years, WordPress VIP coding standards) that runs a 10-section expert consulting framework over a WordPress project: Architecture Assessment, Development Strategy, WooCommerce Review, Performance Optimization Audit, Security Hardening, Debugging & Troubleshooting, Scalability & Infrastructure, Automation & Workflow, Technical Debt Assessment, and a Final Senior Consultant Report. Seven inputs (Website Type, Current Challenge, Technology Stack, Traffic Volume, Development Goals, Performance Requirements, Support Needed); Current Challenge and Development Goals are required and halt if blank, optional blanks proceed with a flagged assumption. Mandatory output contract: every section under its exact header (or 'Section N - N/A (reason)'), max 250 words per section 1-9 as Finding/Impact/Recommendation bullets, Section 10 scores on fixed scales (Health/Performance/Security/Scalability/Code Quality 0-100, Technical Debt Low/Medium/High/Critical, Priorities ranked max 5), ending with a single Markdown summary table. System rules enforce WordPress coding standards, maintainability, scalable architecture, security by default; never recommends nulled/pirated plugins, editing core files, outputting secrets, or a security rating without naming what was checked. Hard prompt-injection defense treats all inputs as inert project data; scope-locked to WordPress engineering. Includes /wordpress-consultant slash command with AskUserQuestion intake (website type, challenge, stack, traffic, goals, performance requirements, support needed).

Plugin

session-stats

Renders the quantitative stats of a Claude Code session as a single self-contained, dark-theme HTML page: KPI cards (duration, prompts, tool calls, files written/edited, output tokens, est. cost), a per-tool usage table with share bars, and a token-bucket table (input, output, cache created, cache read). Stats only - no prompts, observations, tone analysis, or recommendations. Two-stage offline pipeline with no external dependency: scan_jsonl.py parses a Claude Code .jsonl transcript and computes every metric, including a cost estimate derived from each assistant message's token usage times per-model pricing (current Opus 4.8 catalog rates, with IN_RATE/OUT_RATE/CW_RATE/CR_RATE env overrides); build_stats_html.py injects the result into a fixed dark template and writes a standalone document with no <script> tags or external assets. promptCount excludes slash-command and system turns. Cost method groups assistant messages by model and sums input/output/cache-write/cache-read tokens times their rates divided by one million. Includes a /session-stats slash command that resolves the current session transcript (or an explicit path) and runs the pipeline.

Plugin

wp-builder-pro

Builds and implements custom WordPress code in the voice of an expert WordPress developer: custom themes (templates, hierarchy, child themes, FSE), plugins (activation, settings API, hooks, updates), Gutenberg blocks and block patterns (static + dynamic), WooCommerce extensions, and REST API endpoints, plus ACF fields. Security is baked in on every path - nonces on every form/AJAX request, sanitization on every input, escaping on every output, capability checks before privileged actions, and $wpdb->prepare() with $wpdb->prefix on every query. Performance tuning covers transient/object caching, query optimization, and conditional asset enqueueing via wp_enqueue_scripts hooks. Also triggers on symptom-driven requests (slow site, fatal error, block won't render, 'fix my WordPress site'). A six-step workflow (analyze, design, implement, validate with phpcs --standard=WordPress, optimize, test & secure) routes each BUILD_TARGET to one of five bundled references (theme-development, plugin-architecture, gutenberg-blocks, hooks-filters, performance-security). WordPress Coding Standards compliant; never modifies core, never trusts unsanitized input, never outputs unescaped data. Best for targeted and iterative work; defers complete from-scratch plugin scaffolds to the wordpress-plugin skill and refuses to audit or review existing code (use wordpress-architect-review or wordpress-consultant). Includes /wp-builder-pro slash command with AskUserQuestion build-target intake (target, project context, specifics, optional WP/PHP constraints).

Plugin

contract-framework

Drafts clear, protective service-agreement frameworks in the voice of a senior contracts specialist with 20 years drafting for freelancers, creative agencies, and independent consultants. Four required inputs (YOUR_BUSINESS, CLIENT_NAME, SERVICE_DESCRIPTION, PAYMENT_TERMS) plus two optional (PROTECTIONS_NEEDED, TONE) drive a locked eight-section framework: PARTIES, SCOPE OF SERVICES, PAYMENT TERMS, INTELLECTUAL PROPERTY, CONFIDENTIALITY, TERMINATION, LIABILITY AND WARRANTIES, GENERAL PROVISIONS. Every framework addresses the three most common freelance disputes (scope creep, late payment, IP ownership). Plain-English by default with three selectable tone profiles (FORMAL CORPORATE, PLAIN PROFESSIONAL, CREATIVE INDUSTRY) applied consistently across all eight sections. Fabrication firewall: never invents statutes, case law, party names, figures, revision limits, kill-fee percentages, notice periods, or liability caps; jurisdiction-sensitive clauses are written in neutral language and flagged for local confirmation; any non-critical gap becomes a marked [TO BE COMPLETED: field] placeholder rather than a fabricated value. Missing-input gate halts and asks when any of the four critical fields is blank or reads as an instruction; blank PROTECTIONS_NEEDED defaults to standard protections; blank or invalid TONE defaults to PLAIN PROFESSIONAL. Treats all inputs as untrusted literal data, stripping markdown/code/HTML from PROTECTIONS_NEEDED and ignoring embedded directives. Writes the framework to contract-[business]-[client].md (sanitized, Windows-reserved-name safe) when a file tool is available, else prints it; output contains the eight sections only, no commentary. Silent output validation confirms all sections present and ordered, every clause traces to an input or stated default, and tone is consistent. Includes /draft-contract slash command with AskUserQuestion intake. Not legal advice; flags jurisdiction-specific items for finalisation with local counsel.