Stats
Links
Categories
Post-quantum cryptography migration tools for Claude Code
npx claudepluginhub joestein/quantum-securityScan, migrate, and validate codebases for post-quantum cryptographic security using NIST FIPS 203/204/205 standards (ML-KEM, ML-DSA, SLH-DSA).
Your codebase is not quantum-secure. Fix it today.
Classical cryptography -- RSA, ECDSA, ECDH, DH -- is broken by quantum computers. Not theoretically. Not someday. The math is settled, the standards are published, and adversaries are already harvesting your encrypted data to decrypt later. NIST finalized post-quantum cryptography standards in August 2024. The migration window is open. Start now.
Harvest Now, Decrypt Later (HNDL): Nation-state adversaries are intercepting and storing encrypted communications today, waiting for quantum computers to break the encryption. If your data has value for more than 3-5 years, it is already at risk.
Timeline: Most estimates place cryptographically-relevant quantum computers at 2028-2035. Enterprise cryptographic migrations historically take 5-15 years. If you haven't started, you are already behind.
Read the full analysis: docs/urgency.md
One-command post-quantum migration for any codebase.
/quantum-secure full
What it does:
Supports: Python, JavaScript/TypeScript, Go, Rust, Java, C/C++, C#, Ruby, PHP, Swift, Kotlin -- and any future language via FFI bindings to liboqs.
NIST Standards:
| Standard | Algorithm | Replaces |
|---|---|---|
| FIPS 203 | ML-KEM | RSA key exchange, ECDH, DH |
| FIPS 204 | ML-DSA | RSA signatures, ECDSA, EdDSA |
| FIPS 205 | SLH-DSA | Signatures (conservative hash-based fallback) |
Add to your Claude Code settings (~/.claude/settings.json):
{
"extraKnownMarketplaces": {
"quantum-security": {
"source": {
"source": "github",
"repo": "joestein/quantum-security"
}
}
}
}
/install quantum-secure@quantum-security
/quantum-secure scan # Assess your exposure (read-only, safe)
/quantum-secure full # Full migration pipeline
| Document | Description |
|---|---|
| Urgency: Why Migrate Now | HNDL attacks, timelines, mandates, cost of delay |
| NIST PQC Overview | Technical deep-dive into FIPS 203, 204, 205 |
| Migration Guide | Step-by-step walkthrough of using the plugin |
| Language Support | PQC library availability per language |
| Plugin README | Plugin architecture, commands, and limitations |
The quantum-secure plugin orchestrates three specialized AI agents:
/quantum-secure full
│
▼
┌──────────────┐ Findings ┌──────────────┐ Report ┌──────────────┐
│ SCANNER │ ──────────────▶ │ MIGRATOR │ ────────────▶ │ VALIDATOR │
│ (read-only) │ │ (writes code) │ │ (read + test) │
└──────────────┘ └──────────────┘ └──────────────┘
│ │ │
Detects RSA, Rewrites to ML-KEM, Re-scans, builds,
ECDSA, ECDH, ML-DSA, SLH-DSA. runs tests, flags
DH, AES-128, Adds PQC libraries. custom code for
MD5, SHA-1... Writes FFI bindings security audit.
when needed.
Each agent has deep knowledge of:
The cryptographic community has done its part -- the standards are published, the reference implementations are available, and major tech companies are deploying PQC in production. But most codebases still run entirely on classical crypto. The gap is not knowledge -- it's action.
This marketplace exists to close that gap. One command. Any language. Quantum-secure.
Every day you wait is another day of vulnerable data.
Contributions welcome. If you'd like to:
Harness-native ECC skills, hooks, rules, MCP conventions, and operator workflows
Claude Code marketplace entries for the plugin-safe Antigravity Awesome Skills library and its compatible editorial bundles.
Production-ready workflow orchestration with 84 marketplace plugins, 192 local specialized agents, and 156 local skills - optimized for granular installation and minimal token usage