Search everything...

Stats

Actions

Available In

hb-ai-toolkit

Name: hb-ai-toolkit
Author: hackberrybay

By hackberrybay

Hackberry's AI tooling toolkit. General-use Claude Code skills, agents, hooks, and rules — plus a place for Cursor and shared resources. Currently includes the code-quality + security review suite and a self-improving rule system.

npx claudepluginhub hackberrybay/hb-ai-toolkit --plugin hb-ai-toolkit

Popularity

Stars

Med: 0·Avg: 285

Installs

Med: 0·Avg: 1

What's Inside

Agents3

code-reviewer

/code-reviewer

General TypeScript/JavaScript code quality reviewer. Reviews for type safety, logic correctness, error handling, function design, and best practices. Use for any .ts/.tsx/.js/.jsx file.

security-reviewer

/security-reviewer

OWASP-focused security reviewer. Checks for injection, auth gaps, sensitive data exposure, input validation, and misconfigurations. Use for security-critical files or before major releases. Uses Opus for thorough analysis.

issue-logger

/issue-logger

Self-improvement agent. Extracts recurring issue patterns from review output and manages the recurring-issues log. Called by /review-pr to log patterns, and by /improve-rules to promote them into permanent rule files.

Skills5

improve-rules

/improve-rules

Reads the recurring-issues log and promotes issues that have appeared 3+ times into the permanent rule files (typescript.md or security.md). Run periodically after multiple review cycles — typically once per sprint.

pr-description

/pr-description

Generates a pull request title and description from the current branch diff. Reads commit messages and changed files to produce a consistent, structured PR description ready to paste into GitHub.

review-file

/review-file

Reviews a single TypeScript/JavaScript file for code quality, best practices, and rule violations. Pass the file path as the argument.

review-pr

/review-pr

Reviews all files changed in the current branch vs a base branch. Auto-routes each file to the right reviewer, runs PR-level checks, logs recurring patterns, and outputs a verdict. Run before pushing or opening a PR.

review-security

/review-security

OWASP-focused security review of a file or directory. Checks for injection, auth gaps, sensitive data exposure, input validation failures, and misconfigurations. Uses Opus for thorough analysis. Run before major releases or on security-critical code.

Hooks1

Event Hooks

File writes

1 hook across 1 event

Stats

Version1.0.0

Stars0

MaintenanceExcellent

Last CommitMay 8, 2026

AddedApr 8, 2026

Actions

View on GitHub View README Plugin Marketplace JSON

Own this plugin?

Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).

Available In

hb-marketplace

Safety Signals

Caution

Modifies files

Hook triggers on file write and edit operations

Uses power tools

Uses Bash, Write, or Edit tools

README

hb-ai-toolkit

Hackberry's shared AI tooling. General-use Claude Code skills, agents, hooks, and rules — plus space for Cursor rules and tool-agnostic prompts. One install per developer, available in every project.

Built for the Hackberry stack (NestJS, React Native/Expo) but applicable to any TypeScript project.

What's included today

Code review — /review-pr, /review-file
Security review — /review-security (Opus-backed, OWASP-focused)
PR descriptions — /pr-description
Self-improving rules — /improve-rules promotes recurring issues into permanent rule files

Future additions live alongside: Cursor rules under cursor/, tool-agnostic prompts under shared/.

Install

Claude Code (recommended: plugin marketplace)

Claude Code clones plugins via SSH. If you have SSH keys configured for GitHub, no extra setup is needed.

If you don't have SSH keys set up and get a Permission denied (publickey) error during install, run this once to fall back to HTTPS:

git config --global url."https://github.com/".insteadOf "[email protected]:"

Note: this redirects all GitHub git operations on your machine to HTTPS. Skip it if you use SSH keys.

Then install:

/plugin marketplace add https://raw.githubusercontent.com/hackberrybay/hb-ai-toolkit/main/.claude-plugin/marketplace.json

/plugin install hb-ai-toolkit@hb-marketplace

After this, all skills (/review-pr, /review-file, etc.) are available in every project without any --plugin-dir flag.

Updates

To enable auto-updates (recommended), do this once after installing:

/plugin

Go to Marketplaces → select hb-marketplace → enable auto-update. Claude Code will then update the plugin automatically on startup.

To update manually:

/plugin update hb-ai-toolkit

Bump the version in .claude-plugin/plugin.json with every meaningful change so it's clear an update is available.

Claude Code (manual: symlink)

If you want to edit and iterate locally without going through the plugin system:

git clone [email protected]:hackberrybay/hb-ai-toolkit.git
cd hb-ai-toolkit
./scripts/install.sh claude

Skills/agents/rules are symlinked into ~/.claude/. claude/settings/ snippets are not auto-merged — copy what you want into ~/.claude/settings.json.

Cursor

./scripts/install.sh cursor

Shared

shared/ is reference material — copy what you need into a project, or read it directly.

Skills

Command	Model	What it does
`/review-pr [base]`	Sonnet	Reviews all changed files vs base branch (default: `main`). Gives verdict: APPROVE / REQUEST CHANGES / NEEDS DISCUSSION
`/review-file <file>`	Sonnet	Reviews a single file for quality and best practices
`/review-security [path]`	Opus	OWASP-focused security review of a file or directory
`/improve-rules`	Sonnet	Promotes recurring issues (3+ occurrences) into permanent rule files
`/pr-description`	Haiku	Generates a PR title and description from the current branch diff

Model Guide

The plugin uses different models for different tasks to balance quality and cost:

Task	Model	Why
Code quality review	Sonnet	Good quality at reasonable cost
Security review	Opus	High-stakes — worth the cost for thorough analysis
PR descriptions, rule promotion	Haiku / Sonnet	Low complexity, Haiku is sufficient

To override for a session:

claude --model opus   # force Opus everywhere for this session

Self-Improvement Loop

The review skills get smarter over time without manual rule writing.

How it works

/review-pr reviews your branch and, at the end, checks if any issue class appeared 3+ times in this run. If so, it appends the pattern to claude/rules/recurring-issues.md.
Every sprint or two, a team member runs /improve-rules. Any issue with 3+ total occurrences across sessions gets promoted into the permanent rule files (claude/rules/typescript.md or claude/rules/security.md).
On the next review, the promoted rule is applied automatically.

Editing rules directly

claude/rules/typescript.md and claude/rules/security.md are plain markdown — edit them directly and commit. Rule changes go through normal PR review, so the team stays aligned on what standards are actually enforced.

claude/rules/recurring-issues.md is auto-managed. Do not edit it manually.

Team Marketplace

This toolkit uses a team marketplace — a marketplace.json hosted in this repo's main branch. It is the source of truth for the team install.

Why this approach

View full README on GitHub

hb-ai-toolkit

Popularity

What's Inside

Confidence

README

hb-ai-toolkit

What's included today

Install

Claude Code (recommended: plugin marketplace)

Updates

Claude Code (manual: symlink)

Cursor

Shared

Skills

Model Guide

Self-Improvement Loop

How it works

Editing rules directly

Team Marketplace

Why this approach

Similar Plugins

devflow-code-review

code-review

comprehensive-review

composure

code-guardian

pr-reviewer

hb-ai-toolkit

What's included today

Install

Claude Code (recommended: plugin marketplace)

Updates

Claude Code (manual: symlink)

Cursor

Shared

Skills

Model Guide

Self-Improvement Loop

How it works

Editing rules directly

Team Marketplace

Why this approach

Popularity

Health & Quality

Similar Plugins

devflow-code-review

code-review

comprehensive-review

composure

code-guardian

pr-reviewer