Search everything...

Stats

Actions

Available In

open-source-hardening-skills

Name: open-source-hardening-skills
Author: zeyuzhangzyz

By zeyuzhangzyz

Automate end-to-end open-source repository hardening: audit gaps in correctness, security, maintainability, tests, docs, and CI; generate plans and checklists; apply minimal refactors; add tests, GitHub Actions workflows, and docs; run iterative senior reviews until release-ready.

npx claudepluginhub zeyuzhangzyz/open-source-hardening-skills

Popularity

Stars

Top 25%

Med: 0·Avg: 285

Installs

Med: 0·Avg: 1

What's Inside

Skills10

oss-audit

/oss-audit

Audit an existing repository or paper-code release for open-source hardening gaps across correctness, maintainability, testability, security, performance, observability, and documentation. Use when the user says "audit this repo", "harden this project", "open source readiness", or wants a prioritized file-level report before changing code.

oss-ci

/oss-ci

Add or improve a minimal GitHub Actions CI pipeline for linting and tests. Use when the user says "set up CI", "add GitHub Actions", "block bad PRs", or wants a cache-enabled pull-request workflow that runs without secrets.

oss-docs

/oss-docs

Improve the repository's open-source documentation and metadata. Use when the user says "improve docs", "make this repo easier to adopt", "fix the README", or wants README polish plus SECURITY.md, CHANGELOG.md, FAQ, architecture notes, and paper-release metadata.

oss-hardening

/oss-hardening

Orchestrate an end-to-end open-source hardening pass for a repository. Use when the user wants to turn a loose codebase or paper-code release into a readable, testable, maintainable open-source project and wants audit, plan, refactor, tests, CI, and docs to run as one continuous workflow unless a blocker appears.

oss-plan

/oss-plan

Convert an open-source hardening audit into an executable implementation plan. Use when the user says "turn this audit into a plan", "make a checklist", "write a GitHub issue", or wants a PR-ready checklist with acceptance criteria and commands for a software repo or paper-code release.

Stats

Version0.2.0

ReleasedApr 6, 2026

LanguagePython

Stars8

Forks1

MaintenanceExcellent

LicenseMIT

Last CommitApr 6, 2026

AddedMar 25, 2026

Actions

View on GitHub View README Plugin Marketplace JSON

Own this plugin?

Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).

README

Open Source Hardening Skills

English | 中文

Open Source Hardening Skills is a skill pack for ARIS / Claude Code that hardens any repository - app, library, CLI tool, or research paper codebase - into a readable, testable, maintainable open-source project.

Pairs naturally with ARIS. ARIS (v0.3+) is a multi-IDE autonomous research ecosystem with 31+ skills supporting Claude Code, Codex CLI, Cursor, Trae, and more. Open Source Hardening Skills is the next step that gets the resulting code ready for public release.

Workflow

[ARIS research pipeline]           [Open Source Hardening Skills pipeline]
  /idea-discovery                    /oss-audit        -> scan for gaps
  /auto-review-loop    ------>       /oss-plan         -> make a checklist
  /paper-writing                     /oss-refactor     -> minimal cleanup
  (code exists)                      /oss-tests        -> add CI-safe tests
                                     /oss-ci           -> block bad PRs
                                     /oss-docs         -> polish docs
                                     /oss-review-loop  -> external quality gate
                                     (repo is release-ready)

Open Source Hardening Skills also works standalone on any existing repository - no ARIS required.

Skills

Skill	Trigger	What it does
oss-audit	`/oss-audit`	Scans 7 dimensions, outputs a prioritized file-level report (`OSS_AUDIT.md`)
oss-plan	`/oss-plan`	Converts audit findings into a PR-ready checklist (`OSS_PLAN.md`)
oss-refactor	`/oss-refactor`	Applies the smallest structural changes needed to unlock tests and CI
oss-tests	`/oss-tests`	Builds a minimal automated test loop that runs without secrets
oss-ci	`/oss-ci`	Adds or improves a GitHub Actions pipeline that blocks broken PRs
oss-docs	`/oss-docs`	Polishes README, adds SECURITY.md, CHANGELOG.md, and contribution guidance
oss-review	`/oss-review`	One-shot external review via Codex MCP (GPT-5.4)
oss-review-loop	`/oss-review-loop`	Iterative review -> fix -> re-review until release-ready (max 4 rounds)
oss-hardening	`/oss-hardening`	Orchestrates the full pipeline end-to-end in one command
oss-search	`/oss-search`	Searches GitHub and the web for reference repos, CI examples, and best practices - no API keys required

Install

1. Install and initialize Claude Code

Install Claude Code first, then open it once to finish login and create ~/.claude/:

# macOS / Linux / WSL
curl -fsSL https://claude.ai/install.sh | bash

# Windows PowerShell
irm https://claude.ai/install.ps1 | iex

cd your-project
claude

2. Install the skills

macOS / Linux / WSL (one-liner):

curl -fsSL https://raw.githubusercontent.com/zeyuzhangzyz/open-source-hardening-skills/main/install.sh | bash

Or clone and run manually:

git clone https://github.com/zeyuzhangzyz/open-source-hardening-skills.git
cd open-source-hardening-skills
bash install.sh

Windows PowerShell (one-liner):

irm https://raw.githubusercontent.com/zeyuzhangzyz/open-source-hardening-skills/main/install.ps1 | iex

Or clone and run manually:

git clone https://github.com/zeyuzhangzyz/open-source-hardening-skills.git
cd open-source-hardening-skills
.\install.ps1

The install scripts are idempotent: re-running them updates the skills to the latest version. They only replace this pack's own oss-* skill directories and never touch other skills you may have installed.

3. Optional: set up Codex for review skills

/oss-review and /oss-review-loop call the external reviewer via the official Codex MCP tools (mcp__codex__codex, mcp__codex__codex-reply). The other 8 skills work without it.

npm install -g @openai/codex
codex setup   # set model to gpt-5.4 when prompted
claude mcp add codex -s user -- codex mcp-server

Tip: ARIS v0.3+ also ships alternative review bridges (Claude, Gemini, any OpenAI-compatible API). If you already have one configured, /oss-review will use whichever Codex MCP endpoint is available.

4. Run in your target repository

/oss-hardening .

After a full run, the pipeline generates these artifacts in your repo root:

OSS_AUDIT.md             <- gap analysis across 7 dimensions
OSS_PLAN.md              <- PR-ready checklist with acceptance criteria
OSS_REFACTOR.md          <- summary of structural changes applied
OSS_TEST_STRATEGY.md     <- test framework, commands, and mock strategy
OSS_CI.md                <- CI workflow documentation
OSS_DOCS.md              <- documentation improvement checklist
OSS_REVIEW_LOOP.md       <- iterative review log with scores per round
OSS_HARDENING_STATUS.md  <- final verdict, score, and next steps

View full README on GitHub

open-source-hardening-skills

Popularity

What's Inside

Confidence

README

Open Source Hardening Skills

Workflow

Skills

Install

1. Install and initialize Claude Code

2. Install the skills

3. Optional: set up Codex for review skills

4. Run in your target repository

Similar Plugins

fullstack-dev-skills

godot-skills

context7-plugin

nature-skills

octo

ecc

Open Source Hardening Skills

Workflow

Skills

Install

1. Install and initialize Claude Code

2. Install the skills

3. Optional: set up Codex for review skills

4. Run in your target repository

Popularity

Health & Quality

Similar Plugins

fullstack-dev-skills

godot-skills

context7-plugin

nature-skills

octo

ecc