[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-77592":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":10,"rankLanguage":10,"license":22,"archived":23,"fork":23,"defaultBranch":24,"hasWiki":25,"hasPages":23,"topics":26,"createdAt":10,"pushedAt":10,"updatedAt":35,"readmeContent":36,"aiSummary":37,"trendingCount":16,"starSnapshotCount":16,"syncStatus":38,"lastSyncTime":39,"discoverSource":40},77592,"ECC","affaan-m\u002FECC","affaan-m","The agent harness performance optimization system. Skills, instincts, memory, security, and research-first development for Claude Code, Codex, Opencode, Cursor and beyond.","https:\u002F\u002Fecc.tools",null,"JavaScript",208220,31952,1048,34,0,1231,9791,20513,7241,120,"MIT License",false,"main",true,[27,28,29,30,31,32,33,34],"ai-agents","anthropic","claude","claude-code","developer-tools","llm","mcp","productivity","2026-06-06 04:06:33","**Language:** English | [Português (Brasil)](docs\u002Fpt-BR\u002FREADME.md) | [简体中文](README.zh-CN.md) | [繁體中文](docs\u002Fzh-TW\u002FREADME.md) | [日本語](docs\u002Fja-JP\u002FREADME.md) | [한국어](docs\u002Fko-KR\u002FREADME.md) | [Türkçe](docs\u002Ftr\u002FREADME.md) | [Русский](docs\u002Fru\u002FREADME.md) | [Tiếng Việt](docs\u002Fvi-VN\u002FREADME.md) | [ไทย](docs\u002Fth\u002FREADME.md)\n\n# ECC\n\n![ECC - the harness-native operator system for agentic work](assets\u002Fhero.png)\n\n[![Stars](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fstars\u002Faffaan-m\u002FECC?style=flat)](https:\u002F\u002Fgithub.com\u002Faffaan-m\u002FECC\u002Fstargazers)\n[![Forks](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fforks\u002Faffaan-m\u002FECC?style=flat)](https:\u002F\u002Fgithub.com\u002Faffaan-m\u002FECC\u002Fnetwork\u002Fmembers)\n[![Contributors](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fcontributors\u002Faffaan-m\u002FECC?style=flat)](https:\u002F\u002Fgithub.com\u002Faffaan-m\u002FECC\u002Fgraphs\u002Fcontributors)\n[![npm ecc-universal](https:\u002F\u002Fimg.shields.io\u002Fnpm\u002Fdw\u002Fecc-universal?label=ecc-universal%20weekly%20downloads&logo=npm)](https:\u002F\u002Fwww.npmjs.com\u002Fpackage\u002Fecc-universal)\n[![npm ecc-agentshield](https:\u002F\u002Fimg.shields.io\u002Fnpm\u002Fdw\u002Fecc-agentshield?label=ecc-agentshield%20weekly%20downloads&logo=npm)](https:\u002F\u002Fwww.npmjs.com\u002Fpackage\u002Fecc-agentshield)\n[![GitHub App Install](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FGitHub%20App-150%20installs-2ea44f?logo=github)](https:\u002F\u002Fgithub.com\u002Fmarketplace\u002Fecc-tools)\n[![License](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Flicense-MIT-blue.svg)](LICENSE)\n![Shell](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002F-Shell-4EAA25?logo=gnu-bash&logoColor=white)\n![TypeScript](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002F-TypeScript-3178C6?logo=typescript&logoColor=white)\n![Python](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002F-Python-3776AB?logo=python&logoColor=white)\n![Go](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002F-Go-00ADD8?logo=go&logoColor=white)\n![Java](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002F-Java-ED8B00?logo=openjdk&logoColor=white)\n![Perl](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002F-Perl-39457E?logo=perl&logoColor=white)\n![Markdown](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002F-Markdown-000000?logo=markdown&logoColor=white)\n\n> **182K+ stars** | **28K+ forks** | **170+ contributors** | **12+ language ecosystems** | **Anthropic Hackathon Winner**\n\n---\n\n\u003Cdiv align=\"center\">\n\n**Language \u002F 语言 \u002F 語言 \u002F Dil \u002F Язык \u002F Ngôn ngữ**\n\n[**English**](README.md) | [Português (Brasil)](docs\u002Fpt-BR\u002FREADME.md) | [简体中文](README.zh-CN.md) | [繁體中文](docs\u002Fzh-TW\u002FREADME.md) | [日本語](docs\u002Fja-JP\u002FREADME.md) | [한국어](docs\u002Fko-KR\u002FREADME.md)\n | [Türkçe](docs\u002Ftr\u002FREADME.md) | [Русский](docs\u002Fru\u002FREADME.md) | [Tiếng Việt](docs\u002Fvi-VN\u002FREADME.md) | [ไทย](docs\u002Fth\u002FREADME.md)\n\n\u003C\u002Fdiv>\n\n---\n\n**The harness-native operator system for agentic work. From an Anthropic hackathon winner.**\n\nNot just configs. A complete system: skills, instincts, memory optimization, continuous learning, security scanning, and research-first development. Production-ready agents, skills, hooks, rules, MCP configurations, and legacy command shims evolved over 10+ months of intensive daily use building real products.\n\nWorks across **Claude Code**, **Codex**, **Cursor**, **OpenCode**, **Gemini**, **Zed**, **GitHub Copilot**, and other AI agent harnesses.\n\nECC v2.0.0-rc.1 adds the public Hermes operator story on top of that reusable layer: start with the [Hermes setup guide](docs\u002FHERMES-SETUP.md), then review the [rc.1 release notes](docs\u002Freleases\u002F2.0.0-rc.1\u002Frelease-notes.md) and [cross-harness architecture](docs\u002Farchitecture\u002Fcross-harness.md).\n\n---\n\n\u003Ctable>\n\u003Ctr>\n\u003Ctd width=\"25%\" align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fecc.tools\u002Fpricing\">\n    \u003Cstrong> ECC Pro\u003C\u002Fstrong>\u003Cbr \u002F>\n    \u003Csub>Private repos · GitHub App · $19\u002Fseat\u002Fmo\u003C\u002Fsub>\n  \u003C\u002Fa>\n\u003C\u002Ftd>\n\u003Ctd width=\"25%\" align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsponsors\u002Faffaan-m\">\n    \u003Cstrong> Sponsor\u003C\u002Fstrong>\u003Cbr \u002F>\n    \u003Csub>Fund the OSS · From $5\u002Fmo\u003C\u002Fsub>\n  \u003C\u002Fa>\n\u003C\u002Ftd>\n\u003Ctd width=\"25%\" align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Faffaan-m\u002FECC\u002Fdiscussions\">\n    \u003Cstrong>Community\u003C\u002Fstrong>\n    \u003Cbr \u002F>\n    \u003Csub>Discussions · Q&amp;A · Show & Tell\u003C\u002Fsub>\n  \u003C\u002Fa>\n\u003C\u002Ftd>\n\u003Ctd width=\"25%\" align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fapps\u002Fecc-tools\">\n    \u003Cstrong> GitHub App\u003C\u002Fstrong>\u003Cbr \u002F>\n    \u003Csub>Install · PR audits · Free tier\u003C\u002Fsub>\n  \u003C\u002Fa>\n\u003C\u002Ftd>\n\u003C\u002Ftr>\n\u003C\u002Ftable>\n\n\u003Csub>**OSS stays free.** This repo is MIT-licensed forever. ECC Pro is the hosted GitHub App for private repos. \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsponsors\u002Faffaan-m\">Sponsors\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fecc.tools\u002Fpricing\">Pro subscribers\u003C\u002Fa> fund the work — that's why a single maintainer ships weekly across 7 harnesses.\u003C\u002Fsub>\n\n---\n\n## The Guides\n\nThis repo is the raw code only. The guides explain everything.\n\n\u003Ctable>\n\u003Ctr>\n\u003Ctd width=\"33%\">\n\u003Ca href=\"https:\u002F\u002Fx.com\u002Faffaanmustafa\u002Fstatus\u002F2012378465664745795\">\n\u003Cimg src=\".\u002Fassets\u002Fimages\u002Fguides\u002Fshorthand-guide.png\" alt=\"The Shorthand Guide to Everything Claude Code\" \u002F>\n\u003C\u002Fa>\n\u003C\u002Ftd>\n\u003Ctd width=\"33%\">\n\u003Ca href=\"https:\u002F\u002Fx.com\u002Faffaanmustafa\u002Fstatus\u002F2014040193557471352\">\n\u003Cimg src=\".\u002Fassets\u002Fimages\u002Fguides\u002Flongform-guide.png\" alt=\"The Longform Guide to Everything Claude Code\" \u002F>\n\u003C\u002Fa>\n\u003C\u002Ftd>\n\u003Ctd width=\"33%\">\n\u003Ca href=\"https:\u002F\u002Fx.com\u002Faffaanmustafa\u002Fstatus\u002F2033263813387223421\">\n\u003Cimg src=\".\u002Fassets\u002Fimages\u002Fsecurity\u002Fsecurity-guide-header.png\" alt=\"The Shorthand Guide to Everything Agentic Security\" \u002F>\n\u003C\u002Fa>\n\u003C\u002Ftd>\n\u003C\u002Ftr>\n\u003Ctr>\n\u003Ctd align=\"center\">\u003Cb>Shorthand Guide\u003C\u002Fb>\u003Cbr\u002F>Setup, foundations, philosophy. \u003Cb>Read this first.\u003C\u002Fb>\u003C\u002Ftd>\n\u003Ctd align=\"center\">\u003Cb>Longform Guide\u003C\u002Fb>\u003Cbr\u002F>Token optimization, memory persistence, evals, parallelization.\u003C\u002Ftd>\n\u003Ctd align=\"center\">\u003Cb>Security Guide\u003C\u002Fb>\u003Cbr\u002F>Attack vectors, sandboxing, sanitization, CVEs, AgentShield.\u003C\u002Ftd>\n\u003C\u002Ftr>\n\u003C\u002Ftable>\n\n| Topic | What You'll Learn |\n|-------|-------------------|\n| Token Optimization | Model selection, system prompt slimming, background processes |\n| Memory Persistence | Hooks that save\u002Fload context across sessions automatically |\n| Continuous Learning | Auto-extract patterns from sessions into reusable skills |\n| Verification Loops | Checkpoint vs continuous evals, grader types, pass@k metrics |\n| Parallelization | Git worktrees, cascade method, when to scale instances |\n| Subagent Orchestration | The context problem, iterative retrieval pattern |\n\n---\n\n## What's New\n\n### v2.0.0-rc.1 — Surface Refresh, Operator Workflows, and ECC 2.0 Alpha (Apr 2026)\n\n- **Dashboard GUI** — New Tkinter-based desktop application (`ecc_dashboard.py` or `npm run dashboard`) with dark\u002Flight theme toggle, font customization, and project logo in header and taskbar.\n- **Public surface synced to the live repo** — metadata, catalog counts, plugin manifests, and install-facing docs now match the actual OSS surface: 60 agents, 232 skills, and 75 legacy command shims.\n- **Operator and outbound workflow expansion** — `brand-voice`, `social-graph-ranker`, `connections-optimizer`, `customer-billing-ops`, `ecc-tools-cost-audit`, `google-workspace-ops`, `project-flow-ops`, and `workspace-surface-audit` round out the operator lane.\n- **Media and launch tooling** — `manim-video`, `remotion-video-creation`, and upgraded social publishing surfaces make technical explainers and launch content part of the same system.\n- **Framework and product surface growth** — `nestjs-patterns`, richer Codex\u002FOpenCode install surfaces, and expanded cross-harness packaging keep the repo usable beyond Claude Code alone.\n- **ECC 2.0 alpha is in-tree** — the Rust control-plane prototype in `ecc2\u002F` now builds locally and exposes `dashboard`, `start`, `sessions`, `status`, `stop`, `resume`, and `daemon` commands. It is usable as an alpha, not yet a general release.\n- **Operator status snapshots** — `ecc status --markdown --write status.md` turns the local state store into a portable handoff covering readiness, active sessions, skill-run health, install health, pending governance events, and linked work items from Linear\u002FGitHub\u002Fhandoffs. Use `ecc work-items upsert ...` for manual entries, `ecc work-items sync-github --repo owner\u002Frepo` for PR\u002Fissue queue state, and `ecc status --exit-code` to fail automation when readiness needs attention.\n- **Ecosystem hardening** — AgentShield, ECC Tools cost controls, billing portal work, and website refreshes continue to ship around the core plugin instead of drifting into separate silos.\n\n### v1.9.0 — Selective Install & Language Expansion (Mar 2026)\n\n- **Selective install architecture** — Manifest-driven install pipeline with `install-plan.js` and `install-apply.js` for targeted component installation. State store tracks what's installed and enables incremental updates.\n- **6 new agents** — `typescript-reviewer`, `pytorch-build-resolver`, `java-build-resolver`, `java-reviewer`, `kotlin-reviewer`, `kotlin-build-resolver` expand language coverage to 10 languages.\n- **New skills** — `pytorch-patterns` for deep learning workflows, `documentation-lookup` for API reference research, `bun-runtime` and `nextjs-turbopack` for modern JS toolchains, plus 8 operational domain skills and `mcp-server-patterns`.\n- **Session & state infrastructure** — SQLite state store with query CLI, session adapters for structured recording, skill evolution foundation for self-improving skills.\n- **Orchestration overhaul** — Harness audit scoring made deterministic, orchestration status and launcher compatibility hardened, observer loop prevention with 5-layer guard.\n- **Observer reliability** — Memory explosion fix with throttling and tail sampling, sandbox access fix, lazy-start logic, and re-entrancy guard.\n- **12 language ecosystems** — New rules for Java, PHP, Perl, Kotlin\u002FAndroid\u002FKMP, C++, and Rust join existing TypeScript, Python, Go, and common rules.\n- **Community contributions** — Korean and Chinese translations, biome hook optimization, video processing skills, operational skills, PowerShell installer, Antigravity IDE support.\n- **CI hardening** — 19 test failure fixes, catalog count enforcement, install manifest validation, and full test suite green.\n\n### v1.8.0 — Harness Performance System (Mar 2026)\n\n- **Harness-first release** — ECC is now explicitly framed as an agent harness performance system, not just a config pack.\n- **Hook reliability overhaul** — SessionStart root fallback, Stop-phase session summaries, and script-based hooks replacing fragile inline one-liners.\n- **Hook runtime controls** — `ECC_HOOK_PROFILE=minimal|standard|strict` and `ECC_DISABLED_HOOKS=...` for runtime gating without editing hook files.\n- **New harness commands** — `\u002Fharness-audit`, `\u002Floop-start`, `\u002Floop-status`, `\u002Fquality-gate`, `\u002Fmodel-route`.\n- **NanoClaw v2** — model routing, skill hot-load, session branch\u002Fsearch\u002Fexport\u002Fcompact\u002Fmetrics.\n- **Cross-harness parity** — behavior tightened across Claude Code, Cursor, OpenCode, and Codex app\u002FCLI.\n- **997 internal tests passing** — full suite green after hook\u002Fruntime refactor and compatibility updates.\n\n### v1.7.0 — Cross-Platform Expansion & Presentation Builder (Feb 2026)\n\n- **Codex app + CLI support** — Direct `AGENTS.md`-based Codex support, installer targeting, and Codex docs\n- **`frontend-slides` skill** — Zero-dependency HTML presentation builder with PPTX conversion guidance and strict viewport-fit rules\n- **5 new generic business\u002Fcontent skills** — `article-writing`, `content-engine`, `market-research`, `investor-materials`, `investor-outreach`\n- **Broader tool coverage** — Cursor, Codex, and OpenCode support tightened so the same repo ships cleanly across all major harnesses\n- **992 internal tests** — Expanded validation and regression coverage across plugin, hooks, skills, and packaging\n\n### v1.6.0 — Codex CLI, AgentShield & Marketplace (Feb 2026)\n\n- **Codex CLI support** — New `\u002Fcodex-setup` command generates `codex.md` for OpenAI Codex CLI compatibility\n- **7 new skills** — `search-first`, `swift-actor-persistence`, `swift-protocol-di-testing`, `regex-vs-llm-structured-text`, `content-hash-cache-pattern`, `cost-aware-llm-pipeline`, `skill-stocktake`\n- **AgentShield integration** — `\u002Fsecurity-scan` skill runs AgentShield directly from Claude Code; 1282 tests, 102 rules\n- **GitHub Marketplace** — ECC Tools GitHub App live at [github.com\u002Fmarketplace\u002Fecc-tools](https:\u002F\u002Fgithub.com\u002Fmarketplace\u002Fecc-tools) with free\u002Fpro\u002Fenterprise tiers\n- **30+ community PRs merged** — Contributions from 30 contributors across 6 languages\n- **978 internal tests** — Expanded validation suite across agents, skills, commands, hooks, and rules\n\n### v1.4.1 — Bug Fix (Feb 2026)\n\n- **Fixed instinct import content loss** — `parse_instinct_file()` was silently dropping all content after frontmatter (Action, Evidence, Examples sections) during `\u002Finstinct-import`. ([#148](https:\u002F\u002Fgithub.com\u002Faffaan-m\u002FECC\u002Fissues\u002F148), [#161](https:\u002F\u002Fgithub.com\u002Faffaan-m\u002FECC\u002Fpull\u002F161))\n\n### v1.4.0 — Multi-Language Rules, Installation Wizard & PM2 (Feb 2026)\n\n- **Interactive installation wizard** — New `configure-ecc` skill provides guided setup with merge\u002Foverwrite detection\n- **PM2 & multi-agent orchestration** — 6 new commands (`\u002Fpm2`, `\u002Fmulti-plan`, `\u002Fmulti-execute`, `\u002Fmulti-backend`, `\u002Fmulti-frontend`, `\u002Fmulti-workflow`) for managing complex multi-service workflows\n- **Multi-language rules architecture** — Rules restructured from flat files into `common\u002F` + `typescript\u002F` + `python\u002F` + `golang\u002F` directories. Install only the languages you need\n- **Chinese (zh-CN) translations** — Complete translation of all agents, commands, skills, and rules (80+ files)\n- **GitHub Sponsors support** — Sponsor the project via GitHub Sponsors\n- **Enhanced CONTRIBUTING.md** — Detailed PR templates for each contribution type\n\n### v1.3.0 — OpenCode Plugin Support (Feb 2026)\n\n- **Full OpenCode integration** — 12 agents, 24 commands, 16 skills with hook support via OpenCode's plugin system (20+ event types)\n- **3 native custom tools** — run-tests, check-coverage, security-audit\n- **LLM documentation** — `llms.txt` for comprehensive OpenCode docs\n\n### v1.2.0 — Unified Commands & Skills (Feb 2026)\n\n- **Python\u002FDjango support** — Django patterns, security, TDD, and verification skills\n- **Java Spring Boot skills** — Patterns, security, TDD, and verification for Spring Boot\n- **Session management** — `\u002Fsessions` command for session history\n- **Continuous learning v2** — Instinct-based learning with confidence scoring, import\u002Fexport, evolution\n\nSee the full changelog in [Releases](https:\u002F\u002Fgithub.com\u002Faffaan-m\u002FECC\u002Freleases).\n\n---\n\n## Quick Start\n\nGet up and running in under 2 minutes:\n\n### Pick one path only\n\nMost Claude Code users should use exactly one install path:\n\n- **Recommended default:** install the Claude Code plugin, then copy only the rule folders you actually want.\n- **Use the manual installer only if** you want finer-grained control, want to avoid the plugin path entirely, or your Claude Code build has trouble resolving the self-hosted marketplace entry.\n- **Do not stack install methods.** The most common broken setup is: `\u002Fplugin install` first, then `install.sh --profile full` or `npx ecc-install --profile full` afterward.\n\nIf you already layered multiple installs and things look duplicated, skip straight to [Reset \u002F Uninstall ECC](#reset--uninstall-ecc).\n\n### Low-context \u002F no-hooks path\n\nIf hooks feel too global or you only want ECC's rules, agents, commands, and core workflow skills, skip the plugin and use the minimal manual profile:\n\n```bash\n.\u002Finstall.sh --profile minimal --target claude\n```\n\n```powershell\n.\\install.ps1 --profile minimal --target claude\n# or\nnpx ecc-install --profile minimal --target claude\n```\n\nThis profile intentionally excludes `hooks-runtime`.\n\nIf you want the normal core profile but need hooks off, use:\n\n```bash\n.\u002Finstall.sh --profile core --without baseline:hooks --target claude\n```\n\nAdd hooks later only if you want runtime enforcement:\n\n```bash\n.\u002Finstall.sh --target claude --modules hooks-runtime\n```\n\n### Find the right components first\n\nIf you are not sure which ECC profile or component to install, ask the packaged advisor from any project:\n\n```bash\nnpx ecc consult \"security reviews\" --target claude\n```\n\nIt returns matching components, related profiles, and preview\u002Finstall commands. Use the preview command before installing if you want to inspect the exact file plan.\n\nFor production ML\u002FMLOps workflows, keep the install opt-in and component-scoped:\n\n```bash\nnpx ecc consult \"mlops training model deployment\" --target claude\nnpx ecc install --profile minimal --target claude --with capability:machine-learning\n```\n\n### Step 1: Install the Plugin (Recommended)\n\n> NOTE: The plugin is convenient, but the OSS installer below is still the most reliable path if your Claude Code build has trouble resolving self-hosted marketplace entries.\n\n```bash\n# Add marketplace\n\u002Fplugin marketplace add https:\u002F\u002Fgithub.com\u002Faffaan-m\u002FECC\n\n# Install plugin\n\u002Fplugin install ecc@ecc\n```\n\n### Naming + Migration Note\n\nECC now has three public identifiers, and they are not interchangeable:\n\n- GitHub source repo: `affaan-m\u002FECC`\n- Claude marketplace\u002Fplugin identifier: `ecc@ecc`\n- npm package: `ecc-universal`\n\nThis is intentional. Anthropic marketplace\u002Fplugin installs are keyed by a canonical plugin identifier, so ECC uses `ecc@ecc` to keep tool names and slash-command namespaces short enough for strict Desktop\u002FAPI validators. Older posts may still show the former long marketplace identifier; treat that as a legacy alias only. Separately, the npm package stayed on `ecc-universal`, so npm installs and marketplace installs intentionally use different names.\n\n### Step 2: Install Rules Only If You Need Them\n\n> WARNING: **Important:** Claude Code plugins cannot distribute `rules` automatically.\n>\n> If you already installed ECC via `\u002Fplugin install`, **do not run `.\u002Finstall.sh --profile full`, `.\\install.ps1 --profile full`, or `npx ecc-install --profile full` afterward**. The plugin already loads ECC skills, commands, and hooks. Running the full installer after a plugin install copies those same surfaces into your user directories and can create duplicate skills plus duplicate runtime behavior.\n>\n> For plugin installs, manually copy only the `rules\u002F` directories you want under `~\u002F.claude\u002Frules\u002Fecc\u002F`. Start with `rules\u002Fcommon` plus one language or framework pack you actually use. Do not copy every rules directory unless you explicitly want all of that context in Claude.\n>\n> Use the full installer only when you are doing a fully manual ECC install instead of the plugin path.\n>\n> If your local Claude setup was wiped or reset, that does not mean you need to repurchase ECC. Start with `node scripts\u002Fecc.js list-installed`, then run `node scripts\u002Fecc.js doctor` and `node scripts\u002Fecc.js repair` before reinstalling anything. That usually restores ECC-managed files without rebuilding your setup. If the problem is account or marketplace access for ECC Tools, handle billing\u002Faccount recovery separately.\n\n```bash\n# Clone the repo first\ngit clone https:\u002F\u002Fgithub.com\u002Faffaan-m\u002FECC.git\ncd ECC\n\n# Install dependencies (pick your package manager)\nnpm install        # or: pnpm install | yarn install | bun install\n\n# Plugin install path: copy only ECC rules into an ECC-owned namespace\nmkdir -p ~\u002F.claude\u002Frules\u002Fecc\ncp -R rules\u002Fcommon ~\u002F.claude\u002Frules\u002Fecc\u002F\ncp -R rules\u002Ftypescript ~\u002F.claude\u002Frules\u002Fecc\u002F\n\n# Fully manual ECC install path (use this instead of \u002Fplugin install)\n# .\u002Finstall.sh --profile full\n```\n\n```powershell\n# Windows PowerShell\n\n# Plugin install path: copy only ECC rules into an ECC-owned namespace\nNew-Item -ItemType Directory -Force -Path \"$HOME\u002F.claude\u002Frules\u002Fecc\" | Out-Null\nCopy-Item -Recurse rules\u002Fcommon \"$HOME\u002F.claude\u002Frules\u002Fecc\u002F\"\nCopy-Item -Recurse rules\u002Ftypescript \"$HOME\u002F.claude\u002Frules\u002Fecc\u002F\"\n\n# Fully manual ECC install path (use this instead of \u002Fplugin install)\n# .\\install.ps1 --profile full\n# npx ecc-install --profile full\n```\n\nFor manual install instructions see the README in the `rules\u002F` folder. When copying rules manually, copy the whole language directory (for example `rules\u002Fcommon` or `rules\u002Fgolang`), not the files inside it, so relative references keep working and filenames do not collide.\n\n### Fully manual install (Fallback)\n\nUse this only if you are intentionally skipping the plugin path:\n\n```bash\n.\u002Finstall.sh --profile full\n```\n\n```powershell\n.\\install.ps1 --profile full\n# or\nnpx ecc-install --profile full\n```\n\nIf you choose this path, stop there. Do not also run `\u002Fplugin install`.\n\n### Reset \u002F Uninstall ECC\n\nIf ECC feels duplicated, intrusive, or broken, do not keep reinstalling it on top of itself.\n\n- **Plugin path:** remove the plugin from Claude Code, then delete the specific rule folders you manually copied under `~\u002F.claude\u002Frules\u002Fecc\u002F`.\n- **Manual installer \u002F CLI path:** from the repo root, preview removal first:\n\n```bash\nnode scripts\u002Funinstall.js --dry-run\n```\n\nThen remove ECC-managed files:\n\n```bash\nnode scripts\u002Funinstall.js\n```\n\nYou can also use the lifecycle wrapper:\n\n```bash\nnode scripts\u002Fecc.js list-installed\nnode scripts\u002Fecc.js doctor\nnode scripts\u002Fecc.js repair\nnode scripts\u002Fecc.js uninstall --dry-run\n```\n\nECC only removes files recorded in its install-state. It will not delete unrelated files it did not install.\n\nIf you stacked methods, clean up in this order:\n\n1. Remove the Claude Code plugin install.\n2. Run the ECC uninstall command from the repo root to remove install-state-managed files.\n3. Delete any extra rule folders you copied manually and no longer want.\n4. Reinstall once, using a single path.\n\n### Step 3: Start Using\n\n```bash\n# Skills are the primary workflow surface.\n# Existing slash-style command names still work while ECC migrates off commands\u002F.\n\n# Plugin install uses the canonical namespaced form\n\u002Fecc:plan \"Add user authentication\"\n\n# Manual install keeps the shorter slash form:\n# \u002Fplan \"Add user authentication\"\n\n# Check available commands\n\u002Fplugin list ecc@ecc\n```\n\n**That's it!** You now have access to 60 agents, 232 skills, and 75 legacy command shims.\n\n### Dashboard GUI\n\nLaunch the desktop dashboard to visually explore ECC components:\n\n```bash\nnpm run dashboard\n# or\npython3 .\u002Fecc_dashboard.py\n```\n\n**Features:**\n- Tabbed interface: Agents, Skills, Commands, Rules, Settings\n- Dark\u002FLight theme toggle\n- Font customization (family & size)\n- Project logo in header and taskbar\n- Search and filter across all components\n\n### Multi-model commands require additional setup\n\n> WARNING: `multi-*` commands are **not** covered by the base plugin\u002Frules install above.\n>\n> To use `\u002Fmulti-plan`, `\u002Fmulti-execute`, `\u002Fmulti-backend`, `\u002Fmulti-frontend`, and `\u002Fmulti-workflow`, you must also install the `ccg-workflow` runtime.\n>\n> Initialize it with `npx ccg-workflow`.\n>\n> That runtime provides the external dependencies these commands expect, including:\n> - `~\u002F.claude\u002Fbin\u002Fcodeagent-wrapper`\n> - `~\u002F.claude\u002F.ccg\u002Fprompts\u002F*`\n>\n> Without `ccg-workflow`, these `multi-*` commands will not run correctly.\n\n---\n\n## Cross-Platform Support\n\nThis plugin now fully supports **Windows, macOS, and Linux**, alongside tight integration across major IDEs (Cursor, Zed, OpenCode, Antigravity) and CLI harnesses. All hooks and scripts have been rewritten in Node.js for maximum compatibility.\n\n### Package Manager Detection\n\nThe plugin automatically detects your preferred package manager (npm, pnpm, yarn, or bun) with the following priority:\n\n1. **Environment variable**: `CLAUDE_PACKAGE_MANAGER`\n2. **Project config**: `.claude\u002Fpackage-manager.json`\n3. **package.json**: `packageManager` field\n4. **Lock file**: Detection from package-lock.json, yarn.lock, pnpm-lock.yaml, or bun.lockb\n5. **Global config**: `~\u002F.claude\u002Fpackage-manager.json`\n6. **Fallback**: First available package manager\n\nTo set your preferred package manager:\n\n```bash\n# Via environment variable\nexport CLAUDE_PACKAGE_MANAGER=pnpm\n\n# Via global config\nnode scripts\u002Fsetup-package-manager.js --global pnpm\n\n# Via project config\nnode scripts\u002Fsetup-package-manager.js --project bun\n\n# Detect current setting\nnode scripts\u002Fsetup-package-manager.js --detect\n```\n\nOr use the `\u002Fsetup-pm` command in Claude Code.\n\n### Hook Runtime Controls\n\nUse runtime flags to tune strictness or disable specific hooks temporarily:\n\n```bash\n# Hook strictness profile (default: standard)\nexport ECC_HOOK_PROFILE=standard\n\n# Comma-separated hook IDs to disable\nexport ECC_DISABLED_HOOKS=\"pre:bash:tmux-reminder,post:edit:typecheck\"\n\n# Cap SessionStart additional context (default: 8000 chars)\nexport ECC_SESSION_START_MAX_CHARS=4000\n\n# Disable SessionStart additional context entirely for low-context\u002Flocal-model setups\nexport ECC_SESSION_START_CONTEXT=off\n\n# Keep context\u002Fscope\u002Floop warnings but suppress API-rate cost estimates\nexport ECC_CONTEXT_MONITOR_COST_WARNINGS=off\n```\n\nWindows PowerShell:\n\n```powershell\n[Environment]::SetEnvironmentVariable('ECC_CONTEXT_MONITOR_COST_WARNINGS', 'off', 'User')\n```\n\n---\n\n## What's Inside\n\nThis repo is a **Claude Code plugin** - install it directly or copy components manually.\n\n```\nECC\u002F\n|-- .claude-plugin\u002F   # Plugin and marketplace manifests\n|   |-- plugin.json         # Plugin metadata and component paths\n|   |-- marketplace.json    # Marketplace catalog for \u002Fplugin marketplace add\n|\n|-- agents\u002F           # 60 specialized subagents for delegation\n|   |-- planner.md           # Feature implementation planning\n|   |-- architect.md         # System design decisions\n|   |-- tdd-guide.md         # Test-driven development\n|   |-- code-reviewer.md     # Quality and security review\n|   |-- security-reviewer.md # Vulnerability analysis\n|   |-- build-error-resolver.md\n|   |-- e2e-runner.md        # Playwright E2E testing\n|   |-- refactor-cleaner.md  # Dead code cleanup\n|   |-- doc-updater.md       # Documentation sync\n|   |-- docs-lookup.md       # Documentation\u002FAPI lookup\n|   |-- chief-of-staff.md    # Communication triage and drafts\n|   |-- loop-operator.md     # Autonomous loop execution\n|   |-- harness-optimizer.md # Harness config tuning\n|   |-- cpp-reviewer.md      # C++ code review\n|   |-- cpp-build-resolver.md # C++ build error resolution\n|   |-- fsharp-reviewer.md   # F# functional code review\n|   |-- go-reviewer.md       # Go code review\n|   |-- go-build-resolver.md # Go build error resolution\n|   |-- python-reviewer.md   # Python code review\n|   |-- database-reviewer.md # Database\u002FSupabase review\n|   |-- typescript-reviewer.md # TypeScript\u002FJavaScript code review\n|   |-- java-reviewer.md     # Java\u002FSpring Boot code review\n|   |-- java-build-resolver.md # Java\u002FMaven\u002FGradle build errors\n|   |-- kotlin-reviewer.md   # Kotlin\u002FAndroid\u002FKMP code review\n|   |-- kotlin-build-resolver.md # Kotlin\u002FGradle build errors\n|   |-- harmonyos-app-resolver.md # HarmonyOS\u002FArkTS app development\n|   |-- rust-reviewer.md     # Rust code review\n|   |-- rust-build-resolver.md # Rust build error resolution\n|   |-- pytorch-build-resolver.md # PyTorch\u002FCUDA training errors\n|   |-- mle-reviewer.md      # Production ML pipeline, eval, serving, and monitoring review\n|\n|-- skills\u002F           # Workflow definitions and domain knowledge\n|   |-- coding-standards\u002F           # Language best practices\n|   |-- clickhouse-io\u002F              # ClickHouse analytics, queries, data engineering\n|   |-- backend-patterns\u002F           # API, database, caching patterns\n|   |-- frontend-patterns\u002F          # React, Next.js patterns\n|   |-- frontend-slides\u002F            # HTML slide decks and PPTX-to-web presentation workflows (NEW)\n|   |-- article-writing\u002F            # Long-form writing in a supplied voice without generic AI tone (NEW)\n|   |-- content-engine\u002F             # Multi-platform social content and repurposing workflows (NEW)\n|   |-- market-research\u002F            # Source-attributed market, competitor, and investor research (NEW)\n|   |-- investor-materials\u002F         # Pitch decks, one-pagers, memos, and financial models (NEW)\n|   |-- investor-outreach\u002F          # Personalized fundraising outreach and follow-up (NEW)\n|   |-- continuous-learning\u002F        # Legacy v1 Stop-hook pattern extraction\n|   |-- continuous-learning-v2\u002F     # Instinct-based learning with confidence scoring\n|   |-- iterative-retrieval\u002F        # Progressive context refinement for subagents\n|   |-- strategic-compact\u002F          # Manual compaction suggestions (Longform Guide)\n|   |-- tdd-workflow\u002F               # TDD methodology\n|   |-- security-review\u002F            # Security checklist\n|   |-- eval-harness\u002F               # Verification loop evaluation (Longform Guide)\n|   |-- verification-loop\u002F          # Continuous verification (Longform Guide)\n|   |-- videodb\u002F                   # Video and audio: ingest, search, edit, generate, stream (NEW)\n|   |-- golang-patterns\u002F            # Go idioms and best practices\n|   |-- golang-testing\u002F             # Go testing patterns, TDD, benchmarks\n|   |-- cpp-coding-standards\u002F         # C++ coding standards from C++ Core Guidelines (NEW)\n|   |-- cpp-testing\u002F                # C++ testing with GoogleTest, CMake\u002FCTest (NEW)\n|   |-- django-patterns\u002F            # Django patterns, models, views (NEW)\n|   |-- django-security\u002F            # Django security best practices (NEW)\n|   |-- django-tdd\u002F                 # Django TDD workflow (NEW)\n|   |-- django-verification\u002F        # Django verification loops (NEW)\n|   |-- laravel-patterns\u002F           # Laravel architecture patterns (NEW)\n|   |-- laravel-security\u002F           # Laravel security best practices (NEW)\n|   |-- laravel-tdd\u002F                # Laravel TDD workflow (NEW)\n|   |-- laravel-verification\u002F       # Laravel verification loops (NEW)\n|   |-- python-patterns\u002F            # Python idioms and best practices (NEW)\n|   |-- python-testing\u002F             # Python testing with pytest (NEW)\n|   |-- quarkus-patterns\u002F            # Java Quarkus patterns (NEW)\n|   |-- quarkus-security\u002F            # Quarkus security (NEW)\n|   |-- quarkus-tdd\u002F                 # Quarkus TDD (NEW)\n|   |-- quarkus-verification\u002F        # Quarkus verification (NEW)\n|   |-- springboot-patterns\u002F        # Java Spring Boot patterns (NEW)\n|   |-- springboot-security\u002F        # Spring Boot security (NEW)\n|   |-- springboot-tdd\u002F             # Spring Boot TDD (NEW)\n|   |-- springboot-verification\u002F    # Spring Boot verification (NEW)\n|   |-- configure-ecc\u002F              # Interactive installation wizard (NEW)\n|   |-- security-scan\u002F              # AgentShield security auditor integration (NEW)\n|   |-- java-coding-standards\u002F     # Java coding standards (NEW)\n|   |-- jpa-patterns\u002F              # JPA\u002FHibernate patterns (NEW)\n|   |-- postgres-patterns\u002F         # PostgreSQL optimization patterns (NEW)\n|   |-- nutrient-document-processing\u002F # Document processing with Nutrient API (NEW)\n|   |-- docs\u002Fexamples\u002Fproject-guidelines-template.md  # Template for project-specific skills\n|   |-- database-migrations\u002F         # Migration patterns (Prisma, Drizzle, Django, Go) (NEW)\n|   |-- api-design\u002F                  # REST API design, pagination, error responses (NEW)\n|   |-- deployment-patterns\u002F         # CI\u002FCD, Docker, health checks, rollbacks (NEW)\n|   |-- docker-patterns\u002F            # Docker Compose, networking, volumes, container security (NEW)\n|   |-- e2e-testing\u002F                 # Playwright E2E patterns and Page Object Model (NEW)\n|   |-- content-hash-cache-pattern\u002F  # SHA-256 content hash caching for file processing (NEW)\n|   |-- cost-aware-llm-pipeline\u002F     # LLM cost optimization, model routing, budget tracking (NEW)\n|   |-- regex-vs-llm-structured-text\u002F # Decision framework: regex vs LLM for text parsing (NEW)\n|   |-- swift-actor-persistence\u002F     # Thread-safe Swift data persistence with actors (NEW)\n|   |-- swift-protocol-di-testing\u002F   # Protocol-based DI for testable Swift code (NEW)\n|   |-- search-first\u002F               # Research-before-coding workflow (NEW)\n|   |-- skill-stocktake\u002F            # Audit skills and commands for quality (NEW)\n|   |-- liquid-glass-design\u002F         # iOS 26 Liquid Glass design system (NEW)\n|   |-- foundation-models-on-device\u002F # Apple on-device LLM with FoundationModels (NEW)\n|   |-- swift-concurrency-6-2\u002F       # Swift 6.2 Approachable Concurrency (NEW)\n|   |-- mle-workflow\u002F               # Production ML data contracts, evals, deployment, monitoring (NEW)\n|   |-- perl-patterns\u002F             # Modern Perl 5.36+ idioms and best practices (NEW)\n|   |-- perl-security\u002F             # Perl security patterns, taint mode, safe I\u002FO (NEW)\n|   |-- perl-testing\u002F              # Perl TDD with Test2::V0, prove, Devel::Cover (NEW)\n|   |-- autonomous-loops\u002F           # Autonomous loop patterns: sequential pipelines, PR loops, DAG orchestration (NEW)\n|   |-- plankton-code-quality\u002F      # Write-time code quality enforcement with Plankton hooks (NEW)\n|\n|-- commands\u002F         # Maintained slash-entry compatibility; prefer skills\u002F\n|   |-- plan.md             # \u002Fplan - Implementation planning\n|   |-- code-review.md      # \u002Fcode-review - Quality review\n|   |-- build-fix.md        # \u002Fbuild-fix - Fix build errors\n|   |-- refactor-clean.md   # \u002Frefactor-clean - Dead code removal\n|   |-- quality-gate.md     # \u002Fquality-gate - Verification gate\n|   |-- learn.md            # \u002Flearn - Extract patterns mid-session (Longform Guide)\n|   |-- learn-eval.md       # \u002Flearn-eval - Extract, evaluate, and save patterns (NEW)\n|   |-- checkpoint.md       # \u002Fcheckpoint - Save verification state (Longform Guide)\n|   |-- setup-pm.md         # \u002Fsetup-pm - Configure package manager\n|   |-- go-review.md        # \u002Fgo-review - Go code review (NEW)\n|   |-- go-test.md          # \u002Fgo-test - Go TDD workflow (NEW)\n|   |-- go-build.md         # \u002Fgo-build - Fix Go build errors (NEW)\n|   |-- skill-create.md     # \u002Fskill-create - Generate skills from git history (NEW)\n|   |-- instinct-status.md  # \u002Finstinct-status - View learned instincts (NEW)\n|   |-- instinct-import.md  # \u002Finstinct-import - Import instincts (NEW)\n|   |-- instinct-export.md  # \u002Finstinct-export - Export instincts (NEW)\n|   |-- evolve.md           # \u002Fevolve - Cluster instincts into skills\n|   |-- prune.md            # \u002Fprune - Delete expired pending instincts (NEW)\n|   |-- pm2.md              # \u002Fpm2 - PM2 service lifecycle management (NEW)\n|   |-- multi-plan.md       # \u002Fmulti-plan - Multi-agent task decomposition (NEW)\n|   |-- multi-execute.md    # \u002Fmulti-execute - Orchestrated multi-agent workflows (NEW)\n|   |-- multi-backend.md    # \u002Fmulti-backend - Backend multi-service orchestration (NEW)\n|   |-- multi-frontend.md   # \u002Fmulti-frontend - Frontend multi-service orchestration (NEW)\n|   |-- multi-workflow.md   # \u002Fmulti-workflow - General multi-service workflows (NEW)\n|   |-- sessions.md         # \u002Fsessions - Session history management\n|   |-- test-coverage.md    # \u002Ftest-coverage - Test coverage analysis\n|   |-- update-docs.md      # \u002Fupdate-docs - Update documentation\n|   |-- update-codemaps.md  # \u002Fupdate-codemaps - Update codemaps\n|   |-- python-review.md    # \u002Fpython-review - Python code review (NEW)\n|-- legacy-command-shims\u002F   # Opt-in archive for retired shims such as \u002Ftdd and \u002Feval\n|   |-- tdd.md              # \u002Ftdd - Prefer the tdd-workflow skill\n|   |-- e2e.md              # \u002Fe2e - Prefer the e2e-testing skill\n|   |-- eval.md             # \u002Feval - Prefer the eval-harness skill\n|   |-- verify.md           # \u002Fverify - Prefer the verification-loop skill\n|   |-- orchestrate.md      # \u002Forchestrate - Prefer dmux-workflows or multi-workflow\n|\n|-- rules\u002F            # Always-follow guidelines (copy to ~\u002F.claude\u002Frules\u002Fecc\u002F)\n|   |-- README.md            # Structure overview and installation guide\n|   |-- common\u002F              # Language-agnostic principles\n|   |   |-- coding-style.md    # Immutability, file organization\n|   |   |-- git-workflow.md    # Commit format, PR process\n|   |   |-- testing.md         # TDD, 80% coverage requirement\n|   |   |-- performance.md     # Model selection, context management\n|   |   |-- patterns.md        # Design patterns, skeleton projects\n|   |   |-- hooks.md           # Hook architecture, TodoWrite\n|   |   |-- agents.md          # When to delegate to subagents\n|   |   |-- security.md        # Mandatory security checks\n|   |-- typescript\u002F          # TypeScript\u002FJavaScript specific\n|   |-- python\u002F              # Python specific\n|   |-- golang\u002F              # Go specific\n|   |-- swift\u002F               # Swift specific\n|   |-- php\u002F                 # PHP specific (NEW)\n|   |-- arkts\u002F               # HarmonyOS \u002F ArkTS specific\n|\n|-- hooks\u002F            # Trigger-based automations\n|   |-- README.md                 # Hook documentation, recipes, and customization guide\n|   |-- hooks.json                # All hooks config (PreToolUse, PostToolUse, Stop, etc.)\n|   |-- memory-persistence\u002F       # Session lifecycle hooks (Longform Guide)\n|   |-- strategic-compact\u002F        # Compaction suggestions (Longform Guide)\n|\n|-- scripts\u002F          # Cross-platform Node.js scripts (NEW)\n|   |-- lib\u002F                     # Shared utilities\n|   |   |-- utils.js             # Cross-platform file\u002Fpath\u002Fsystem utilities\n|   |   |-- package-manager.js   # Package manager detection and selection\n|   |-- hooks\u002F                   # Hook implementations\n|   |   |-- session-start.js     # Load context on session start\n|   |   |-- session-end.js       # Save state on session end\n|   |   |-- pre-compact.js       # Pre-compaction state saving\n|   |   |-- suggest-compact.js   # Strategic compaction suggestions\n|   |   |-- evaluate-session.js  # Extract patterns from sessions\n|   |-- setup-package-manager.js # Interactive PM setup\n|\n|-- tests\u002F            # Test suite (NEW)\n|   |-- lib\u002F                     # Library tests\n|   |-- hooks\u002F                   # Hook tests\n|   |-- run-all.js               # Run all tests\n|\n|-- contexts\u002F         # Dynamic system prompt injection contexts (Longform Guide)\n|   |-- dev.md              # Development mode context\n|   |-- review.md           # Code review mode context\n|   |-- research.md         # Research\u002Fexploration mode context\n|\n|-- examples\u002F         # Example configurations and sessions\n|   |-- CLAUDE.md             # Example project-level config\n|   |-- user-CLAUDE.md        # Example user-level config\n|   |-- saas-nextjs-CLAUDE.md   # Real-world SaaS (Next.js + Supabase + Stripe)\n|   |-- go-microservice-CLAUDE.md # Real-world Go microservice (gRPC + PostgreSQL)\n|   |-- django-api-CLAUDE.md      # Real-world Django REST API (DRF + Celery)\n|   |-- laravel-api-CLAUDE.md     # Real-world Laravel API (PostgreSQL + Redis) (NEW)\n|   |-- rust-api-CLAUDE.md        # Real-world Rust API (Axum + SQLx + PostgreSQL) (NEW)\n|\n|-- mcp-configs\u002F      # MCP server configurations\n|   |-- mcp-servers.json    # GitHub, Supabase, Vercel, Railway, etc.\n|\n|-- ecc_dashboard.py  # Desktop GUI dashboard (Tkinter)\n|\n|-- assets\u002F           # Assets for dashboard\n|   |-- images\u002F\n|       |-- ecc-logo.png\n|\n|-- marketplace.json  # Self-hosted marketplace config (for \u002Fplugin marketplace add)\n```\n\n---\n\n## Ecosystem Tools\n\n### Skill Creator\n\nTwo ways to generate Claude Code skills from your repository:\n\n#### Option A: Local Analysis (Built-in)\n\nUse the `\u002Fskill-create` command for local analysis without external services:\n\n```bash\n\u002Fskill-create                    # Analyze current repo\n\u002Fskill-create --instincts        # Also generate instincts for continuous-learning-v2\n```\n\nThis analyzes your git history locally and generates SKILL.md files.\n\n#### Option B: GitHub App (Advanced)\n\nFor advanced features (10k+ commits, auto-PRs, team sharing):\n\n[Install GitHub App](https:\u002F\u002Fgithub.com\u002Fapps\u002Fskill-creator) | [ecc.tools](https:\u002F\u002Fecc.tools)\n\n```bash\n# Comment on any issue:\n\u002Fskill-creator analyze\n\n# Or auto-triggers on push to default branch\n```\n\nBoth options create:\n- **SKILL.md files** - Ready-to-use skills for Claude Code\n- **Instinct collections** - For continuous-learning-v2\n- **Pattern extraction** - Learns from your commit history\n\n### AgentShield — Security Auditor\n\n> Built at the Claude Code Hackathon (Cerebral Valley x Anthropic, Feb 2026). 1282 tests, 98% coverage, 102 static analysis rules.\n\nScan your Claude Code configuration for vulnerabilities, misconfigurations, and injection risks.\n\n```bash\n# Quick scan (no install needed)\nnpx ecc-agentshield scan\n\n# Auto-fix safe issues\nnpx ecc-agentshield scan --fix\n\n# Deep analysis with three Opus 4.6 agents\nnpx ecc-agentshield scan --opus --stream\n\n# Generate secure config from scratch\nnpx ecc-agentshield init\n```\n\n**What it scans:** CLAUDE.md, settings.json, MCP configs, hooks, agent definitions, and skills across 5 categories — secrets detection (14 patterns), permission auditing, hook injection analysis, MCP server risk profiling, and agent config review.\n\n**The `--opus` flag** runs three Claude Opus 4.6 agents in a red-team\u002Fblue-team\u002Fauditor pipeline. The attacker finds exploit chains, the defender evaluates protections, and the auditor synthesizes both into a prioritized risk assessment. Adversarial reasoning, not just pattern matching.\n\n**Output formats:** Terminal (color-graded A-F), JSON (CI pipelines), Markdown, HTML. Exit code 2 on critical findings for build gates.\n\nUse `\u002Fsecurity-scan` in Claude Code to run it, or add to CI with the [GitHub Action](https:\u002F\u002Fgithub.com\u002Faffaan-m\u002Fagentshield).\n\n[GitHub](https:\u002F\u002Fgithub.com\u002Faffaan-m\u002Fagentshield) | [npm](https:\u002F\u002Fwww.npmjs.com\u002Fpackage\u002Fecc-agentshield)\n\n### Continuous Learning v2\n\nThe instinct-based learning system automatically learns your patterns:\n\n```bash\n\u002Finstinct-status        # Show learned instincts with confidence\n\u002Finstinct-import \u003Cfile> # Import instincts from others\n\u002Finstinct-export        # Export your instincts for sharing\n\u002Fevolve                 # Cluster related instincts into skills\n```\n\nSee `skills\u002Fcontinuous-learning-v2\u002F` for full documentation.\nKeep `continuous-learning\u002F` only when you explicitly want the legacy v1 Stop-hook learned-skill flow.\n\n---\n\n## Requirements\n\n### Claude Code CLI Version\n\n**Minimum version: v2.1.0 or later**\n\nThis plugin requires Claude Code CLI v2.1.0+ due to changes in how the plugin system handles hooks.\n\nCheck your version:\n```bash\nclaude --version\n```\n\n### Important: Hooks Auto-Loading Behavior\n\n> WARNING: **For Contributors:** Do NOT add a `\"hooks\"` field to `.claude-plugin\u002Fplugin.json`. This is enforced by a regression test.\n\nClaude Code v2.1+ **automatically loads** `hooks\u002Fhooks.json` from any installed plugin by convention. Explicitly declaring it in `plugin.json` causes a duplicate detection error:\n\n```\nDuplicate hooks file detected: .\u002Fhooks\u002Fhooks.json resolves to already-loaded file\n```\n\n**History:** This has caused repeated fix\u002Frevert cycles in this repo ([#29](https:\u002F\u002Fgithub.com\u002Faffaan-m\u002FECC\u002Fissues\u002F29), [#52](https:\u002F\u002Fgithub.com\u002Faffaan-m\u002FECC\u002Fissues\u002F52), [#103](https:\u002F\u002Fgithub.com\u002Faffaan-m\u002FECC\u002Fissues\u002F103)). The behavior changed between Claude Code versions, leading to confusion. We now have a regression test to prevent this from being reintroduced.\n\n---\n\n## Installation\n\n### Option 1: Install as Plugin (Recommended)\n\nThe easiest way to use this repo - install as a Claude Code plugin:\n\n```bash\n# Add this repo as a marketplace\n\u002Fplugin marketplace add https:\u002F\u002Fgithub.com\u002Faffaan-m\u002FECC\n\n# Install the plugin\n\u002Fplugin install ecc@ecc\n```\n\nOr add directly to your `~\u002F.claude\u002Fsettings.json`:\n\n```json\n{\n  \"extraKnownMarketplaces\": {\n    \"ecc\": {\n      \"source\": {\n        \"source\": \"github\",\n        \"repo\": \"affaan-m\u002FECC\"\n      }\n    }\n  },\n  \"enabledPlugins\": {\n    \"ecc@ecc\": true\n  }\n}\n```\n\nThis gives you instant access to all commands, agents, skills, and hooks.\n\n> **Note:** The Claude Code plugin system does not support distributing `rules` via plugins ([upstream limitation](https:\u002F\u002Fcode.claude.com\u002Fdocs\u002Fen\u002Fplugins-reference)). You need to install rules manually:\n>\n> ```bash\n> # Clone the repo first\n> git clone https:\u002F\u002Fgithub.com\u002Faffaan-m\u002FECC.git\n> cd ECC\n>\n> # Option A: User-level rules (applies to all projects)\n> mkdir -p ~\u002F.claude\u002Frules\u002Fecc\n> cp -r rules\u002Fcommon ~\u002F.claude\u002Frules\u002Fecc\u002F\n> cp -r rules\u002Ftypescript ~\u002F.claude\u002Frules\u002Fecc\u002F   # pick your stack\n> cp -r rules\u002Fpython ~\u002F.claude\u002Frules\u002Fecc\u002F\n> cp -r rules\u002Fgolang ~\u002F.claude\u002Frules\u002Fecc\u002F\n> cp -r rules\u002Fphp ~\u002F.claude\u002Frules\u002Fecc\u002F\n>\n> # Option B: Project-level rules (applies to current project only)\n> mkdir -p .claude\u002Frules\u002Fecc\n> cp -r rules\u002Fcommon .claude\u002Frules\u002Fecc\u002F\n> cp -r rules\u002Ftypescript .claude\u002Frules\u002Fecc\u002F     # pick your stack\n> ```\n\n---\n\n### Option 2: Manual Installation\n\nIf you prefer manual control over what's installed:\n\n```bash\n# Clone the repo\ngit clone https:\u002F\u002Fgithub.com\u002Faffaan-m\u002FECC.git\ncd ECC\n\n# Copy agents to your Claude config\ncp agents\u002F*.md ~\u002F.claude\u002Fagents\u002F\n\n# Copy rules directories (common + language-specific)\nmkdir -p ~\u002F.claude\u002Frules\u002Fecc\ncp -r rules\u002Fcommon ~\u002F.claude\u002Frules\u002Fecc\u002F\ncp -r rules\u002Ftypescript ~\u002F.claude\u002Frules\u002Fecc\u002F   # pick your stack\ncp -r rules\u002Fpython ~\u002F.claude\u002Frules\u002Fecc\u002F\ncp -r rules\u002Fgolang ~\u002F.claude\u002Frules\u002Fecc\u002F\ncp -r rules\u002Fphp ~\u002F.claude\u002Frules\u002Fecc\u002F\ncp -r rules\u002Farkts ~\u002F.claude\u002Frules\u002Fecc\u002F\n\n# Copy skills first (primary workflow surface)\n# Recommended (new users): core\u002Fgeneral skills only\nmkdir -p ~\u002F.claude\u002Fskills\u002Fecc\ncp -r .agents\u002Fskills\u002F* ~\u002F.claude\u002Fskills\u002Fecc\u002F\ncp -r skills\u002Fsearch-first ~\u002F.claude\u002Fskills\u002Fecc\u002F\n\n# Optional: add niche\u002Fframework-specific skills only when needed\n# for s in django-patterns django-tdd laravel-patterns springboot-patterns quarkus-patterns; do\n# cp -r skills\u002F$s ~\u002F.claude\u002Fskills\u002Fecc\u002F\n# done\n\n# Optional: keep maintained slash-command compatibility during migration\nmkdir -p ~\u002F.claude\u002Fcommands\ncp commands\u002F*.md ~\u002F.claude\u002Fcommands\u002F\n\n# Retired shims live in legacy-command-shims\u002Fcommands\u002F.\n# Copy individual files from there only if you still need old names such as \u002Ftdd.\n```\n\n#### Install hooks\n\nDo not copy the raw repo `hooks\u002Fhooks.json` into `~\u002F.claude\u002Fsettings.json` or `~\u002F.claude\u002Fhooks\u002Fhooks.json`. That file is plugin\u002Frepo-oriented and is meant to be installed through the ECC installer or loaded as a plugin, so raw copying is not a supported manual install path.\n\nUse the installer to install only the Claude hook runtime so command paths are rewritten correctly:\n\n```bash\n# macOS \u002F Linux\nbash .\u002Finstall.sh --target claude --modules hooks-runtime\n```\n\n```powershell\n# Windows PowerShell\npwsh -File .\\install.ps1 --target claude --modules hooks-runtime\n```\n\nThat writes resolved hooks to `~\u002F.claude\u002Fhooks\u002Fhooks.json` and leaves any existing `~\u002F.claude\u002Fsettings.json` untouched.\n\nIf you installed ECC via `\u002Fplugin install`, do not copy those hooks into `settings.json`. Claude Code v2.1+ already auto-loads plugin `hooks\u002Fhooks.json`, and duplicating them in `settings.json` causes duplicate execution and cross-platform hook conflicts.\n\nWindows note: the Claude config directory is `%USERPROFILE%\\\\.claude`, not `~\u002Fclaude`.\n\n#### Configure MCPs\n\nClaude plugin installs intentionally do not auto-enable ECC's bundled MCP server definitions. This avoids overlong plugin MCP tool names on strict third-party gateways while keeping manual MCP setup available.\n\nUse Claude Code's `\u002Fmcp` command or CLI-managed MCP setup for live Claude Code server changes. Use `\u002Fmcp` for Claude Code runtime disables; Claude Code persists those choices in `~\u002F.claude.json`.\n\nFor repo-local MCP access, copy desired MCP server definitions from `mcp-configs\u002Fmcp-servers.json` into a project-scoped `.mcp.json`.\n\nIf you already run your own copies of ECC-bundled MCPs, set:\n\n```bash\nexport ECC_DISABLED_MCPS=\"github,context7,exa,playwright,sequential-thinking,memory\"\n```\n\nECC-managed install and Codex sync flows will skip or remove those bundled servers instead of re-adding duplicates. `ECC_DISABLED_MCPS` is an ECC install\u002Fsync filter, not a live Claude Code toggle.\n\n**Important:** Replace `YOUR_*_HERE` placeholders with your actual API keys.\n\n---\n\n## Key Concepts\n\n### Agents\n\nSubagents handle delegated tasks with limited scope. Example:\n\n```markdown\n---\nname: code-reviewer\ndescription: Reviews code for quality, security, and maintainability\ntools: [\"Read\", \"Grep\", \"Glob\", \"Bash\"]\nmodel: opus\n---\n\nYou are a senior code reviewer...\n```\n\n### Skills\n\nSkills are the primary workflow surface. They can be invoked directly, suggested automatically, and reused by agents. ECC still ships maintained `commands\u002F` during migration, while retired short-name shims live under `legacy-command-shims\u002F` for explicit opt-in only. New workflow development should land in `skills\u002F` first.\n\n```markdown\n# TDD Workflow\n\n1. Define interfaces first\n2. Write failing tests (RED)\n3. Implement minimal code (GREEN)\n4. Refactor (IMPROVE)\n5. Verify 80%+ coverage\n```\n\n### Hooks\n\nHooks fire on tool events. Example - warn about console.log:\n\n```json\n{\n  \"matcher\": \"tool == \\\"Edit\\\" && tool_input.file_path matches \\\"\\\\\\\\.(ts|tsx|js|jsx)$\\\"\",\n  \"hooks\": [{\n    \"type\": \"command\",\n    \"command\": \"#!\u002Fbin\u002Fbash\\ngrep -n 'console\\\\.log' \\\"$file_path\\\" && echo '[Hook] Remove console.log' >&2\"\n  }]\n}\n```\n\n### Rules\n\nRules are always-follow guidelines, organized into `common\u002F` (language-agnostic) + language-specific directories:\n\n```\nrules\u002F\n  common\u002F          # Universal principles (always install)\n  typescript\u002F      # TS\u002FJS specific patterns and tools\n  python\u002F          # Python specific patterns and tools\n  golang\u002F          # Go specific patterns and tools\n  swift\u002F           # Swift specific patterns and tools\n  php\u002F             # PHP specific patterns and tools\n  arkts\u002F           # HarmonyOS \u002F ArkTS patterns and constraints\n```\n\nSee [`rules\u002FREADME.md`](rules\u002FREADME.md) for installation and structure details.\n\n---\n\n## Which Agent Should I Use?\n\nNot sure where to start? Use this quick reference. Skills are the canonical workflow surface; maintained slash entries stay available for command-first workflows.\n\n| I want to... | Use this surface | Agent used |\n|--------------|-----------------|------------|\n| Plan a new feature | `\u002Fecc:plan \"Add auth\"` | planner |\n| Design system architecture | `\u002Fecc:plan` + architect agent | architect |\n| Write code with tests first | `tdd-workflow` skill | tdd-guide |\n| Review code I just wrote | `\u002Fcode-review` | code-reviewer |\n| Fix a failing build | `\u002Fbuild-fix` | build-error-resolver |\n| Run end-to-end tests | `e2e-testing` skill | e2e-runner |\n| Find security vulnerabilities | `\u002Fsecurity-scan` | security-reviewer |\n| Remove dead code | `\u002Frefactor-clean` | refactor-cleaner |\n| Update documentation | `\u002Fupdate-docs` | doc-updater |\n| Review Go code | `\u002Fgo-review` | go-reviewer |\n| Review Python code | `\u002Fpython-review` | python-reviewer |\n| Review F# code | *(invoke `fsharp-reviewer` directly)* | fsharp-reviewer |\n| Review TypeScript\u002FJavaScript code | *(invoke `typescript-reviewer` directly)* | typescript-reviewer |\n| Develop HarmonyOS apps | *(invoke `harmonyos-app-resolver` directly)* | harmonyos-app-resolver |\n| Audit database queries | *(auto-delegated)* | database-reviewer |\n| Review production ML changes | `mle-workflow` skill + `mle-reviewer` agent | mle-reviewer |\n\n### Common Workflows\n\nSlash forms below are shown where they remain part of the maintained command surface. Retired short-name shims such as `\u002Ftdd` and `\u002Feval` live in `legacy-command-shims\u002F` for explicit opt-in only.\n\n**Starting a new feature:**\n```\n\u002Fecc:plan \"Add user authentication with OAuth\"\n                                              → planner creates implementation blueprint\ntdd-workflow skill                            → tdd-guide enforces write-tests-first\n\u002Fcode-review                                  → code-reviewer checks your work\n```\n\n**Fixing a bug:**\n```\ntdd-workflow skill                            → tdd-guide: write a failing test that reproduces it\n                                              → implement the fix, verify test passes\n\u002Fcode-review                                  → code-reviewer: catch regressions\n```\n\n**Preparing for production:**\n```\n\u002Fsecurity-scan                                → security-reviewer: OWASP Top 10 audit\ne2e-testing skill                             → e2e-runner: critical user flow tests\n\u002Ftest-coverage                                → verify 80%+ coverage\n```\n\n---\n\n## FAQ\n\n\u003Cdetails>\n\u003Csummary>\u003Cb>How do I check which agents\u002Fcommands are installed?\u003C\u002Fb>\u003C\u002Fsummary>\n\n```bash\n\u002Fplugin list ecc@ecc\n```\n\nThis shows all available agents, commands, and skills from the plugin.\n\u003C\u002Fdetails>\n\n\u003Cdetails>\n\u003Csummary>\u003Cb>My hooks aren't working \u002F I see \"Duplicate hooks file\" errors\u003C\u002Fb>\u003C\u002Fsummary>\n\nThis is the most common issue. **Do NOT add a `\"hooks\"` field to `.claude-plugin\u002Fplugin.json`.** Claude Code v2.1+ automatically loads `hooks\u002Fhooks.json` from installed plugins. Explicitly declaring it causes duplicate detection errors. See [#29](https:\u002F\u002Fgithub.com\u002Faffaan-m\u002FECC\u002Fissues\u002F29), [#52](https:\u002F\u002Fgithub.com\u002Faffaan-m\u002FECC\u002Fissues\u002F52), [#103](https:\u002F\u002Fgithub.com\u002Faffaan-m\u002FECC\u002Fissues\u002F103).\n\u003C\u002Fdetails>\n\n\u003Cdetails>\n\u003Csummary>\u003Cb>Can I use ECC with Claude Code on a custom API endpoint or model gateway?\u003C\u002Fb>\u003C\u002Fsummary>\n\nYes. ECC does not hardcode Anthropic-hosted transport settings. It runs locally through Claude Code's normal CLI\u002Fplugin surface, so it works with:\n\n- Anthropic-hosted Claude Code\n- Official Claude Code gateway setups using `ANTHROPIC_BASE_URL` and `ANTHROPIC_AUTH_TOKEN`\n- Compatible custom endpoints that speak the Anthropic API Claude Code expects\n\nMinimal example:\n\n```bash\nexport ANTHROPIC_BASE_URL=https:\u002F\u002Fyour-gateway.example.com\nexport ANTHROPIC_AUTH_TOKEN=your-token\nclaude\n```\n\nIf your gateway remaps model names, configure that in Claude Code rather than in ECC. ECC's hooks, skills, commands, and rules are model-provider agnostic once the `claude` CLI is already working.\n\nOfficial references:\n- [Claude Code LLM gateway docs](https:\u002F\u002Fdocs.anthropic.com\u002Fen\u002Fdocs\u002Fclaude-code\u002Fllm-gateway)\n- [Claude Code model configuration docs](https:\u002F\u002Fdocs.anthropic.com\u002Fen\u002Fdocs\u002Fclaude-code\u002Fmodel-config)\n\n\u003C\u002Fdetails>\n\n\u003Cdetails>\n\u003Csummary>\u003Cb>My context window is shrinking \u002F Claude is running out of context\u003C\u002Fb>\u003C\u002Fsummary>\n\nToo many MCP servers eat your context. Each MCP tool description consumes tokens from your 200k window, potentially reducing it to ~70k. SessionStart context is capped at 8000 characters by default; lower it with `ECC_SESSION_START_MAX_CHARS=4000` or disable it with `ECC_SESSION_START_CONTEXT=off` for local-model or low-context setups.\n\n**Fix:** Disable unused MCPs from Claude Code with `\u002Fmcp`. Claude Code writes those runtime choices to `~\u002F.claude.json`; `.claude\u002Fsettings.json` and `.claude\u002Fsettings.local.json` are not reliable toggles for already-loaded MCP servers.\n\nKeep under 10 MCPs enabled and under 80 tools active.\n\u003C\u002Fdetails>\n\n\u003Cdetails>\n\u003Csummary>\u003Cb>Can I use only some components (e.g., just agents)?\u003C\u002Fb>\u003C\u002Fsummary>\n\nYes. Use Option 2 (manual installation) and copy only what you need:\n\n```bash\n# Just agents\ncp agents\u002F*.md ~\u002F.claude\u002Fagents\u002F\n\n# Just rules\nmkdir -p ~\u002F.claude\u002Frules\u002Fecc\u002F\ncp -r rules\u002Fcommon ~\u002F.claude\u002Frules\u002Fecc\u002F\n```\n\nEach component is fully independent.\n\u003C\u002Fdetails>\n\n\u003Cdetails>\n\u003Csummary>\u003Cb>Does this work with Cursor \u002F OpenCode \u002F Codex \u002F Antigravity \u002F GitHub Copilot?\u003C\u002Fb>\u003C\u002Fsummary>\n\nYes. ECC is cross-platform:\n- **Cursor**: Pre-translated configs in `.cursor\u002F`. See [Cursor IDE Support](#cursor-ide-support).\n- **Gemini CLI**: Experimental project-local support via `.gemini\u002FGEMINI.md` and shared installer plumbing.\n- **OpenCode**: Full plugin support in `.opencode\u002F`. See [OpenCode Support](#opencode-support).\n- **Codex**: First-class support for both macOS app and CLI, with adapter drift guards and SessionStart fallback. See PR [#257](https:\u002F\u002Fgithub.com\u002Faffaan-m\u002FECC\u002Fpull\u002F257).\n- **GitHub Copilot (VS Code)**: Instruction and prompt layer via `.github\u002Fcopilot-instructions.md`, `.vscode\u002Fsettings.json`, and `.github\u002Fprompts\u002F`. See [GitHub Copilot Support](#github-copilot-support).\n- **Antigravity**: Tightly integrated setup for workflows, skills, and flattened rules in `.agent\u002F`. See [Antigravity Guide](docs\u002FANTIGRAVITY-GUIDE.md).\n- **JoyCode \u002F CodeBuddy**: Project-local selective install adapters for commands, agents, skills, and flattened rules. See [JoyCode Adapter Guide](docs\u002FJOYCODE-GUIDE.md).\n- **Qwen CLI**: Home-directory selective install adapter for commands, agents, skills, rules, and Qwen config. See [Qwen CLI Adapter Guide](docs\u002FQWEN-GUIDE.md).\n- **Zed**: Project-local selective install adapter for `.zed\u002Fsettings.json`, flattened rules, commands, agents, and skills.\n- **Non-native harnesses**: Manual fallback path for Grok and similar interfaces. See [Manual Adaptation Guide](docs\u002FMANUAL-ADAPTATION-GUIDE.md).\n- **Claude Code**: Native — this is the primary target.\n\u003C\u002Fdetails>\n\n\u003Cdetails>\n\u003Csummary>\u003Cb>How do I contribute a new skill or agent?\u003C\u002Fb>\u003C\u002Fsummary>\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md). The short version:\n1. Fork the repo\n2. Create your skill in `skills\u002Fyour-skill-name\u002FSKILL.md` (with YAML frontmatter)\n3. Or create an agent in `agents\u002Fyour-agent.md`\n4. Submit a PR with a clear description of what it does and when to use it\n\u003C\u002Fdetails>\n\n---\n\n## Running Tests\n\nThe plugin includes a comprehensive test suite:\n\n```bash\n# Run all tests\nnode tests\u002Frun-all.js\n\n# Run individual test files\nnode tests\u002Flib\u002Futils.test.js\nnode tests\u002Flib\u002Fpackage-manager.test.js\nnode tests\u002Fhooks\u002Fhooks.test.js\n```\n\n---\n\n## Contributing\n\n**Contributions are welcome and encouraged.**\n\nThis repo is meant to be a community resource. If you have:\n- Useful agents or skills\n- Clever hooks\n- Better MCP configurations\n- Improved rules\n\nPlease contribute! See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.\n\n### Ideas for Contributions\n\n- Language-specific skills (Rust, C#, Kotlin, Java) — Go, Python, Perl, Swift, TypeScript, and HarmonyOS\u002FArkTS already included\n- Framework-specific configs (Rails, FastAPI) — Django, NestJS, Spring Boot, and Laravel already included\n- DevOps agents (Kubernetes, Terraform, AWS, Docker)\n- Testing strategies (different frameworks, visual regression)\n- Domain-specific knowledge (ML, data engineering, mobile)\n\n### Community Ecosystem Notes\n\nThese are not bundled with ECC and are not audited by this repo, but they are worth knowing about if you are exploring the broader Claude Code skills ecosystem:\n\n- [claude-seo](https:\u002F\u002Fgithub.com\u002FAgriciDaniel\u002Fclaude-seo) — SEO-focused skill and agent collection\n- [claude-ads](https:\u002F\u002Fgithub.com\u002FAgriciDaniel\u002Fclaude-ads) — Ad-audit and paid-growth workflow collection\n- [claude-cybersecurity](https:\u002F\u002Fgithub.com\u002FAgriciDaniel\u002Fclaude-cybersecurity) — Security-oriented skill and agent collection\n\n---\n\n## Cursor IDE Support\n\nECC provides Cursor IDE support with hooks, rules, agents, skills, commands, and MCP configs adapted for Cursor's project layout.\n\n### Quick Start (Cursor)\n\n```bash\n# macOS\u002FLinux\n.\u002Finstall.sh --target cursor typescript\n.\u002Finstall.sh --target cursor python golang swift php\n```\n\n```powershell\n# Windows PowerShell\n.\\install.ps1 --target cursor typescript\n.\\install.ps1 --target cursor python golang swift php\n```\n\n### What's Included\n\n| Component | Count | Details |\n|-----------|-------|---------|\n| Hook Events | 15 | sessionStart, beforeShellExecution, afterFileEdit, beforeMCPExecution, beforeSubmitPrompt, and 10 more |\n| Hook Scripts | 16 | Thin Node.js scripts delegating to `scripts\u002Fhooks\u002F` via shared adapter |\n| Rules | 34 | 9 common (alwaysApply) + 25 language-specific (TypeScript, Python, Go, Swift, PHP) |\n| Agents | 48 | `.cursor\u002Fagents\u002Fecc-*.md` when installed; prefixed to avoid collisions with user or marketplace agents |\n| Skills | Shared + Bundled | `.cursor\u002Fskills\u002F` for translated additions |\n| Commands | Shared | `.cursor\u002Fcommands\u002F` if installed |\n| MCP Config | Shared | `.cursor\u002Fmcp.json` if installed |\n\n### Cursor Loading Notes\n\nECC does not install root `AGENTS.md` into `.cursor\u002F`. Cursor treats nested `AGENTS.md` files as directory context, so copying ECC's repo identity into a host project would pollute that project.\n\nCursor-native loading behavior can vary by Cursor build. ECC installs agents as `.cursor\u002Fagents\u002Fecc-*.md`; if your Cursor build does not expose project agents, those files still work as explicit reference definitions instead of hidden global prompt context.\n\n### Hook Architecture (DRY Adapter Pattern)\n\nCursor has **more hook events than Claude Code** (20 vs 8). The `.cursor\u002Fhooks\u002Fadapter.js` module transforms Cursor's stdin JSON to Claude Code's format, allowing existing `scripts\u002Fhooks\u002F*.js` to be reused without duplication.\n\n```\nCursor stdin JSON → adapter.js → transforms → scripts\u002Fhooks\u002F*.js\n                                              (shared with Claude Code)\n```\n\nKey hooks:\n- **beforeShellExecution** — Blocks dev servers outside tmux (exit 2), git push review\n- **afterFileEdit** — Auto-format + TypeScript check + console.log warning\n- **beforeSubmitPrompt** — Detects secrets (sk-, ghp_, AKIA patterns) in prompts\n- **beforeTabFileRead** — Blocks Tab from reading .env, .key, .pem files (exit 2)\n- **beforeMCPExecution \u002F afterMCPExecution** — MCP audit logging\n\n### Rules Format\n\nCursor rules use YAML frontmatter with `description`, `globs`, and `alwaysApply`:\n\n```yaml\n---\ndescription: \"TypeScript coding style extending common rules\"\nglobs: [\"**\u002F*.ts\", \"**\u002F*.tsx\", \"**\u002F*.js\", \"**\u002F*.jsx\"]\nalwaysApply: false\n---\n```\n\n---\n\n## Codex macOS App + CLI Support\n\nECC provides **first-class Codex support** for both the macOS app and CLI, with a reference configuration, Codex-specific AGENTS.md supplement, and shared skills.\n\n### Quick Start (Codex App + CLI)\n\n```bash\n# Run Codex CLI in the repo — AGENTS.md and .codex\u002F are auto-detected\ncodex\n\n# Automatic setup: sync ECC assets (AGENTS.md, skills, MCP servers) into ~\u002F.codex\nnpm install && bash scripts\u002Fsync-ecc-to-codex.sh\n# or: pnpm install && bash scripts\u002Fsync-ecc-to-codex.sh\n# or: yarn install && bash scripts\u002Fsync-ecc-to-codex.sh\n# or: bun install && bash scripts\u002Fsync-ecc-to-codex.sh\n\n# Or manually: copy the reference config to your home directory\ncp .codex\u002Fconfig.toml ~\u002F.codex\u002Fconfig.toml\n```\n\nThe sync script safely merges ECC MCP servers into your existing `~\u002F.codex\u002Fconfig.toml` using an **add-only** strategy — it never removes or modifies your existing servers. Run with `--dry-run` to preview changes, or `--update-mcp` to force-refresh ECC servers to the latest recommended config.\n\nFor Context7, ECC uses the canonical Codex section name `[mcp_servers.context7]` while still launching the `@upstash\u002Fcontext7-mcp` package. If you already have a legacy `[mcp_servers.context7-mcp]` entry, `--update-mcp` migrates it to the canonical section name.\n\nCodex macOS app:\n- Open this repository as your workspace.\n- The root `AGENTS.md` is auto-detected.\n- `.codex\u002Fconfig.toml` and `.codex\u002Fagents\u002F*.toml` work best when kept project-local.\n- The reference `.codex\u002Fconfig.toml` intentionally does not pin `model` or `model_provider`, so Codex uses its own current default unless you override it.\n- Optional: copy `.codex\u002Fconfig.toml` to `~\u002F.codex\u002Fconfig.toml` for global defaults; keep the multi-agent role files project-local unless you also copy `.codex\u002Fagents\u002F`.\n\n### What's Included\n\n| Component | Count | Details |\n|-----------|-------|---------|\n| Config | 1 | `.codex\u002Fconfig.toml` — top-level approvals\u002Fsandbox\u002Fweb_search, MCP servers, notifications, profiles |\n| AGENTS.md | 2 | Root (universal) + `.codex\u002FAGENTS.md` (Codex-specific supplement) |\n| Skills | 32 | `.agents\u002Fskills\u002F` — SKILL.md + agents\u002Fopenai.yaml per skill |\n| MCP Servers | 6 | GitHub, Context7, Exa, Memory, Playwright, Sequential Thinking (7 with Supabase via `--update-mcp` sync) |\n| Profiles | 2 | `strict` (read-only sandbox) and `yolo` (full auto-approve) |\n| Agent Roles | 3 | `.codex\u002Fagents\u002F` — explorer, reviewer, docs-researcher |\n\n### Skills\n\nSkills at `.agents\u002Fskills\u002F` are auto-loaded by Codex:\n\nCanonical Anthropic skills such as `claude-api`, `frontend-design`, and `skill-creator` are intentionally not re-bundled here. Install those from [`anthropics\u002Fskills`](https:\u002F\u002Fgithub.com\u002Fanthropics\u002Fskills) when you want the official versions.\n\n| Skill | Description |\n|-------|-------------|\n| agent-introspection-debugging | Debug agent behavior, routing, and prompt boundaries |\n| agent-sort | Sort agent catalogs and assignment surfaces |\n| api-design | REST API design patterns |\n| article-writing | Long-form writing from notes and voice references |\n| backend-patterns | API design, database, caching |\n| brand-voice | Source-derived writing style profiles from real content |\n| bun-runtime | Bun as runtime, package manager, bundler, and test runner |\n| coding-standards | Universal coding standards |\n| content-engine | Platform-native social content and repurposing |\n| crosspost | Multi-platform content distribution across X, LinkedIn, Threads |\n| deep-research | Multi-source research with synthesis and source attribution |\n| dmux-workflows | Multi-agent orchestration using tmux pane manager |\n| documentation-lookup | Up-to-date library and framework docs via Context7 MCP |\n| e2e-testing | Playwright E2E tests |\n| eval-harness | Eval-driven development |\n| everything-claude-code | Development conventions and patterns for the project |\n| exa-search | Neural search via Exa MCP for web, code, company research |\n| fal-ai-media | Unified media generation for images, video, and audio |\n| frontend-patterns | React\u002FNext.js patterns |\n| frontend-slides | HTML presentations, PPTX conversion, visual style exploration |\n| investor-materials | Decks, memos, models, and one-pagers |\n| investor-outreach | Personalized outreach, follow-ups, and intro blurbs |\n| market-research | Source-attributed market and competitor research |\n| mcp-server-patterns | Build MCP servers with Node\u002FTypeScript SDK |\n| nextjs-turbopack | Next.js 16+ and Turbopack incremental bundling |\n| product-capability | Translate product goals into scoped capability maps |\n| security-review | Comprehensive security checklist |\n| strategic-compact | Context management |\n| tdd-workflow | Test-driven development with 80%+ coverage |\n| verification-loop | Build, test, lint, typecheck, security |\n| video-editing | AI-assisted video editing workflows with FFmpeg and Remotion |\n| x-api | X\u002FTwitter API i","ECC 是一个针对代理性能优化的系统，旨在提升Claude Code、Codex、Cursor等AI代理工具的工作效率。该项目通过集成技能、直觉、记忆优化、持续学习和安全扫描等功能，提供了一套完整的解决方案，支持多种语言生态系统。其核心在于为开发者提供生产就绪的代理、技能配置及规则设定，特别适合需要高度定制化与高效协作的软件开发场景。采用MIT许可协议，社区活跃度高，已获得广泛认可。",2,"2026-06-06 03:56:42","top_all"]