Skip to content

everything-claude-code

AI Coding Tools

The agent harness performance optimization system. Skills, instincts, memory, security, and research-first development for Claude Code, Codex, Opencode, Cursor and beyond.

Track releases GitHub Website
JavaScript Latest v1.10.0 · 1mo ago Security brief →

Features

  • Harness‑native operator system for agentic work
  • Supports multiple AI code harnesses (Codex, Claude Code, Cursor, etc.)
  • Provides skills, instincts, memory optimization and continuous learning

Recent releases

View all 12 releases →
v1.9.0 New feature
Security fixes
  • AgentShield false positive fixes
  • 25+ known MCP vulnerabilities detected
Notable features
  • ECC Tools Pro with Stripe billing
  • Selective install with --with/--without flags
  • AgentShield v1.4.0 with CVE database
Full changelog

Highlights

ECC Tools Pro is live. The GitHub App now has Stripe billing with a Pro tier ($19/seat/month) for private repo analysis, 50 analyses/month, and AgentShield-backed scanning. Free tier remains at 10 analyses/month for public repos. Install at github.com/apps/ecc-tools, upgrade at ecc.tools/pricing.

Selective install is here. Install only what you need with --with and --without flags. ecc install --profile developer --with lang:typescript --with agent:security-reviewer --without skill:continuous-learning. Agent and skill component families are now in the install manifest.

12 language ecosystems. C#, Rust, Java, Kotlin, C++, Go, Python, TypeScript, Perl, PyTorch, Nuxt 4, and Flutter now have dedicated rules, agents, or skills.

AgentShield v1.4.0 ships alongside. False positive scanning fixed. CVE database with 25+ known MCP vulnerabilities. Supply chain verification. Runtime monitoring. Watch mode. PR security gate. Org-wide policy enforcement.

https://github.com/user-attachments/assets/eece2c76-7eb9-4865-a58b-f11247fd774e

What's New

Agents (28 total, +9 new)

  • typescript-reviewer — TypeScript/JavaScript code review
  • pytorch-build-resolver — PyTorch build error resolution
  • java-build-resolver — Maven/Gradle build resolution
  • java-reviewer — Java code review
  • rust-reviewer — Rust code review
  • flutter-reviewer — Flutter/Dart code review
  • harness-optimizer — Cross-harness optimization
  • kotlin-build-resolver — Kotlin build resolution
  • kotlin-reviewer — Kotlin code review

Skills (116 total, +15 new)

  • pytorch-patterns — PyTorch best practices
  • nuxt4-patterns — Nuxt 4 frontend patterns
  • codebase-onboarding — Onboarding new contributors
  • architecture-decision-records — ADR workflow
  • agent-eval — Head-to-head coding agent comparison
  • documentation-lookup — Doc retrieval patterns
  • bun-runtime — Bun runtime patterns
  • nextjs-turbopack — Next.js Turbopack patterns
  • Plus 7 more language-specific skills

Rules (6 new language packs)

  • C# (coding-style, patterns, security, testing, hooks)
  • Rust, Java, C++, Perl language rules
  • Flutter/Dart rules

Infrastructure

  • Selective install with --with/--without CLI flags
  • Agent description compression with lazy loading
  • Skill inspection logic for recurring failure pattern detection
  • Governance event capture hooks
  • MCP health-check hook with auto-reconnect
  • SQLite state store for session/skill/decision tracking
  • Session adapters for canonical snapshots
  • Codex sync merges AGENTS.md instead of replacing

Bug Fixes

  • Windows CI fully green (all 38 matrix jobs passing)
  • SessionStart ANSI escape code sanitization
  • Observer memory explosion with throttling
  • Flaky observer bash test on Windows skipped
  • Catalog count validation fixed
  • Plugin root auto-detection fallback

ECC Tools App

  • Stripe billing live (Pro $19/seat, Enterprise contact)
  • GitHub OAuth checkout flow
  • Analyzer quality improvements (7 greptile findings fixed)
  • Duplicate PR prevention with idempotency
  • Auto-analysis skip list for managed repos
  • Push cooldown increased to 7 days

AgentShield (v1.4.0)

  • False positive fix: deny rules and block hooks no longer flagged as threats
  • CVE database with 25+ known MCP vulnerabilities
  • MCP tool description poisoning detection (5 new rules)
  • Continuous scanning with config drift detection (--watch mode)
  • Runtime monitoring daemon for tool calls
  • Supply chain verification for MCP npm packages
  • PR security gate with baseline comparison
  • Organization-wide security policy enforcement
  • CLAUDE.md filesystem permission check
  • 1,609 tests passing

Stats

  • 219 commits since v1.8.0
  • 30+ contributors
  • 88K+ GitHub stars
  • 1,540+ tests passing across all platforms

Install / Upgrade

npx claudepluginhub affaan-m/everything-claude-code --plugin everything-claude-code

Or install manually in Claude Code.

View release on GitHub
v1.8.0 New feature
Notable features
  • /harness-audit, /loop-start, /quality-gate, /model-route commands
  • NanoClaw v2 with model routing and skill hot-load
Full changelog

ECC v1.8.0: Harness Performance Release

v1.8.0 shifts ECC from "config bundle" to a practical agent harness performance system: more reliable hooks, stronger eval/quality controls, and tighter parity across Claude Code, Cursor, OpenCode, and Codex (macOS app + CLI).

https://github.com/user-attachments/assets/18f05e41-a49b-4126-9771-3df1e07cd7b7

What’s New

  • New harness commands
    • /harness-audit
    • /loop-start
    • /loop-status
    • /quality-gate
    • /model-route
  • NanoClaw v2 upgrades
    • Model routing
    • Skill hot-load
    • Session branch/search/export/compact/metrics
  • New harness skills and operators
    • agent-harness-construction
    • agentic-engineering
    • ralphinho-rfc-pipeline
    • ai-first-engineering
    • enterprise-agent-ops
    • nanoclaw-repl
    • continuous-agent-loop
  • New agents
    • harness-optimizer
    • loop-operator

Reliability and Hook Fixes

  • Fixed SessionStart root resolution (robust fallback when plugin root env is missing).
  • Fixed empty/partial session summary behavior by moving summary persistence to the Stop lifecycle path where transcript payload exists.
  • Added explicit hook controls:
    • ECC_HOOK_PROFILE=minimal|standard|strict
    • ECC_DISABLED_HOOKS=comma,separated,ids
  • Replaced fragile inline one-liner hook commands with dedicated scripts for safer cross-platform behavior.
  • Improved Windows path handling for doc-warning/whitelist logic.
  • Hardened observer behavior for non-interactive environments to reduce hang risk.

Cross-Harness Parity

  • Claude Code, Cursor, OpenCode, and Codex now share tighter behavior around hooks, commands, and skill execution semantics.
  • OpenCode command mirrors added for the new harness command set.
  • Codex config/docs alignment improved for both app and CLI workflows.

Compatibility Notes

  • autonomous-loops is retained for compatibility in this release.
  • continuous-agent-loop is now the canonical skill name.

Upgrade Path

  1. Pull latest and reinstall/update ECC.
  2. Run /harness-audit to baseline reliability and risk.
  3. Use /quality-gate . --strict on active repos.
  4. If needed, tune hooks with ECC_HOOK_PROFILE and ECC_DISABLED_HOOKS.

Credits

Supporting Docs

  • Release notes source: docs/releases/1.8.0/release-notes.md
  • Launch assets: docs/releases/1.8.0/
View release on GitHub
v1.7.0 New feature
Security fixes
  • Sanitized external links and added security guides to reduce injection risks
Notable features
  • Added a frontend-slides skill for zero-dependency HTML presentations and PPTX conversion
  • Introduced generic business and investor content skills for article writing, market research, and fundraising
  • Implemented a chief-of-staff communication triage agent for workflow coordination
View release on GitHub
v1.6.0 New feature
Security fixes
  • Resolved hook permission conflicts that could expose Codex integration.
Notable features
  • Added Codex compatibility through a new configuration command.
  • Introduced seven AI-powered skills for repo analysis and automation.
  • Integrated 102 AgentShield security rules across all protection layers.
View release on GitHub
v1.5.0 New feature
Notable features
  • Support for Claude Code, OpenCode, and Cursor with universal configuration across platforms
  • 14 agents for architecture, TDD, security, E2E testing, and code review
  • 28 skills spanning TypeScript, Python, Go, Java, Django, and Spring Boot
Full changelog

ECC now supports Claude Code, OpenCode, AND Cursor. This release adds:

  • Universal config support across all three platforms
  • npm package as ecc-universal
  • 14 agents for architecture, TDD, security, E2E, code review, and more
  • 28 skills spanning TypeScript, Python, Go, Java, Django, and Spring Boot
  • 30 commands including multi-agent orchestration, sessions, and PM2
  • Rules for 6 languages with language-specific patterns and security

Install

npm install -g ecc-universal

Quick Start

npx ecc-install typescript

Full docs: https://github.com/affaan-m/everything-claude-code#readme

View release on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

About

Stars
203,341
Forks
31,194
Languages
JavaScript Rust Python
Downloads/week
2 ↑20%
NPM Maintainers
1
Contributors
204
View on GitHub View on npm Homepage

Community & Support

Community Sponsor / Fund Sponsor / Fund

Similar tools

Specdd
Claude Squad
claude-mem
claude-code-tips
Catnip

Beta — feedback welcome: [email protected]