@intentsolutionsio/severity1-marketplace 1.0.0

package/.claude-plugin/plugin.json

@@ -0,0 +1,21 @@
+{
+  "name": "severity1-marketplace",
+  "version": "1.0.0",
+  "description": "Severity level classification and prompt improvement for marketplace plugins. Assigns severity ratings (S1-Critical through S4-Low) and enhances plugin prompts for clarity, safety, and effectiveness.",
+  "author": {
+    "name": "severity1",
+    "email": "severity1@intentsolutions.io"
+  },
+  "repository": "https://github.com/jeremylongshore/claude-code-plugins",
+  "license": "MIT",
+  "keywords": [
+    "severity",
+    "classification",
+    "prompt-improvement",
+    "marketplace",
+    "security",
+    "quality",
+    "triage",
+    "agent-skills"
+  ]
+}

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 severity1
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,52 @@
+# Severity1 Marketplace
+
+Severity level classification and prompt improvement for Claude Code marketplace plugins.
+
+## Features
+
+- **Severity Classification**: Assigns severity ratings (S1-Critical, S2-High, S3-Medium, S4-Low) to security findings, bugs, and issues
+- **Prompt Improver**: Analyzes and enhances plugin prompts for clarity, safety, effectiveness, and best-practice adherence
+- **Triage Agent**: Automated severity triage for incoming issues and vulnerability reports
+
+## Severity Levels
+
+| Level | Label | Description |
+|-------|-------|-------------|
+| S1 | Critical | System-down, data loss, security breach — immediate action required |
+| S2 | High | Major functionality broken, security vulnerability — urgent resolution |
+| S3 | Medium | Degraded functionality, workaround available — scheduled fix |
+| S4 | Low | Minor issue, cosmetic, enhancement request — backlog |
+
+## Commands
+
+- `/severity-classify` — Classify an issue or finding by severity level
+- `/prompt-improve` — Analyze and improve a plugin prompt or skill definition
+
+## Skills
+
+- **prompt-improver** — Auto-activates when users ask to improve, review, or enhance prompts, skill definitions, or command instructions
+
+## Agents
+
+- **severity-triage** — Automated severity triage agent for issues and vulnerabilities
+
+## Installation
+
+```bash
+claude plugin marketplace add severity1/severity1-marketplace
+```
+
+## Usage
+
+```
+/severity-classify "Users can bypass authentication by..."
+/prompt-improve
+```
+
+## Contributors
+
+- severity1
+
+## License
+
+MIT

package/agents/severity-triage.md

@@ -0,0 +1,36 @@
+---
+name: severity-triage
+description: Automated severity triage agent for issues and vulnerabilities
+---
+# Severity Triage Agent
+
+You are a severity triage agent that automatically classifies incoming issues, bug reports, and vulnerability findings using the S1-S4 severity framework.
+
+## Capabilities
+
+- Analyze issue descriptions and context to determine severity
+- Cross-reference against known vulnerability databases and patterns
+- Provide consistent, justified severity classifications
+- Recommend escalation paths based on severity level
+
+## Triage Workflow
+
+1. **Intake** — Read the issue or finding in full
+2. **Context Gathering** — Search the codebase for related files and recent changes
+3. **Impact Assessment** — Determine blast radius and affected components
+4. **Severity Assignment** — Classify using S1-S4 framework
+5. **Action Routing** — Recommend next steps based on severity
+
+## Severity Decision Matrix
+
+| Factor | S1 Weight | S2 Weight | S3 Weight | S4 Weight |
+|--------|-----------|-----------|-----------|-----------|
+| Data loss risk | High | Medium | Low | None |
+| User impact scope | All users | Many users | Some users | Few users |
+| Security exposure | Active exploit | Exploitable | Theoretical | Informational |
+| Workaround | None | Impractical | Available | Trivial |
+| Business impact | Revenue/trust | Major feature | Minor feature | Cosmetic |
+
+## Output
+
+Provide a structured triage report with severity level, rationale, recommended actions, and escalation guidance.

package/commands/prompt-improve.md

@@ -0,0 +1,48 @@
+---
+name: prompt-improve
+description: Analyze and improve a plugin prompt, skill definition, or command instruction
+shortcut: pi
+---
+# Prompt Improver
+
+Analyze the current plugin's prompts, skill definitions, or command instructions and suggest improvements for clarity, safety, effectiveness, and best-practice adherence.
+
+## Analysis Dimensions
+
+1. **Clarity** — Are instructions unambiguous and easy to follow?
+2. **Safety** — Does the prompt avoid encouraging dangerous operations?
+3. **Effectiveness** — Will the prompt reliably produce the intended result?
+4. **Completeness** — Are edge cases and error scenarios addressed?
+5. **Conciseness** — Is the prompt free of unnecessary verbosity?
+
+## Process
+
+1. **Read** the target file (SKILL.md, command .md, or agent .md)
+2. **Score** each dimension on a 1-5 scale
+3. **Identify** specific improvement opportunities
+4. **Suggest** concrete rewrites for weak sections
+5. **Validate** that improvements preserve original intent
+
+## Output Format
+
+```
+## Prompt Analysis: [filename]
+
+### Scores
+| Dimension | Score | Notes |
+|-----------|-------|-------|
+| Clarity | X/5 | ... |
+| Safety | X/5 | ... |
+| Effectiveness | X/5 | ... |
+| Completeness | X/5 | ... |
+| Conciseness | X/5 | ... |
+
+**Overall: X/25**
+
+### Improvements
+1. [Specific improvement with before/after]
+2. [Specific improvement with before/after]
+
+### Suggested Rewrite
+[Full improved prompt text]
+```

package/commands/severity-classify.md

@@ -0,0 +1,62 @@
+---
+name: severity-classify
+description: Classify an issue, finding, or vulnerability by severity level (S1-S4)
+shortcut: sev
+---
+# Severity Classification
+
+Analyze the provided issue, bug report, or security finding and assign an appropriate severity level.
+
+## Severity Levels
+
+### S1 — Critical
+- System completely down or unusable
+- Active data loss or corruption
+- Security breach with confirmed exploitation
+- No workaround available
+- **Response time:** Immediate
+
+### S2 — High
+- Major functionality broken for many users
+- Security vulnerability with high exploitability
+- Data integrity at risk
+- Workaround exists but is impractical
+- **Response time:** Within 4 hours
+
+### S3 — Medium
+- Functionality degraded but operational
+- Security issue with limited scope
+- Reasonable workaround available
+- Affects subset of users or use cases
+- **Response time:** Within 24 hours
+
+### S4 — Low
+- Minor issue or cosmetic defect
+- Enhancement request
+- Documentation improvement
+- Edge case with minimal impact
+- **Response time:** Backlog
+
+## Classification Process
+
+1. **Read the issue** — Understand the full context of the report
+2. **Assess impact** — Determine scope, affected users, and business impact
+3. **Evaluate exploitability** — For security issues, assess ease of exploitation
+4. **Check for workarounds** — Determine if users can work around the issue
+5. **Assign severity** — Apply the appropriate S1-S4 level
+6. **Provide rationale** — Explain the classification with supporting evidence
+
+## Output Format
+
+```
+## Severity: S[1-4] — [Critical|High|Medium|Low]
+
+**Impact:** [Description of impact]
+**Scope:** [How many users/systems affected]
+**Workaround:** [Available|None|Impractical]
+**Rationale:** [Why this severity was assigned]
+
+### Recommended Actions
+1. [First action]
+2. [Second action]
+```

package/package.json

@@ -0,0 +1,43 @@
+{
+  "name": "@intentsolutionsio/severity1-marketplace",
+  "version": "1.0.0",
+  "description": "Severity level classification and prompt improvement for marketplace plugins. Assigns severity ratings (S1-Critical through S4-Low) and enhances plugin prompts for clarity, safety, and effectiveness.",
+  "keywords": [
+    "severity",
+    "classification",
+    "prompt-improvement",
+    "marketplace",
+    "security",
+    "quality",
+    "triage",
+    "agent-skills",
+    "claude-code",
+    "claude-plugin",
+    "tonsofskills"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/jeremylongshore/claude-code-plugins-plus-skills.git",
+    "directory": "plugins/security/severity1-marketplace"
+  },
+  "homepage": "https://tonsofskills.com/plugins/severity1-marketplace",
+  "bugs": "https://github.com/jeremylongshore/claude-code-plugins-plus-skills/issues",
+  "license": "MIT",
+  "author": {
+    "name": "severity1",
+    "email": "severity1@intentsolutions.io"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "files": [
+    "README.md",
+    ".claude-plugin",
+    "skills",
+    "commands",
+    "agents"
+  ],
+  "scripts": {
+    "postinstall": "node -e \"console.log(\\\"\\\\n→ This npm package is a tracking/proof artifact. Install the plugin via:\\\\n  ccpi install severity1-marketplace\\\\n  or /plugin install severity1-marketplace@claude-code-plugins-plus in Claude Code\\\\n\\\")\""
+  }
+}

package/skills/prompt-improver/SKILL.md

@@ -0,0 +1,126 @@
+---
+name: prompt-improver
+description: |
+  Analyze and improve plugin prompts, skill definitions, and command instructions for clarity, safety, and effectiveness. Use when the user asks to "improve a prompt", "review a skill", "enhance instructions", "make this prompt better", "optimize this command", or "audit prompt quality".
+allowed-tools: Read, Write, Edit, Glob, Grep
+version: 1.0.0
+author: severity1 <severity1@intentsolutions.io>
+license: MIT
+tags: [security, compliance]
+compatible-with: claude-code
+---
+# Prompt Improver
+
+This skill automatically analyzes and improves plugin prompts, SKILL.md files, command definitions, and agent instructions.
+
+## Overview
+
+The prompt-improver skill evaluates plugin content across five dimensions — clarity, safety, effectiveness, completeness, and conciseness — then provides scored assessments and concrete rewrites.
+
+## When to Use This Skill
+
+This skill activates when you need to:
+- Review and improve a SKILL.md file's instructions
+- Enhance command or agent markdown definitions
+- Audit prompt quality across a plugin
+- Optimize instructions for better Claude performance
+- Ensure prompts follow marketplace best practices
+
+## Instructions
+
+1. **Identify the target** — Locate the SKILL.md, command, or agent file to analyze
+2. **Read the content** — Use Read tool to get the full file contents
+3. **Score each dimension** on a 1-5 scale:
+   - **Clarity (1-5)**: Are instructions unambiguous?
+   - **Safety (1-5)**: Does it avoid encouraging dangerous operations?
+   - **Effectiveness (1-5)**: Will it reliably produce intended results?
+   - **Completeness (1-5)**: Are edge cases addressed?
+   - **Conciseness (1-5)**: Is it free of unnecessary verbosity?
+4. **Identify improvements** — List specific weaknesses with line references
+5. **Generate rewrites** — Provide improved versions preserving original intent
+6. **Apply changes** — If requested, use Edit tool to apply improvements
+
+## Output Format
+
+```
+## Prompt Analysis: [filename]
+
+### Scores
+| Dimension | Score | Notes |
+|-----------|-------|-------|
+| Clarity | X/5 | ... |
+| Safety | X/5 | ... |
+| Effectiveness | X/5 | ... |
+| Completeness | X/5 | ... |
+| Conciseness | X/5 | ... |
+
+**Overall: X/25**
+
+### Improvements
+1. [Specific improvement with before/after]
+
+### Suggested Rewrite
+[Full improved prompt text]
+```
+
+## Best Practices
+
+- Preserve the original author's intent and style
+- Prioritize safety improvements over stylistic ones
+- Keep suggestions actionable and specific
+- Reference marketplace conventions from CLAUDE.md
+- Validate frontmatter fields match the 2026 spec
+
+## Examples
+
+### Example 1: Improving a vague skill description
+
+**Before:**
+```yaml
+description: Does stuff with code
+```
+
+**After:**
+```yaml
+description: |
+  Analyze source code for common anti-patterns and suggest refactoring improvements. Use when the user asks to "review code quality", "find code smells", or "refactor this file".
+```
+
+### Example 2: Adding missing safety guidance
+
+**Before:**
+```markdown
+Delete all temporary files from the project.
+```
+
+**After:**
+```markdown
+Identify temporary files (*.tmp, *.bak, *.swp) in the project. List them for user confirmation before deletion. Never delete files outside the project root.
+```
+
+## Prerequisites
+
+- A plugin directory containing at least one SKILL.md, command, or agent markdown file
+- Read access to the target plugin's `.claude-plugin/plugin.json` for context
+- Familiarity with the [2026 SKILL.md frontmatter spec](https://docs.anthropic.com/en/docs/claude-code/plugins)
+
+## Output
+
+The skill produces a structured analysis report containing:
+- **Score card**: 5 dimensions rated 1-5 with notes and an overall score out of 25
+- **Improvement list**: Specific weaknesses with file paths and line references
+- **Suggested rewrite**: Full improved prompt text preserving original intent
+
+## Error Handling
+
+| Error | Cause | Resolution |
+|-------|-------|------------|
+| No SKILL.md found | Target path has no skill files | Verify the plugin path and check for `skills/*/SKILL.md` |
+| Invalid frontmatter | YAML parsing failure in target file | Report the specific YAML error and suggest corrections |
+| Empty skill body | File has frontmatter but no instructions | Flag as critical and generate a starter template |
+
+## Resources
+
+- [Claude Code plugins documentation](https://docs.anthropic.com/en/docs/claude-code/plugins) — official plugin and SKILL.md spec
+- [Prompt engineering guide](https://docs.anthropic.com/en/docs/build-with-claude/prompt-engineering) — Anthropic best practices for prompt design
+- Marketplace conventions: see the repository CLAUDE.md for field requirements and structure

package/skills/prompt-improver/references/severity-levels.md

@@ -0,0 +1,74 @@
+# Severity Level Reference
+
+## S1 — Critical
+
+**Definition:** System-down, active data loss, or confirmed security breach requiring immediate response.
+
+**Indicators:**
+- Production system completely unavailable
+- Active data corruption or loss
+- Confirmed security exploitation in progress
+- No workaround exists
+- Affects all or most users
+
+**Response:** Immediate — all hands on deck
+
+**Examples:**
+- SQL injection actively being exploited
+- Database corruption causing data loss
+- Authentication bypass allowing unauthorized access
+- Complete service outage
+
+## S2 — High
+
+**Definition:** Major functionality broken or security vulnerability with high exploitability requiring urgent resolution.
+
+**Indicators:**
+- Core feature non-functional
+- Security vulnerability with known exploit path
+- Data integrity at risk but not actively compromised
+- Workaround exists but is impractical for most users
+
+**Response:** Within 4 hours
+
+**Examples:**
+- Payment processing failing for subset of users
+- XSS vulnerability in user input fields
+- API rate limiting completely broken
+- User sessions not expiring properly
+
+## S3 — Medium
+
+**Definition:** Degraded functionality with reasonable workaround available, scheduled for normal fix cycle.
+
+**Indicators:**
+- Feature works but with reduced capability
+- Security issue with limited scope or low exploitability
+- Workaround is available and practical
+- Affects a subset of users or use cases
+
+**Response:** Within 24 hours
+
+**Examples:**
+- Search results occasionally missing items
+- CSRF token not rotating on session refresh
+- Export feature produces incorrect formatting
+- Mobile layout broken on specific device
+
+## S4 — Low
+
+**Definition:** Minor issue, cosmetic defect, or enhancement request for the backlog.
+
+**Indicators:**
+- Cosmetic or UI inconsistency
+- Documentation error
+- Enhancement request
+- Edge case with minimal user impact
+
+**Response:** Backlog prioritization
+
+**Examples:**
+- Typo in error message
+- Button color inconsistent with design system
+- Feature request for additional export format
+- Tooltip text truncated on hover