multimodel-dev-os 2.8.1 → 2.9.1

package/docs/.vitepress/config.js

@@ -32,7 +32,7 @@ export default {
         'license': 'https://opensource.org/licenses/MIT',
         'url': 'https://github.com/rizvee/multimodel-dev-os',
         'downloadUrl': 'https://www.npmjs.com/package/multimodel-dev-os',
-        'softwareVersion': '2.8.1',
+        'softwareVersion': '3.0.0',
         'description': 'Portable, vendor-neutral AI Developer OS for multi-agent coding workflows.'
       })
     ]
@@ -170,7 +170,21 @@ export default {
           { text: 'Interactive TUI Dashboard', link: '/dashboard' },
           { text: 'Declarative Plugin Hooks', link: '/plugin-hooks' },
           { text: 'Plugin Authoring Guide', link: '/plugin-authoring' },
-          { text: 'TUI & Plugin Safety', link: '/tui-safety' }
+          { text: 'TUI & Plugin Safety', link: '/tui-safety' },
+          { text: 'Workflow Marketplace Catalog', link: '/catalog' },
+          { text: 'Curated Plugin Catalog', link: '/plugin-catalog' },
+          { text: 'Workflow Marketplace Guide', link: '/workflow-marketplace' },
+          { text: 'Catalog Authoring Guide', link: '/catalog-authoring' }
+        ]
+      },
+      {
+        text: 'Trusted Registry & Governance',
+        items: [
+          { text: 'Registry Sync Guide', link: '/registry-sync' },
+          { text: 'Trusted Registries', link: '/trusted-registries' },
+          { text: 'Registry Policy Engine', link: '/registry-policy' },
+          { text: 'Registry Security Model', link: '/registry-security' },
+          { text: 'Remote Catalog Authoring', link: '/remote-catalog-authoring' }
         ]
       },
       {

package/docs/CLI.md

@@ -262,7 +262,33 @@ npx multimodel-dev-os@latest plugin status
 
 ---
 
-### 17. Registry Commands
+### 17. `catalog` — Local Workflow Marketplace & Plugin Catalog
+
+Manage and discover curated workflows and plugins offline.
+
+```bash
+npx multimodel-dev-os@latest catalog list [--category <name>]
+npx multimodel-dev-os@latest catalog search <query>
+npx multimodel-dev-os@latest catalog show <slug>
+npx multimodel-dev-os@latest catalog categories
+npx multimodel-dev-os@latest catalog recommend
+npx multimodel-dev-os@latest catalog install <slug> --approved
+npx multimodel-dev-os@latest catalog status
+```
+
+| Subcommand | Description |
+|:---|:---|
+| `list` | List all curated catalog plugins |
+| `search <query>` | Case-insensitively search catalog |
+| `show <slug>` | Inspect catalog plugin capabilities and installation actions |
+| `categories` | List all unique marketplace categories |
+| `recommend` | Scan current workspace framework/language signals and recommend plugins |
+| `install <slug>` | Install a catalog plugin (requires `--approved`) |
+| `status` | Audit installation status of catalog entries |
+
+---
+
+### 18. Registry Commands
 
 Explore model, adapter, and skill registries.
 
@@ -274,3 +300,30 @@ npx multimodel-dev-os@latest providers       # View API providers
 npx multimodel-dev-os@latest adapters        # View adapter registry
 npx multimodel-dev-os@latest skills          # View skill registry
 ```
+
+---
+
+### 19. `registry` — Trusted Remote Catalog Registries
+
+Manage trusted remote catalog registries under policy-enforced safety gates.
+
+```bash
+npx multimodel-dev-os@latest registry list
+npx multimodel-dev-os@latest registry add <name> <url> --approved
+npx multimodel-dev-os@latest registry sync <name> --approved
+npx multimodel-dev-os@latest registry status
+npx multimodel-dev-os@latest registry verify <name>
+npx multimodel-dev-os@latest registry show <name>
+npx multimodel-dev-os@latest registry cache clear --approved
+```
+
+| Subcommand | Description |
+|:---|:---|
+| `list` | Print all configured registry sources |
+| `add <name> <url>` | Add a remote registry source (requires `--approved`) |
+| `remove <name>` | Remove a registry source and its cache (requires `--approved`) |
+| `sync <name>` | Sync and cache registry manifest and assets (requires `--approved`) |
+| `status` | Show cache health, timestamps, and policy configuration |
+| `verify <name>` | Verify cached files against expected SHA256 checksums |
+| `show <name>` | Display detailed registry configuration metadata |
+| `cache clear` | Delete all files in cache directory (requires `--approved`) |

package/docs/architecture.md

@@ -38,13 +38,17 @@
 │    Layer 4: Intelligence Layer       │
 │  .ai/intelligence/  (memory, handoff)│
 │  .ai/registries/    (workflows,     │
-│    capabilities, tools)              │
+│    capabilities, tools, sources)     │
+│  .ai/registry-cache/ (cached remote) │
 │  .ai/proposals/     (improvements)  │
-│  .ai/policies/      (safety gates)  │
+│  .ai/policies/      (safety, registry│
+│    governance gates)                 │
 ├──────────────────────────────────────┤
 │    Layer 5: CLI Dashboard & Plugins  │
 │  dashboard / ui (TUI Command Center) │
 │  plugin list/show/validate/install   │
+│  catalog list/show/recommend/install │
+│  registry list/add/sync/status/verify│
 │  onboard / adapter sync              │
 └──────────────────────────────────────┘
 ```
@@ -75,7 +79,9 @@
 | `.ai/intelligence/handoff.md` | System | Next agent | CLI (`handoff build`) |
 | `.ai/intelligence/feedback-log.jsonl` | System | CLI | CLI (`feedback add`) |
 | `.ai/proposals/*.md` | System | Human + CLI | CLI (`improve propose`) |
-| `.ai/registries/*.yaml` | System | CLI | CLI (`init`) |
+| `.ai/registries/*.yaml` | System | CLI | CLI (`init` / `registry add`) |
+| `.ai/policies/*.yaml` | Human | CLI | Human |
+| `.ai/registry-cache/` | System | CLI | CLI (`registry sync`) |
 | `adapters/*/` | Community | Specific tool | Maintainers |
 
 ## Security Considerations

package/docs/catalog-authoring.md

@@ -0,0 +1,63 @@
+# Catalog Authoring Guide
+
+This guide details how to add new plugin entries to the local marketplace catalog.
+
+## Step 1: Declare Catalog Entry
+
+Add the plugin metadata to `.ai/plugins/catalog.yaml`:
+
+```yaml
+- slug: custom-workflows
+  name: "Custom Quality Audits"
+  version: "1.0.0"
+  description: "Automated checks for custom APIs."
+  category: "custom"
+  tags: ["api", "audit"]
+  use_cases: ["API audits"]
+  supported_templates: ["*"]
+  provided_workflows: ["api-audit"]
+  provided_skills: ["api-skills.md"]
+  safety_level: "sandboxed"
+  install_scope: "declarative"
+  recommended_for: "APIs and services integration"
+  files_preview:
+    - dest: ".ai/plugins/custom-workflows.yaml"
+    - dest: ".ai/skills/api-skills.md"
+```
+
+## Step 2: Create Manifest and Assets
+
+Save the plugin manifest configuration under `.ai/plugins/catalog/custom-workflows.yaml`:
+
+```yaml
+name: "Custom Quality Audits"
+slug: "custom-workflows"
+version: "1.0.0"
+description: "Automated checks for custom APIs."
+author: "Your Name"
+allowed_file_patterns:
+  - .ai/skills/api-skills.md
+workflows:
+  api-audit:
+    name: "API Audit"
+    description: "Scan routes for API spec integrity"
+    steps:
+      - run: "echo 'Verifying API routes...'"
+```
+
+Place any referenced assets relative to the catalog subdirectory:
+- `.ai/plugins/catalog/.ai/skills/api-skills.md`
+
+## Step 3: Run Validation
+
+Verify that your catalog entry complies with all safety rules:
+```bash
+npx multimodel-dev-os plugin validate .ai/plugins/catalog/custom-workflows.yaml
+```
+
+## Parser-Safe YAML Guidelines
+
+To ensure parser compatibility across all environments:
+1. **Flow Arrays**: Both block lists (using `-`) and inline flow arrays (e.g. `tags: ["api", "audit"]`) are fully supported.
+2. **Type Preservation**: Wrap version numbers and slugs in quotes (e.g., `version: "1.0.0"`) to prevent them from being incorrectly converted to integers or floats.
+3. **Quoted Hash Characters**: Quoted strings containing `#` symbols (e.g., `description: "Includes # tag"`) are parsed safely without stripping the hash character.

package/docs/catalog.md

@@ -0,0 +1,72 @@
+# local-first Workflow Marketplace & Plugin Catalog
+
+MultiModel Dev OS includes an offline, sandboxed **Workflow Marketplace** that lets you discover, inspect, and install curated plugins and workflow packs.
+
+## Catalog CLI Commands
+
+### 1. List Available Plugins
+List all plugins registered in the local marketplace.
+```bash
+npx multimodel-dev-os catalog list
+```
+To filter by category:
+```bash
+npx multimodel-dev-os catalog list --category git
+```
+
+### 2. Search Catalog
+Search for plugins matching a query string in names, slugs, descriptions, or tags.
+```bash
+npx multimodel-dev-os catalog search <query>
+```
+
+### 3. Show Plugin Specifications
+Inspect detailed specifications, category, use cases, safety logs, and files previewed for a catalog plugin.
+```bash
+npx multimodel-dev-os catalog show <slug>
+```
+
+### 4. Get Recommendations
+Analyze the current workspace framework and language signals to suggest optimal plugins.
+```bash
+npx multimodel-dev-os catalog recommend
+```
+
+### 5. Install a Catalog Plugin
+Install the plugin manifest and all declared assets to the current workspace.
+```bash
+npx multimodel-dev-os catalog install <slug> --approved
+```
+To overwrite existing assets (creating `.bak` backups):
+```bash
+npx multimodel-dev-os catalog install <slug> --approved --force
+```
+
+### 6. Audit Installed Catalog Status
+Check which catalog plugins are installed and if any of their declared files are missing.
+```bash
+npx multimodel-dev-os catalog status
+```
+
+---
+
+## Source Filtering
+
+By default, catalog commands query the bundled first-party catalog. In `v3.0.0`, you can filter queries by source or merge all enabled registry sources:
+
+* **Filter by a specific source:**
+  ```bash
+  npx multimodel-dev-os catalog list --source remote:partner-registry
+  npx multimodel-dev-os catalog search nextjs --source local
+  ```
+* **Query all enabled sources:**
+  ```bash
+  npx multimodel-dev-os catalog list --all-sources
+  npx multimodel-dev-os catalog recommend --all-sources
+  ```
+
+Supported values for `--source` are:
+* `bundled`: The default offline catalog shipped with the package.
+* `local`: The local workspace catalog at `.ai/plugins/catalog.yaml`.
+* `remote:<name>`: A cached registry catalog index synced from a remote source.
+

package/docs/comparison.md

@@ -18,6 +18,7 @@ Selecting how to manage AI instructions inside a codebase impacts developer spee
 | **Onboarding existing repos** | ❌ Manual setup | ❌ Manual setup | ❌ Manual setup | ✅ **`onboard analyze` workflow** |
 | **Interactive TUI Dashboard** | ❌ None | ❌ None | ❌ None | ✅ **Zero-dependency TUI Menu** |
 | **Declarative Plugins** | ❌ None | ❌ None | ❌ None | ✅ **Safe whitelist YAML plugins** |
+| **Workflow Marketplace** | ❌ None | ❌ None | ❌ None | ✅ **Local curated plugin catalog** |
 | **Cost** | Free | Free | Free–Paid | ✅ **Free & open source** |
 
 ---

package/docs/dashboard.md

@@ -37,6 +37,8 @@ graph TD
     Dashboard --> Adapter[Adapter Synchronization...]
     Dashboard --> Memory[Memory & Intelligence...]
     Dashboard --> Feedback[Developer Feedback Loops...]
+    Dashboard --> Catalog[Workflow Marketplace Catalog...]
+    Dashboard --> Registry[Registry Sources & Cache...]
     Dashboard --> Quality[Quality Gates & Diagnostics...]
     Dashboard --> Plugins[Plugins Status Overview]
 ```
@@ -67,11 +69,20 @@ graph TD
    * Summarize feedback logs (`feedback summarize`)
    * Propose improvement proposal (`improve propose`)
    * Review active proposals list (`improve review`)
-7. **Quality Gates & Diagnostics**:
+7. **Workflow Marketplace Catalog**:
+   * Catalog List (`catalog list`)
+   * Catalog Recommend (`catalog recommend`)
+   * Catalog Status (`catalog status`)
+8. **Registry Sources & Cache**:
+   * List configured sources (`registry list`)
+   * Show sync status (`registry status`)
+   * Verify cache integrity (`registry verify bundled`)
+   * Show policy status (`registry status` output)
+9. **Quality Gates & Diagnostics**:
    * Run Advisory Diagnostics (`doctor`)
    * Strict Schema Compliance (`validate`)
    * Run Release verification tests (`verify`)
-8. **Plugins Status Overview**: Checks the status of all installed declarative plugins (`plugin status`).
+10. **Plugins Status Overview**: Checks the status of all installed declarative plugins (`plugin status`).
 
 ---
 

package/docs/faq.md

@@ -102,6 +102,25 @@ No. The dashboard detects when stdin or stdout is non-interactive. In non-TTY en
 **How secure is the Declarative Plugin system?**
 Extremely secure. Plugins are strictly configuration-based (YAML manifest files). They cannot run arbitrary bash commands, execute node scripts, download npm packages, or make network calls. File copies are restricted to whitelisted `.ai/` and `adapters/` directories, and blacklists protect files like `.env`, `.git/`, `package.json`, and source code folders. Overwriting existing files requires `--force` and automatically generates backups.
 
+**How does the local Workflow Marketplace / Plugin Catalog work?**
+It is a bundled registry catalog (`catalog.yaml`) containing safe first-party declarative plugins. You can discover them using `catalog list`, search via `catalog search`, and get recommendations via `catalog recommend`. Installing them copies their declarative manifests and assets (like skills and checks) into target directories, reusing all security validation and copy gates of local plugin installations.
+
+---
+
+## Trusted Registries & Governance
+
+**Are remote registries enabled by default?**
+No. Remote registries are completely disabled out-of-the-box. You must explicitly configure `.ai/policies/registry-policy.yaml` (set `allow_remote_registries: true`) before you can add, sync, or install plugins from any remote registry.
+
+**Does `registry sync` download or run arbitrary code?**
+Never. Remote sync only downloads declarative YAML and JSON files (catalogs, manifests, and plugin assets). These are written to a strictly segregated, gitignored directory (`.ai/registry-cache/`). The sync process never runs npm package scripts, invokes compilers, or executes binary code.
+
+**How does checksum verification work?**
+The publisher of a remote registry includes a signed manifest (`manifest.json`) listing all registry files and their SHA256 hashes. When synchronizing, the client computes local SHA256 hashes of all downloaded assets and verifies them against the manifest. If a hash mismatch is detected, the synchronization fails immediately.
+
+**Can I restrict which paths a remote plugin can write to?**
+Yes. The registry policy file (`registry-policy.yaml`) Whitelists allowed directories (`allowed_write_roots`) and blacklists sensitive targets (`blocked_paths`). Any plugin that attempts to write outside the whitelist or overwrite a blacklisted file (such as `.env` or `package.json`) will be blocked by the installer.
+
 ---
 
 ## Diagnostics & Validation

package/docs/plugin-authoring.md

@@ -97,3 +97,9 @@ To install this plugin locally, users run:
 ```bash
 npx multimodel-dev-os@latest plugin install your-plugin-folder/plugin.yaml --approved
 ```
+
+---
+
+## Contributing to the Marketplace Catalog
+
+If you are developing first-party plugins for inclusion in the curated catalog, follow the guidelines in the [Catalog Authoring Guide](/catalog-authoring).

package/docs/plugin-catalog.md

@@ -0,0 +1,35 @@
+# Curated Plugin Registry Catalog
+
+The MultiModel Dev OS Workflow Marketplace packages 6 curated first-party plugins:
+
+## Curated Plugins
+
+### 1. Git Workflows & Verification (`git-workflows`)
+* **Category:** `git`
+* **Purpose:** Automates pre-commit quality checks and repository cleanliness audits.
+* **Assets:** Adds `.ai/skills/git-operations.md` and `.ai/checks/pre-commit-gate.md`.
+
+### 2. SEO Audit & Optimization (`seo-workflows`)
+* **Category:** `seo`
+* **Purpose:** Validates semantic heading hierarchies, metadata tags, and sitemaps.
+* **Assets:** Adds `.ai/skills/seo-audit-ops.md`.
+
+### 3. WordPress Theme & Plugin Helper (`wordpress-workflows`)
+* **Category:** `wordpress`
+* **Purpose:** Enforces WordPress PHP Coding Standards and security/nonce escape checks.
+* **Assets:** Adds `.ai/skills/wp-helper.md`.
+
+### 4. Next.js Route & Action Builder (`nextjs-workflows`)
+* **Category:** `nextjs`
+* **Purpose:** Validates server actions input payloads and route handler formats.
+* **Assets:** Adds `.ai/skills/nextjs-builder.md`.
+
+### 5. E-Commerce Webhook & Gateway Audits (`ecommerce-workflows`)
+* **Category:** `ecommerce`
+* **Purpose:** Checks webhook signature verification routines for payment processors.
+* **Assets:** Adds `.ai/skills/checkout-ops.md`.
+
+### 6. Release Preparation & Package Audit (`release-workflows`)
+* **Category:** `release`
+* **Purpose:** Automates release-prep version audits and NPM publishing pre-flight checks.
+* **Assets:** Adds `.ai/skills/release-ops.md`.

package/docs/plugin-hooks.md

@@ -87,3 +87,9 @@ To prevent path traversal and enforce robust script auditing:
 * **Alphanumeric Slug Constraints**: Slugs are validated against `/^[a-z0-9-_]+$/i` to block directory escapes when writing to `.ai/plugins/<slug>.yaml`.
 * **Path Boundary checks**: The `plugin validate` CLI command automatically parses `allowed_file_patterns` to assert they fit within whitelisted `.ai/` and `adapters/` folders, checking that no `..` traversal or blacklisted files are referenced.
 * **Non-zero CI exit codes**: If `plugin install` is called without the `--approved` flag, it prints planned actions and exits with **exit code 1** to abort scripting pipelines safely.
+
+---
+
+## Workflow Marketplace & Plugin Catalog
+
+In `v2.9.0`, MultiModel Dev OS introduces a curated local **Workflow Marketplace & Plugin Catalog** for discoverability of safe first-party plugins. For catalog operations, see the [Workflow Marketplace Catalog Guide](/catalog).

package/docs/public/llms-full.txt

@@ -1,4 +1,4 @@
-# MultiModel Dev OS — Comprehensive AI Assistant Discoverability Guide (v2.8.1 Stable Release)
+# MultiModel Dev OS — Comprehensive AI Assistant Discoverability Guide (v3.0.0 Stable Release)
 
 MultiModel Dev OS is a repository-level porting specification designed to align context and instructions across diverse developer tools and AI models.
 
@@ -80,6 +80,23 @@ All compliant MultiModel Dev OS CLIs strictly enforce the following command cont
   - `validate <path>`: Validates a YAML config file against the plugin JSON schema.
   - `install <path>`: Previews file copy actions, and copies them to whitelisted paths under `.ai/` or `adapters/` if `--approved` is specified.
   - `status`: Audits target directory to ensure all declared plugin assets are present.
+- **`catalog`**: Manage the local Workflow Marketplace & Plugin Catalog. Subcommands:
+  - `list`: Lists all catalog plugins (supports `--category`).
+  - `search <query>`: Case-insensitively searches catalog plugins.
+  - `show <slug>`: Displays catalog plugin metadata and file previews.
+  - `categories`: Lists all unique categories in the catalog.
+  - `recommend`: Scans repo signals to recommend matching catalog plugins.
+  - `install <slug>`: Installs a catalog plugin to the target repo (requires `--approved`).
+  - `status`: Audits installation status of catalog entries.
+- **`registry`**: Manage trusted remote catalog registries (v3.0.0+). Subcommands:
+  - `list`: Lists all configured registry sources from `sources.yaml`.
+  - `add <name> <url>`: Adds a new remote registry source (requires `--approved`).
+  - `remove <name>`: Removes a registry source and its cache (requires `--approved`).
+  - `sync <name>`: Fetches remote `catalog.yaml` and `manifest.json` into `.ai/registry-cache/<name>/` (requires `--approved`).
+  - `status`: Shows all sources, sync timestamps, cache health, and policy status.
+  - `verify <name>`: Verifies SHA256 checksums of cached files against `checksums.json`.
+  - `show <name>`: Shows detailed metadata and policies of a specific registry source.
+  - `cache clear`: Deletes all files in `.ai/registry-cache/` (requires `--approved`).
 - **`verify`**: Automated release script that checks structure integrity.
 - **`templates`**: Lists built-in template profiles (supports overrides via `--registry <path>`).
 - **`validate`**: Strict Quality Gate checking the layout rules on disk (supports `--all-registries`).

package/docs/public/llms.txt

@@ -1,4 +1,4 @@
-# MultiModel Dev OS (v2.8.1 Stable Release)
+# MultiModel Dev OS (v3.0.0 Stable Release)
 
 Portable, vendor-neutral workspace configuration standard for multi-agent AI pair-programming workflows.
 
@@ -18,6 +18,22 @@ npx multimodel-dev-os@latest plugin validate path/to/plugin.yaml
 npx multimodel-dev-os@latest plugin install path/to/plugin.yaml --approved
 npx multimodel-dev-os@latest plugin status
 
+# Discover, recommend, and install curated plugin catalogs
+npx multimodel-dev-os@latest catalog list
+npx multimodel-dev-os@latest catalog recommend
+npx multimodel-dev-os@latest catalog show git-workflows
+npx multimodel-dev-os@latest catalog install git-workflows --approved
+npx multimodel-dev-os@latest catalog status
+
+# Manage trusted remote catalog registries (v3.0.0+)
+npx multimodel-dev-os@latest registry list
+npx multimodel-dev-os@latest registry status
+npx multimodel-dev-os@latest registry verify bundled
+npx multimodel-dev-os@latest registry show bundled
+npx multimodel-dev-os@latest registry add official https://example.com/catalog.yaml --approved
+npx multimodel-dev-os@latest registry sync official --approved
+npx multimodel-dev-os@latest registry cache clear --approved
+
 # Scan codebase signals & check status
 npx multimodel-dev-os@latest scan
 npx multimodel-dev-os@latest status

package/docs/public/sitemap.xml

@@ -200,4 +200,49 @@
     <changefreq>weekly</changefreq>
     <priority>0.7</priority>
   </url>
+  <url>
+    <loc>https://rizvee.github.io/multimodel-dev-os/catalog</loc>
+    <changefreq>weekly</changefreq>
+    <priority>0.7</priority>
+  </url>
+  <url>
+    <loc>https://rizvee.github.io/multimodel-dev-os/plugin-catalog</loc>
+    <changefreq>weekly</changefreq>
+    <priority>0.7</priority>
+  </url>
+  <url>
+    <loc>https://rizvee.github.io/multimodel-dev-os/workflow-marketplace</loc>
+    <changefreq>weekly</changefreq>
+    <priority>0.7</priority>
+  </url>
+  <url>
+    <loc>https://rizvee.github.io/multimodel-dev-os/catalog-authoring</loc>
+    <changefreq>weekly</changefreq>
+    <priority>0.7</priority>
+  </url>
+  <url>
+    <loc>https://rizvee.github.io/multimodel-dev-os/registry-sync</loc>
+    <changefreq>weekly</changefreq>
+    <priority>0.7</priority>
+  </url>
+  <url>
+    <loc>https://rizvee.github.io/multimodel-dev-os/trusted-registries</loc>
+    <changefreq>weekly</changefreq>
+    <priority>0.7</priority>
+  </url>
+  <url>
+    <loc>https://rizvee.github.io/multimodel-dev-os/registry-policy</loc>
+    <changefreq>weekly</changefreq>
+    <priority>0.7</priority>
+  </url>
+  <url>
+    <loc>https://rizvee.github.io/multimodel-dev-os/registry-security</loc>
+    <changefreq>weekly</changefreq>
+    <priority>0.7</priority>
+  </url>
+  <url>
+    <loc>https://rizvee.github.io/multimodel-dev-os/remote-catalog-authoring</loc>
+    <changefreq>weekly</changefreq>
+    <priority>0.7</priority>
+  </url>
 </urlset>

package/docs/quickstart.md

@@ -94,6 +94,23 @@ npx multimodel-dev-os@latest dashboard
 
 ---
 
+## Option G: Local Workflow Marketplace & Plugin Catalog
+
+Discover and install safe, curated first-party plugin packs to extend your workflows:
+
+```bash
+# Get recommendations for your workspace
+npx multimodel-dev-os@latest catalog recommend
+
+# List all catalog plugins
+npx multimodel-dev-os@latest catalog list
+
+# Install a plugin
+npx multimodel-dev-os@latest catalog install git-workflows --approved
+```
+
+---
+
 ## After Install
 
 1. **Edit `AGENTS.md`** — fill in your project name, stack, and build commands.

package/docs/registry-policy.md

@@ -0,0 +1,93 @@
+# Registry Policy Engine
+
+The Policy Engine governs how remote registries are synchronized and how plugins are installed in the workspace. It enforces strict directory boundaries, file limitations, and network controls to prevent unauthorized access and malicious file writes.
+
+## Configuration File
+
+Registry policies are configured in `.ai/policies/registry-policy.yaml`. If this file does not exist, the engine falls back to strict default settings.
+
+> [!NOTE]
+> The policy file is read dynamically from the target workspace. If none is found there, it falls back to the bundled defaults in the package root.
+
+---
+
+## Policy Options Reference
+
+Here is a list of all fields supported in `.ai/policies/registry-policy.yaml`:
+
+### `allow_remote_registries` (Boolean)
+* **Default:** `false`
+* **Description:** Master switch to enable remote registry operations. If set to `false`, `registry add` and `registry sync` commands will fail.
+
+### `require_approval_for_remote_sync` (Boolean)
+* **Default:** `true`
+* **Description:** Requires the `--approved` flag on the command line to synchronize a remote registry.
+
+### `require_checksum` (Boolean)
+* **Default:** `true`
+* **Description:** Requires SHA256 checksum validation for all remote assets fetched during a sync.
+
+### `require_signature` (Boolean)
+* **Default:** `false`
+* **Description:** Reserved for future cryptographic signature validation.
+
+### `allow_untrusted_install` (Boolean)
+* **Default:** `false`
+* **Description:** When `false`, blocks installation of plugins originating from registries with `trust_level` set to `community` or `untrusted`.
+
+### `allowed_write_roots` (Array of Strings)
+* **Default:** `['.ai/', 'adapters/']`
+* **Description:** A whitelist of directory paths relative to the project root. Plugins are only permitted to write files into these directories.
+
+### `blocked_paths` (Array of Strings)
+* **Default:** `['.env', '.npmrc', '.git/', 'node_modules/', 'package.json', 'package-lock.json', 'pnpm-lock.yaml', 'yarn.lock']`
+* **Description:** A blacklist of specific paths or filenames. Plugins are strictly blocked from writing to or modifying these files, even if they reside within an allowed directory.
+
+### `max_plugin_files` (Integer)
+* **Default:** `20`
+* **Description:** The maximum number of files that a single plugin is allowed to write to the workspace.
+
+### `max_plugin_size_kb` (Integer)
+* **Default:** `100`
+* **Description:** The maximum combined file size (in KB) that a single plugin's assets can occupy.
+
+### `max_registry_cache_size_kb` (Integer)
+* **Default:** `512`
+* **Description:** The maximum cache size (in KB) permitted per remote registry in `.ai/registry-cache/`.
+
+### `allowed_file_extensions` (Array of Strings)
+* **Default:** `['.md', '.yaml', '.yml', '.json']`
+* **Description:** Whitelisted extensions for plugin assets. Any attempt to write files with different extensions (e.g. `.js`, `.sh`, `.exe`) is rejected.
+
+---
+
+## Example Policy Configuration
+
+Below is a typical policy file enabling secure remote synchronization while enforcing strict safety gates:
+
+```yaml
+# .ai/policies/registry-policy.yaml
+allow_remote_registries: true
+require_approval_for_remote_sync: true
+require_checksum: true
+allow_untrusted_install: false
+
+allowed_write_roots:
+  - ".ai/"
+  - "adapters/"
+
+blocked_paths:
+  - ".env"
+  - ".npmrc"
+  - ".git/"
+  - "package.json"
+
+max_plugin_files: 10
+max_plugin_size_kb: 50
+max_registry_cache_size_kb: 256
+
+allowed_file_extensions:
+  - ".md"
+  - ".yaml"
+  - ".json"
+```