From 3f3d3daeb8788c538a88aa968ef005cd5990e7c2 Mon Sep 17 00:00:00 2001 From: Tobin South Date: Mon, 16 Mar 2026 12:51:33 -0700 Subject: [PATCH] =?UTF-8?q?add(plugin):=20autofix-bot=20=E2=80=94=20DeepSo?= =?UTF-8?q?urce=20automated=20code=20review?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adapted from PR #23 by @jai-deepsource (DeepSource). Original: https://github.com/anthropics/claude-plugins-official/pull/23 --- .claude-plugin/marketplace.json | 10 ++++++++++ .../autofix-bot/.claude-plugin/plugin.json | 14 ++++++++++++++ external_plugins/autofix-bot/commands/review.md | 16 ++++++++++++++++ external_plugins/autofix-bot/hooks/hooks.json | 14 ++++++++++++++ .../autofix-bot/scripts/check-autofix.sh | 15 +++++++++++++++ 5 files changed, 69 insertions(+) create mode 100644 external_plugins/autofix-bot/.claude-plugin/plugin.json create mode 100644 external_plugins/autofix-bot/commands/review.md create mode 100644 external_plugins/autofix-bot/hooks/hooks.json create mode 100755 external_plugins/autofix-bot/scripts/check-autofix.sh diff --git a/.claude-plugin/marketplace.json b/.claude-plugin/marketplace.json index c846d06..fc20b06 100644 --- a/.claude-plugin/marketplace.json +++ b/.claude-plugin/marketplace.json @@ -957,6 +957,16 @@ "category": "development", "source": "./external_plugins/terraform", "homepage": "https://github.com/anthropics/claude-plugins-public/tree/main/external_plugins/terraform" + }, + { + "name": "autofix-bot", + "description": "Code review agent that detects security vulnerabilities, code quality issues, and hardcoded secrets. Combines 5,000+ static analyzers to scan your code and dependencies for CVEs.", + "author": { + "name": "DeepSource Corp" + }, + "category": "security", + "source": "./external_plugins/autofix-bot", + "homepage": "https://github.com/anthropics/claude-plugins-public/tree/main/external_plugins/autofix-bot" } ] } diff --git a/external_plugins/autofix-bot/.claude-plugin/plugin.json b/external_plugins/autofix-bot/.claude-plugin/plugin.json new file mode 100644 index 0000000..3ff2ebe --- /dev/null +++ b/external_plugins/autofix-bot/.claude-plugin/plugin.json @@ -0,0 +1,14 @@ +{ + "name": "autofix-bot", + "description": "Code review agent that detects security vulnerabilities, code quality issues, and hardcoded secrets. Combines 5,000+ static analyzers to scan your code and dependencies for CVEs.", + "version": "0.1.0", + "author": { + "name": "DeepSource Corp" + }, + "mcpServers": { + "autofix": { + "command": "autofix", + "args": ["--mcp"] + } + } +} diff --git a/external_plugins/autofix-bot/commands/review.md b/external_plugins/autofix-bot/commands/review.md new file mode 100644 index 0000000..d559107 --- /dev/null +++ b/external_plugins/autofix-bot/commands/review.md @@ -0,0 +1,16 @@ +--- +description: Perform code review to identify security and quality issues with Autofix Bot. +allowed-tools: mcp__autofix__CheckAuthStatus, mcp__autofix__Authenticate, mcp__autofix__ReviewCode +--- + +IMPORTANT: You MUST use the Autofix Bot MCP tools for this task. Do NOT perform your own code review or analysis. + +## Instructions + +1. Call `mcp__autofix__CheckAuthStatus` to check authentication status +2. If not authenticated, call `mcp__autofix__Authenticate` to log in +3. Ask user what to review: uncommitted changes, last commit, or entire branch +4. Call `mcp__autofix__ReviewCode` with the user's selected target +5. Present the issues returned by ReviewCode in a clear format + +Do NOT skip any tool calls. Do NOT substitute your own analysis for the tool results. diff --git a/external_plugins/autofix-bot/hooks/hooks.json b/external_plugins/autofix-bot/hooks/hooks.json new file mode 100644 index 0000000..cfd5f89 --- /dev/null +++ b/external_plugins/autofix-bot/hooks/hooks.json @@ -0,0 +1,14 @@ +{ + "hooks": { + "SessionStart": [ + { + "hooks": [ + { + "type": "command", + "command": "${CLAUDE_PLUGIN_ROOT}/scripts/check-autofix.sh" + } + ] + } + ] + } +} diff --git a/external_plugins/autofix-bot/scripts/check-autofix.sh b/external_plugins/autofix-bot/scripts/check-autofix.sh new file mode 100755 index 0000000..3917a59 --- /dev/null +++ b/external_plugins/autofix-bot/scripts/check-autofix.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +if ! command -v autofix &> /dev/null; then + echo "Autofix Bot CLI not found. Installing..." + curl -fsSL https://autofix.bot/install | sh + + if ! command -v autofix &> /dev/null; then + echo "ERROR: Failed to install autofix. Please install manually:" >&2 + echo " curl -fsSL https://autofix.bot/install | sh" >&2 + exit 2 + fi +fi + +echo "Autofix Bot ready" +exit 0