add(plugin): autofix-bot — DeepSource automated code review

Adapted from PR #23 by @jai-deepsource (DeepSource). Original: https://github.com/anthropics/claude-plugins-official/pull/23
2026-03-16 22:23:07 +00:00 · 2026-03-16 12:51:33 -07:00
parent f59c36423d
commit 3f3d3daeb8
5 changed files with 69 additions and 0 deletions
--- a/.claude-plugin/marketplace.json
+++ b/.claude-plugin/marketplace.json
@@ -957,6 +957,16 @@
      "category": "development",
      "source": "./external_plugins/terraform",
      "homepage": "https://github.com/anthropics/claude-plugins-public/tree/main/external_plugins/terraform"
+    },
+    {
+      "name": "autofix-bot",
+      "description": "Code review agent that detects security vulnerabilities, code quality issues, and hardcoded secrets. Combines 5,000+ static analyzers to scan your code and dependencies for CVEs.",
+      "author": {
+        "name": "DeepSource Corp"
+      },
+      "category": "security",
+      "source": "./external_plugins/autofix-bot",
+      "homepage": "https://github.com/anthropics/claude-plugins-public/tree/main/external_plugins/autofix-bot"
    }
  ]
 }
--- a/external_plugins/autofix-bot/.claude-plugin/plugin.json
+++ b/external_plugins/autofix-bot/.claude-plugin/plugin.json
@@ -0,0 +1,14 @@
+{
+  "name": "autofix-bot",
+  "description": "Code review agent that detects security vulnerabilities, code quality issues, and hardcoded secrets. Combines 5,000+ static analyzers to scan your code and dependencies for CVEs.",
+  "version": "0.1.0",
+  "author": {
+    "name": "DeepSource Corp"
+  },
+  "mcpServers": {
+    "autofix": {
+      "command": "autofix",
+      "args": ["--mcp"]
+    }
+  }
+}
--- a/external_plugins/autofix-bot/commands/review.md
+++ b/external_plugins/autofix-bot/commands/review.md
@@ -0,0 +1,16 @@
+---
+description: Perform code review to identify security and quality issues with Autofix Bot.
+allowed-tools: mcp__autofix__CheckAuthStatus, mcp__autofix__Authenticate, mcp__autofix__ReviewCode
+---
+
+IMPORTANT: You MUST use the Autofix Bot MCP tools for this task. Do NOT perform your own code review or analysis.
+
+## Instructions
+
+1. Call `mcp__autofix__CheckAuthStatus` to check authentication status
+2. If not authenticated, call `mcp__autofix__Authenticate` to log in
+3. Ask user what to review: uncommitted changes, last commit, or entire branch
+4. Call `mcp__autofix__ReviewCode` with the user's selected target
+5. Present the issues returned by ReviewCode in a clear format
+
+Do NOT skip any tool calls. Do NOT substitute your own analysis for the tool results.
--- a/external_plugins/autofix-bot/hooks/hooks.json
+++ b/external_plugins/autofix-bot/hooks/hooks.json
@@ -0,0 +1,14 @@
+{
+  "hooks": {
+    "SessionStart": [
+      {
+        "hooks": [
+          {
+            "type": "command",
+            "command": "${CLAUDE_PLUGIN_ROOT}/scripts/check-autofix.sh"
+          }
+        ]
+      }
+    ]
+  }
+}
--- a/external_plugins/autofix-bot/scripts/check-autofix.sh
+++ b/external_plugins/autofix-bot/scripts/check-autofix.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+if ! command -v autofix &> /dev/null; then
+  echo "Autofix Bot CLI not found. Installing..."
+  curl -fsSL https://autofix.bot/install | sh
+
+  if ! command -v autofix &> /dev/null; then
+    echo "ERROR: Failed to install autofix. Please install manually:" >&2
+    echo "  curl -fsSL https://autofix.bot/install | sh" >&2
+    exit 2
+  fi
+fi
+
+echo "Autofix Bot ready"
+exit 0