richfrem/mine-plugins
plugins/agent-plugin-analyzer/skills/mine-plugins/SKILL.md
Trigger with "mine plugins", "analyze plugin collection", "run the full analysis pipeline", "inventory and analyze all plugins", "mine patterns from this directory", or when you want to run the complete virtuous cycle: inventory, analyze, extract patterns, synthesize recommendations, and deliver a structured report. Use this even if the user just says "analyze everything in this folder".
$ install --global
skillsauthnpx skillsauth add richfrem/agent-plugins-skills mine-pluginsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 24, 2026, 8:43 PM1.8s1 file scanned
SKILL.md
- name:
- mine-plugins
- description:
- >
- to run the complete virtuous cycle:
- inventory, analyze, extract patterns, synthesize
- user-invocable:
- true
- argument-hint:
- [path-to-plugin-or-directory]
- allowed-tools:
- Bash, Read, Write
Dependencies
This skill requires Python 3.8+ and standard library only. No external packages needed.
To install this skill's dependencies:
pip-compile ./requirements.in
pip install -r ./requirements.txt
See ./requirements.txt for the dependency lockfile (currently empty — standard library only).
Mine Plugins
Run the full analysis pipeline on a plugin or collection of plugins. This is the one-shot command for the virtuous cycle.
What This Command Does
- Inventory — Enumerate and classify every file in the target
- Analyze — Deep structural and content analysis using the
analyze-pluginskill - Extract — Identify all design patterns (known and novel)
- Synthesize — Generate improvement recommendations using the
synthesize-learningsskill - Report — Produce a comprehensive analysis report
Usage
/mine-plugins <path-to-plugin-or-directory>
Examples
# Analyze a single plugin
/mine-plugins claude-knowledgework-plugins/sales
# Analyze an entire collection
/mine-plugins claude-knowledgework-plugins/
# Analyze our own plugins
/mine-plugins plugins/legacy\ system
Execution Steps
Step 1: Determine Scope
Check if $ARGUMENTS points to:
- A single plugin (contains
.claude-plugin/plugin.jsonorskills/directory) → Single Plugin Mode - A directory of plugins (contains multiple subdirectories with plugins) → Comparative Mode
- A single skill (contains
SKILL.md) → Single Skill Mode
Step 2: Run Inventory
For each plugin in scope, run:
python "scripts/inventory_plugin.py" --path "$ARGUMENTS" --format json
Security scanning is enabled by default. The inventory script runs credential detection, network call detection, and environment variable access checks on every script file. Pass
--no-securityonly if you want to suppress the security scan output.
If the script fails, perform manual inventory per the analyze-plugin skill Phase 1.
Step 3: Deep Analysis
For each plugin, execute the full 6-phase analyze-plugin framework:
- Inventory (done)
- Structure Analysis
- Content Analysis — read every file completely, do not skip or summarize prematurely
- Pattern Extraction
- Anti-Pattern Detection
- Synthesis
Step 4: Cross-Plugin Synthesis
If analyzing multiple plugins, identify:
- Universal patterns (in all plugins)
- Common patterns (in most)
- Unique innovations (in one — with attribution)
- Consistency gaps
Step 5: Generate Improvement Recommendations
Invoke the synthesize-learnings skill to produce targeted recommendations for:
agent-scaffolders— template and scaffold improvementsagent-skill-open-specifications— standards and spec updatesagent-plugin-analyzer— self-improvement of this analyzer- Domain plugins (e.g.,
oracle-legacy-system-analysis) — transferable patterns for legacy code analysis
Step 6: Deliver Report
Present the full analysis as a structured markdown artifact. Include:
- Executive summary
- Per-plugin analysis summaries
- Pattern catalog additions
- Prioritized improvement recommendations
- Next steps
Related Skills
richfrem/vector-db-ingest
tools
VerifiedTrustedCommunity
Ingests repository files into the ChromaDB vector store. Builds or updates the vector index from a manifest or directory scan using ingest.py. Use when new files need to be indexed or the vector store is out of date. <example> user: "Index these new plugin files into the vector database" assistant: "I'll use vector-db-ingest to add them to the vector store." </example> <example> user: "The vector store is missing recent files -- update it" assistant: "I'll use vector-db-ingest to re-index the changes." </example>
3SKILL.mdUpdated Jun 2, 2026
richfrem/vector-db-cleanup
data-ai
VerifiedTrustedCommunity
Removes stale and orphaned chunks from the ChromaDB vector store for files that have been deleted or renamed. Use after files are removed or moved to keep the vector index in sync with the filesystem. <example> user: "Clean up the vector store after I deleted some files" assistant: "I'll use vector-db-cleanup to remove orphaned chunks." </example> <example> user: "The vector database has chunks for files that no longer exist" assistant: "I'll run vector-db-cleanup to prune them." </example>
3SKILL.mdUpdated Jun 2, 2026
richfrem/vector-db-audit
testing
VerifiedTrustedCommunity
Audit Vector DB coverage -- compares the live filesystem manifest against the ChromaDB index to identify coverage gaps.
3SKILL.mdUpdated Jun 2, 2026
richfrem/rlm-search
development
VerifiedTrustedCommunity
3-Phase Knowledge Search strategy for the RLM Factory ecosystem. Auto-invoked when tasks involve finding code, documentation, or architecture context in the repository. Enforces the optimal search order: RLM Summary Scan (O(1)) -> Vector DB Semantic Search -> Grep/Exact Match. Never skip phases.
3SKILL.mdUpdated Jun 2, 2026