diff --git a/README.md b/README.md index ab14ace73..6ba2b7c5d 100644 --- a/README.md +++ b/README.md @@ -217,6 +217,7 @@ The following community-contributed extensions are available in [`catalog.commun | Retrospective Extension | Post-implementation retrospective with spec adherence scoring, drift analysis, and human-gated spec updates | `docs` | Read+Write | [spec-kit-retrospective](https://github.com/emi-dm/spec-kit-retrospective) | | Review Extension | Post-implementation comprehensive code review with specialized agents for code quality, comments, tests, error handling, type design, and simplification | `code` | Read-only | [spec-kit-review](https://github.com/ismaelJimenez/spec-kit-review) | | SDD Utilities | Resume interrupted workflows, validate project health, and verify spec-to-task traceability | `process` | Read+Write | [speckit-utils](https://github.com/mvanhorn/speckit-utils) | +| Security Review | Comprehensive security audit of codebases using AI-powered DevSecOps analysis | `code` | Read-only | [spec-kit-security-review](https://github.com/DyanGalih/spec-kit-security-review) | | Staff Review Extension | Staff-engineer-level code review that validates implementation against spec, checks security, performance, and test coverage | `code` | Read-only | [spec-kit-staff-review](https://github.com/arunt14/spec-kit-staff-review) | | Superpowers Bridge | Orchestrates obra/superpowers skills within the spec-kit SDD workflow across the full lifecycle (clarification, TDD, review, verification, critique, debugging, branch completion) | `process` | Read+Write | [superpowers-bridge](https://github.com/RbBtSn0w/spec-kit-extensions/tree/main/superpowers-bridge) | | Ship Release Extension | Automates release pipeline: pre-flight checks, branch sync, changelog generation, CI verification, and PR creation | `process` | Read+Write | [spec-kit-ship](https://github.com/arunt14/spec-kit-ship) | diff --git a/extensions/catalog.community.json b/extensions/catalog.community.json index 65fcb9099..3c730f284 100644 --- a/extensions/catalog.community.json +++ b/extensions/catalog.community.json @@ -975,7 +975,7 @@ "repoindex":{ "name": "Repository Index", "id": "repoindex", - "description": "Generate index of your repo for overview, architecuture and module", + "description": "Generate index of your repo for overview, architecture and module", "author": "Yiyu Liu", "version": "1.0.0", "download_url": "https://github.com/liuyiyu/spec-kit-repoindex/archive/refs/tags/v1.0.0.zip", @@ -1105,6 +1105,38 @@ "created_at": "2026-03-06T00:00:00Z", "updated_at": "2026-03-06T00:00:00Z" }, + "security-review": { + "name": "Security Review", + "id": "security-review", + "description": "Comprehensive security audit of codebases using AI-powered DevSecOps analysis", + "author": "DyanGalih", + "version": "1.1.1", + "download_url": "https://github.com/DyanGalih/spec-kit-security-review/archive/refs/tags/v1.1.1.zip", + "repository": "https://github.com/DyanGalih/spec-kit-security-review", + "homepage": "https://github.com/DyanGalih/spec-kit-security-review", + "documentation": "https://github.com/DyanGalih/spec-kit-security-review/blob/main/README.md", + "changelog": "https://github.com/DyanGalih/spec-kit-security-review/blob/main/CHANGELOG.md", + "license": "MIT", + "requires": { + "speckit_version": ">=0.1.0" + }, + "provides": { + "commands": 3, + "hooks": 0 + }, + "tags": [ + "security", + "devsecops", + "audit", + "owasp", + "compliance" + ], + "verified": false, + "downloads": 0, + "stars": 0, + "created_at": "2026-04-03T03:24:03Z", + "updated_at": "2026-04-03T04:15:00Z" + }, "ship": { "name": "Ship Release Extension", "id": "ship",