{"id":48196729,"url":"https://github.com/alo-exp/silver-bullet","last_synced_at":"2026-04-07T20:01:56.759Z","repository":{"id":348216756,"uuid":"1196975088","full_name":"alo-exp/silver-bullet","owner":"alo-exp","description":"Agentic Process Orchestrator for AI-native Software Engineering \u0026 DevOps. Enforced 20-step (app) and 24-step (DevOps) workflows with 8 layers of compliance for Claude Code. Combines GSD, Superpowers, Engineering, and Design plugins.","archived":false,"fork":false,"pushed_at":"2026-04-04T19:12:15.000Z","size":778,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-04T19:13:04.007Z","etag":null,"topics":["ai","ai-agents","ai-development","claude-code","claude-code-plugin","claude-plugin","developer-tools","devops","infrastructure-as-code","llm","process-orchestrator","quality-gates","software-engineering","workflow-automation","workflow-enforcement"],"latest_commit_sha":null,"homepage":"https://sb.alolabs.dev","language":"HTML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/alo-exp.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-03-31T08:04:04.000Z","updated_at":"2026-04-04T19:12:19.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/alo-exp/silver-bullet","commit_stats":null,"previous_names":["alo-exp/dev-workflows","alo-exp/silver-bullet"],"tags_count":17,"template":false,"template_full_name":null,"purl":"pkg:github/alo-exp/silver-bullet","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alo-exp%2Fsilver-bullet","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alo-exp%2Fsilver-bullet/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alo-exp%2Fsilver-bullet/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alo-exp%2Fsilver-bullet/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/alo-exp","download_url":"https://codeload.github.com/alo-exp/silver-bullet/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alo-exp%2Fsilver-bullet/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31526666,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-07T16:28:08.000Z","status":"ssl_error","status_checked_at":"2026-04-07T16:28:06.951Z","response_time":105,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","ai-agents","ai-development","claude-code","claude-code-plugin","claude-plugin","developer-tools","devops","infrastructure-as-code","llm","process-orchestrator","quality-gates","software-engineering","workflow-automation","workflow-enforcement"],"created_at":"2026-04-04T18:07:46.682Z","updated_at":"2026-04-07T20:01:56.751Z","avatar_url":"https://github.com/alo-exp.png","language":"HTML","readme":"# Silver Bullet\n\n**Agentic Process Orchestrator for AI-native Software Engineering \u0026 DevOps**\n\n\u003e *\"There is no single development, in either technology or management technique, which by itself promises even one order-of-magnitude improvement...\"* — Fred Brooks, 1986\n\nBrooks was right then. AI changes the equation now.\n\nSilver Bullet is a Claude Code plugin that orchestrates the best open-source agentic workflows into one enforced process. It combines [GSD](https://github.com/gsd-build/get-shit-done) (multi-agent execution), [Superpowers](https://github.com/obra/superpowers) (code review, branch management), [Engineering](https://github.com/anthropics/knowledge-work-plugins/tree/main/engineering) (testing, docs, deploy), and [Design](https://github.com/anthropics/knowledge-work-plugins/tree/main/design) (design system, UX copy, accessibility) into a single orchestrated workflow — then enforces it with 7 layers of compliance so Claude can never skip steps.\n\n**Current version: v0.7.0** — Separate silver-bullet.md from CLAUDE.md. All enforcement rules (§0-§9) now live in a dedicated `silver-bullet.md` at project root. Updates overwrite silver-bullet.md without touching user's CLAUDE.md. Interactive conflict detection. §9 pre-release quality gate enforced by hook.\n\n## How It Works\n\nWhen you edit source code without completing the planning phase, you see this:\n\n```\n🚫 HARD STOP — Planning incomplete. Missing skills:\n❌ quality-gates\nRun the missing planning skills before editing source code.\n```\n\nWhen you try to `git commit` before completing the full workflow:\n\n```\n🛑 COMPLETION BLOCKED — Workflow incomplete.\n\nYou are attempting to commit/push/deploy but these required steps are missing:\n  ❌ /code-review\n  ❌ /receiving-code-review\n  ❌ /testing-strategy\n  ❌ /documentation\n  ❌ /finishing-a-development-branch\n  ❌ /deploy-checklist\nComplete ALL required workflow steps before finalizing.\n```\n\nOn every single tool use, you see progress:\n\n```\nSilver Bullet: 3 steps | PLANNING 1/1 | REVIEW 1/2 | FINALIZATION 0/4 | Next: /receiving-code-review\n```\n\nThere is no way to skip steps without the plugin telling Claude (and you) exactly what's missing.\n\n## Two Workflows\n\nSilver Bullet supports two workflow modes, selected during project initialization:\n\n| Workflow | For | Steps | Unique features |\n|----------|-----|-------|-----------------|\n| `full-dev-cycle` | Application development (web, API, CLI, library) | 20 | GSD wave execution, 8 quality dimensions, TDD, release notes |\n| `devops-cycle` | Infrastructure / DevOps (Terraform, k8s, Helm, CI/CD) | 24 | Blast radius assessment, IaC-adapted quality gates, environment promotion, incident fast path, release notes |\n\nBoth workflows use GSD as the primary execution engine and Silver Bullet skills for quality gates, code review, and finalization.\n\n## The Four-Plugin Ecosystem\n\n| Plugin | Role | Key capabilities |\n|--------|------|-----------------|\n| **GSD** (primary) | Multi-agent execution | Fresh 200K-token context per agent, wave-based parallel execution, dependency graphs, atomic per-task commits, context rot prevention |\n| **Superpowers** | Code review + branch management | Brainstorming, code-review, receiving-code-review, git worktrees, verification |\n| **Engineering** | Testing + docs + deploy | testing-strategy, documentation, deploy-checklist, debugging, architecture |\n| **Design** | Design system + UX | design-system, ux-copy, accessibility-review, design-critique |\n\n## Install\n\n### 1. Install prerequisites\n\n```\nnpx get-shit-done-cc@1.30.0\n/plugin install obra/superpowers\n/plugin install anthropics/knowledge-work-plugins/tree/main/engineering\n/plugin install anthropics/knowledge-work-plugins/tree/main/design\n```\n\nInstall `jq` if you don't have it:\n```bash\nbrew install jq    # macOS\napt install jq     # Linux\n```\n\n### 2. Install Silver Bullet\n\n```\n/plugin install alo-exp/silver-bullet\n```\n\n### 3. (Optional) Install DevOps plugins\n\nIf you'll use the `devops-cycle` workflow, these optional plugins provide context-aware\nenrichment. Silver Bullet's skill router automatically selects the best plugin for\nyour IaC toolchain and cloud provider. None are required — the workflow works without them.\n\n```\n/plugin marketplace add hashicorp/agent-skills          # Terraform, Packer\n/plugin marketplace add awslabs/agent-plugins           # AWS architecture, serverless, databases\n/plugin marketplace add pulumi/agent-skills             # Pulumi programs, IaC migration\n/plugin marketplace add ahmedasmar/devops-claude-skills  # k8s, CI/CD, GitOps, monitoring, cost optimization\n/plugin marketplace add wshobson/agents                 # Kubernetes operations, Helm, multi-agent teams\n```\n\n| Plugin | Best for |\n|--------|----------|\n| `hashicorp/agent-skills` | Terraform HCL authoring, module design, provider development, Packer images |\n| `awslabs/agent-plugins` | AWS architecture, serverless (Lambda/API GW), databases, CDK/CloudFormation |\n| `pulumi/agent-skills` | Pulumi programs, ComponentResource, Automation API, IaC migration (TF/CDK/CF/ARM → Pulumi) |\n| `ahmedasmar/devops-claude-skills` | Terraform/Terragrunt, k8s troubleshooting, AWS cost optimization, CI/CD pipelines, GitOps (ArgoCD/Flux), monitoring/observability |\n| `wshobson/agents` | Kubernetes manifests/Helm/GitOps/security, multi-agent orchestration |\n\nDuring `/using-silver-bullet` setup, Silver Bullet detects which of these are installed\nand stores the results in `.silver-bullet.json`. The `devops-cycle` workflow then uses\nthe `/devops-skill-router` to invoke the best available skill at each trigger point.\n\n### 4. Initialize your project\n\nOpen your project in Claude Code and run:\n\n```\n/using-silver-bullet\n```\n\nThis will:\n- Check that all 4 plugin dependencies are installed\n- Auto-detect your project name, tech stack, and source directory\n- Ask whether this is an application or DevOps/infrastructure project\n- Create a `CLAUDE.md` with enforcement rules\n- Create `.silver-bullet.json` with your project config\n- Copy the appropriate workflow file(s) to `docs/workflows/`\n- Create placeholder docs (`docs/Master-PRD.md`, etc.)\n- Commit everything\n\nThat's it. Enforcement is now active.\n\n## Full Dev Cycle (20 Steps)\n\n### INITIALIZATION\n| # | Step | Source | Required |\n|---|------|--------|----------|\n| 1 | Worktree decision | Inline | No |\n| 2 | `/gsd:new-project` | GSD | If new project |\n\n### PER-PHASE LOOP (repeat for each phase in ROADMAP)\n| # | Step | Source | Required |\n|---|------|--------|----------|\n| 3 | `/gsd:discuss-phase` | GSD | **Yes** |\n| 4 | `/quality-gates` | Silver Bullet | **Yes** |\n| 5 | `/gsd:plan-phase` | GSD | **Yes** |\n| 6 | `/gsd:execute-phase` | GSD | **Yes** |\n| 7 | `/gsd:verify-work` | GSD | **Yes** |\n| 8 | `/code-review` + code-reviewer | Superpowers | **Yes** |\n| 9 | `/requesting-code-review` | Superpowers | **Yes** |\n| 10 | `/receiving-code-review` | Superpowers | **Yes** |\n| 11-12 | Post-review plan + execute | GSD | If needed |\n\n### FINALIZATION\n| # | Step | Source | Required |\n|---|------|--------|----------|\n| 13 | `/testing-strategy` | Engineering | **Yes** |\n| 14 | Tech-debt notes | Inline | No |\n| 15 | `/documentation` | Engineering | **Yes** |\n| 16 | `/finishing-a-development-branch` | Superpowers | **Yes** |\n\n### DEPLOYMENT\n| # | Step | Source | Required |\n|---|------|--------|----------|\n| 17 | CI/CD pipeline (CI must be green) | Inline | **Yes** |\n| 18 | `/deploy-checklist` | Engineering | **Yes** |\n| 19 | `/gsd:ship` | GSD | **Yes** |\n\n### RELEASE\n| # | Step | Source | Required |\n|---|------|--------|----------|\n| 20 | `/create-release` | Silver Bullet | **Yes** |\n\n## DevOps Cycle (24 Steps)\n\nSame structure as full-dev-cycle with these additions:\n- **Incident fast path** at the top for emergency production changes\n- **`/blast-radius`** assessment before quality gates (maps change scope, dependencies, failure scenarios, rollback plan)\n- **`/devops-quality-gates`** — 7 IaC-adapted quality dimensions (usability excluded)\n- **Environment promotion** section (dev → staging → prod)\n- `.yml`/`.yaml` files are NOT exempt from enforcement (they are infrastructure code)\n\n## Built-in Silver Bullet Skills\n\nSkills installed by this plugin that extend the workflow:\n\n| Skill | When to use |\n|-------|-------------|\n| `/using-silver-bullet` | Once per project — initializes CLAUDE.md, config, CI, and docs scaffold |\n| `/quality-gates` | Before planning (dev) — checks all 8 quality dimensions in parallel |\n| `/blast-radius` | Before planning (DevOps) — maps change scope, dependencies, and rollback plan |\n| `/devops-quality-gates` | Before planning (DevOps) — 7 IaC-adapted quality dimensions (usability excluded) |\n| `/devops-skill-router` | During DevOps execution — routes to best available IaC toolchain plugin |\n| `/forensics` | After a completed, failed, or abandoned session — structured post-mortem investigation |\n| `/create-release` | After `/gsd:ship` — generates release notes and creates GitHub Release |\n\n### `/forensics`\n\nWhen a session produces wrong output, stalls, or is abandoned, `/forensics` guides Claude through structured root-cause investigation rather than blind retrying.\n\n**Four invocation contexts:**\n- Session completed but left things broken\n- Session abandoned, timed out, or interrupted\n- `/gsd:verify-work` (step 7) fails or produces suspect output\n- Autonomous session has stalled mid-run\n\n**Three investigation paths:**\n1. **Session-level** — Timeout flag, session log, git history → classifies as pre-answer gap, anti-stall trigger, genuine blocker, external kill, or unknown\n2. **Task-level** — Plan vs. diff comparison, test failures → classifies as plan ambiguity, implementation drift, upstream dependency, or verification gap\n3. **General** — Open-ended; delegates to Path 1 or 2 after one targeted follow-up\n\n**Output:** Saves a `docs/forensics/YYYY-MM-DD-\u003cslug\u003e.md` report with symptom, evidence, root cause, contributing factors, next steps, and prevention.\n\n**Workflow integration:** The step 7 VERIFY gate now instructs Claude to invoke `/forensics` before retrying on any verification failure. The Enforcement Rules section and CLAUDE.md Section 3 both reference it alongside the debugging rule.\n\n---\n\n## Seven Enforcement Layers\n\nThe plugin doesn't rely on Claude reading instructions. It enforces compliance through hooks that fire automatically:\n\n| Layer | How it works |\n|-------|-------------|\n| **1. Skill tracker** | `record-skill.sh` fires on every Skill tool invocation. Records completed skills to state file. |\n| **2. Stage enforcer** | `dev-cycle-check.sh` fires on every Edit/Write/Bash. HARD STOP if quality gates incomplete and you're touching source code. |\n| **3. Compliance status** | `compliance-status.sh` fires on every tool use. Shows progress score so Claude always knows where it stands. |\n| **4. Completion audit** | `completion-audit.sh` fires on every Bash command. Blocks `git commit`, `git push`, `gh pr create`, and `deploy` if workflow is incomplete. |\n| **5. GSD workflow guard** | GSD's own hook detects file edits made outside a `/gsd:*` command and warns. |\n| **6. GSD context monitor** | GSD's own hook warns at ≤35% tokens remaining, escalates at ≤25%. |\n| **7. Redundant instructions + anti-rationalization** | CLAUDE.md + workflow file both enforce the same rules. Explicit rules against skipping, combining, or implicitly covering steps. |\n\n## Customization\n\nEdit `.silver-bullet.json` in your project root:\n\n```json\n{\n  \"version\": \"0.2.0\",\n  \"project\": {\n    \"name\": \"my-app\",\n    \"src_pattern\": \"/src/\",\n    \"src_exclude_pattern\": \"__tests__|\\\\.test\\\\.\",\n    \"active_workflow\": \"full-dev-cycle\"\n  },\n  \"skills\": {\n    \"required_planning\": [\"quality-gates\"],\n    \"required_deploy\": [\n      \"code-review\", \"requesting-code-review\", \"receiving-code-review\",\n      \"testing-strategy\", \"documentation\",\n      \"finishing-a-development-branch\", \"deploy-checklist\",\n      \"create-release\"\n    ],\n    \"all_tracked\": [\n      \"quality-gates\", \"blast-radius\", \"devops-quality-gates\", \"devops-skill-router\",\n      \"design-system\", \"ux-copy\", \"architecture\", \"system-design\",\n      \"code-review\", \"requesting-code-review\", \"receiving-code-review\",\n      \"testing-strategy\", \"documentation\",\n      \"finishing-a-development-branch\", \"deploy-checklist\",\n      \"create-release\"\n    ]\n  },\n  \"devops_plugins\": {\n    \"hashicorp\": false,\n    \"awslabs\": false,\n    \"pulumi\": false,\n    \"devops-skills\": false,\n    \"wshobson\": false\n  },\n  \"state\": {\n    \"state_file\": \"~/.claude/.silver-bullet/state\",\n    \"trivial_file\": \"~/.claude/.silver-bullet/trivial\"\n  }\n}\n```\n\n### What you can change\n\n| Field | What it controls | Default |\n|-------|-----------------|---------|\n| `src_pattern` | Which file paths trigger enforcement | `/src/` |\n| `src_exclude_pattern` | Which files are exempt (regex) | `__tests__\\|\\.test\\.` |\n| `active_workflow` | Which workflow to enforce | `full-dev-cycle` |\n| `required_planning` | Skills that must run before code edits | `quality-gates` |\n| `required_deploy` | Skills that must run before commit/push/deploy | code-review, requesting-code-review, receiving-code-review, testing-strategy, documentation, finishing-a-development-branch, deploy-checklist, create-release |\n| `all_tracked` | All skills that get recorded | 16 skills (see above) |\n| `devops_plugins` | Which optional DevOps plugins are installed (auto-detected) | all `false` |\n\n## Trivial Changes\n\nFor typo fixes, copy edits, and config tweaks that don't need the full workflow, Claude will automatically detect the change is trivial and bypass enforcement by running:\n\n```bash\ntouch ~/.claude/.silver-bullet/trivial\n```\n\nYou can also run this manually if Claude doesn't detect a trivial change. The flag is automatically cleaned up on the next session start.\n\n**Note**: In `devops-cycle` mode, `.yml`, `.yaml`, `.json`, and `.toml` files are infrastructure code and are NOT auto-exempted from enforcement.\n\n## For CI/CD Pipelines\n\nCopy the deploy gate snippet into your pipeline:\n\n```bash\n# In your deploy script:\nbash scripts/deploy-gate-snippet.sh\n\n# Or with bypass:\nbash scripts/deploy-gate-snippet.sh --skip-workflow-check\n```\n\nThis checks the workflow state file and blocks deployment if required skills are missing.\n\n## Updating\n\nIf the plugin is updated and you want to refresh templates:\n\n```\n/using-silver-bullet\n```\n\nIt detects the existing config and asks if you want to refresh templates while preserving your customizations.\n\n## Troubleshooting\n\n**\"jq not found\"** — Install jq: `brew install jq` (macOS) or `apt install jq` (Linux).\n\n**\"Superpowers plugin not found\"** — Run `/plugin install obra/superpowers`.\n\n**\"Engineering plugin not found\"** — Run `/plugin install anthropics/knowledge-work-plugins/tree/main/engineering`.\n\n**\"Design plugin not found\"** — Run `/plugin install anthropics/knowledge-work-plugins/tree/main/design`.\n\n**\"GSD plugin not found\"** — Run `npx get-shit-done-cc@1.30.0`.\n\n**Hooks not firing** — Make sure you ran `/using-silver-bullet` in the project. Check that `.silver-bullet.json` exists in your project root.\n\n**Wrong files triggering enforcement** — Edit `src_pattern` in `.silver-bullet.json` to match your project's source directory (e.g., `/app/` or `/lib/`).\n\n**Want to start fresh** — Delete `.silver-bullet.json` and `CLAUDE.md`, then run `/using-silver-bullet` again.\n\n## Architecture\n\n```\nEnforcement hooks (fire automatically)     Project files (created by /using-silver-bullet)\n──────────────────────────────────────     ───────────────────────────────────────────────\nhooks/record-skill.sh                      .silver-bullet.json (config)\n  → records skill invocations              CLAUDE.md (enforcement rules)\n                                           docs/workflows/full-dev-cycle.md (20 steps)\nhooks/dev-cycle-check.sh                   docs/workflows/devops-cycle.md (24 steps)\n  → HARD STOP if planning incomplete\n                                           State files (in ~/.claude/.silver-bullet/)\nhooks/compliance-status.sh                 ─────────────────────────────────\n  → progress score on every tool use       ~/.claude/.silver-bullet/state (skill log)\n                                           ~/.claude/.silver-bullet/trivial (bypass flag)\nhooks/completion-audit.sh                  ~/.claude/.silver-bullet/mode (interactive|autonomous)\n  → blocks commit/push/deploy              ~/.claude/.silver-bullet/session-log-path\n\nSupport hooks (fire automatically)\n───────────────────────────────────\nhooks/semantic-compress.sh\n  → TF-IDF context compression after Skill invocations\n\nhooks/session-log-init.sh\n  → creates session log file on first Bash use\n\nhooks/ci-status-check.sh\n  → verifies CI green before push/deploy proceeds\n\nhooks/timeout-check.sh\n  → monitors for stall conditions\n\nhooks/session-start\n  → injects Superpowers + Design context at session open\n\nExternal enforcement (GSD's own hooks)\n──────────────────────────────────────\nGSD workflow guard → warns on edits outside /gsd:* commands\nGSD context monitor → warns at ≤35% tokens, escalates at ≤25%\n```\n\n## License\n\nMIT — [Alo Labs](https://alolabs.dev)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falo-exp%2Fsilver-bullet","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Falo-exp%2Fsilver-bullet","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falo-exp%2Fsilver-bullet/lists"}