by CodeAlive-AI
Practices, protocols, and skills for AI-driven software development. Skills and safety hooks for Claude Code, Codex, OpenCode, Cursor, Antigravity, and any agent supporting the Agent Skills standard.
# Add to your Claude Code skills
git clone https://github.com/CodeAlive-AI/ai-driven-developmentGuides for using ai agents skills like ai-driven-development.
Last scanned: 7/16/2026
{
"issues": [
{
"file": "README.md",
"line": 115,
"type": "remote-install",
"message": "Install command (remote install script piped to a shell — review the source before running): \"curl -fsSL https://raw.githubusercontent.com/CodeAlive-AI/ai-driven-development/\"",
"severity": "low"
},
{
"file": "skills/hooks-management/SKILL.md",
"line": 193,
"type": "dangerous-command",
"message": "Dangerous command (writes to Claude config): \">> ~/.claude/\"",
"severity": "medium"
}
],
"status": "PASSED",
"scannedAt": "2026-07-16T06:18:54.077Z",
"npmAuditRan": true,
"pipAuditRan": true,
"promptInjectionRan": true
}ai-driven-development is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by CodeAlive-AI. Practices, protocols, and skills for AI-driven software development. Skills and safety hooks for Claude Code, Codex, OpenCode, Cursor, Antigravity, and any agent supporting the Agent Skills standard. It has 101 GitHub stars.
Yes. ai-driven-development passed SkillsLLM's automated security scan — a dependency vulnerability audit plus prompt-injection heuristics — with no high-severity issues. You can read the full report in the Security Report section on this page.
Clone the repository with "git clone https://github.com/CodeAlive-AI/ai-driven-development" and add it to your Claude Code skills directory (see the Installation section above).
ai-driven-development is primarily written in Python. It is open-source under CodeAlive-AI on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh ai-driven-development against similar tools.
No comments yet. Be the first to share your thoughts!
Via Skills CLI (recommended — works in 12+ agents):
# Install all 22 skills
npx skills add CodeAlive-AI/ai-driven-development
# Or pick a single skill
npx skills add CodeAlive-AI/ai-driven-development --skill prompt-engineering
Via Claude Code plugin marketplace:
/plugin marketplace add CodeAlive-AI/ai-driven-development
/plugin install ai-driven-development@ai-driven-development
# Restart Claude Code for changes to take effect
The Bash safety hook (bash-guard) ships separately — see hooks/balanced-safety-hooks/ for its install one-liner.
Meta-skills that let AI coding agents configure themselves. No more editing config files — just tell your agent what you need.
| Skill | What It Does |
|---|---|
| mcp-management | Install and manage MCP servers across 10+ coding agents (Claude Code, Cursor, VS Code, Gemini CLI, Codex, Goose, Copilot CLI, OpenCode, Zed) — single command, handles JSON/YAML/TOML config differences |
| hooks-management | Manage hooks and automation for Claude Code, Codex CLI, and OpenCode |
| settings-management | Configure settings for Claude Code (JSON), Codex CLI (TOML), and OpenCode (JSON/JSONC) |
| subagents-management | Create and manage subagents across Claude Code, Codex CLI, and OpenCode |
| skills-management | Organise, discover, share, and train skills for coding agents — SkillOpt-style optimisation loop with bounded edits, held-out validation gate, rejected-edit buffer, epoch-wise slow/meta update, plus trigger / transfer / diff / edit-log tooling |
| plugins-management | Package and publish plugins for Claude Code and OpenCode (validate, scaffold, submit to Anthropic's directory) |
| optimizing-claude-code | Audit repos and optimise CLAUDE.md for agent work |
Disciplined approaches that improve how agents and humans collaborate on code.
| Skill | What It Does |
|---|---|
| prompt-engineering | Universal prompt-engineering toolkit. 14 reference docs covering Claude / GPT / Gemini family-specific guidance, prompting techniques, evaluation & red-teaming, common failure modes (hallucinations, security, structure, debt) |
| fpf-problem-solving | First Principles Framework — a transdisciplinary "operating system for thought". Decompose cross-domain problems, audit conclusions, and reason rigorously about complex systems. Based on Anatoly Levenchuk's FPF |
| bug-fix-protocol | 8-step bug-fix protocol. Treats every production bug as two failures (the code defect + the testing system that allowed it through) and enforces a step-8 audit that closes the gap |
| plan-mode | Planning gate for any project change. Investigate context → analyse the task → surface ambiguities, contradictions, risks, and blockers → ask focused questions → produce an evidence-based, step-by-step plan → implement only after explicit approval, then validate. Compact always-on SKILL.md + full PROTOCOL.md |
| investigating-repository-history | Reconstruct historical intent before risky edits. Local git blame/log + GitHub PR/review evidence (via gh, never direct API), with squash/rebase/cherry-pick/rename/revert anomaly handling, decision-atom extraction, and confidence-scored output — produces a cited history note instead of guessing |
| refactoring-csharp | One-shot Roslyn contract for renaming C# symbols from file + 1-based line + oldName, with dry-run preview, safe file moves for supported named types, and explicit error codes |
| Skill | What It Does |
|---|---|
| semantic-scholar-deep | Deep research over the Semantic Scholar Graph API — backward references, recommendations, batch lookup (up to 500 IDs), multi-hop citation-graph BFS, snippet search. Ships with an optional paired subagent for token-isolated literature reviews |
| fetch-url-as-markdown | URL → clean Markdown via local trafilatura (real-browser UA, anti-stub guards, structured exit codes), with Exa MCP as a fallback for JS-rendered or anti-bot pages. Drop-in replacement for built-in WebFetch |
| ubiquitous-language | Domain thesaurus manager — DDD naming consistency, thesaurus generation, naming audit |
| Skill | What It Does |
|---|---|
| agents-consilium | Query Codex CLI and Gemini CLI in parallel for independent expert opinions on architecture, code reviews, and investigations. Different models bring different angles: more original ideas in brainstorming, broader coverage in code review |
| Skill | What It Does |
|---|---|
| maintaining-macos-health | Disk cleanup + dev-machine optimisation + proactive health alerting. Triage flow for kernel panic / watchdog timeout / vm-compressor-space-shortage / Jetsam events. Tiered cleanup playbook (zero-risk → discuss-first), Mole-style safety guards, and a noise-resistant LaunchAgent alerter (3 CRITICAL-only triggers, hysteresis, calibration window). Apple Silicon focus |
| maintaining-windows-health | Windows 11 port of the macOS health skill. Triage flow for BSOD / Kernel-Power 41 / crash dumps / commit-memory pressure. Ten-tier cleanup playbook (Storage Sense → discuss-first) using native Microsoft tooling (cleanmgr / DISM / pnputil / vssadmin / wevtutil / powercfg), a drift-protected HTML cleanup UI with an NTFS-hardened apply validator, and a Task Scheduler + BurntToast alerter (interactive-session, hysteresis, calibration). Heavy AI/Docker/WSL focus |
| Skill | What It Does |
|---|---|
| clipboard | Copy text to macOS clipboard with optional rich formatting (HTML + plain text). Slack/LinkedIn-aware — uses HTML rich text instead of mrkdwn, and warns about <table> not rendering in chat targets |
| repo-explorer | Explores repositories by delegating to Claude Code CLI. Saves context for the calling agent and speeds up codebase understanding |
| windows-qa-engineer | Manual QA copilot for Windows 11 desktop apps (WinForms / WPF / UWP). Uses Microsoft UFO (UIA / Win32) + FastMCP mount() composition + MCP protocol |
Standalone agent-safety tooling that doesn't fit the skill format — typically because it has to live inside an agent's hook protocol or run as a compiled binary.
| Hook | What It Does | Install |
|---|---|---|
| balanced-safety-hooks | bash-guard — Claude Code PreToolUse:Bash safety hook in Go. Real Bash AST parsing via mvdan.cc/sh (heredocs, single-quoted prose, sudo/env/xargs/bash -c/eval/ssh/pipe-to-shell). Catastrophic-path matrix with safe-path carve-outs. Default rule set uses ask, not deny — agents trivially bypass deny by rephrasing. Covers rm/unlink/shred, ORM migrations, infra (kubectl/gcloud/helm/docker/terraform/git push -f), PaaS CLIs (railway/fly/heroku), DB clients (psql/redis-cli), and cloud control-plane API mutations |
curl -fsSL https://raw.githubusercontent.com/CodeAlive-AI/ai-driven-development/main/hooks/balanced-safety-hooks/install-prebuilt.sh | sh |
This collection is built on four principles that show up across all skills:
npx skills add reaches.bug-fix-protocol and fpf-problem-solving codify practices that pay off when the agent goes off the happy path — multi-step protocols rather than one-shot prompts.