Skip to content

Add tekimax-security to community catalog #2200

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
kaman1 wants to merge 2 commits into
base: main
Choose a base branch
from
+36 −0
Open

Add tekimax-security to community catalog #2200

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
5242fd7
Add tekimax-security to community catalog
Apr 13, 2026
e7646be
tekimax-security: bump to v0.2.2 with 8 commands
Apr 13, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -236,6 +236,7 @@ The following community-contributed extensions are available in [`catalog.commun
| Staff Review Extension | Staff-engineer-level code review that validates implementation against spec, checks security, performance, and test coverage | `code` | Read-only | [spec-kit-staff-review](https://github.com/arunt14/spec-kit-staff-review) |
| Status Report | Project status, feature progress, and next-action recommendations for spec-driven workflows | `visibility` | Read-only | [Open-Agent-Tools/spec-kit-status](https://github.com/Open-Agent-Tools/spec-kit-status) |
| Superpowers Bridge | Orchestrates obra/superpowers skills within the spec-kit SDD workflow across the full lifecycle (clarification, TDD, review, verification, critique, debugging, branch completion) | `process` | Read+Write | [superpowers-bridge](https://github.com/RbBtSn0w/spec-kit-extensions/tree/main/superpowers-bridge) |
| TEKIMAX Secure SDD | Adds security gates to the SDD lifecycle — STRIDE threat modeling, data contracts, AI guardrails, model governance, and automated red team runs | `process` | Read+Write | [speckit-security](https://github.com/TEKIMAX/speckit-security) |
| TinySpec | Lightweight single-file workflow for small tasks — skip the heavy multi-step SDD process | `process` | Read+Write | [spec-kit-tinyspec](https://github.com/Quratulain-bilal/spec-kit-tinyspec) |
| V-Model Extension Pack | Enforces V-Model paired generation of development specs and test specs with full traceability | `docs` | Read+Write | [spec-kit-v-model](https://github.com/leocamello/spec-kit-v-model) |
| Verify Extension | Post-implementation quality gate that validates implemented code against specification artifacts | `code` | Read-only | [spec-kit-verify](https://github.com/ismaelJimenez/spec-kit-verify) |
Expand Down
35 changes: 35 additions & 0 deletions extensions/catalog.community.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1751,6 +1751,41 @@
"created_at": "2026-03-02T00:00:00Z",
"updated_at": "2026-03-02T00:00:00Z"
},
"tekimax-security": {
"name": "TEKIMAX Secure SDD",
"id": "tekimax-security",
"description": "Adds security gates to the SDD lifecycle — STRIDE threat modeling, data contracts, AI guardrails, model governance, automated red team, and post-implementation audit. Eight commands wired into five Spec Kit hooks. Rules can be installed into the project constitution and agent context files so they bind the AI agent at runtime.",
"author": "Christian Kaman (TEKIMAX)",
"version": "0.2.2",
"download_url": "https://github.com/TEKIMAX/speckit-security/archive/refs/tags/v0.2.2.zip",
"repository": "https://github.com/TEKIMAX/speckit-security",
Comment on lines +1757 to +1761
Copy link

Copilot AI Apr 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The PR description states the extension ships 7 commands and links to release v0.2.0, but the catalog entry says provides.commands: 8 / “Eight commands …” and sets version/download_url to 0.2.2. Please reconcile these so the PR description and catalog metadata consistently reflect the same release and command count.

Copilot uses AI. Check for mistakes.
"homepage": "https://tekimax.com",
"documentation": "https://github.com/TEKIMAX/speckit-security/blob/main/docs/GETTING-STARTED.md",
"changelog": "https://github.com/TEKIMAX/speckit-security/blob/main/CHANGELOG.md",
"license": "Apache-2.0",
"requires": {
"speckit_version": ">=0.1.0"
},
"provides": {
"commands": 8,
"hooks": 5
},
"tags": [
"security",
"threat-modeling",
"stride",
"red-team",
"guardrails",
"ai-safety",
"prompt-injection",
"compliance"
],
"verified": false,
"downloads": 0,
"stars": 0,
"created_at": "2026-04-13T07:00:00Z",
"updated_at": "2026-04-13T08:30:00Z"
Comment on lines +1783 to +1787
Copy link

Copilot AI Apr 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Per the Extension Publishing Guide, new catalog entries should use the current timestamp for both created_at and updated_at, and the catalog’s top-level updated_at should be bumped to the current time when editing the file. This entry uses fixed times and the file’s top-level updated_at (near the top of the JSON) wasn’t updated in this PR.

Copilot uses AI. Check for mistakes.
},
"tinyspec": {
"name": "TinySpec",
"id": "tinyspec",
Expand Down