/api-contract-check - API Contract Check Command for Claude Code
by techforgeworksSlash command that runs consumer-driven contract verification for an HTTP API using Pact.
Contributor credited on accepted HeyClaude registry entries.
Slash command that runs consumer-driven contract verification for an HTTP API using Pact.
Slash command that reviews the supply-chain risk of a project's dependencies using OpenSSF Scorecard health signals rather than CVE counts.
PreToolUse hook that inspects a database migration before it is written and blocks irreversible or lock-heavy operations — DROP TABLE/COLUMN, TRUNCATE, table/column RENAME, and CREATE INDEX without CONCURRENTLY — following the strong_migrations safe-migration checks.
An automation bundle for keeping project documentation accurate and current: generate docs from code, measure documentation coverage, validate README structure and links, document API endpoints, and publish to a docs site.
An operations bundle for maintainers running a busy GitHub repository: triage failing CI, review pull requests, keep commits and changelogs disciplined, validate workflows and links, and draft release notes.
PostToolUse hook that inspects an edited npm package-lock.json for supply-chain provenance risk rather than known CVEs — dependencies resolved from outside the public npm registry (git, alternate-registry, or insecure transports) and registry tarballs missing an integrity hash.
PostToolUse hook that keeps a project's README in sync with the code. When the README or package.json is edited it checks for the standard-readme core sections (Install and Usage) and verifies that the CLI commands exposed via package.json bin are documented. Advisory only; it never edits files.
PostToolUse hook that catches unintended UI changes by pixel-diffing a just-saved screenshot against its baseline with odiff.
A defense-in-depth bundle for hardening an agentic Claude Code workstation: block secrets and sensitive data before they are written, verify dependency provenance and known vulnerabilities, review supply-chain risk and run code security audits, and harden MCP tool access against prompt injection.
No reviewed entries yet.