TechTideOhio/techtide-harness-kit

##  Works With

**Anthropic Claude Code** Native plugin marketplace. One command installs 348 agents with full trust metadata. /plugin marketplace add TechTideOhio/techtide-harness-kit Install guide →

**Cursor AI IDE** Plugin directory integration. Clone once, get schema-validated skills across every provider lane. git clone TechTideOhio/ techtide-harness-kit # Add as plugin directory Install guide →

**OpenAI Codex** Marketplace plugin with dual-plugin architecture. Full agent catalog plus MCP trust references. codex plugin marketplace add TechTideOhio/techtide-harness-kit Install guide →

**Lovable** One ZIP per skill. Generate archives, upload to workspace. Vibe-coding with enterprise guardrails. npm run lovable:write # Upload ZIPs to Lovable workspace Import guide →

More harnesses: GitHub Copilot, Gemini CLI, Kiro

| Harness | Install | Format | | --- | --- | --- | | **GitHub Copilot** | `copilot plugin marketplace add TechTideOhio/techtide-harness-kit` | `.github/plugin/` manifest | | **Gemini CLI** | `npx thk-export-agents --platform gemini --all --repo .` | Workspace skill adapters | | **Kiro** | Add `powers/techtide-*` directories in Kiro panel | Powers packages | Full comparison and install paths: [docs/integrations/installation-guide.md](docs/integrations/installation-guide.md)

##  Get Started npm install @techtide/harness-kit # Validate everything (25+ gates, no secrets required) npm run validate # Export agents for your harness npx thk-export-agents --platform claude-code --provider aws --repo . npx thk-export-agents --platform codex --role cloud-security-engineer --repo . npx thk-export-agents --platform gemini --all --repo .
##  By The Numbers | | | | | | :---: | :---: | :---: | :---: | | **391** | **348** | **6** | **33** | | Production skills | Specialist agents | Cloud providers | Provider lanes | | | | | | | **9** | **25+** | **7** | **12** | | JSON Schema contracts | Validation gates | Harness adapters | Core agent skills |
##  Cloud Coverage Every cloud has deep, provider-specific skills with inline assessment questions and validation checklists -- not generic templates with names swapped.

**Major Cloud Providers** | Provider | Skills | Highlights | | --- | ---: | --- | | **GCP** | 51 | AlloyDB AI, Anthos, Cloud Run, GKE, WAF (50+ questions) | | **AWS** | 47 | WAF pillars, Bedrock security, Cost Explorer, IAM | | **Alibaba** | 43 | ACK, AnalyticDB, China compliance, ActionTrail | | **Huawei** | 43 | GaussDB HA, CCE, Cloud Eye, CBR backup | | **OCI** | 41 | Autonomous DB, Cloud Guard, Full Stack DR | | **Azure** | 36 | AI Foundry, AKS, App Service, Entra ID, WAF |

**Infrastructure & Governance** | Lane | Skills | Highlights | | --- | ---: | --- | | **TechTide** | 24 | Production audit, agent autopsy, MCP trust | | **Marketing** | 14 | Ad fairness (FHA/ECOA/EU AI Act), data min. | | **Core** | 12 | Context mgmt, security, prompt hardening | | **NVIDIA** | 12 | CUDA kernels, TensorRT-LLM, Triton, NGC | | **Kubernetes** | 10 | External Secrets, RBAC, admission control | | **CNCF** | 11 | Argo, Cilium, Falco, Istio, Kyverno, Velero | | **FinOps** | 7 | Cross-cloud cost governance, showback | | **European** | 30 | Hetzner, Contabo, IONOS, OVHcloud, Scaleway |

##  Skill Anatomy Every skill follows a consistent, agent-optimized structure with least-privilege tool scoping: skills/// SKILL.md # YAML frontmatter + workflow + assessment questions + checklist metadata.json # Schema-validated: id, version, harnesses, official_docs references/ # Safety checklists, official sources, extended guidance

**Frontmatter declares tool scope** --- name: techtide-aws-waf-reliability-review description: "Review AWS workload reliability..." allowed-tools: Read Grep Glob metadata: author: "github: TechTide" version: "0.1.0" category: resilience --- No `Write`. No `Bash`. No network. Least-privilege by default.

**Inline assessment questions + checklists** ## Assessment Question Bank ### Compute and Autoscaling 1. Are all stateless tiers behind autoscaling? 2. Is scale-in protection set for in-flight? ## Validation Checklist - [ ] Multi-AZ for all production compute - [ ] Autoscaling configured for stateless - [ ] Backup restore tested in last 30 days - [ ] Circuit breakers on external calls

##  What Ships | Surface | Purpose | | --- | --- | | `skills/` | Portable task workflows with frontmatter, assessment questions, and guardrails | | `agents/` | Specialist roles with harness-specific adapters | | `rules/` | Harness-specific operating guidance | | `mcp/` | Trusted MCP server integration references | | `catalog/` | Machine-readable indexes, trust metadata, roles, and integrity hashes | | `schemas/` | 9 JSON Schema contracts enforcing skill and agent shape | | `powers/` | Kiro Power packages | | `plugins/` | Codex and Claude Code plugin packages |
##  Enterprise Trust

**Security & governance layers** | Layer | What it does | | --- | --- | | Schema validation | 9 JSON Schemas enforce skill shape and trust fields | | Tool scoping | `allowed-tools` in frontmatter -- least-privilege | | Safety checklists | Blast radius, rollback paths, data impact | | Approval gates | Read-first, approval-gated, target-confirmed | | Trust metadata | Tool scopes, data classes, network posture | | Provenance | npm provenance + SHA asset integrity hashes | | CodeQL | Automated security scanning on every push | | OpenSSF Scorecard | Supply chain security posture |

**Trust documentation** | Document | Purpose | | --- | --- | | [TRUST.md](TRUST.md) | Trust posture and verification model | | [DATA-HANDLING.md](DATA-HANDLING.md) | Data handling and privacy practices | | [PROMPT-INJECTION.md](PROMPT-INJECTION.md) | Prompt injection defenses | | [CONTROL-MAPPING.md](CONTROL-MAPPING.md) | Compliance control mapping | | [SECURITY.md](SECURITY.md) | Vulnerability reporting | | [EVALS.md](EVALS.md) | Evaluation and validation summary |

##  vs Alternatives | Feature | TechTide Harness Kit | Awesome lists | Toolkit repos | | --- | :---: | :---: | :---: | | **Production skills** | 391 | Links only | 35-184 | | **Cloud providers** | 6 | 0 | 1-2 | | **Schema validation** | 9 schemas, 25+ gates | None | None | | **Trust metadata** | Per-skill scopes + approval gates | None | None | | **Safety checklists** | Blast radius + rollback | None | None | | **Multi-harness** | 7 adapters | 1 | 1-2 | | **Assessment questions** | Provider-specific banks | None | None | | **Enterprise governance** | OpenSSF, CodeQL, provenance | None | None | | **European cloud** | 5 providers, 30 skills | None | None | | **NVIDIA / GPU** | CUDA, TensorRT, Triton | None | None |
##  Common Commands # Validate everything (25+ gates) npm run validate # Check trust + proof layer npm run trust:check && npm run proof-layer:check # Export agents npm run agents:export -- --list npm run agents:export -- --platform claude-code --provider aws --repo . npm run agents:export -- --platform codex --all --repo . # Regenerate artifacts npm run proof-layer:write && npm run plugin-manifest:write
##  Documentation | Topic | Link | | --- | --- | | Installation guide | [docs/integrations/installation-guide.md](docs/integrations/installation-guide.md) | | Harness compatibility | [docs/compatibility.md](docs/compatibility.md) | | Cross-harness skills | [docs/cross-harness-skills.md](docs/cross-harness-skills.md) | | Marketplace model | [docs/marketplace-model.md](docs/marketplace-model.md) | | Quality bar | [docs/quality-bar.md](docs/quality-bar.md) | | Taxonomy | [docs/taxonomy.md](docs/taxonomy.md) | | Lovable skill imports | [docs/integrations/lovable-skills.md](docs/integrations/lovable-skills.md) | | External skill research | [docs/external-skill-research.md](docs/external-skill-research.md) |