chore(main): release 3.0.0

[jacobpevans-github-actions]

🤖 I have created a release beep boop

3.0.0 (2026-04-12)

⚠ BREAKING CHANGES

• Plugin consolidation and skill renames

Features

• add 4 standards plugins migrated from auto-loaded rules (#113) (fcf8acf)
• add AI merge gate and Copilot setup (#197) (6f1e1d7)
• add architecture diagrams, wrap-up skill, remove symlink registry (fd0e74c)
• add ci and local test automation (#41) (181c6a5)
• add codeql-resolver plugin with 3-tier resolution architecture (#8) (a45ac3b)
• add full AI workflow suite (#75) (4a1d6fe)
• add gh-aw agentic workflows and cspell config (#64) (9f90f33)
• add pal-health plugin with SessionStart Doppler check (#156) (7c4959c)
• add plugin validation CI (#138) (79a7c51)
• add rate limiting, README validation, and externalize init-worktree (#72) (97bfa05)
• add script-guards plugin for runtime script prevention (#189) (7f32cb2)
• add skill-guards plugin to enforce fresh execution on every skill invocation (#196) (dbc60c6)
• add token-validator and issue-limiter plugins (#2) (8a64289)
• add trusted dependency policy and rule formatting standard (5e70b15)
• add webfetch-guard and markdown-validator plugins (705dbe8)
• adopt conventional branch standard (feature/, bugfix/) (#74) (e826b67)
• align all skills with agentskills.io specification (958b0a7)
• ci: add release-please and improve renovate auto-merge (#53) (94fbaca)
• config-management: add permission-format rule (#139) (110fd57)
• consolidate plugins from 15 to 8 with consistent naming (#31) (d36a028)
• content-guards: enforce 100-branch repository limit (#124) (89af553)
• cspell: migrate to shared org-wide dictionary hierarchy (34c08ed)
• disable automatic triggers on Claude-executing workflows (6c42de9)
• enhance resolve-pr-threads with comment reading (#46) (fc6a34c)
• finalize-pr: add multi-PR modes, bot support, and skill authoring guidance (#70) (7704876)
• finalize-pr: add Phase 4 to auto-update PR metadata (#65) (1c1e881)
• git-guards: add GraphQL command guidance for known failure patterns (232eee3)
• git-guards: add proactive worktree reminders via UserPromptSubmit hook (#155) (ff95211)
• git-guards: allow git rm without confirmation (#63) (c94d959)
• git-guards: block gh pr comment, enforce GraphQL review threads (#56) (c6b6234)
• git-permission-guard: add centralized git/gh permission hook plugin (#12) (12268b0)
• git-rebase-workflow: handle branch protection with CodeQL scanning (#25) (9b40416)
• git-workflows: register wrap-up skill in plugin.json, bump to 1.8.0 (cdcd481)
• github-workflows: add /ship command for full PR automation (#131) (018aebd)
• github-workflows: add trigger-ai-reviews skill (#47) (b505c82)
• main-branch-guard: add PreToolUse hook to block main branch edits (#22) (9456f5d)
• markdown-validator: add skip logic and MD013 fallback (#27) (77cd37b)
• migrate 13 commands to skills in 6 new plugins (#23) (fb72d06)
• optimize workflow pipeline sequencing (#182) (40b9666)
• pr-lifecycle: auto-trigger finalize-pr after PR creation (#127) (40f6132)
• pr-review-toolkit: add PR review thread resolution plugin (#24) (3368eaa)
• process-cleanup: add Stop hook plugin for orphaned MCP process cleanup (#51) (27caa6f)
• rebase-pr: auto-dispatch to Haiku subagent with bypassPermissions (#103) (8af9bec)
• renovate: extend shared preset for org-wide auto-merge rules (#60) (b5197ed)
• session-analytics: add token breakdown skill via Splunk OTEL telemetry (#121) (35dec4a)
• unified versioning via release-please extra-files (#142) (e78beff)
• webfetch-guard: add grace period for previous year searches (#9) (18a39a5)
• wrap-up: add follow-up session prompt generation (b5feae6)

Bug Fixes

• add --force to all git fetch commands for floating tag compatibility (#199) (5266532)
• add explicit GITHUB_TOKEN permissions to workflow (a8f44d3)
• add metadata.version to release-please extra-files (#143) (ee87c76)
• add missing tools to CodeQL agent and migrate Bash format (#129) (8c4c1df)
• add secrets block to release-please workflow (#130) (ae0c45b)
• add working directory check to /ship skill (#158) (f79a83f)
• agents-md: add resolve-pr-threads and shape-issues to github-workflows entry (81e61be)
• ci: add pull-requests: write to release-please caller workflow (#137) (23a86e2)
• ci: dispatch flake update to nix-ai instead of nonexistent nix repo (#73) (1ed7c40)
• ci: grant contents: write for release-please workflow (#141) (bcac4ba)
• close git-guards bypass allowing direct commits to main (4edae25)
• codeql-resolver: convert flat skill files to skill directories (#59) (81ab6af)
• content-guards: clarify extract-to-files means committed artifacts (#62) (ed82608)
• content-guards: handle empty config_flag array in bash 3.2 (#55) (0385c9b)
• content-guards: improve token-validator error message with detailed resolution steps (#37) (cf355e3)
• content-guards: lower PR/issue rate limit to 5/day and add duplicate detection (#101) (1563350)
• content-guards: resolve CWD bug and raise rate limit to 25/repo/day (#126) (fb16d2e)
• content-guards: resolve unbound variable error in markdown validator (#39) (2202144)
• content-guards: set correct per-repo limits (100 issues, 15 PRs) (484a868)
• content-guards: stop rate-limiting gh pr edit commands (#128) (b87277b)
• content-guards: support markdown linting in git worktrees (#48) (8cbf6a1)
• content-guards: two-tier rate limiting with trusted user allowlist (#123) (5831f23)
• convert GraphQL queries to single-line format in resolve-pr-threads (#35) (0b482c5)
• correct best-practices permissions and add ref-scoped concurrency (#77) (f5806d5)
• correct plugin.json schema violations for all 8 plugins (#33) (770b2b4)
• finalize-pr: remove pre-PR steps from workflow diagram (#76) (6dca3fc)
• git-guards: always scan subcommand for hook-path bypass pattern (#88) (63bd1c6)
• git-guards: auto-allow git worktree remove (#54) (9d0bec6)
• git-guards: check DENY patterns against extracted subcommand for git global options (#80) (48daad8)
• git-guards: make test_graphql_guidance.py executable (2bbb4cf)
• git-guards: replace 'branch' with 'worktree' in error messages (#191) (d4bbc9f)
• git-guards: replace stale /init-worktree references with /superpowers:using-git-worktrees (#184) (5648500)
• git-guards: use shlex tokenisation in hook-path fallback to prevent false positives (#93) (a0edfa0)
• git-guards: use word-boundary regex for mutation name detection (3db588f)
• git-workflows: use PR-based stale detection instead of git branch --merged (#133) (be59dad)
• github-workflows: reduce /ship rate limit cascade (#132) (d71859b)
• improve GraphQL reliability and prevent git-guard false positives (500d893)
• markdown-validator: bundle default config and add fallback resolution (#26) (103a108)
• markdown-validator: use global markdownlint config with MD013=160 (#11) (326c27b)
• migrate release-please settings to config file and sync VERSION (#148) (d73e2bd)
• port main-branch-guard to Python, fix CI and TC14 JSON (#108) (92e323e)
• prevent main-branch-guard from blocking non-repository files (#36) (7abe699)
• process /ship PRs sequentially to avoid rate limit storms (#152) (a640998)
• process-cleanup: apply post-merge review feedback from PR #117 (#119) (f0c7432)
• process-cleanup: replace bash 4+ declare -A with sort -u deduplication (#117) (d89e006)
• register pal-health plugin in marketplace.json (#171) (7bda8d3)
• register script-guards in marketplace.json and align version (#193) (1210120)
• release: replace bump-minor-pre-major with versioning always-bump-minor (#89) (d8a1670)
• replace jq != operator and add markdownlint troubleshooting (#68) (3c61cb5)
• resolve-pr-threads: cut 40% of lines to eliminate hallucination failure modes (#52) (949151c)
• resolve-pr-threads: rewrite negation rules as affirmative clarity (#58) (d5a25c4)
• revert to cclint@latest (no versions published yet) (55c2488)
• squash-merge-pr: use --delete-branch, git switch main, and consistent placeholder style (b2743f7)
• squash-merge-pr: use @ import syntax and document git-workflows dependency (479baef)
• squash-merge-pr: worktree-safe merge, temp-file bodies, robust cleanup (10cbfb8)
• sync-main: remove confirmation gates — merge immediately on invoke (#78) (0add171)
• use correct flake input name jacobpevans-cc-plugins (#28) (8c18e26)
• use Go to install cclint, validate both plugins (0e0890c)
• use version-file config option for VERSION instead of extra-files (#150) (5dd1f41)

---

This PR was generated with Release Please. See documentation.

[jacobpevans-github-actions]

🤖 Created releases:

• v3.0.0

🌻