refactor: restructure as plugin monorepo

Reorganise as a marketplace with multiple focused plugins:
- claude/code: Core development (hooks, scripts, data collection)
- claude/review: Code review automation
- claude/verify: Work verification
- claude/qa: Quality assurance loops
- claude/ci: CI/CD integration

Structure:
- .claude-plugin/marketplace.json lists all plugins
- Each plugin has its own .claude-plugin/plugin.json
- Commands namespaced: /code:*, /review:*, /qa:*, etc.

Install individual plugins or all via marketplace:
  claude plugin add host-uk/core-agent
  claude plugin add host-uk/core-agent/claude/code

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

.claude-plugin/marketplace.json

@@ -0,0 +1,40 @@
+{
+  "name": "core-agent",
+  "description": "Host UK Claude Code plugin collection",
+  "owner": {
+    "name": "Host UK",
+    "email": "hello@host.uk.com"
+  },
+  "plugins": [
+    {
+      "name": "code",
+      "source": "./claude/code",
+      "description": "Core development plugin - hooks, scripts, data collection skills",
+      "version": "0.1.0"
+    },
+    {
+      "name": "review",
+      "source": "./claude/review",
+      "description": "Code review automation - PR review, security checks",
+      "version": "0.1.0"
+    },
+    {
+      "name": "verify",
+      "source": "./claude/verify",
+      "description": "Work verification - ensure tests pass, no debug statements",
+      "version": "0.1.0"
+    },
+    {
+      "name": "qa",
+      "source": "./claude/qa",
+      "description": "Quality assurance - iterative fix loops, lint enforcement",
+      "version": "0.1.0"
+    },
+    {
+      "name": "ci",
+      "source": "./claude/ci",
+      "description": "CI integration - GitHub Actions, test automation",
+      "version": "0.1.0"
+    }
+  ]
+}

CLAUDE.md

@@ -4,21 +4,83 @@ This file provides guidance to Claude Code (claude.ai/code) when working with co
 
 ## Overview
 
-**core-agent** is the advanced in-house Claude Code plugin for the Host UK federated monorepo. The public version lives at `core-claude`.
+**core-agent** is a monorepo of Claude Code plugins for the Host UK federated monorepo. It contains multiple focused plugins that can be installed individually or together.
 
-This repository contains:
-- Claude Code hooks, commands, and automation scripts
-- Data collection skills for archiving OSS project data across platforms (since 2019)
+## Plugins
+
+| Plugin | Description | Install |
+|--------|-------------|---------|
+| **code** | Core development - hooks, scripts, data collection | `claude plugin add host-uk/core-agent/claude/code` |
+| **review** | Code review automation | `claude plugin add host-uk/core-agent/claude/review` |
+| **verify** | Work verification | `claude plugin add host-uk/core-agent/claude/verify` |
+| **qa** | Quality assurance loops | `claude plugin add host-uk/core-agent/claude/qa` |
+| **ci** | CI/CD integration | `claude plugin add host-uk/core-agent/claude/ci` |
+
+Or install all via marketplace:
+```bash
+claude plugin add host-uk/core-agent
+```
+
+## Repository Structure
+
+```
+core-agent/
+├── .claude-plugin/
+│   └── marketplace.json     # Plugin registry (enables auto-updates)
+├── claude/
+│   ├── code/                # Core development plugin
+│   │   ├── .claude-plugin/
+│   │   │   └── plugin.json
+│   │   ├── hooks.json
+│   │   ├── hooks/
+│   │   ├── scripts/
+│   │   ├── commands/        # /code:remember, /code:yes
+│   │   ├── skills/          # Data collection skills
+│   │   └── collection/      # Collection event hooks
+│   ├── review/              # Code review plugin
+│   │   ├── .claude-plugin/
+│   │   │   └── plugin.json
+│   │   └── commands/        # /review:review
+│   ├── verify/              # Verification plugin
+│   │   ├── .claude-plugin/
+│   │   │   └── plugin.json
+│   │   └── commands/        # /verify:verify
+│   ├── qa/                  # QA plugin
+│   │   ├── .claude-plugin/
+│   │   │   └── plugin.json
+│   │   ├── scripts/
+│   │   └── commands/        # /qa:qa, /qa:fix
+│   └── ci/                  # CI plugin
+│       ├── .claude-plugin/
+│       │   └── plugin.json
+│       └── commands/        # /ci:ci, /ci:workflow
+├── CLAUDE.md
+└── .gitignore
+```
+
+## Plugin Commands
+
+### code
+- `/code:remember <fact>` - Save context that persists across compaction
+- `/code:yes <task>` - Auto-approve mode with commit requirement
+
+### review
+- `/review:review [range]` - Code review on staged changes or commits
+
+### verify
+- `/verify:verify [--quick|--full]` - Verify work is complete
+
+### qa
+- `/qa:qa` - Iterative QA fix loop (runs until all checks pass)
+- `/qa:fix <issue>` - Fix a specific QA issue
+
+### ci
+- `/ci:ci [status|run|logs|fix]` - CI status and management
+- `/ci:workflow <type>` - Generate GitHub Actions workflows
 
 ## Core CLI Philosophy
 
-**Always use `core` CLI instead of raw commands.** The `core` binary is a Go framework and CLI that handles the full E2E development lifecycle for Go and PHP ecosystems.
-
-Why this matters:
-- Every agent using `core` is testing the framework
-- Missing features get raised as issues on `host-uk/core`
-- Code as if functionality exists (TDD approach)
-- The CLI becomes battle-tested and eventually bulletproof
+**Always use `core` CLI instead of raw commands.** The `core` binary handles the full E2E development lifecycle for Go and PHP ecosystems.
 
 ### Command Mappings
 
@@ -27,213 +89,82 @@ Why this matters:
 | `go test` | `core go test` |
 | `go build` | `core build` |
 | `go fmt` | `core go fmt` |
-| `go mod tidy` | `core go mod tidy` |
 | `golangci-lint` | `core go lint` |
 | `composer test` | `core php test` |
 | `./vendor/bin/pint` | `core php fmt` |
 | `./vendor/bin/phpstan` | `core php stan` |
-| `php artisan serve` | `core php dev` |
-| `git status` (multi-repo) | `core dev health` |
-| `git commit` (multi-repo) | `core dev commit` |
-| `git push` (multi-repo) | `core dev push` |
-| `gh pr create` | `core ai task:pr` |
 
 ### Key Commands
 
 ```bash
-# Development workflow
-core dev health              # Quick status across all repos
+# Development
+core dev health              # Status across repos
 core dev work                # Full workflow: status → commit → push
-core dev commit              # Claude-assisted commits
-core dev apply --command     # Run command across repos (agent-safe)
 
-# Go development
+# Go
 core go test                 # Run tests
-core go test --filter=Name   # Single test
-core go cov                  # Coverage report
-core go fmt                  # Format code
-core go lint                 # Lint with golangci-lint
 core go qa                   # Full QA pipeline
 
-# PHP development
+# PHP
 core php test                # Run Pest tests
-core php fmt                 # Format with Pint
-core php stan                # PHPStan analysis
 core php qa                  # Full QA pipeline
-core php dev                 # Start dev server
 
-# Building & releases
+# Building
 core build                   # Auto-detect and build
-core build --targets=...     # Cross-compile
-core ci --we-are-go-for-launch  # Publish release
 
-# AI integration
-core ai tasks                # List available tasks
+# AI
 core ai task                 # Auto-select a task
-core ai task:commit          # Commit with task reference
 core ai task:pr              # Create PR for task
-core ai task:complete        # Mark task done
-
-# Quality & security
-core qa health               # Aggregate CI health
-core security alerts         # All security alerts
-core security deps           # Dependabot alerts
-core doctor                  # Check environment
 ```
 
-### Missing Features?
-
-If `core` doesn't have what you need:
-
-1. **Raise an issue** on `host-uk/core` describing the feature
-2. **Code as if it exists** - write the call you wish existed
-3. **Write a TDD test** for the expected behaviour
-4. The feature will get implemented and your code will work
-
-## Installation
-
-```bash
-claude plugin add host-uk/core-agent
-```
-
-Or for local development:
-```bash
-claude plugin add /path/to/core-agent
-```
-
-## Repository Structure
-
-```
-core-agent/
-├── .claude-plugin/
-│   └── plugin.json        # Plugin manifest (enables auto-updates)
-├── hooks.json             # Hook definitions
-├── hooks/                 # Hook scripts
-│   └── prefer-core.sh     # PreToolUse: enforce core CLI
-├── scripts/               # Automation scripts
-│   ├── pre-compact.sh     # Save state before compaction
-│   ├── session-start.sh   # Restore context on startup
-│   ├── php-format.sh      # Auto-format PHP after edits
-│   ├── go-format.sh       # Auto-format Go after edits
-│   ├── check-debug.sh     # Warn about debug statements
-│   ├── auto-approve.sh    # /core:yes PermissionRequest hook
-│   ├── ensure-commit.sh   # /core:yes Stop hook
-│   ├── qa-filter.sh       # /core:qa PostToolUse hook
-│   └── qa-verify.sh       # /core:qa Stop hook
-├── commands/              # Slash commands (skills)
-│   ├── remember.md        # /core:remember - persist facts
-│   ├── yes.md             # /core:yes - auto-approve mode
-│   └── qa.md              # /core:qa - iterative QA fix loop
-├── collection/            # Data collection event hooks
-│   ├── hooks.json         # Collection hook registration
-│   ├── dispatch.sh        # Hook dispatcher
-│   └── *.sh               # Event handlers
-└── skills/                # Data collection skills
-    ├── ledger-papers/     # Whitepaper archive (91+ papers)
-    ├── project-archaeology/ # Dead project excavation
-    ├── bitcointalk/       # BitcoinTalk thread collection
-    ├── coinmarketcap/     # Market data collection
-    ├── github-history/    # Git history preservation
-    └── ...                # Other collectors
-```
-
-## Claude Plugin Features
+## code Plugin Features
 
 ### Hooks
 
 | Hook | File | Purpose |
 |------|------|---------|
 | PreToolUse | `prefer-core.sh` | Block dangerous commands, enforce `core` CLI |
-| PostToolUse | `php-format.sh` | Auto-format PHP via `core php fmt` |
-| PostToolUse | `go-format.sh` | Auto-format Go via `core go fmt` |
+| PostToolUse | `php-format.sh` | Auto-format PHP |
+| PostToolUse | `go-format.sh` | Auto-format Go |
 | PostToolUse | `check-debug.sh` | Warn about debug statements |
 | PreCompact | `pre-compact.sh` | Save state before compaction |
 | SessionStart | `session-start.sh` | Restore context on startup |
 
 ### Blocked Patterns
 
-The plugin blocks dangerous patterns and enforces `core` CLI:
-
 **Destructive operations:**
 - `rm -rf` / `rm -r` (except node_modules, vendor, .cache)
 - `mv`/`cp` with wildcards
 - `xargs` with rm/mv/cp
 - `find -exec` with file operations
 - `sed -i` (in-place editing)
-- `grep -l | ...` (mass file targeting)
 
 **Raw commands (use core instead):**
 - `go test/build/fmt/mod` → `core go *`
-- `golangci-lint` → `core go lint`
 - `composer test` → `core php test`
-- `./vendor/bin/pint` → `core php fmt`
-- `php artisan serve` → `core php dev`
 
-### Commands (Skills)
+### Data Collection Skills
 
-- `/core:remember <fact>` - Save context that persists across compaction
-- `/core:yes <task>` - Auto-approve mode with commit requirement
-- `/core:qa` - Iterative QA fix loop (runs until all checks pass)
-
-### Context Preservation
-
-State is saved to `~/.claude/sessions/` before compaction:
-- Working directory and branch
-- Git status (modified files)
-- In-progress todos
-- User-saved context facts
-
-## Data Collection Skills
-
-### ledger-papers
-
-Archive of 91+ distributed ledger whitepapers across 15 categories.
-
-```bash
-./discover.sh --all              # List all papers
-./discover.sh --category=privacy # Filter by category
-```
-
-### project-archaeology
-
-Excavates abandoned CryptoNote projects before data is lost.
-
-```bash
-./excavate.sh masari             # Full dig
-./excavate.sh masari --scan-only # Check what's accessible
-```
-
-### Other collectors
-
-- `bitcointalk/` - BitcoinTalk thread archival
-- `coinmarketcap/` - Historical price data
-- `github-history/` - Repository history preservation
-- `wallet-releases/` - Binary release archival
-- `block-explorer/` - Blockchain data indexing
+| Skill | Purpose |
+|-------|---------|
+| `ledger-papers/` | 91+ distributed ledger whitepapers |
+| `project-archaeology/` | Dead project excavation |
+| `bitcointalk/` | Forum thread archival |
+| `coinmarketcap/` | Historical price data |
+| `github-history/` | Repository history preservation |
 
 ## Development
 
+### Adding a new plugin
+
+1. Create `claude/<name>/.claude-plugin/plugin.json`
+2. Add commands to `claude/<name>/commands/`
+3. Register in `.claude-plugin/marketplace.json`
+
 ### Testing hooks locally
 
 ```bash
-# Simulate PreToolUse hook input
-echo '{"tool_input": {"command": "rm -rf /"}}' | bash ./hooks/prefer-core.sh
-```
-
-### Adding new hooks
-
-1. Add script to `scripts/`
-2. Register in `hooks.json` using `${CLAUDE_PLUGIN_ROOT}/scripts/yourscript.sh`
-3. Test with simulated input
-
-### Collection skill structure
-
-```
-skills/<name>/
-├── SKILL.md           # Documentation
-├── discover.sh        # Job generator (outputs URL|FILENAME|TYPE|METADATA)
-├── process.sh         # Job processor (optional)
-└── registry.json      # Data registry (optional)
+echo '{"tool_input": {"command": "rm -rf /"}}' | bash ./claude/code/hooks/prefer-core.sh
 ```
 
 ## Coding Standards
@@ -242,9 +173,3 @@ skills/<name>/
 - **Shell scripts**: Use `#!/bin/bash`, read JSON with `jq`
 - **Hook output**: JSON with `decision` (approve/block) and optional `message`
 - **License**: EUPL-1.2 CIC
-
-## Integration with Host UK
-
-This plugin is designed for use across the Host UK federated monorepo. It enforces the `core` CLI for multi-repo operations. See `/Users/snider/Code/host-uk/CLAUDE.md` for full monorepo documentation.
-
-The `core` CLI source lives at `host-uk/core` - raise issues there for missing features.

claude/ci/.claude-plugin/plugin.json

@@ -0,0 +1,8 @@
+{
+  "name": "ci",
+  "description": "CI integration - GitHub Actions status, workflow management",
+  "version": "0.1.0",
+  "author": {
+    "name": "Host UK"
+  }
+}

claude/ci/commands/ci.md

@@ -0,0 +1,80 @@
+---
+name: ci
+description: Check CI status and manage workflows
+args: [status|run|logs|fix]
+---
+
+# CI Integration
+
+Check GitHub Actions status and manage CI workflows.
+
+## Commands
+
+### Status (default)
+```
+/ci:ci
+/ci:ci status
+```
+
+Check current CI status for the repo/branch.
+
+### Run workflow
+```
+/ci:ci run
+/ci:ci run tests
+```
+
+Trigger a workflow run.
+
+### View logs
+```
+/ci:ci logs
+/ci:ci logs 12345
+```
+
+View logs from a workflow run.
+
+### Fix failing CI
+```
+/ci:ci fix
+```
+
+Analyse failing CI and suggest fixes.
+
+## Implementation
+
+### Check status
+```bash
+gh run list --limit 5
+gh run view --log-failed
+```
+
+### Trigger workflow
+```bash
+gh workflow run tests.yml
+```
+
+### View logs
+```bash
+gh run view 12345 --log
+```
+
+## CI Status Report
+
+```markdown
+## CI Status: main
+
+| Workflow | Status | Duration | Commit |
+|----------|--------|----------|--------|
+| Tests | ✓ passing | 2m 34s | abc123 |
+| Lint | ✓ passing | 45s | abc123 |
+| Build | ✗ failed | 1m 12s | abc123 |
+
+### Failing: Build
+```
+Error: go build failed
+  pkg/api/handler.go:42: undefined: ErrNotFound
+```
+
+**Suggested fix**: Add missing error definition
+```

claude/ci/commands/workflow.md

@@ -0,0 +1,76 @@
+---
+name: workflow
+description: Create or update GitHub Actions workflow
+args: <workflow-type>
+---
+
+# Workflow Generator
+
+Create or update GitHub Actions workflows.
+
+## Workflow Types
+
+### test
+Standard test workflow for Go/PHP projects.
+
+### lint
+Linting workflow with golangci-lint or PHPStan.
+
+### release
+Release workflow with goreleaser or similar.
+
+### deploy
+Deployment workflow (requires configuration).
+
+## Usage
+
+```
+/ci:workflow test
+/ci:workflow lint
+/ci:workflow release
+```
+
+## Templates
+
+### Go Test Workflow
+```yaml
+name: Tests
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: '1.22'
+      - run: go test -v ./...
+```
+
+### PHP Test Workflow
+```yaml
+name: Tests
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: shivammathur/setup-php@v2
+        with:
+          php-version: '8.3'
+      - run: composer install
+      - run: composer test
+```

claude/qa/.claude-plugin/plugin.json

@@ -0,0 +1,8 @@
+{
+  "name": "qa",
+  "description": "Quality assurance - iterative fix loops, lint enforcement, test coverage",
+  "version": "0.1.0",
+  "author": {
+    "name": "Host UK"
+  }
+}

claude/qa/commands/fix.md

@@ -0,0 +1,57 @@
+---
+name: fix
+description: Fix a specific QA issue
+args: <issue-description>
+---
+
+# Fix Issue
+
+Fix a specific issue from QA output.
+
+## Usage
+
+```
+/qa:fix undefined: ErrNotFound in pkg/api/handler.go:42
+/qa:fix TestCreateUser failing - expected 200, got 500
+/qa:fix pkg/api/handler.go needs formatting
+```
+
+## Process
+
+1. **Parse the issue**: Extract file, line, error type
+2. **Read context**: Read the file around the error line
+3. **Understand**: Determine root cause
+4. **Fix**: Make minimal change to resolve
+5. **Verify**: Run relevant test/lint check
+
+## Issue Types
+
+### Undefined variable/type
+```
+undefined: ErrNotFound
+```
+→ Add missing import or define the variable
+
+### Test failure
+```
+expected 200, got 500
+```
+→ Read test and implementation, fix logic
+
+### Formatting
+```
+file needs formatting
+```
+→ Run `core go fmt` or `core php fmt`
+
+### Lint warning
+```
+ineffectual assignment to err
+```
+→ Use the variable or remove assignment
+
+### Type error
+```
+cannot use X as Y
+```
+→ Fix type conversion or function signature

claude/qa/commands/qa.md

@@ -0,0 +1,66 @@
+---
+name: qa
+description: Run full QA pipeline and fix all issues iteratively
+hooks:
+  PostToolUse:
+    - matcher: "Bash"
+      hooks:
+        - type: command
+          command: "${CLAUDE_PLUGIN_ROOT}/scripts/qa-filter.sh"
+  Stop:
+    - hooks:
+        - type: command
+          command: "${CLAUDE_PLUGIN_ROOT}/scripts/qa-verify.sh"
+          once: true
+---
+
+# QA Fix Loop
+
+Run the full QA pipeline and fix all issues until everything passes.
+
+## Detection
+
+First, detect the project type:
+- If `go.mod` exists → Go project → `core go qa`
+- If `composer.json` exists → PHP project → `core php qa`
+- If both exist → check current directory or ask
+
+## Process
+
+1. **Run QA**: Execute `core go qa` or `core php qa`
+2. **Parse issues**: Extract failures from output
+3. **Fix each issue**: Address one at a time, simplest first
+4. **Re-verify**: After fixes, re-run QA
+5. **Repeat**: Until all checks pass
+6. **Report**: Summary of what was fixed
+
+## Issue Priority
+
+Fix in this order (fastest feedback first):
+1. **fmt** - formatting (auto-fix with `core go fmt`)
+2. **lint** - static analysis (usually quick fixes)
+3. **test** - failing tests (may need investigation)
+4. **build** - compilation errors (fix before tests can run)
+
+## Fixing Strategy
+
+**Formatting (fmt/pint):**
+- Just run `core go fmt` or `core php fmt`
+- No code reading needed
+
+**Lint errors:**
+- Read the specific file:line
+- Understand the error type
+- Make minimal fix
+
+**Test failures:**
+- Read the test file to understand expectation
+- Read the implementation
+- Fix the root cause (not just the symptom)
+
+## Stop Condition
+
+Only stop when:
+- All QA checks pass, OR
+- User explicitly cancels, OR
+- Same error repeats 3 times (stuck - ask for help)

claude/qa/scripts/qa-filter.sh

@@ -0,0 +1,62 @@
+#!/bin/bash
+# Filter QA output to show only actionable issues during /core:qa mode
+#
+# PostToolUse hook that processes QA command output and extracts
+# only the failures, hiding verbose success output.
+
+read -r input
+COMMAND=$(echo "$input" | jq -r '.tool_input.command // empty')
+OUTPUT=$(echo "$input" | jq -r '.tool_response.stdout // .tool_response.output // empty')
+EXIT_CODE=$(echo "$input" | jq -r '.tool_response.exit_code // 0')
+
+# Only process QA-related commands
+case "$COMMAND" in
+    "core go qa"*|"core php qa"*|"core go test"*|"core php test"*|"core go lint"*|"core php stan"*)
+        ;;
+    *)
+        # Not a QA command, pass through unchanged
+        echo "$input"
+        exit 0
+        ;;
+esac
+
+# Extract failures from output
+FAILURES=$(echo "$OUTPUT" | grep -E "^(FAIL|---\s*FAIL|✗|ERROR|undefined:|error:|panic:)" | head -20)
+SUMMARY=$(echo "$OUTPUT" | grep -E "^(fmt:|lint:|test:|pint:|stan:|=== RESULT ===)" | tail -5)
+
+# Also grab specific error lines with file:line references
+FILE_ERRORS=$(echo "$OUTPUT" | grep -E "^[a-zA-Z0-9_/.-]+\.(go|php):[0-9]+:" | head -10)
+
+if [ -z "$FAILURES" ] && [ "$EXIT_CODE" = "0" ]; then
+    # All passed - show brief confirmation
+    cat << 'EOF'
+{
+  "suppressOutput": true,
+  "hookSpecificOutput": {
+    "hookEventName": "PostToolUse",
+    "additionalContext": "✓ QA passed"
+  }
+}
+EOF
+else
+    # Combine failures and file errors
+    ISSUES="$FAILURES"
+    if [ -n "$FILE_ERRORS" ]; then
+        ISSUES="$ISSUES
+$FILE_ERRORS"
+    fi
+
+    # Escape for JSON
+    ISSUES_ESCAPED=$(echo "$ISSUES" | sed 's/\\/\\\\/g' | sed 's/"/\\"/g' | sed ':a;N;$!ba;s/\n/\\n/g')
+    SUMMARY_ESCAPED=$(echo "$SUMMARY" | sed 's/\\/\\\\/g' | sed 's/"/\\"/g' | sed ':a;N;$!ba;s/\n/ | /g')
+
+    cat << EOF
+{
+  "suppressOutput": true,
+  "hookSpecificOutput": {
+    "hookEventName": "PostToolUse",
+    "additionalContext": "## QA Issues\n\n\`\`\`\n$ISSUES_ESCAPED\n\`\`\`\n\n**Summary:** $SUMMARY_ESCAPED"
+  }
+}
+EOF
+fi

claude/qa/scripts/qa-verify.sh

@@ -0,0 +1,44 @@
+#!/bin/bash
+# Verify QA passes before stopping during /core:qa mode
+#
+# Stop hook that runs QA checks and blocks if any failures exist.
+# Ensures Claude fixes all issues before completing the task.
+
+read -r input
+STOP_ACTIVE=$(echo "$input" | jq -r '.stop_hook_active // false')
+
+# Prevent infinite loop
+if [ "$STOP_ACTIVE" = "true" ]; then
+    exit 0
+fi
+
+# Detect project type and run QA
+if [ -f "go.mod" ]; then
+    PROJECT="go"
+    RESULT=$(core go qa 2>&1) || true
+elif [ -f "composer.json" ]; then
+    PROJECT="php"
+    RESULT=$(core php qa 2>&1) || true
+else
+    # Not a Go or PHP project, allow stop
+    exit 0
+fi
+
+# Check if QA passed
+if echo "$RESULT" | grep -qE "FAIL|ERROR|✗|panic:|undefined:"; then
+    # Extract top issues for context
+    ISSUES=$(echo "$RESULT" | grep -E "^(FAIL|ERROR|✗|undefined:|panic:)|^[a-zA-Z0-9_/.-]+\.(go|php):[0-9]+:" | head -5)
+
+    # Escape for JSON
+    ISSUES_ESCAPED=$(echo "$ISSUES" | sed 's/\\/\\\\/g' | sed 's/"/\\"/g' | sed ':a;N;$!ba;s/\n/\\n/g')
+
+    cat << EOF
+{
+  "decision": "block",
+  "reason": "QA still has issues:\n\n$ISSUES_ESCAPED\n\nPlease fix these before stopping."
+}
+EOF
+else
+    # QA passed, allow stop
+    exit 0
+fi

claude/review/.claude-plugin/plugin.json

@@ -0,0 +1,8 @@
+{
+  "name": "review",
+  "description": "Code review automation - PR review, security checks, best practices",
+  "version": "0.1.0",
+  "author": {
+    "name": "Host UK"
+  }
+}

claude/review/commands/review.md

@@ -0,0 +1,63 @@
+---
+name: review
+description: Perform code review on staged changes or PRs
+args: [commit-range|--pr=N|--security]
+---
+
+# Code Review
+
+Perform a thorough code review of the specified changes.
+
+## Arguments
+
+- No args: Review staged changes
+- `HEAD~3..HEAD`: Review last 3 commits
+- `--pr=123`: Review PR #123
+- `--security`: Focus on security issues
+
+## Process
+
+1. **Gather changes**: Get diff for the specified range
+2. **Analyse each file**: Review for issues by category
+3. **Report findings**: Output structured review
+
+## Review Checklist
+
+| Category | Checks |
+|----------|--------|
+| **Correctness** | Logic errors, edge cases, error handling |
+| **Security** | SQL injection, XSS, hardcoded secrets, CSRF |
+| **Performance** | N+1 queries, unnecessary loops, large allocations |
+| **Maintainability** | Naming, structure, complexity |
+| **Tests** | Coverage gaps, missing assertions |
+
+## Output Format
+
+```markdown
+## Code Review: [title]
+
+### Critical
+- **file:line** - Issue description
+
+### Warning
+- **file:line** - Issue description
+
+### Suggestions
+- **file:line** - Improvement idea
+
+---
+**Summary**: X critical, Y warnings, Z suggestions
+```
+
+## Commands
+
+```bash
+# Get staged diff
+git diff --cached
+
+# Get PR diff
+gh pr diff 123
+
+# Get commit range diff
+git diff HEAD~3..HEAD
+```

claude/verify/.claude-plugin/plugin.json

@@ -0,0 +1,8 @@
+{
+  "name": "verify",
+  "description": "Work verification - ensure tests pass, code quality checks complete",
+  "version": "0.1.0",
+  "author": {
+    "name": "Host UK"
+  }
+}

claude/verify/commands/verify.md

@@ -0,0 +1,87 @@
+---
+name: verify
+description: Verify work is complete before stopping
+args: [--quick|--full]
+---
+
+# Work Verification
+
+Verify that your work is complete and ready to commit/push.
+
+## Arguments
+
+- No args: Standard verification
+- `--quick`: Fast checks only (format, lint)
+- `--full`: All checks including slow tests
+
+## Verification Steps
+
+### 1. Check for uncommitted changes
+```bash
+git status --porcelain
+```
+
+### 2. Check for debug statements
+Look for:
+- Go: `fmt.Println`, `log.Println`, `spew.Dump`
+- PHP: `dd(`, `dump(`, `var_dump(`, `ray(`
+- JS/TS: `console.log`, `debugger`
+
+### 3. Run tests
+```bash
+# Go
+core go test
+
+# PHP
+core php test
+```
+
+### 4. Run linter
+```bash
+# Go
+core go lint
+
+# PHP
+core php stan
+```
+
+### 5. Check formatting
+```bash
+# Go
+core go fmt --check
+
+# PHP
+core php fmt --test
+```
+
+## Output
+
+Report verification status:
+
+```
+## Verification Results
+
+✓ No uncommitted changes
+✓ No debug statements found
+✓ Tests passing (47/47)
+✓ Lint clean
+✓ Formatting correct
+
+**Status: READY**
+```
+
+Or if issues found:
+
+```
+## Verification Results
+
+✓ No uncommitted changes
+✗ Debug statement found: src/handler.go:42
+✗ Tests failing (45/47)
+✓ Lint clean
+✓ Formatting correct
+
+**Status: NOT READY**
+
+Fix these issues before proceeding.
+```