From 5242fd78c5b895f5d5afa45653d7d75f3c20e755 Mon Sep 17 00:00:00 2001
From: Christian Kaman <support@tekimax.com>
Date: Mon, 13 Apr 2026 04:16:57 -0500
Subject: [PATCH 1/2] Add tekimax-security to community catalog

Adds an entry for TEKIMAX Secure SDD, a security-first extension
that wires threat modeling (STRIDE), data contracts, AI guardrails,
model governance, automated red teaming, and post-implementation
audit into Spec Kit's hook system.

- 7 slash commands across SPECIFY / DESIGN / IMPLEMENT / VERIFY
- 5 phase hooks: after_specify, after_plan, before_implement,
  after_implement, before_analyze
- Apache-2.0 licensed
- Repository: https://github.com/TEKIMAX/speckit-security
---
 README.md                         |  1 +
 extensions/catalog.community.json | 35 +++++++++++++++++++++++++++++++
 2 files changed, 36 insertions(+)

diff --git a/README.md b/README.md
index e366ad5b1..a1f22f81c 100644
--- a/README.md
+++ b/README.md
@@ -236,6 +236,7 @@ The following community-contributed extensions are available in [`catalog.commun
 | Staff Review Extension | Staff-engineer-level code review that validates implementation against spec, checks security, performance, and test coverage | `code` | Read-only | [spec-kit-staff-review](https://github.com/arunt14/spec-kit-staff-review) |
 | Status Report | Project status, feature progress, and next-action recommendations for spec-driven workflows | `visibility` | Read-only | [Open-Agent-Tools/spec-kit-status](https://github.com/Open-Agent-Tools/spec-kit-status) |
 | Superpowers Bridge | Orchestrates obra/superpowers skills within the spec-kit SDD workflow across the full lifecycle (clarification, TDD, review, verification, critique, debugging, branch completion) | `process` | Read+Write | [superpowers-bridge](https://github.com/RbBtSn0w/spec-kit-extensions/tree/main/superpowers-bridge) |
+| TEKIMAX Secure SDD | Adds security gates to the SDD lifecycle — STRIDE threat modeling, data contracts, AI guardrails, model governance, and automated red team runs | `process` | Read+Write | [speckit-security](https://github.com/TEKIMAX/speckit-security) |
 | TinySpec | Lightweight single-file workflow for small tasks — skip the heavy multi-step SDD process | `process` | Read+Write | [spec-kit-tinyspec](https://github.com/Quratulain-bilal/spec-kit-tinyspec) |
 | V-Model Extension Pack | Enforces V-Model paired generation of development specs and test specs with full traceability | `docs` | Read+Write | [spec-kit-v-model](https://github.com/leocamello/spec-kit-v-model) |
 | Verify Extension | Post-implementation quality gate that validates implemented code against specification artifacts | `code` | Read-only | [spec-kit-verify](https://github.com/ismaelJimenez/spec-kit-verify) |
diff --git a/extensions/catalog.community.json b/extensions/catalog.community.json
index ec7ad87c5..398e4f7e0 100644
--- a/extensions/catalog.community.json
+++ b/extensions/catalog.community.json
@@ -1751,6 +1751,41 @@
       "created_at": "2026-03-02T00:00:00Z",
       "updated_at": "2026-03-02T00:00:00Z"
     },
+    "tekimax-security": {
+      "name": "TEKIMAX Secure SDD",
+      "id": "tekimax-security",
+      "description": "Adds security gates to the SDD lifecycle — STRIDE threat modeling, data contracts, AI guardrails, model governance, automated red team, and post-implementation audit. Seven commands wired into five Spec Kit hooks.",
+      "author": "Christian Kaman (TEKIMAX)",
+      "version": "0.2.0",
+      "download_url": "https://github.com/TEKIMAX/speckit-security/archive/refs/tags/v0.2.0.zip",
+      "repository": "https://github.com/TEKIMAX/speckit-security",
+      "homepage": "https://tekimax.com",
+      "documentation": "https://github.com/TEKIMAX/speckit-security/blob/main/docs/GETTING-STARTED.md",
+      "changelog": "https://github.com/TEKIMAX/speckit-security/blob/main/CHANGELOG.md",
+      "license": "Apache-2.0",
+      "requires": {
+        "speckit_version": ">=0.1.0"
+      },
+      "provides": {
+        "commands": 7,
+        "hooks": 5
+      },
+      "tags": [
+        "security",
+        "threat-modeling",
+        "stride",
+        "red-team",
+        "guardrails",
+        "ai-safety",
+        "prompt-injection",
+        "compliance"
+      ],
+      "verified": false,
+      "downloads": 0,
+      "stars": 0,
+      "created_at": "2026-04-13T07:00:00Z",
+      "updated_at": "2026-04-13T07:00:00Z"
+    },
     "tinyspec": {
       "name": "TinySpec",
       "id": "tinyspec",

From e7646be9259471ee1eb88a41c546d7ff43ae2528 Mon Sep 17 00:00:00 2001
From: Christian Kaman <support@tekimax.com>
Date: Mon, 13 Apr 2026 09:05:50 -0500
Subject: [PATCH 2/2] tekimax-security: bump to v0.2.2 with 8 commands

Updates the existing catalog entry to reflect the v0.2.2 release:

- version 0.2.0 -> 0.2.2
- download_url repointed at the v0.2.2 archive
- provides.commands 7 -> 8 (new install-rules command)
- description updated to mention the new install-rules capability
  which writes to the spec-kit constitution and agent context files
- updated_at timestamp refreshed
---
 extensions/catalog.community.json | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/extensions/catalog.community.json b/extensions/catalog.community.json
index 398e4f7e0..0dda1c277 100644
--- a/extensions/catalog.community.json
+++ b/extensions/catalog.community.json
@@ -1754,10 +1754,10 @@
     "tekimax-security": {
       "name": "TEKIMAX Secure SDD",
       "id": "tekimax-security",
-      "description": "Adds security gates to the SDD lifecycle — STRIDE threat modeling, data contracts, AI guardrails, model governance, automated red team, and post-implementation audit. Seven commands wired into five Spec Kit hooks.",
+      "description": "Adds security gates to the SDD lifecycle — STRIDE threat modeling, data contracts, AI guardrails, model governance, automated red team, and post-implementation audit. Eight commands wired into five Spec Kit hooks. Rules can be installed into the project constitution and agent context files so they bind the AI agent at runtime.",
       "author": "Christian Kaman (TEKIMAX)",
-      "version": "0.2.0",
-      "download_url": "https://github.com/TEKIMAX/speckit-security/archive/refs/tags/v0.2.0.zip",
+      "version": "0.2.2",
+      "download_url": "https://github.com/TEKIMAX/speckit-security/archive/refs/tags/v0.2.2.zip",
       "repository": "https://github.com/TEKIMAX/speckit-security",
       "homepage": "https://tekimax.com",
       "documentation": "https://github.com/TEKIMAX/speckit-security/blob/main/docs/GETTING-STARTED.md",
@@ -1767,7 +1767,7 @@
         "speckit_version": ">=0.1.0"
       },
       "provides": {
-        "commands": 7,
+        "commands": 8,
         "hooks": 5
       },
       "tags": [
@@ -1784,7 +1784,7 @@
       "downloads": 0,
       "stars": 0,
       "created_at": "2026-04-13T07:00:00Z",
-      "updated_at": "2026-04-13T07:00:00Z"
+      "updated_at": "2026-04-13T08:30:00Z"
     },
     "tinyspec": {
       "name": "TinySpec",