π¦
Product Forge
Claude Code Marketplace Plugin to dev like a pro in a multi-agent fashion
0 installs
Trust: 34 β Low
Agents
Ask AI about Product Forge
Powered by Claude Β· Grounded in docs
I know everything about Product Forge. Ask me about installation, configuration, usage, or troubleshooting.
0/500
Loading tools...
Reviews
Documentation
Product Forge
A comprehensive Claude Code marketplace plugin for product development, PRD management, task tracking, and secure technical implementation. Features CPO/CTO/Marketing/UX/DPO/DevOps/Data Engineering/RAG-CAG expertise with specialized technical agents (Django, FastAPI, FastMCP, React/TypeScript, Celery, Playwright) that research current documentation before coding. Includes design system management, cloud infrastructure (AWS, GCP, Ansible), data transformation (dbt, SQLMesh), RAG/CAG architecture with multi-tenant security, MCP security with 5-layer defense, OAuth/OIDC, and privacy compliance (GDPR/CCPA).
Forge CLI Utilities
Product Forge includes a unified forge CLI tool for skill-related utilities:
YouTube Transcript Fetcher
Fetch YouTube video transcripts as readable text files:
# Install with YouTube support
uv tool install . --with youtube-transcript-api
# Fetch transcript
forge youtube "https://www.youtube.com/watch?v=dQw4w9WgXcQ"
forge youtube "https://youtu.be/dQw4w9WgXcQ" --output transcripts/
forge youtube dQw4w9WgXcQ
Feedback Management
Manage Product Forge learnings and feedback:
# Initialize learnings directory
forge feedback init
# Show statistics
forge feedback stats
# List feedback items
forge feedback list
forge feedback list --project product-forge
forge feedback list --type improvement
# Save feedback (used by hooks)
cat feedback.json | forge feedback save
See FORGE_CLI_IMPLEMENTATION_SUMMARY.md for complete CLI documentation.
Features
Skills (Automatic Context Activation)
Skills automatically activate when Claude detects relevant context, providing expert guidance without explicit commands.
| Skill | Triggers | Description |
|---|---|---|
| PRD Management | prd, requirements | Automatic lifecycle management and organization |
| Task Orchestration | task, implement | Documentation-first execution with quality checks |
| Product Strategy | strategy, market | Chief Product Officer expertise with proven frameworks |
| Documentation Research | code, build, develop | Enforces online documentation research before implementation |
| MCP Security | mcp security, prompt injection, authorization | 5-layer defense architecture for multi-agent systems |
| Design System | design system, components, tokens | Build and reuse UI components, tokens, and patterns |
| Python Style | python, django, fastapi, celery | PEP standards, type hints, and modern Python patterns |
| TypeScript Style | typescript, react, node, eslint | Strict typing, ESLint, and modern TS/JS patterns |
| Privacy Compliance | gdpr, ccpa, privacy, data protection | GDPR, CCPA/CPRA, and regional compliance |
| AWS Cloud | aws, ec2, s3, lambda, iam | AWS services best practices and IAM security |
| GCP Cloud | gcp, gce, bigquery, cloud run | Google Cloud best practices and IAM security |
| Ansible | ansible, playbook, vault | Ansible automation for infrastructure |
| OAuth | oauth, oidc, jwt, pkce | OAuth 2.0 and OpenID Connect implementation |
| dbt | dbt, data transformation | dbt modeling, testing, and documentation |
| SQLMesh | sqlmesh, virtual environments | SQLMesh incremental models and CI/CD |
| RAG/CAG Architecture | rag, cag, vector database, embeddings | RAG/CAG patterns, chunking, multi-tenant security |
| Chunking Strategies | chunking, text splitting, semantic chunking | Document-type-specific chunking, RAPTOR, evaluation |
Commands (Explicit User Actions)
Commands you invoke when you need specific functionality.
| Command | Usage | Description |
|---|---|---|
/create-prd | /create-prd my-product | Interactive PRD creation wizard |
/create-prd-feature | /create-prd-feature auth | Create feature-specific PRD |
/generate-tasks | /generate-tasks prd.md | Convert PRD to task list |
/prd-status | /prd-status prd.md --set ACTIVE | Check/update PRD status |
/list-prds | /list-prds --status ACTIVE | List PRDs with metadata |
/task-list | /task-list --dir focus | List tasks with progress |
/task-focus | /task-focus TASK-001 | Focus on specific task |
/discovery-session | /discovery-session my-product | Start product discovery |
/create-persona | /create-persona developer | Create user persona |
/position-product | /position-product my-product | Define positioning |
/brainstorm-solution | /brainstorm-solution "problem" | Structured brainstorming |
/prd-progress | /prd-progress prd.md | Show implementation progress |
/prd-archive | /prd-archive prd.md | Archive completed PRDs |
/quick-start | /quick-start | Quick start guide |
Agents (Complex Multi-Step Tasks)
Agents handle autonomous, multi-step workflows.
Leadership Agents
| Agent | Role | Capabilities |
|---|---|---|
| product-architect | Chief Product Officer | Discovery, strategy, roadmap, launch planning |
| cto-architect | Chief Technology Officer | System design, tech selection, team coordination |
| marketing-expert | Brand Strategist | Brand guidelines, messaging, go-to-market |
| dpo-expert | Data Protection Officer | GDPR/CCPA compliance, privacy audits, DPIA |
Design & Experience Agents
| Agent | Role | Capabilities |
|---|---|---|
| ui-product-expert | UI Specialist | UI guidelines, design tokens, visual QA (Playwright MCP) |
| ux-expert | UX Specialist | User research, usability testing, accessibility |
Product Management Agents
| Agent | Role | Capabilities |
|---|---|---|
| prd-orchestrator | PRD Lifecycle Manager | Create, validate, track, archive PRDs |
| task-executor | Task Implementation | Documentation-first execution, quality checks |
Infrastructure & DevOps Agents
| Agent | Role | Capabilities |
|---|---|---|
| devops-expert | DevOps Engineer | CI/CD, Terraform, Kubernetes, Docker, GitOps |
| data-engineering-expert | Data Engineer | dbt, SQLMesh, ELT pipelines, data quality |
AI/ML Agents
| Agent | Role | Capabilities |
|---|---|---|
| rag-cag-expert | RAG/CAG Architect | RAG architecture, chunking, vector DBs, GraphRAG, semantic caching |
Technical Specialist Agents
All technical specialists research online documentation before implementation to ensure current best practices.
| Agent | Expertise | Key Capabilities |
|---|---|---|
| django-expert | Python Django | Models, views, DRF, admin, authentication |
| fastapi-expert | Python FastAPI | Async APIs, Pydantic, OpenAPI, JWT |
| fastmcp-expert | Python FastMCP | MCP tools, resources, Claude integration |
| react-typescript-expert | React + TypeScript | Components, hooks, state, testing |
| python-testing-expert | pytest | Unit tests, integration, mocking, CI/CD |
| celery-expert | Python Celery | Task queues, async processing, scheduling |
| playwright-testing-expert | Playwright | E2E testing, visual regression, accessibility |
| mcp-security-expert | Multi-Agent Security | 5-layer defense, prompt injection, authorization |
Agent Hierarchy
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β LEADERSHIP LAYER β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β product-architect cto-architect marketing-expert dpo-expert β
β (CPO) (CTO) (Brand) (Privacy) β
β ββ Strategy ββ Architecture ββ Brand Guidelines ββ GDPR/CCPA β
β ββ Market Analysis ββ Tech Select ββ Messaging ββ Privacy Auditsβ
β ββ Roadmap ββ Coordinates β ββ Go-to-Market ββ DPIA β
β β β
ββββββββββββββββββββββββββββββββΌββββββββββββββββββββββββββββββββββββββββββββββββ
β
βββββββββββββββββββββββββββΌββββββββββββββββββββββββββ
β β β
βΌ βΌ βΌ
βββββββββββββββββββ βββββββββββββββββββββ βββββββββββββββββββββββ
β DESIGN/UX β β BACKEND β β FRONTEND/QA β
βββββββββββββββββββ€ βββββββββββββββββββββ€ βββββββββββββββββββββββ€
β β β β β β
β ui-product- β β django-expert β β react-typescript- β
β expert β β fastapi-expert β β expert β
β ux-expert β β fastmcp-expert β β playwright-testing β
β β β celery-expert β β expert β
β Uses Playwright β β β β β
β MCP for QA β β β β β
βββββββββββββββββββ βββββββββββββββββββββ βββββββββββββββββββββββ
β
βββββββββββββββββββββββββΌββββββββββββββββββββββββ
β β β
βΌ βΌ βΌ
ββββββββββββββββββββ ββββββββββββββββββββ ββββββββββββββββββββββββ
β INFRASTRUCTURE β β DATA β β AI/ML β
ββββββββββββββββββββ€ ββββββββββββββββββββ€ ββββββββββββββββββββββββ€
β β β β β β
β devops-expert β β data-engineering β β rag-cag-expert β
β ββ CI/CD β β expert β β ββ RAG Architecture β
β ββ Terraform β β ββ dbt β β ββ Chunking β
β ββ Kubernetes β β ββ SQLMesh β β ββ Vector DBs β
β ββ AWS/GCP β β ββ Data Quality β β ββ GraphRAG β
ββββββββββββββββββββ ββββββββββββββββββββ ββββββββββββββββββββββββ
β
βββββββββββββββββ΄ββββββββββββββββ
β β
βΌ βΌ
ββββββββββββββββββββββββ ββββββββββββββββββββββββ
β SECURITY β β TESTING β
ββββββββββββββββββββββββ€ ββββββββββββββββββββββββ€
β β β β
β mcp-security-expert β β python-testing-expertβ
β ββ 5-layer defense β β ββ pytest β
β ββ Prompt injection β β ββ Mocking β
β ββ Authorization β β ββ Coverage β
ββββββββββββββββββββββββ ββββββββββββββββββββββββ
π¬ ALL SPECIALISTS RESEARCH DOCS FIRST π¬
Documentation-First Approach
All technical specialists follow a strict documentation-first approach:
Before ANY implementation:
1. SEARCH official documentation online
2. READ current best practices
3. IDENTIFY deprecated patterns
4. REPORT findings to user
5. PROCEED with implementation
Example output:
ββββββββββββββββββββββββββββββββββββββββββββββ
β Documentation Research Summary β
ββββββββββββββββββββββββββββββββββββββββββββββ€
β Technology: Django 5.0 β
β β
β CURRENT BEST PRACTICES β
β * Use AbstractUser for custom users β
β * Define AUTH_USER_MODEL early β
β β
β DEPRECATED PATTERNS β
β * Profile model extension (legacy) β
β β
β SOURCE: docs.djangoproject.com β
ββββββββββββββββββββββββββββββββββββββββββββββ
MCP Security: 5-Layer Defense Architecture
For MCP servers, multi-agent systems, and text-to-SQL pipelines, the plugin enforces a 5-layer defense architecture:
ββββββββββββββββββββββββββββββββββββββ
β Layer 1: INPUT GUARDRAILS β
β * Rate limiting * Length limits β
β * Injection detection (ML+regex) β
ββββββββββββββββββββββββββββββββββββββ
β
ββββββββββββββββββββββββββββββββββββββ
β Layer 2: AUTHORIZATION GATE β
β * UserβRole mapping * RBAC/ABAC β
β * Schema filtering before agent β
ββββββββββββββββββββββββββββββββββββββ
β
ββββββββββββββββββββββββββββββββββββββ
β Layer 3: SQL VALIDATION β
β * AST parsing * DDL/DML blocklist β
β * Table allowlist * RLS injection β
ββββββββββββββββββββββββββββββββββββββ
β
ββββββββββββββββββββββββββββββββββββββ
β Layer 4: EXECUTION SANDBOX β
β * Read-only conn * Timeout β
β * Cost limits * Row limits β
ββββββββββββββββββββββββββββββββββββββ
β
ββββββββββββββββββββββββββββββββββββββ
β Layer 5: OUTPUT GUARDRAILS β
β * PII masking * Audit logging β
β * Result limits * SIEM export β
ββββββββββββββββββββββββββββββββββββββ
Core Principle: Security is NOT a peer agent. Security is INFRASTRUCTURE.
BAD: Security Agent (can be prompt-injected)
GOOD: Security Guardrails (deterministic, cannot be "convinced")
The mcp-security skill automatically activates and warns when detecting:
- User input going directly to LLM without validation
- Generated SQL without proper validation
- Agents trusting previous agent's authorization checks
- Mutable or unsigned user context
- Missing audit logging
Installation
From Claude Code Marketplace
/plugin marketplace add jpoutrin/product-forge
Manual Installation from GitHub
Step 1: Clone the repository
# Clone to your preferred location
git clone https://github.com/jpoutrin/product-forge.git ~/projects/product-forge
cd ~/projects/product-forge
Step 2: Install the Forge CLI
The Forge CLI provides command-line utilities for browser capture, feedback management, and webhook notifications.
# Install using uv (recommended)
uv tool install -e .
# Verify installation
forge --version # Should show: forge, version 0.2.0
forge --help # Show available commands
Step 3: Initialize all subsystems
# Initialize everything (prompts for webhook confirmation)
forge init
# Or skip webhook system
forge init --skip-webhook
# Or initialize only specific subsystems
forge init --skip-feedback --skip-webhook # Browser capture only
This will set up:
- β
Feedback/learnings directory (
~/.claude/forge/learnings/) - β
Browser capture system (
~/browser-logs/with config) - β Webhook notifications (optional - LaunchAgent + shell config)
Step 4: Install the Claude Code plugin
# Install plugin from local directory
claude plugin install ~/projects/product-forge
# Or install to standard location
git clone https://github.com/jpoutrin/product-forge.git ~/.claude/plugins/product-forge
Prerequisites
- Python 3.9+ - Required for Forge CLI
- uv - Python package manager (install guide)
- Claude Code - Latest version recommended
Forge CLI Commands
After installation, the forge command provides:
# Browser log capture (Chromium browsers: Dia, Chrome, Edge)
forge browser-capture --page "Dashboard" --all
# View forge logs
forge logs -f
# Feedback management
forge feedback list
forge feedback stats
# Webhook notifications (macOS only)
forge webhook status
# Session management
forge session list
Updating
cd ~/projects/product-forge
git pull
uv tool install -e . --force # Reinstall CLI
Quick Start
1. Product Planning (CPO Path)
# Full discovery session with CPO guidance
/discovery-session my-awesome-product
# Or quick PRD creation
/create-prd my-awesome-product
2. Technical Architecture (CTO Path)
The CTO agent will:
- Design system architecture
- Select appropriate technologies
- Delegate to specialist agents
- Coordinate implementation
3. Implementation
Technical specialists work with documentation research:
# Django web application
β django-expert researches docs.djangoproject.com
β Implements with current best practices
# FastAPI microservice
β fastapi-expert researches fastapi.tiangolo.com
β Implements with Pydantic V2 patterns
# React frontend
β react-typescript-expert researches react.dev
β Implements with React 18 patterns
# Testing
β python-testing-expert ensures 80%+ coverage
4. Infrastructure & DevOps
# DevOps expert handles CI/CD and infrastructure
β devops-expert configures GitHub Actions
β Sets up Terraform for AWS/GCP
β Deploys to Kubernetes
# Data pipelines with dbt/SQLMesh
β data-engineering-expert designs data models
β Implements incremental transformations
β Sets up data quality tests
5. Task Tracking
# Generate tasks from PRD
/generate-tasks my-awesome-product-prd.md
# List and track progress
/task-list
# Focus on specific task
/task-focus TASK-001
Plugin Structure
product-forge/
βββ .claude-plugin/
β βββ plugin.json # Plugin metadata (v1.0.0)
βββ commands/ (14 commands) # Slash commands
β βββ create-prd.md
β βββ discovery-session.md
β βββ ...
βββ skills/ (17 skills) # Auto-activating context
β βββ prd-management/
β βββ task-orchestration/
β βββ product-strategy/
β βββ documentation-research/
β βββ mcp-security/ # 5-layer defense
β βββ design-system/ # Component library
β βββ python-style/ # Python code style
β βββ typescript-style/ # TypeScript code style
β βββ privacy-compliance/ # GDPR/CCPA
β βββ aws-cloud/ # AWS best practices
β βββ gcp-cloud/ # GCP best practices
β βββ ansible/ # Ansible automation
β βββ oauth/ # OAuth 2.0/OIDC
β βββ dbt/ # dbt transformation
β βββ sqlmesh/ # SQLMesh patterns
β βββ rag-cag-security/ # RAG/CAG architecture
β βββ chunking-strategies/ # Document chunking deep-dive
βββ agents/ (19 agents) # Multi-step workflows
β βββ product-architect.md # CPO
β βββ cto-architect.md # CTO
β βββ marketing-expert.md # Brand strategy
β βββ dpo-expert.md # Privacy/GDPR
β βββ ui-product-expert.md # UI guidelines
β βββ ux-expert.md # User experience
β βββ devops-expert.md # CI/CD, Infrastructure
β βββ data-engineering-expert.md # dbt, SQLMesh, pipelines
β βββ rag-cag-expert.md # RAG/CAG architecture
β βββ prd-orchestrator.md
β βββ task-executor.md
β βββ django-expert.md
β βββ fastapi-expert.md
β βββ fastmcp-expert.md
β βββ celery-expert.md # Task queues
β βββ react-typescript-expert.md
β βββ playwright-testing-expert.md # E2E testing
β βββ python-testing-expert.md
β βββ mcp-security-expert.md
βββ templates/ # Document templates
βββ processes/ # Process documentation
βββ README.md
When to Use What
| Need | Use | Why |
|---|---|---|
| Plan a new product | product-architect agent | CPO expertise for strategy |
| Design system architecture | cto-architect agent | CTO expertise + delegates to specialists |
| Create brand guidelines | marketing-expert agent | Brand strategy and messaging |
| Ensure privacy compliance | dpo-expert agent | GDPR/CCPA expertise |
| Design UI guidelines | ui-product-expert agent | Design tokens, component specs |
| Plan user experience | ux-expert agent | Research, journey mapping, usability |
| Build Django web app | django-expert agent | Researches Django docs first |
| Build FastAPI service | fastapi-expert agent | Researches FastAPI docs first |
| Build React frontend | react-typescript-expert agent | Researches React docs first |
| Create MCP server | fastmcp-expert agent | Researches MCP protocol first |
| Add background tasks | celery-expert agent | Task queues and scheduling |
| Set up CI/CD pipelines | devops-expert agent | GitHub Actions, Terraform, K8s |
| Build data pipelines | data-engineering-expert agent | dbt, SQLMesh, data quality |
| Design RAG/CAG systems | rag-cag-expert agent | Chunking, vector DBs, multi-tenant |
| Write E2E tests | playwright-testing-expert agent | Visual regression, accessibility |
| Write unit tests | python-testing-expert agent | pytest expertise |
| Secure multi-agent system | mcp-security-expert agent | 5-layer defense architecture |
| Implement OAuth/OIDC | Use oauth skill | Authorization Code + PKCE |
| Deploy to AWS | Use aws-cloud skill | IAM, EC2, S3, Lambda patterns |
| Deploy to GCP | Use gcp-cloud skill | IAM, Cloud Run, BigQuery patterns |
| Automate infrastructure | Use ansible skill | Playbooks, roles, vault |
| Build RAG pipelines | Use rag-cag-security skill | Architecture, chunking, security |
| Create a PRD | /create-prd command | Interactive wizard |
| Track tasks | /task-list command | Visual progress |
Key Concepts
CTO Orchestration
The CTO agent coordinates technical specialists:
User: "Build a task management API"
cto-architect:
1. Designs architecture (FastAPI + PostgreSQL)
2. Delegates API implementation β fastapi-expert
3. Delegates testing β python-testing-expert
4. Delegates CI/CD β devops-expert
5. Reviews integration
6. Ensures quality standards
Documentation Research Enforcement
Technical specialists MUST research before coding:
django-expert receives task
STEP 1: Research
β WebSearch("Django 5.0 [topic] best practices")
β WebFetch("https://docs.djangoproject.com/...")
β Report findings
STEP 2: Implement
β Follow documented patterns
β Avoid deprecated APIs
β Reference docs in comments
Contributing
- Fork the repository
- Create a feature branch
- Make your changes
- Submit a pull request
License
MIT License - see LICENSE file for details.
Credits
Based on claude-blueprint CLI tool.
Inspired by: