From 82ec9e13d5bd1b4b647f819d40471253598c460d Mon Sep 17 00:00:00 2001
From: Christian Kaman <Christiank@tekimax.com>
Date: Tue, 14 Apr 2026 10:01:10 -0500
Subject: [PATCH 1/2] catalog: add tekimax-security community extension

Adds a catalog.community.json entry for TEKIMAX Secure SDD
(speckit-security), an Apache-2.0 Spec Kit extension that layers
six security gates onto the spec-driven development lifecycle:
STRIDE threat modeling, AI guardrails, data contracts, model
governance, red teaming, and a post-implementation audit for
inline prompts, committed secrets, and direct SDK imports outside
the AI gateway.

Provides 8 slash commands and wires into 5 Spec Kit phase hooks
(after_specify, after_plan, before_implement, after_implement,
before_analyze).

Repository: https://github.com/TEKIMAX/speckit-security
Docs:       https://speckit.tekimax.com
Release:    v0.2.5
License:    Apache-2.0

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 extensions/catalog.community.json | 37 ++++++++++++++++++++++++++++++-
 1 file changed, 36 insertions(+), 1 deletion(-)

diff --git a/extensions/catalog.community.json b/extensions/catalog.community.json
index 61731b22d..662effd25 100644
--- a/extensions/catalog.community.json
+++ b/extensions/catalog.community.json
@@ -1,6 +1,6 @@
 {
   "schema_version": "1.0",
-  "updated_at": "2026-04-13T23:01:30Z",
+  "updated_at": "2026-04-14T15:00:00Z",
   "catalog_url": "https://raw.githubusercontent.com/github/spec-kit/main/extensions/catalog.community.json",
   "extensions": {
     "aide": {
@@ -1835,6 +1835,41 @@
       "created_at": "2026-03-02T00:00:00Z",
       "updated_at": "2026-03-02T00:00:00Z"
     },
+    "tekimax-security": {
+      "name": "TEKIMAX Secure SDD",
+      "id": "tekimax-security",
+      "description": "Security-first extension for Spec Kit. Adds STRIDE threat modeling, AI guardrails, data contracts, model governance, red teaming, and six blocking security gates to the spec-driven development lifecycle.",
+      "author": "TEKIMAX",
+      "version": "0.2.5",
+      "download_url": "https://github.com/TEKIMAX/speckit-security/archive/refs/tags/v0.2.5.zip",
+      "repository": "https://github.com/TEKIMAX/speckit-security",
+      "homepage": "https://speckit.tekimax.com",
+      "documentation": "https://speckit.tekimax.com/docs/",
+      "changelog": "https://github.com/TEKIMAX/speckit-security/blob/main/CHANGELOG.md",
+      "license": "Apache-2.0",
+      "requires": {
+        "speckit_version": ">=0.1.0"
+      },
+      "provides": {
+        "commands": 8,
+        "hooks": 5
+      },
+      "tags": [
+        "security",
+        "threat-modeling",
+        "red-team",
+        "guardrails",
+        "ai-safety",
+        "compliance",
+        "stride",
+        "tekimax"
+      ],
+      "verified": false,
+      "downloads": 0,
+      "stars": 0,
+      "created_at": "2026-04-13T00:00:00Z",
+      "updated_at": "2026-04-14T00:00:00Z"
+    },
     "tinyspec": {
       "name": "TinySpec",
       "id": "tinyspec",

From 78472d0a92208f8f193bdbec6249c258513c31b8 Mon Sep 17 00:00:00 2001
From: Christian Kaman <Christiank@tekimax.com>
Date: Tue, 14 Apr 2026 14:11:41 -0500
Subject: [PATCH 2/2] catalog: bump tekimax-security to v0.2.6

v0.2.6 adds a grounded docs chat (Ask AI) at
speckit.tekimax.com/chat powered by Llama 3.3 70B on Cloudflare
Workers AI, plus a native Cloudflare Workers rate limiter on
the chat endpoint (20 req/60s per IP, no external services).

v0.2.5 (rolled into this version on the fork) added config
read-back for audit.sh and gate-check.sh so user entries in
tekimax-security-config.yml actually extend the built-in
secret patterns, inline-prompt patterns, and SDK allowlist
instead of being ignored.

Release: https://github.com/TEKIMAX/speckit-security/releases/tag/v0.2.6

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 extensions/catalog.community.json | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/extensions/catalog.community.json b/extensions/catalog.community.json
index 662effd25..400ba5d31 100644
--- a/extensions/catalog.community.json
+++ b/extensions/catalog.community.json
@@ -1,6 +1,6 @@
 {
   "schema_version": "1.0",
-  "updated_at": "2026-04-14T15:00:00Z",
+  "updated_at": "2026-04-14T17:00:00Z",
   "catalog_url": "https://raw.githubusercontent.com/github/spec-kit/main/extensions/catalog.community.json",
   "extensions": {
     "aide": {
@@ -1840,8 +1840,8 @@
       "id": "tekimax-security",
       "description": "Security-first extension for Spec Kit. Adds STRIDE threat modeling, AI guardrails, data contracts, model governance, red teaming, and six blocking security gates to the spec-driven development lifecycle.",
       "author": "TEKIMAX",
-      "version": "0.2.5",
-      "download_url": "https://github.com/TEKIMAX/speckit-security/archive/refs/tags/v0.2.5.zip",
+      "version": "0.2.6",
+      "download_url": "https://github.com/TEKIMAX/speckit-security/archive/refs/tags/v0.2.6.zip",
       "repository": "https://github.com/TEKIMAX/speckit-security",
       "homepage": "https://speckit.tekimax.com",
       "documentation": "https://speckit.tekimax.com/docs/",
@@ -1868,7 +1868,7 @@
       "downloads": 0,
       "stars": 0,
       "created_at": "2026-04-13T00:00:00Z",
-      "updated_at": "2026-04-14T00:00:00Z"
+      "updated_at": "2026-04-14T17:00:00Z"
     },
     "tinyspec": {
       "name": "TinySpec",