LisaOS Docs
Integrations

Plugins

Bundled capability packs for the local shell — frontend, workflow, security, and their own skills.

Plugins are bundled capability packs installed into the local shell. Unlike a single skill, a plugin can ship several skills, tool bindings, and hooks together as a unit. LisaOS runs eleven enabled plugins.

The enabled set

PluginPurpose
Frontend designProduction-grade frontend implementation
Issue trackerProject-management integration
Workflow helpersCode review, test-driven development, and plan-execution workflows
Repository hostRepository and pull-request access
Skill scaffoldingBootstrapping new skills
Web scrapingWeb scraping and search integration
Interactive playgroundsLive HTML playgrounds
Design toolDesign read/write integration
Security guidancePre-tool warnings on dangerous patterns
Static analysisSecurity scanning — static analysis, dependency, and secret detection
Messaging(deprecated — read/send messaging)

Plugin skills are catalogued separately

A plugin's own skills (design-taste helpers, frontend generators, output-formatting rules, and the like) are not counted in the custom-skill tally on the skills overview. They are catalogued as plugin-provided so the custom-skill count stays a clean measure of what the operator's team authored, distinct from what a plugin brought with it.

Security guidance runs at the tool boundary

Two of these plugins are load-bearing for safety rather than capability. The security-guidance plugin issues pre-tool warnings when a call matches a dangerous pattern, and the static-analysis plugin scans changes for vulnerabilities, risky dependencies, and secrets. Both sit at the boundary where the model is about to act, which is where a mistake is cheapest to catch. They complement — they do not replace — the security operations discipline and the clean-code pipeline.

On this page