Skip to main content

Ultra planning: web-sourced skills/tools/permissions bundle for coding agents.

Project description

ultra-plan

ultra-plan is a CLI that produces a reviewable bundle of skills, tools, MCP servers, and permission patches for a task by delegating discovery to a headless agent (Claude Code by default; opencode also supported). The bundle is written to disk; nothing is installed.

WHAT IS IN A BUNDLE

A bundle is a directory under --out (default ./ultra-plan/<slug>/) containing:

bundle.json                 canonical, validated bundle
preflight-settings.json     permissions used during planning (claude)
preflight-config.json       permissions used during planning (opencode)
index.html, app.js, style.css   review UI (served locally)

After you click Confirm in the review UI, the server also writes:

expected-outcome.md         deliverables and success criteria
skills.json                 enabled skills only
tools.json                  enabled tools only
plan.md                     implementation plan
prompt-recommendations.md   instructions for the executing agent

When execute runs, the directory also gains the agent config materialized from the bundle. For Claude that is settings.json (permissions) plus, when any enabled MCP tool carries transport (command/url), mcp-servers.json (passed to Claude via --mcp-config; Claude does not read MCP servers from settings.json). For opencode it is opencode.json (permissions + MCP). execute also downloads enabled skills' bodies into skills/<name>/ so they can be inlined into the prompt (--no-fetch-skills to skip; fetching is restricted to GitHub and runs only after the review gate).

INSTALLING

pip install -e .

Requires Python 3.10+. The claude CLI (or opencode) must be on $PATH for live runs.

USING IT

ultra-plan "<task>" [flags]
ultra-plan run "<task>" [flags]
ultra-plan review <dir>
ultra-plan fetch-skills <dir>
ultra-plan execute <dir> [flags]

run plans a task: it invokes the agent headless, validates the resulting bundle against JSON schemas, starts a local review server, and opens a browser. On confirm the final bundle is persisted to --out.

review re-opens the review UI for an existing bundle directory.

fetch-skills downloads enabled skills' bodies from their GitHub source_url into <dir>/skills/<name>/ so they can be inlined at execute time. execute runs this automatically; the standalone command is for preparing a bundle ahead of time (or with --force to re-fetch).

execute reads bundle.json, materializes agent config into the bundle directory, builds an execution prompt from the plan, prompt recommendations, expected outcome, and original task, and launches the configured agent. By default execute is interactive; --headless runs non-interactively with JSON output.

For the full flag list run ultra-plan <command> --help.

SECURITY

The planning agent runs against attacker-controlled web content (search results, fetched pages, MCP registries), so the preflight run is hardened against prompt injection:

  • The agent subprocess inherits only a small allowlist of environment variables; tokens, API keys, and AWS_*/GITHUB_* secrets are dropped.
  • The materialized settings.json denies Read, Write, Edit, NotebookEdit, and Bash regardless of any --allowedTools passed in.
  • WebFetch denies file://, http://localhost, http://127.0.0.1, and http://169.254.169.254 (cloud metadata).
  • Prompts are piped via stdin, so leading - cannot be parsed as a flag.
  • The agent runs in a fresh temp cwd containing only settings.json.
  • The preflight permissions are persisted to the bundle directory as preflight-settings.json (claude) or preflight-config.json (opencode) for transparency and audit purposes.

These protections apply to run only. execute runs with the tools and permissions you confirmed in the review UI — review them before executing.

See src/ultra_plan/agents/_env.py for the environment allowlist.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ultra_plan-0.3.3.tar.gz (79.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ultra_plan-0.3.3-py3-none-any.whl (58.3 kB view details)

Uploaded Python 3

File details

Details for the file ultra_plan-0.3.3.tar.gz.

File metadata

  • Download URL: ultra_plan-0.3.3.tar.gz
  • Upload date:
  • Size: 79.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for ultra_plan-0.3.3.tar.gz
Algorithm Hash digest
SHA256 e39997117b197ce63669f26a3d350eeaa575c41560ef096ec70d8b0d29ce2dd5
MD5 fd7e5f65c0011750db1d7ed6a99c6d76
BLAKE2b-256 8fc30922f40927d92c4873f10243772826f76061fbf834f56ba283628b5d1f78

See more details on using hashes here.

Provenance

The following attestation bundles were made for ultra_plan-0.3.3.tar.gz:

Publisher: release.yml on avrilfanomar/ultra-planning

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ultra_plan-0.3.3-py3-none-any.whl.

File metadata

  • Download URL: ultra_plan-0.3.3-py3-none-any.whl
  • Upload date:
  • Size: 58.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for ultra_plan-0.3.3-py3-none-any.whl
Algorithm Hash digest
SHA256 f3bf82d8792b22bc0be216c88206d6bedcb6523b51cf56a53cbcf90d96d95c75
MD5 22e15e530b2280a85e0928a928278e70
BLAKE2b-256 2546e547d1f8b8049194db062463d2a074c8d9992e64c069422197d43b518512

See more details on using hashes here.

Provenance

The following attestation bundles were made for ultra_plan-0.3.3-py3-none-any.whl:

Publisher: release.yml on avrilfanomar/ultra-planning

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page