Five plugin packaging failures that pass validation but break after install
Plugin validators only confirm whether a manifest matches an expected schema, but they cannot guarantee a fully functional package once installed. Common silent failures include missing files from npm tarballs, version mismatches between Codex and Claude Code manifests, and broken symlinks that point outside the plugin root after marketplace caching. Marketplace entries can also create identity conflicts when a source path points to a subdirectory whose manifest declares a different plugin name. Agent Skill files lacking proper frontmatter boundaries may appear valid in previews yet fail harness discovery. A new open-source tool called PluginProof was developed to catch these cross-harness packaging issues without executing the plugin, covering manifest consistency, component path integrity, and publish-file coverage.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
Discussion (0)
Log in to join the discussion and vote.
Log in