Kiro Plugin · FSL-1.1

Zensu for Kiro

Product Lifecycle Manager for Kiro — one repo that runs on both the Kiro IDE and the Kiro CLI. Enforced TDD, parallel 5-perspective code review, feature tracking — shared across both hosts.

4
agents
zensu orchestrator + plm · code-reviewer · review-aspect
12
slash skills
bootstrap · implement · tdd · security · ghost +7
13
lifecycle hooks
phase-gate · cli-gate · witness · chain-enforcer
0
MCP tools loaded
typed zensu CLI keeps your context lean
Two hosts

One repo. Both Kiro hosts.

Kiro ships as an IDE and a CLI. Zensu serves both from a single repository — the IDE installs it as a Power, the CLI installs via a script — and both converge on the shared ~/.kiro/ surfaces, so each host sees the same skills, agents, and steering.

Kiro IDE

Install as a Power

advisory tier

Packaged as a Kiro Power

  • Powers panel → Add power from GitHub
  • Drives the typed zensu CLI (zensu auth login)
  • Skills + subagents via one install.sh run
  • Gates are steering-driven (advisory)
Kiro CLI

Install via install.sh

enforced tier

No native plugin system — script install

  • bash install.sh — idempotent, sha256 manifest
  • kiro-cli agent set-default zensu
  • Hard TDD phase-gate + CLI write-gate
  • Stop chain-enforcer refuses early exit
Install

Pick your host. Same plugin.

The plugin drives the typed zensu CLI; OAuth opens in the browser on first use (zensu auth login) — no API key needed unless you're in CI. install.sh is idempotent: a sha256 manifest, never stomps files you edited, and merges into the shared ~/.kiro/ surfaces without touching other config.

Enforced gates

Kiro CLI

No native plugin system — install via the script. Set the gate-armed zensu agent as the default for every session.

# Clone, install, arm the agent
git clone https://github.com/MKITConsulting/zensu-kiro
cd zensu-kiro && bash install.sh
kiro-cli agent set-default zensu

Kiro IDE (Power)

Powers panel → Add power from GitHub (or Local Path). It drops the skills + subagents into ~/.kiro/; one onboarding run wires them in.

# From the Power checkout directory
bash install.sh --scope user --no-default

For CI / headless agents

OAuth isn't available in CI. Authenticate the zensu CLI with an API key, then run the agent non-interactively with all tools trusted.

# GitHub Actions, GitLab CI, etc. — auth the zensu CLI, then run Kiro
echo "$ZENSU_API_KEY" | zensu auth login --with-token -
kiro-cli chat --no-interactive --agent zensu \
  --trust-all-tools "<prompt>"
What's inside

Inside the install.

Agents plan. Skills act. Hooks chain the workflow without manual handoff — and the whole tier is shared by the IDE and the CLI.

4 agents

zensu is the default orchestrator — it carries every hook. zensu-plm runs the lifecycle (CLI-gate-exempt by design). zensu-review-aspect runs the 5 review perspectives in parallel, read-only; zensu-code-reviewer consolidates them: conventions, bugs, architecture, tests, security.

12 slash skills

/zensu-bootstrap · /zensu-ghost-scan · /zensu-implement · /zensu-tdd · /zensu-plan-review · /zensu-pr-team-review · /zensu-pr-fix-findings · /zensu-security-review · /zensu-self-review · /zensu-reset-review-limit · /zensu-pulse · /zensu-help

13 lifecycle hooks

Wired inside the zensu agent config: TDD phase-gate, CLI write-gate, shell witness, review delegate, stop chain-enforcer, intent router, TDD reminder, context nudge, plus banner/primer/pulse/sid on agent spawn.

Typed zensu CLI

Feature CRUD, security analysis, tier matrix, user journeys, roadmaps, ghost scans, bootstrap, wiki, knowledge search, source-file linking — typed zensu commands the skills drive, no MCP tool surface loaded into your session.

Privacy-first pulse

Pulse logs tool usage and feature context — never code content. Toggle it off in ~/.zensu/config.json.

Self-hostable

Point the zensu CLI at your own endpoint with ZENSU_API_URL (or --api-url) to keep all data on your infrastructure. Works without a Zensu account at all.

Source-available

FSL-1.1-Apache-2.0. Use it for any Permitted Purpose — internal, commercial, forks, client work — and each release converts to Apache 2.0 after two years. Source on GitHub; no license server, no telemetry beyond the Zensu API you configure.

Token economy

Specialized agents. Lean sessions.

Every Zensu agent works in its own context, not yours. zensu-plm drives the typed zensu CLI and lifecycle conventions so your session never loads them, then hands back a one-line summary. When the review chain fires, read-only review-aspect agents spawn via Kiro's subagent tool — each loads one checklist (conventions, bugs, architecture, tests, security) and nothing else. Kiro caps concurrency at four, so the five-aspect fan-out queues the fifth; each returns just its findings and the main thread merges them. Many expert perspectives, one merged report, your token budget intact.

Context-compaction nudge

A userPromptSubmit hook watches context usage and, once it crosses a threshold (default 50%), nudges the main thread to compact — fail-open, and it never compacts itself. Tune or disable via the context config node. On the CLI the payload is fully wired; in the IDE it is present but inert.

Workflows

Four paths through the lifecycle.

Slash commands compose. Hooks chain them. You ship faster because the handoff is automated.

New product

From idea to release

Bootstrap, plan, hand off — five strict steps.

  1. Bootstrap

    Vision → product, features, journeys, security profiles.

    /zensu-bootstrap
  2. Implement

    Load context, plan, hand off.

    /zensu-implement ZEN-001
  3. TDD on edit

    A per-turn userPromptSubmit reminder asks before editing; /zensu-tdd runs RED → IMPL → GREEN in the main thread.

    /zensu-tddhook
  4. Review auto-runs

    Implementation done → review-aspect fan-out, merged by zensu-code-reviewer.

    review-aspect ×5zensu-code-reviewer
  5. Release gate

    STRIDE threat model + security checks.

    /zensu-security-review
Existing codebase

Adopt incrementally

Ghost-scan, classify, fill gaps without a rewrite.

  1. Ghost-scan

    Discover features, journeys & docs via multi-agent fan-out.

    /zensu-ghost-scan
  2. Review candidates

    Batch approve, filter by component.

    ghost_batch_review
  3. Security baseline

    Classify, tag OWASP/compliance.

    /zensu-security-review
  4. Fill test gaps

    TDD over untested features.

    /zensu-tdd
Quick feature

One ticket, full guardrails

TDD plus 5-perspective review on a single feature.

  1. Implement

    Context-aware, no full bootstrap.

    /zensu-implement ZEN-042/zensu-tdd
  2. Auto-review

    Hooks trigger zensu-code-reviewer.

    zensu-code-reviewerhook
Code + a plan

Reconcile both

Existing code plus a forward plan — scan what's built, plan the rest.

  1. Ghost-scan

    Discover what's already built — features, journeys & docs.

    /zensu-ghost-scan
  2. Plan the rest

    Add the plan's not-yet-built items as planned features.

    create_featurestatus=planned
  3. Implement from there

    Build out the planned features under TDD + review.

    /zensu-implement/zensu-tdd
Why this plugin is different

TDD that can't be skipped.

/zensu-tdd runs the full RED → IMPL → GREEN cycle in the main thread. While a session is armed, a preToolUse phase-gate denies every write that violates the FSM — production code before a failing test exits 2 via kiro-shim.sh and the reason goes straight back to the model. A stop chain-enforcer then refuses to end the turn until the review chain and /zensu-self-review have run. On the Kiro CLI these gates are hard-enforced; in the IDE they are advisory steering.

Fidelity

Claude Code parity, host-aware.

A faithful port of the Claude Code plugin — but Kiro's two hosts have different capabilities. The hard gates are CLI-tier; in the IDE the same disciplines run as advisory steering until IDE pre-tool-use blocking is verified. Here's exactly where each mechanism lands.

Skills Agent Skills standard, same dirs
Full
Full
Subagents subagent tool · .kiro/agents
Full
Full
TDD phase-gate preToolUse deny, exit 2
Full
Advisory
CLI write-gate shell/execute_bash matcher
Full
Advisory
Stop enforcement chain-enforcer blocks early exit
Full
n/a
Plan-approval ask per-turn reminder (no ExitPlanMode)
Degraded
Degraded

Verified against kiro-cli 2.6.1, including a full live RED→IMPL→GREEN run. See the full matrix on GitHub →

Configurable

Agentic loop. Your control.

Every layer of the chain is opt-out, gated, or capped via ~/.zensu/config.json — the same schema shared with the Claude Code and Codex ports. For a quick kill switch, environment variables override the config at runtime.

Env escape hatches

Disable a single gate without editing config:

ZENSU_TDD_GATE=off
ZENSU_MCP_GATE=off
ZENSU_CHAIN=off
ZENSU_TEST_WITNESS=off

Windows & updates

Kiro CLI is Windows-native; the hooks are bash, so run install.ps1 (it locates Git Bash). Without bash the skills, agents, and the zensu CLI still work — only the hook tier is inactive. To update, re-run install.sh on the CLI or refresh the Power in the IDE.

Install the plugin. Ship the feature.

FSL-1.1-Apache-2.0, source-available. Runs on both Kiro hosts, works without a Zensu account — and auto-links artifacts when connected.