IDE Support¶
Devran AI Kit provides two layers of cross-IDE support:
- Governance configs — IDE-specific rule/config files generated from
manifest.json - Slash command bridges — IDE-native
/command files that route to.agent/workflows/*.md
Both are generated automatically by kit init and regenerated by kit update.
Governance Configs¶
| IDE | Config Path | Format | Generated By |
|---|---|---|---|
| Claude Code | .agent/rules.md | Markdown | Native (no generation needed) |
| Antigravity | .agent/rules.md | Markdown | Native (no generation needed) |
| Cursor | .cursor/rules/kit-governance.mdc | YAML frontmatter + Markdown | kit init |
| OpenCode | .opencode/opencode.json | JSON | kit init |
| Codex | .codex/config.toml | TOML | kit init |
Slash Command Bridges¶
Slash command bridges enable IDE-native / autocomplete for all 25 Kit workflows. Each bridge file is a lightweight stub that tells the AI to read and follow the full workflow from .agent/workflows/.
| IDE | Bridge Location | Extension | Format | Detection |
|---|---|---|---|---|
| Claude Code / Antigravity | .claude/commands/ | .md | YAML frontmatter (description) | Always generated |
| Cursor | .cursor/commands/ | .md | Plain markdown (no frontmatter) | Auto-detected when .cursor/ exists |
| OpenCode | .opencode/commands/ | .md | YAML frontmatter + $ARGUMENTS | Auto-detected when .opencode/ exists |
| VS Code Copilot | .github/prompts/ | .prompt.md | YAML frontmatter + mode: "agent" | Explicit opt-in only |
| Windsurf | .windsurf/workflows/ | .md | Title + numbered steps | Auto-detected when .windsurf/ exists |
IDE Auto-Detection¶
kit init scans the project directory for IDE-specific folders and generates bridges only for detected IDEs. Claude Code bridges are always generated (Kit's primary ecosystem).
VS Code Copilot requires explicit opt-in (--ide vscode) because .github/prompts/ is a shared, version-controlled directory that may already contain user prompt files.
Override Detection¶
# Generate for specific IDEs
kit init --ide claude,cursor
# Generate for all supported IDEs
kit init --ide all
# Skip bridge generation entirely
kit init --skip-commands
Provenance Protection¶
Every generated bridge file starts with a provenance header:
This header enables: - Safe overwrite — kit update only overwrites files with this header, never user-created commands - Orphan detection — kit verify flags bridge files whose workflow was removed - Version tracking — identifies which Kit version generated the bridge
Local Bridge Files¶
Bridge files are local-only artifacts, auto-regenerated by kit init and kit update. They are not tracked in git.
Worktree Support¶
Kit automatically configures worktree support during kit init:
Claude Code worktrees — A .worktreeinclude file lists .agent/ and bridge directories. Claude Code copies these files automatically when creating worktrees.
Manual worktrees (git worktree add) — A post-checkout git hook copies .agent/ from the main worktree and regenerates bridges. User customizations (decisions, rules, project identity) are preserved.
Both mechanisms are installed automatically. No user configuration needed.
To skip: kit init --skip-worktree
Note: If your project uses Husky or another hook manager that already has a
post-checkouthook, Kit will not overwrite it. You can manually add Kit's worktree setup to your existing hook.
How Bridge Files Work¶
A bridge file for the /plan workflow in Claude Code looks like:
<!-- devran-kit-bridge v5.2.8 -->
---
description: "Create implementation plan. Invokes planner agent for structured task breakdown."
---
Execute the /plan workflow from the Devran AI Kit.
Read and follow the full instructions in .agent/workflows/plan.md.
User request:
When a user types /plan in their IDE, the IDE discovers this file and passes it to the AI agent, which then reads the full workflow from .agent/workflows/plan.md and executes it.
Security¶
Bridge generation includes multiple security hardening measures:
| Protection | Description |
|---|---|
| Name validation | Strict regex /^[a-z0-9][a-z0-9-]{0,63}$/ prevents path traversal |
| YAML sanitization | Descriptions are single-lined, quoted, and length-limited |
| Markdown sanitization | Links and URLs stripped from plain markdown bridges |
| Path traversal prevention | Workflow file paths validated within .agent/ boundary |
| DoS prevention | Manifest items capped at 100 workflows |
| File size limit | Workflow files over 64KB use fallback descriptions |
Verification¶
Run kit verify to check bridge/workflow sync:
The verification checks: - Each workflow in manifest has a corresponding bridge file - Bridge files contain the Kit provenance header - No orphaned bridges (bridge exists but workflow was removed)