Add Maestro: Costguard to Tools & Integrations

[mbanderas]

Plugin

Maestro: Costguard — a read-only cost auditor for Codex that flags CI/cron and cloud-spend waste via read-only provider checks, then previews and applies surgical CI workflow fixes locally (never writes to provider accounts, never pushes git).

• Repo: https://github.com/mbanderas/costguard
• npm: @costguard/costguard-mcp
• Category: Tools & Integrations

Scanner gate

HOL Plugin Scanner runs in the plugin repo's CI and passes on master (score ≥ 80/130, no high/critical findings):

• Passing run: https://github.com/mbanderas/costguard/actions/runs/27758753117
• Workflow: .github/workflows/hol-plugin-scanner.yml

What's in this PR

• README.md entry under Tools & Integrations (alphabetical).
• Plugin bundle under plugins/mbanderas/costguard/ (manifest, icon, skill, README).
• Entries in plugins.json and .agents/plugins/marketplace.json.
• Drive-by: fixed two pre-existing alphabetical-order inversions in README.md (GrayMatter / Generative Media Skills; ScrapeGraph AI / Rust Reverse Engineering) so the alphabetical-check passes.

The repo satisfies the required files: .codex-plugin/plugin.json (+ composerIcon), SECURITY.md, LICENSE (MIT), README.md, lockfile, SHA-pinned Actions, and Dependabot.

🤖 Generated with Claude Code

[gemini-code-assist]

Code Review

This pull request introduces the 'Maestro: Costguard' plugin, which audits CI/cron and cloud-spend waste. The changes include adding the plugin to the marketplace, updating the README, and adding the plugin's configuration, manifest, and skill documentation. The review feedback highlights a typo in the documentation referring to 'playwright' as 'playwriter' and points out an inconsistency between the '--pr' and '--open-pr' command-line flags.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

[gemini-code-assist]

The term playwriter is used multiple times in this section. This appears to be a typo for playwright (the browser automation library by Microsoft and its corresponding MCP server). Please correct the spelling to ensure proper referencing of the tool.

`--live` **extends** the read-only posture above: it adds **browser-driven reads
over your already-logged-in session**, performed by the **playwright** MCP server
under the agent's orchestration. This is a genuine posture change and is treated
as one — **off by default, opt-in, and consent-gated.** costguard's own tools
still never drive a browser and never see credentials: `plan_live_checks` only
emits a **read-only** snippet (navigation + reading rendered billing figures — no
clicks, typing, form submits, credential replay, cookies, localStorage,
sessionStorage, or screenshots), and `ingest_live_reading` only parses the
returned figure. The browser action is performed by playwright, authorized by you.

**API-first / browser-fallback:** `plan_live_checks` is API-first when a provider
module exists and its API token resolves from the environment (a deterministic
env-NAME check, no network probe) — in that case prefer `audit_workspace`. Only
when there is no usable API token does it fall back to a browser playbook.

**Three consent gates (all required):** (1) the host's MCP tool-call consent;
(2) costguard's own per-run confirmation — `plan_live_checks` returns a
`consentNotice` the agent MUST surface, and emits the actionable snippet only when
called with `confirmLive:true`; (3) playwright's own consent before it executes.

**Graceful degrade:** if playwright is not connected, the agent cannot run the
snippet; `ingest_live_reading` returns a `kind:"diagnostic"` Finding (excluded
from cost totals) and the audit never blocks.

[gemini-code-assist]

There is a discrepancy between the command listed above (--pr on line 84) and the description here which references --open-pr. Please ensure the flag name is consistent, or clarify if --open-pr is a separate, distinct flag.