Security reminder hook that warns about potential security issues when editing files, including command injection, XSS, and unsafe code patterns
A curated directory of high-quality plugins for Claude Code.
⚠️ Important: Make sure you trust a plugin before installing, updating, or using it. Anthropic does not control what MCP servers, files, or other software are included in plugins and cannot verify that they will work as intended or that they won't change. See each plugin's homepage for more information.
/plugins - Internal plugins developed and maintained by Anthropic/external_plugins - Third-party plugins from partners and the communityPlugins can be installed directly from this marketplace via Claude Code's plugin system.
To install, run /plugin install {plugin-name}@claude-plugin-directory
or browse for the plugin in /plugin > Discover
Internal plugins are developed by Anthropic team members. See /plugins/example-plugin for a reference implementation.
Third-party partners can submit plugins for inclusion in the marketplace. External plugins must meet quality and security standards for approval. To submit a new plugin, use the plugin directory submission form.
Each plugin follows a standard structure:
plugin-name/
├── .claude-plugin/
│ └── plugin.json # Plugin metadata (required)
├── .mcp.json # MCP server configuration (optional)
├── commands/ # Slash commands (optional)
├── agents/ # Agent definitions (optional)
├── skills/ # Skill definitions (optional)
└── README.md # Documentation
For more information on developing Claude Code plugins, see the official documentation.
Modifies files
Hook triggers on file write and edit operations
Based on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
Harness-native ECC operator layer - 61 agents, 246 skills, 76 legacy command shims, reusable hooks, rules, selective install profiles, and production-ready workflows for Claude Code, Codex, OpenCode, Cursor, and related agent harnesses
Security review for Claude-generated code. Pattern-based warnings on edits, LLM-powered diff review on Stop, and an agentic commit reviewer that catches injection, XSS, SSRF, hardcoded secrets, and 25+ other vulnerability classes.
Complete collection of battle-tested Claude Code configs from an Anthropic hackathon winner - agents, skills, hooks, and rules evolved over 10+ months of intensive daily use
Claude Agent SDK Development Plugin
Analyze codebases and recommend tailored Claude Code automations such as hooks, skills, MCP servers, and subagents.
Comprehensive PR review agents specializing in comments, tests, error handling, type design, code quality, and code simplification
Official GitHub MCP server for repository management. Create issues, manage pull requests, review code, search repositories, and interact with GitHub's full API directly from Claude Code.
C/C++ language server (clangd) for code intelligence
npx claudepluginhub p/canadaapollo6-security-guidance-plugins-security-guidanceOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claim