Microsoft 365 administration and identity. Bundles native M365 management (users, mailboxes, Teams, OneDrive, licensing, security posture), Microsoft Graph and Entra reporting, and CIPP multi-tenant management (tenant health, standards drift, secure score, offboarding).
Audit MFA enrollment across all M365 users, highlighting accounts with no MFA
Run the complete CIPP M365 offboarding workflow for a departing user - capture audit state, revoke access, handle mailbox, reclaim licenses
Generate a portfolio-wide M365 security posture report - Secure Score equivalents, MFA enrollment, conditional access coverage, and domain authentication across all managed tenants
Find tenants that have drifted from the MSP's configured CIPP standards baseline - missing standards, standards in Report-only mode, recent compliance failures
Quick health snapshot for a single tenant - BPA failures, conditional access enforcement, MFA gaps, domain authentication, standards compliance
Use this agent when an MSP technician, service-desk analyst, account manager, or vCISO needs to answer questions about a client's Microsoft Entra (Azure AD) identity and directory data - user and license counts, MFA registration gaps, guest inventory, inactive accounts, app inventory, directory roles, sign-in activity. Trigger for identity reporting, QBR prep, helpdesk lookups, onboarding directory snapshots, and identity hygiene audits. Examples - "How many users does Contoso have?", "Which admins haven't registered MFA?", "List the guest accounts in this tenant", "Are we paying for licenses nobody uses?", "Pull an Entra directory snapshot for the QBR", "Who has Global Administrator in this tenant?"
Use this agent when an MSP needs to perform a comprehensive Microsoft 365 tenant security audit. Trigger for: M365 security audit, MFA gaps, risky users, license waste, over-privileged accounts, suspicious sign-ins, guest user review, conditional access review, mailbox audit. Examples: "audit our client's M365 tenant for security issues", "find all users without MFA in M365", "show me over-privileged accounts and license waste for Contoso"
Use this agent when an MSP needs to audit Microsoft 365 license costs and find savings opportunities across a client tenant. Trigger for: M365 license cost, unused M365 licenses, license rightsizing, disabled account licenses, duplicate M365 licensing, E3 add-on overlap, M365 spend optimization, license waste M365. Examples: "find unused M365 licenses for Contoso", "which users have E3 plus standalone add-ons that are already included", "show me all licenses assigned to disabled accounts"
Use this agent when an MSP security lead, vCISO, or service manager needs to sweep the M365 portfolio for security posture issues - Secure Score regressions, MFA enrollment gaps, conditional access drift, BPA failures, and broken domain authentication. Trigger for portfolio security reviews, monthly client security reports, post-onboarding validation, and incident-driven posture audits. Examples - "Review the security posture across all tenants", "Which clients have MFA gaps?", "Are any tenants drifting from our baseline conditional access?", "Generate a Secure Score report for the QBR", "Did the standards rollout to Acme actually take?"
Use this agent when an MSP technician, dispatcher, or HR-facing operator needs to run a complete M365 user offboarding through CIPP. Coordinates the full sequence - disable, revoke sessions, reset MFA, capture group/device state for audit, set forwarding, set OOO, convert mailbox to shared, and reclaim licenses - with explicit safety checks and a documented audit trail at each step. Trigger for offboarding requests, departures, terminations, contractor end-of-engagement, and shared-mailbox conversions. Examples - "Offboard [email protected]", "Run the full leaver process for the Globex employee leaving Friday", "Convert the contractor's mailbox to shared and forward to her manager", "We had a termination this morning - disable and revoke immediately, full offboard tomorrow"
Reference for Microsoft Graph API fundamentals: authentication and token scopes, OData operators ($select/$filter/$search), pagination via @odata.nextLink, delta queries, throttling and Retry-After, and $batch requests. Use when constructing any M365/Graph API call, choosing filter syntax, handling 429 throttling, or debugging a Graph error code.
Use this skill when working with Microsoft 365 calendars - viewing events, finding free/busy times, creating meetings, managing room bookings, or checking a user's schedule. Covers Exchange calendar via Microsoft Graph for MSP support of customer scheduling needs.
Use this skill when working with CIPP alerts and audit logs - reviewing the queued alert backlog across tenants, investigating sign-in or admin activity in audit logs, correlating alerts with tenants. Read-only triage surface for the CIPP alerting subsystem.
Use this skill when listing or creating M365 groups in CIPP - security groups, distribution lists, M365 groups, mail-enabled security groups. Covers tenant-scoped group enumeration and creation as part of user onboarding or access-management workflows.
Use this skill when working with M365 license assignments and CSP license inventory through CIPP - listing license usage per tenant, identifying unused licenses, surfacing license SKUs available for assignment, and reviewing CSP-level license commitments. Drives license-rightsizing reports for MSP billing reviews.
Admin access level
Server config contains admin-level keywords
Requires secrets
Needs API keys or credentials to function
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
This plugin requires configuration values that are prompted when the plugin is enabled. Sensitive values are stored in your system keychain.
cipp_api_keyLegacy static bearer token. Use this OR the OAuth trio below.
${user_config.cipp_api_key}cipp_base_urlURL of your deployed CIPP Azure Function (required for the CIPP connector). Leave blank to disable CIPP.
${user_config.cipp_base_url}cipp_client_idApp registration client ID for modern CIPP OAuth2 auth.
${user_config.cipp_client_id}cipp_tenant_idEntra tenant ID for modern CIPP OAuth2 auth.
${user_config.cipp_tenant_id}cipp_client_secretApp registration client secret for modern CIPP OAuth2 auth.
${user_config.cipp_client_secret}Uses power tools
Uses Bash, Write, or Edit tools
Uses power tools
Uses Bash, Write, or Edit tools
A Claude Code plugin marketplace and monorepo: twelve domain-cluster plugins covering
MSP IT operations, security and compliance, Microsoft 365, HR/payroll, finance,
engineering, design, data, customer support, product management, and productivity,
plus the atlas multi-agent coding architect. Each vendor connector is bundled into
the business domain plugin it serves rather than shipped standalone (.claude-plugin/marketplace.json:4).
Plugins are published from the w159/tech-tools repository through the marketplace
manifest at .claude-plugin/marketplace.json. In Claude Code, add the marketplace with
the /plugin command, then install the plugins you need, for example it-operations,
security-compliance, or microsoft-365 (plugins/README.md:24).
Kimi Code CLI users can browse the same catalog from the repo root with
/plugins marketplace .kimi-plugin/marketplace.json, then install the plugins you need.
A single plugin can also be installed directly with /plugins install ./plugins/<name>
run from the repo root. Kimi Code CLI's current installer does not support remote GitHub
subpath installs, so distributing from this monorepo requires a local clone or per-plugin
zip artifacts (plugins/README.md:26).
Vendor-backed plugins (it-operations, security-compliance, microsoft-365,
hr-payroll, finance) need API credentials for their connectors. Credential keys live
in .env.template at the repo root; copy it to .env and fill in the values for the
vendors you use. Skill-only plugins (engineering, data, design,
product-management, customer-support, productivity, atlas) run without external
credentials (plugins/README.md:28).
| Plugin | What it does | Key vendors |
|---|---|---|
atlas | Self-configuring multi-agent coding architect: research-to-verify methodology, a subagent squad, automation hooks, and verification-gated /atlas-* launcher commands. | none |
it-operations | MSP IT operations across RMM, PSA, networking, and backup, plus change management, risk, and vendor-management skills. | NinjaOne, ConnectWise Manage, Auvik, Kaseya Spanning |
security-compliance | Security and compliance operations: audit readiness, evidence-gap tracking, risk heatmaps, approval triage. | Vanta, KnowBe4, ThreatLocker, Blumira |
microsoft-365 | Microsoft 365 administration and identity: users, mailboxes, Teams, OneDrive, licensing, security posture, multi-tenant management. | CIPP, Microsoft Graph / Entra |
hr-payroll | HR and payroll operations: roster snapshots, new-hire flow, pay-rate and deduction/tax audits, plus compensation and people-analytics skills. | Paylocity |
finance | Finance and revenue operations: proposals, contracts, licensing, invoicing, financial close, reconciliation, variance, SOX audit. | PandaDoc, Pax8 |
engineering | Code review, system design, incident response, testing strategy, tech-debt management, Cowork plugin authoring. | none |
data | Explore datasets, write SQL, validate data quality, build visualizations, generate interactive dashboards. | none |
design | Accessibility review, design critique, design-system management, UX copy, user-research synthesis. | none |
product-management | Feature specs, roadmap planning, user-research synthesis, stakeholder updates, competitive landscape. | none |
customer-support | Ticket triage, response drafting, question research, escalation management, knowledge-base articles. | none |
productivity | Memory and task tracking, enterprise search, PDF viewing/form-filling/signing, brand-voice enforcement, nudge reminders. | none |
Source: .claude-plugin/marketplace.json:10-237 and plugins/README.md:7-20.
atlas is the multi-agent coding architect in this repo. Typing /atlas boots and
configures a project: it verifies or installs claude-mem and context-mode, scans the
stack to recommend skills, plugins, and MCP connectors, confirms hooks are wired, and
seeds docs/ as the single source of truth. From there, work runs through the
/atlas-* command launchers and the atlas:<role> subagent squad under an
evidence-before-done operating contract. Atlas ships no vendor MCP connectors itself;
the ten vendor connectors live in the four domain plugins listed below, and the
atlas-harbor skill guides setup across them. See plugins/atlas/README.md for the
full skill, agent, and hook inventory.
Ten vendor connectors are single-sourced into the domain plugin that owns them
(plugins/README.md:10-13, plugins/atlas/README.md:21):
it-operations: NinjaOne, ConnectWise Manage, Auvik, Kaseya Spanningsecurity-compliance: Vanta, KnowBe4, ThreatLocker, Blumiramicrosoft-365: CIPPhr-payroll: Paylocitynpx claudepluginhub p/henssler-financial-microsoft-365-plugins-microsoft-365Triage tickets, draft responses, research customer questions, manage escalations, and build knowledge-base articles for support teams.
Software engineering skills: code review, system design, incident response, testing strategy, and tech-debt management, plus Cowork plugin authoring and customization tooling.
Self-configuring multi-agent coding architect. Boots on /atlas and SessionStart: an agent squad, hooks, and verification-gated /atlas-* launchers driven by the atlas-engine method (evidence before any done claim). Integrates claude-mem and context-mode; recommends project tooling.
MSP IT operations across RMM, PSA, networking, and backup. Bundles NinjaOne (RMM), ConnectWise PSA (tickets, time, agreements), Auvik (network monitoring), and Kaseya Spanning (M365/Google backup), plus core operations skills: change management, process optimization, resource planning, risk assessment, compliance tracking, and vendor management.
Review accessibility, critique designs, manage design systems, write UX copy, and synthesize user research for product and design teams.
The most comprehensive Claude Code plugin — 48 agents, 184 skills, 79 legacy command shims, selective install profiles, and production-ready hooks for TDD, security scanning, code review, and continuous learning
Upstash Context7 MCP server for up-to-date documentation lookup. Pull version-specific documentation and code examples directly from source repositories into your LLM context.
Consult multiple AI coding agents (Gemini, OpenAI, Grok, Perplexity, plus codex, antigravity, and grok CLIs when installed) to get diverse perspectives on coding problems
Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.
Complete creative writing suite with 10 specialized agents covering the full writing process: research gathering, character development, story architecture, world-building, dialogue coaching, editing/review, outlining, content strategy, believability auditing, and prose style/voice analysis. Includes genre-specific guides, templates, and quality checklists.
Comprehensive startup business analysis with market sizing (TAM/SAM/SOM), financial modeling, team planning, and strategic research