Code Quality plugins

Enforce a structured TDD workflow with parallel task execution, isolated git worktrees, and systematic code review. Guides root cause investigation before fixes, verifies tests and linters pass before claiming completion, and dispatches subagents for independent tasks like fixing multiple test failures simultaneously.

Turn Claude Code into a multi-agent engineering platform with 542 skills, 184 commands, and 134 agents for end-to-end feature development, code review, build fixing, testing, security auditing, and deployment across 40+ languages and frameworks.

Reduces common LLM coding mistakes by enforcing behavioral guidelines for simplicity, surgical changes, assumption surfacing, and verifiable success criteria

Enforces YAGNI-driven development by auditing codebases for over-engineering, dead code, and unnecessary abstractions, and reviewing diffs for complexity, with a configurable mode that biases toward stdlib and minimal solutions.

Equip AI coding agents with production engineering skills to handle full dev lifecycles: refine ideas to specs, implement via TDD slices, run tests/debug, perform multi-axis code reviews, optimize perf/security, automate CI/CD, and execute ship checklists.

Run comprehensive PR reviews using specialized agents that analyze code quality, test coverage, error handling, type design, comment accuracy, and code simplification, producing a categorized issues summary with action plan.

Scaffold and develop production-ready Python projects with FastAPI, Django, async patterns, type safety, testing, and observability. Includes code generation, linting, profiling, packaging, and deployment guidance.

Audit CLAUDE.md files across repositories by discovering them with find, evaluating quality against rubrics, generating reports, and applying targeted improvements after approval. Capture learnings from Claude Code sessions to propose concise updates to CLAUDE.md or .claude.local.md files with user approval.

Develop full Claude Code plugins end-to-end: plan and generate agents, commands, skills, hooks, and MCP integrations via guided workflows, then validate structure, naming conventions, and component quality with actionable reviews and fixes.

Orchestrate multi-agent teams within Claude Code for parallel code review, hypothesis-driven debugging, and coordinated feature development with task decomposition, file ownership management, and consolidated reporting.

Automatically refines recently modified code for clarity, consistency, and maintainability while preserving functionality, applying project-specific coding standards without over-simplification.

Guides feature development through architectural analysis, codebase exploration, and automated code review, while maintaining project documentation via CLAUDE.md audits, session learnings, and custom skill creation with eval benchmarking.

Automatically generate API docs, user guides, tutorials, and architecture diagrams from code analysis, while also performing code review and security vulnerability detection.

Automate multi-agent code reviews on GitHub pull requests, auditing CLAUDE.md files, detecting bugs, analyzing git history and prior PRs, reviewing code comments, and scoring issues by confidence level to prioritize fixes.

Refactors and modernizes legacy codebases by detecting code smells, SOLID violations, and technical debt, generating prioritized remediation plans with cost estimates, while preserving project context for safe incremental migrations.

Automates end-to-end feature development: explores codebase to map dependencies, patterns, and execution paths; designs architectures with blueprints, data flows, and build sequences; implements code changes; reviews for bugs, security vulnerabilities, and quality issues using high-confidence filtering.

Generate production-ready stateful CLI harnesses for GUI applications from local paths or GitHub repos, implementing Click CLI with REPL/JSON support, pytest unit/E2E tests, and docs. List installed harnesses, refine coverage gaps, run tests to verify functionality, and validate against standards.

Automate technical debt reduction, dependency updates, and code refactoring by scanning for vulnerabilities and code smells, generating prioritized remediation plans, and leveraging AI-powered test automation and code review.

Run multi-perspective code reviews across architecture, security, performance, and best practices, including git-based PR analysis with specialized agents for vulnerability scanning and architectural integrity.

Scaffold, write, and optimize systems-level code in Rust, Go, C, and C++ with agents and skills for memory safety, concurrency (goroutines, Tokio async), and production project setup

Delegate expert-level code reviews, security audits, penetration tests, QA automation, accessibility compliance checks, performance optimizations, chaos engineering, and compliance validations to specialized sub-agents across codebases, infrastructure, and systems.

Run PluginEval certification pipeline on Claude plugins or skills to compute quality scores, badges (Platinum/Gold/Silver/Bronze), dimension breakdowns, anti-patterns, and recommendations via static analysis and LLM judging across 10 criteria including triggering, orchestration, and output quality. Compare skills head-to-head or evaluate directories for actionable insights.

Enforce strict red-green-refactor TDD cycles: generate failing tests, implement minimal passing code, then refactor while keeping tests green. Includes AI-powered code review for security and quality.

Implement a complete QA and testing workflow: set up A/B tests with hard gates, automate browser testing with Playwright/Puppeteer, enforce code review checklists and TDD, debug systematically, and fix failing tests using pytest patterns.

Orchestrate swarms of specialized AI agents to automate end-to-end software development: plan features, implement code with Rails/Python/TS patterns, conduct multi-perspective reviews for architecture/security/performance, resolve todos/PR feedback in parallel, run browser/iOS tests, sync Figma designs, generate docs/videos, and ship PRs.

Automate Git workflows by cleaning up gone remote branches and worktrees, intelligently staging changes with generated commit messages, and creating new feature branches with pushes and GitHub PRs via simple commands.

Enforce code quality and security checks after every change, automate git commits and pushes with conventional messages, generate structured task checklists, guide incremental refactoring, and apply systematic debugging—all within Claude Code.

Manage Python projects via structured tracks for features, bugs, refactors: initialize context artifacts like product.md and tech-stack.md, create detailed specs and phased plans, implement tasks with strict TDD workflow using pytest coverage and git commits, monitor status, revert commits, and validate artifacts for consistency.

Delegate code review, investigation, and complex coding tasks to OpenAI's Codex within Claude Code, with support for adversarial reviews, background job management, and readiness checks.

Write systems-level code in C++, Go, and Rust with idiomatic patterns, concurrency, memory safety, and performance profiling for production-ready services, CLIs, and libraries.

Apply the BMad structured methodology to software projects: orient within the workflow, generate specs from rough input, brainstorm, critique reasoning, review prose and diffs, split docs, index folders, and run adversarial edge-case analysis — all through agent-driven skills.

Blocks or modifies file edits that violate structural constraints, enforcing security boundaries to prevent command injection, XSS, and unsafe code patterns

Prevents unwanted behaviors in Claude Code by creating, managing, and toggling rules based on conversation patterns, regex, and multi-condition checks for bash commands, file edits, prompts, and stop events.

Scaffold new Claude Agent SDK apps in TypeScript or Python by interactively gathering requirements, installing dependencies, and configuring projects. Verify apps post-creation or changes for SDK best practices, code quality, security, type safety, documentation, and deployment readiness.

Automates equity research workflows: reads earnings transcripts and filings, updates financial models with new data, generates professional post-earnings reports with variance analysis, and drafts morning meeting notes — all without live Excel, using Python/openpyxl for .xlsx output.

Trace execution flows, analyze blast radius, and search codebases using a knowledge graph. Index Git repos, trace bugs through function callers/callees, assess code change impact, review pull requests with risk detection, and safely refactor with dry-run previews.

Automate general ledger to subledger reconciliation: detect breaks, trace root cause to originating journal entries, classify break causes, and route exception reports for sign-off. Also audits spreadsheets for financial model errors and integrity.

Orchestrate multi-LLM workflows across providers (Claude, Gemini, Codex, Copilot) for the full software lifecycle — research, architecture, implementation, code review, security audit, testing, and delivery — using structured Double Diamond phases and autonomous agents.

Integrate semantic code analysis into your IDE via LSP for intelligent code understanding, refactoring suggestions, and seamless codebase navigation, powered by a remote MCP server.

Turns any Claude conversation into a persistent, self-organizing Obsidian wiki vault with hybrid retrieval, methodology-based filing (LYT/PARA/Zettelkasten/Generic), automated research loops, canvas management, pre-commit auditing, and health checks — enabling compounding knowledge that survives across sessions and projects.

Enable Claude Code to autonomously curate its memory, promote proven patterns to permanent CLAUDE.md rules, and extract reusable skills from recurring solutions, improving code quality and automation over time.

Design and audit production-grade UIs with a craft-first workflow: define design tokens, spacing, depth, and patterns; extract a design system from existing code; audit against that system; detect and strip AI-generated visual slop; and run a strict multi-pass review for approval.

Generate self-contained HTML visual explainers for code diff reviews, implementation plans, slide decks, diagrams, and project recaps — with factual verification against git history and one-click deployment to Vercel.

Run autonomous Claude-powered iteration loops that modify code, verify against metrics, and refine until success, automating debugging, bug fixes, security audits, documentation generation, task planning, issue prediction, adversarial reasoning, test scenario creation, and multi-phase project shipping.

Spawn parallel AI subagents in isolated git worktrees to compete on tasks like code optimization, refactoring, test writing, or bug fixing. Evaluate results using pytest metrics or LLM judging on git diffs, rank agents, and merge the top performer into your base branch.

Run CodeQL and Semgrep to scan multi-language codebases (Python, JavaScript/TS, Go, Java, C#, Ruby, Rust) for security vulnerabilities via taint tracking and pattern matching. Parse, deduplicate, and aggregate SARIF outputs from scans, then integrate findings into CI/CD pipelines using GitHub Actions or bash scripts.

Perform AI-powered code reviews on GitHub and GitLab pull requests by connecting to Greptile API. View and resolve review comments directly within Claude Code. Query indexed repositories for code search, codebase Q&A, and context retrieval to accelerate development workflows.

Look up Python code examples and enforce Pythonic style — fetch syntax, concurrency, ML, and HPC references from pythonsheets.com while writing, debugging, or optimizing code, and get linting guidance for readable, idiomatic Python.

Mark up and refine AI-generated plans interactively in a UI, annotate markdown files, messages, and git changes for review, share for team collaboration, browse plan archives, and automate workflows with plan mode hooks.

Audit a codebase to identify bugs, performance issues, tech debt, and recommended next steps, then generate prioritized implementation plans that other agents can execute, optionally delegating work to cheaper models and reviewing results — without ever editing code.

Audit smart contracts for vulnerabilities across Cosmos, Solana, Polkadot, TON, Algorand, and StarkNet blockchains using specialized scanners. Assess codebase maturity with scorecards, prepare for professional audits via static analysis and test improvements, analyze token integrations for ERC standards and risks, and apply Trail of Bits guidelines for architecture reviews and secure workflows.

Review SwiftUI code to enforce best practices, modern APIs, maintainability, performance, accessibility, and Swift conventions during reading, writing, or reviewing iOS projects, ensuring high-quality mobile apps.

Build multi-language code graphs to map call graphs, attack surfaces, blast radius, taint propagation, privilege boundaries, and complexity hotspots for security audits. Visualize architecture with Mermaid diagrams, compare snapshots across git commits for evolution analysis, triage mutation testing survivors, generate crypto test vectors, diagram protocols, and project SARIF findings onto graphs.

Analyze local and remote GitHub repositories using Repomix CLI to explore code structure, search for patterns, and answer questions about components, architecture, and content.

Migrate Lodash code to es-toolkit in JavaScript and TypeScript projects by replacing imports and comparing APIs to shrink bundle sizes, get function recommendations matching your needs or code with imports examples and docs, and follow tailored setup guides for Node.js Bun Deno and browsers to optimize performance.

Configure and optimize mewt/muton mutation testing campaigns by scoping targets, tuning timeouts, and streamlining long-running tests for Rust, Go, TypeScript, and JavaScript codebases.

Configure, deploy, optimize, troubleshoot, and integrate CodeRabbit AI code reviews across GitHub and GitLab repositories. Automate CI merge gates, cost tuning, security policies, local dev loops, performance monitoring, migrations from other tools, and webhook handling using 24 targeted skills.

Audit codebases with a security agent that scans for vulnerabilities like SQL injection, XSS, CSRF, auth flaws, insecure dependencies, and secrets; generates severity-rated reports including file locations, explanations, compliance checks, and code fixes with examples.

Detect memory leaks in running Node.js, Python, and JVM apps by analyzing event listeners, closures, unbounded caches, and retained references. Scan codebases for patterns like unremoved listeners, uncancelled timers, circular references, and DOM holds, generating markdown reports with severity ratings, code locations, snippets, fixes, and prevention strategies.

Create and validate custom Semgrep rules for detecting security vulnerabilities, bugs, code patterns, and standards using test-first methodology, conversation context for patterns and languages, plus taint mode support.

Annotate codebases with dimensional analysis comments documenting units, dimensions, and decimal scaling. Automatically scan for arithmetic patterns, discover project-specific units, propagate annotations through expressions and functions, and validate consistency to detect mismatches and bugs in DeFi protocols or numerical code.

Automatically reviews and fixes Claude Code skills through iterative refinement until they meet quality standards, with commands to cancel loops and preserve changes.

Run AI-powered code reviews on uncommitted changes, branch diffs, or specific commits using external LLM CLIs (OpenAI Codex, Google Gemini), with an optional MCP server for direct tool access and collaborative reasoning.

Scaffold production-grade Claude Code plugins with marketplace integration, validate structure and schemas, audit for security vulnerabilities and best practices, and automate semantic version bumps across manifests and catalogs using auto-invoked skills and interactive commands.

Set up new or migrate existing Python projects using uv for dependency/environment management, ruff for linting/formatting, mypy for type checking, and pytest for testing, while enforcing shell restrictions for security.

Automate overnight software development by configuring Git hooks for TDD enforcement with tests and lints, then run Claude autonomously for 6-8 hours to build features that pass all checks by morning.

Audit dependencies across Node.js, Python, PHP, Ruby, Go, and Rust projects for vulnerabilities, outdated versions, transitive issues, and license compliance. Generate detailed reports with CVE information, upgrade recommendations, and fix commands using tools like npm audit and pip-audit.

Accelerate Atomic Agents app development through a guided 7-phase workflow: delegate schema design, agent and tool creation, architecture planning, codebase analysis, and code review to specialized AI sub-agents for scalable multi-agent LLM systems.

Design structured workflow skills for Claude Code using multi-step phases, decision trees, subagent delegation, and progressive disclosure for pipelines, routing, and safety gates. Audit skills via 6-phase review detecting structural issues, pattern adherence, tool correctness, and anti-patterns.

Build deep architectural context through line-by-line and per-function code analysis using First Principles and 5 Whys, enabling precise vulnerability hunting and bug detection in security audits. Target entire codebases, specific modules, or dense functions to map dependencies, data flows, assumptions, and effects.

Combine multiple Git repositories into unified archives for AI-powered codebase analysis, with built-in security scanning and file search capabilities.

Use AI to generate conventional commit messages from staged Git changes. Analyzes code diffs to classify updates as feat, fix, refactor, chore, or docs, then crafts standardized messages with proper prefixes for consistent Git history, changelogs, and automation compatibility.

Track regression tests across code releases by mapping git commits to pytest or Jest tests, tagging markers for suites, flagging coverage gaps, generating pass/fail reports with flaky detection, viewing history, and enforcing runs in CI/CD pipelines.

Generate test reports by parsing JUnit XML, Jest JSON, pytest results, and coverage data into Markdown/HTML formats with metrics, failures, slowest tests, trends, and CI annotations. Aggregate results across frameworks for summaries and exports in HTML, PDF, or JSON.

Scan codebases to detect CPU hotspots, intensive operations, blocking calls, and algorithmic inefficiencies. Generate detailed optimization reports with before/after code examples, performance estimates, and targeted recommendations to boost application speed in bash, Python, and Java projects.

Analyze test coverage reports from Jest/nyc, pytest, Go test, and JaCoCo across JavaScript, Python, Go, and Java projects to identify untested code paths, branch gaps, low-coverage files, enforce thresholds, and generate detailed reports with targeted test recommendations.

Verify blockchain smart contracts match specifications from whitepapers, PDFs, Markdown, or URLs, detecting implementation gaps, undocumented behaviors, logic discrepancies, and security issues via structured audits and generating compliance reports.

Orchestrate multi-agent coding workflows with context-aware task decomposition, parallel subtask execution, automated code review, and TDD test generation.

Perform security reviews of pull requests, commits, or code diffs using git history for context, blast radius estimation, test coverage checks, and markdown report generation.

Automate the entire PRP workflow — plan, implement, debug, review, commit, and create PRs — using specialized agents that investigate issues, generate implementation plans, run validation loops, and execute multi-aspect code reviews.

Generate read-only Markdown discrepancy reports validating messaging consistency—including tone, terminology, versions, and structure—across HTML-based websites (WordPress, Hugo, Next.js, React, Vue, etc.), GitHub repositories, and local documentation, with severity levels and fix suggestions.

Validate OpenAPI, JSON Schema, and GraphQL API specs through linting, structural analysis, completeness checks, breaking change detection, and consistency enforcement to generate actionable reports. Bootstrap Zod-based schema validation with generated TypeScript types, request/response middleware, tests, and documentation.

Delegate coding tasks to expert AI agents specialized in Python, Go, Rust, Java, JavaScript, PHP, Ruby/Rails, C/C++, SQL, and TypeScript. They proactively write idiomatic code, refactor for performance, implement advanced features like concurrency and generics, add tests with pytest or RSpec, optimize queries/schemas, and handle builds like Cargo.toml or CMake.

Enforce a specification-driven development loop where all code, tests, and fixes are traced back to a single SPEC.md file, with automated drift detection, adversarial spec review, and root-cause backpropagation from bugs into the spec.

Format and validate code with Prettier, enforcing consistent style across JS, TS, CSS, HTML, Vue, and Svelte. Check formatting compliance with CI-friendly exit codes, auto-create config files, and guard edits to maintain style

Guides structured debugging sessions with a four-step discipline, writes engineering post-mortems for fixed bugs, delegates menial coding tasks to a cheap subagent to save tokens, reviews plans and code from an outsider perspective, rewrites technical content for leadership audiences, and detects looping behavior to prevent context exhaustion.

Scan your codebase and configurations to generate audit-ready Markdown compliance reports for PCI DSS, HIPAA, SOC 2, GDPR, and ISO 27001. Assess security controls, identify gaps, and produce project documentation using the 'crg' shortcut or embedded playbook.

Audit PostgreSQL and MySQL databases for integrity issues including NULLs, orphans, invalid formats, ranges, and duplicates, then generate and enforce CHECK constraints, foreign keys, and triggers. Extend validation to application level with type checks, regex patterns, foreign key integrity, and custom business rules.

Profile Node.js, Python, and Java application performance by analyzing CPU usage, memory allocation, execution hotspots, and bottlenecks. Generate markdown reports with detailed breakdowns, patterns, and actionable optimization recommendations including code fixes.

Automate intelligent YAML validation, linting, schema inference, normalization, and transformation for Kubernetes manifests, GitHub Actions workflows, and Docker Compose files. Receive minimal patches, detailed issues, and ready-to-run validation commands to fix configs quickly.

Run mutation testing on JavaScript, Python, Java, Go, C#, or Ruby codebases to evaluate test suite quality. Introduce code mutants with tools like Stryker, mutmut, PITest, or go-mutesting, check detection rates, identify coverage gaps, and generate reports with survival scores and improvement suggestions.

Generate AI-powered conventional commit messages from staged Git changes: auto-classifies feat/fix/docs types, detects scopes/breaking changes, matches project commit history style. Preview the message, confirm, and auto-commit in one workflow.

Create and manage snapshot tests for UI components and data using Jest, Vitest, or pytest to catch regressions. Analyze test failures with intelligent diff reviews, selectively update snapshots for intentional changes, validate and organize snapshot files, then generate detailed analysis reports.

Detect error-prone APIs, dangerous configurations, and security footguns in your codebase. Review API designs, config schemas, and crypto ergonomics to build secure-by-default software, preventing common security mistakes during development.

Analyze DWARF debug files (v3-v5) in binaries to understand the format and standard, extract information using dwarfdump/readelf/llvm-dwarfdump for verification, and review parsing code in bash/python/rust for compliance and accuracy.

Audit Armeria-based Java projects for event loop blocking by discovering patterns, scanning operations, tracing calls, and generating fix plans without code changes. Pinpoint latency spike causes for pre-release validation.