chore: Update CHANGELOG.md

minor code review updates

.claude-plugin/marketplace.json

@@ -0,0 +1,150 @@
+{
+  "$schema": "https://anthropic.com/claude-code/marketplace.schema.json",
+  "name": "claude-code-plugins",
+  "version": "1.0.0",
+  "description": "Bundled plugins for Claude Code including Agent SDK development tools, PR review toolkit, and commit workflows",
+  "owner": {
+    "name": "Anthropic",
+    "email": "support@anthropic.com"
+  },
+  "plugins": [
+    {
+      "name": "agent-sdk-dev",
+      "description": "Development kit for working with the Claude Agent SDK",
+      "source": "./plugins/agent-sdk-dev",
+      "category": "development"
+    },
+    {
+      "name": "claude-opus-4-5-migration",
+      "description": "Migrate your code and prompts from Sonnet 4.x and Opus 4.1 to Opus 4.5.",
+      "version": "1.0.0",
+      "author": {
+        "name": "William Hu",
+        "email": "whu@anthropic.com"
+      },
+      "source": "./plugins/claude-opus-4-5-migration",
+      "category": "development"
+    },
+    {
+      "name": "code-review",
+      "description": "Automated code review for pull requests using multiple specialized agents with confidence-based scoring to filter false positives",
+      "version": "1.0.0",
+      "author": {
+        "name": "Boris Cherny",
+        "email": "boris@anthropic.com"
+      },
+      "source": "./plugins/code-review",
+      "category": "productivity"
+    },
+    {
+      "name": "commit-commands",
+      "description": "Commands for git commit workflows including commit, push, and PR creation",
+      "version": "1.0.0",
+      "author": {
+        "name": "Anthropic",
+        "email": "support@anthropic.com"
+      },
+      "source": "./plugins/commit-commands",
+      "category": "productivity"
+    },
+    {
+      "name": "explanatory-output-style",
+      "description": "Adds educational insights about implementation choices and codebase patterns (mimics the deprecated Explanatory output style)",
+      "version": "1.0.0",
+      "author": {
+        "name": "Dickson Tsai",
+        "email": "dickson@anthropic.com"
+      },
+      "source": "./plugins/explanatory-output-style",
+      "category": "learning"
+    },
+    {
+      "name": "feature-dev",
+      "description": "Comprehensive feature development workflow with specialized agents for codebase exploration, architecture design, and quality review",
+      "version": "1.0.0",
+      "author": {
+        "name": "Siddharth Bidasaria",
+        "email": "sbidasaria@anthropic.com"
+      },
+      "source": "./plugins/feature-dev",
+      "category": "development"
+    },
+    {
+      "name": "frontend-design",
+      "description": "Create distinctive, production-grade frontend interfaces with high design quality. Generates creative, polished code that avoids generic AI aesthetics.",
+      "version": "1.0.0",
+      "author": {
+        "name": "Prithvi Rajasekaran & Alexander Bricken",
+        "email": "prithvi@anthropic.com"
+      },
+      "source": "./plugins/frontend-design",
+      "category": "development"
+    },
+    {
+      "name": "hookify",
+      "description": "Easily create custom hooks to prevent unwanted behaviors by analyzing conversation patterns or from explicit instructions. Define rules via simple markdown files.",
+      "version": "0.1.0",
+      "author": {
+        "name": "Daisy Hollman",
+        "email": "daisy@anthropic.com"
+      },
+      "source": "./plugins/hookify",
+      "category": "productivity"
+    },
+    {
+      "name": "learning-output-style",
+      "description": "Interactive learning mode that requests meaningful code contributions at decision points (mimics the unshipped Learning output style)",
+      "version": "1.0.0",
+      "author": {
+        "name": "Boris Cherny",
+        "email": "boris@anthropic.com"
+      },
+      "source": "./plugins/learning-output-style",
+      "category": "learning"
+    },
+    {
+      "name": "plugin-dev",
+      "description": "Comprehensive toolkit for developing Claude Code plugins. Includes 7 expert skills covering hooks, MCP integration, commands, agents, and best practices. AI-assisted plugin creation and validation.",
+      "version": "0.1.0",
+      "author": {
+        "name": "Daisy Hollman",
+        "email": "daisy@anthropic.com"
+      },
+      "source": "./plugins/plugin-dev",
+      "category": "development"
+    },
+    {
+      "name": "pr-review-toolkit",
+      "description": "Comprehensive PR review agents specializing in comments, tests, error handling, type design, code quality, and code simplification",
+      "version": "1.0.0",
+      "author": {
+        "name": "Anthropic",
+        "email": "support@anthropic.com"
+      },
+      "source": "./plugins/pr-review-toolkit",
+      "category": "productivity"
+    },
+    {
+      "name": "ralph-wiggum",
+      "description": "Interactive self-referential AI loops for iterative development. Claude works on the same task repeatedly, seeing its previous work, until completion.",
+      "version": "1.0.0",
+      "author": {
+        "name": "Daisy Hollman",
+        "email": "daisy@anthropic.com"
+      },
+      "source": "./plugins/ralph-wiggum",
+      "category": "development"
+    },
+    {
+      "name": "security-guidance",
+      "description": "Security reminder hook that warns about potential security issues when editing files, including command injection, XSS, and unsafe code patterns",
+      "version": "1.0.0",
+      "author": {
+        "name": "David Dworken",
+        "email": "dworken@anthropic.com"
+      },
+      "source": "./plugins/security-guidance",
+      "category": "security"
+    }
+  ]
+}

.claude/commands/commit-push-pr.md

@@ -0,0 +1,19 @@
+---
+allowed-tools: Bash(git checkout --branch:*), Bash(git add:*), Bash(git status:*), Bash(git push:*), Bash(git commit:*), Bash(gh pr create:*)
+description: Commit, push, and open a PR
+---
+
+## Context
+
+- Current git status: !`git status`
+- Current git diff (staged and unstaged changes): !`git diff HEAD`
+- Current branch: !`git branch --show-current`
+
+## Your task
+
+Based on the above changes:
+1. Create a new branch if on main
+2. Create a single commit with an appropriate message
+3. Push the branch to origin
+4. Create a pull request using `gh pr create`
+5. You have the capability to call multiple tools in a single response. You MUST do all of the above in a single message. Do not use any other tools or do anything else. Do not send any other text or messages besides these tool calls.

.claude/commands/dedupe.md

@@ -0,0 +1,23 @@
+---
+allowed-tools: Bash(gh issue view:*), Bash(gh search:*), Bash(gh issue list:*), Bash(./scripts/comment-on-duplicates.sh:*)
+description: Find duplicate GitHub issues
+---
+
+Find up to 3 likely duplicate issues for a given GitHub issue.
+
+To do this, follow these steps precisely:
+
+1. Use an agent to check if the Github issue (a) is closed, (b) does not need to be deduped (eg. because it is broad product feedback without a specific solution, or positive feedback), or (c) already has a duplicates comment that you made earlier. If so, do not proceed.
+2. Use an agent to view a Github issue, and ask the agent to return a summary of the issue
+3. Then, launch 5 parallel agents to search Github for duplicates of this issue, using diverse keywords and search approaches, using the summary from #1
+4. Next, feed the results from #1 and #2 into another agent, so that it can filter out false positives, that are likely not actually duplicates of the original issue. If there are no duplicates remaining, do not proceed.
+5. Finally, use the comment script to post duplicates:
+   ```
+   ./scripts/comment-on-duplicates.sh --base-issue <issue-number> --potential-duplicates <dup1> <dup2> <dup3>
+   ```
+
+Notes (be sure to tell this to your agents, too):
+
+- Use `gh` to interact with Github, rather than web fetch
+- Do not use other tools, beyond `gh` and the comment script (eg. don't use other MCP servers, file edit, etc.)
+- Make a todo list first

.claude/commands/oncall-triage.md

@@ -0,0 +1,40 @@
+---
+allowed-tools: Bash(gh issue list:*), Bash(gh issue view:*), Bash(gh issue edit:*), TodoWrite
+description: Triage GitHub issues and label critical ones for oncall
+---
+
+You're an oncall triage assistant for GitHub issues. Your task is to identify critical issues that require immediate oncall attention and apply the "oncall" label.
+
+Repository: anthropics/claude-code
+
+Task overview:
+
+1. First, get all open bugs updated in the last 3 days with at least 50 engagements:
+   ```bash
+   gh issue list --repo anthropics/claude-code --state open --label bug --limit 1000 --json number,title,updatedAt,comments,reactions | jq -r '.[] | select((.updatedAt >= (now - 259200 | strftime("%Y-%m-%dT%H:%M:%SZ"))) and ((.comments | length) + ([.reactions[].content] | length) >= 50)) | "\(.number)"'
+   ```
+
+2. Save the list of issue numbers and create a TODO list with ALL of them. This ensures you process every single one.
+
+3. For each issue in your TODO list:
+   - Use `gh issue view <number> --repo anthropics/claude-code --json title,body,labels,comments` to get full details
+   - Read and understand the full issue content and comments to determine actual user impact
+   - Evaluate: Is this truly blocking users from using Claude Code?
+     - Consider: "crash", "stuck", "frozen", "hang", "unresponsive", "cannot use", "blocked", "broken"
+     - Does it prevent core functionality? Can users work around it?
+   - Be conservative - only flag issues that truly prevent users from getting work done
+
+4. For issues that are truly blocking and don't already have the "oncall" label:
+   - Use `gh issue edit <number> --repo anthropics/claude-code --add-label "oncall"`
+   - Mark the issue as complete in your TODO list
+
+5. After processing all issues, provide a summary:
+   - List each issue number that received the "oncall" label
+   - Include the issue title and brief reason why it qualified
+   - If no issues qualified, state that clearly
+
+Important:
+- Process ALL issues in your TODO list systematically
+- Don't post any comments to issues
+- Only add the "oncall" label, never remove it
+- Use individual `gh issue view` commands instead of bash for loops to avoid approval prompts

.devcontainer/Dockerfile

@@ -3,8 +3,11 @@ FROM node:20
 ARG TZ
 ENV TZ="$TZ"
 
+ARG CLAUDE_CODE_VERSION=latest
+
 # Install basic development tools and iptables/ipset
-RUN apt update && apt install -y less \
+RUN apt-get update && apt-get install -y --no-install-recommends \
+  less \
   git \
   procps \
   sudo \
@@ -19,7 +22,10 @@ RUN apt update && apt install -y less \
   iproute2 \
   dnsutils \
   aggregate \
-  jq
+  jq \
+  nano \
+  vim \
+  && apt-get clean && rm -rf /var/lib/apt/lists/*
 
 # Ensure default node user has access to /usr/local/share
 RUN mkdir -p /usr/local/share/npm-global && \
@@ -42,10 +48,11 @@ RUN mkdir -p /workspace /home/node/.claude && \
 
 WORKDIR /workspace
 
+ARG GIT_DELTA_VERSION=0.18.2
 RUN ARCH=$(dpkg --print-architecture) && \
-  wget "https://github.com/dandavison/delta/releases/download/0.18.2/git-delta_0.18.2_${ARCH}.deb" && \
-  sudo dpkg -i "git-delta_0.18.2_${ARCH}.deb" && \
-  rm "git-delta_0.18.2_${ARCH}.deb"
+  wget "https://github.com/dandavison/delta/releases/download/${GIT_DELTA_VERSION}/git-delta_${GIT_DELTA_VERSION}_${ARCH}.deb" && \
+  sudo dpkg -i "git-delta_${GIT_DELTA_VERSION}_${ARCH}.deb" && \
+  rm "git-delta_${GIT_DELTA_VERSION}_${ARCH}.deb"
 
 # Set up non-root user
 USER node
@@ -57,8 +64,13 @@ ENV PATH=$PATH:/usr/local/share/npm-global/bin
 # Set the default shell to zsh rather than sh
 ENV SHELL=/bin/zsh
 
+# Set the default editor and visual
+ENV EDITOR=nano
+ENV VISUAL=nano
+
 # Default powerline10k theme
-RUN sh -c "$(wget -O- https://github.com/deluan/zsh-in-docker/releases/download/v1.2.0/zsh-in-docker.sh)" -- \
+ARG ZSH_IN_DOCKER_VERSION=1.2.0
+RUN sh -c "$(wget -O- https://github.com/deluan/zsh-in-docker/releases/download/v${ZSH_IN_DOCKER_VERSION}/zsh-in-docker.sh)" -- \
   -p git \
   -p fzf \
   -a "source /usr/share/doc/fzf/examples/key-bindings.zsh" \
@@ -67,7 +79,8 @@ RUN sh -c "$(wget -O- https://github.com/deluan/zsh-in-docker/releases/download/
   -x
 
 # Install Claude
-RUN npm install -g @anthropic-ai/claude-code
+RUN npm install -g @anthropic-ai/claude-code@${CLAUDE_CODE_VERSION}
+
 
 # Copy and set up firewall script
 COPY init-firewall.sh /usr/local/bin/

.devcontainer/devcontainer.json

@@ -3,7 +3,10 @@
   "build": {
     "dockerfile": "Dockerfile",
     "args": {
-      "TZ": "${localEnv:TZ:America/Los_Angeles}"
+      "TZ": "${localEnv:TZ:America/Los_Angeles}",
+      "CLAUDE_CODE_VERSION": "latest",
+      "GIT_DELTA_VERSION": "0.18.2",
+      "ZSH_IN_DOCKER_VERSION": "1.2.0"
     }
   },
   "runArgs": [
@@ -13,6 +16,7 @@
   "customizations": {
     "vscode": {
       "extensions": [
+        "anthropic.claude-code",
         "dbaeumer.vscode-eslint",
         "esbenp.prettier-vscode",
         "eamodio.gitlens"
@@ -38,15 +42,16 @@
   },
   "remoteUser": "node",
   "mounts": [
-    "source=claude-code-bashhistory,target=/commandhistory,type=volume",
-    "source=claude-code-config,target=/home/node/.claude,type=volume"
+    "source=claude-code-bashhistory-${devcontainerId},target=/commandhistory,type=volume",
+    "source=claude-code-config-${devcontainerId},target=/home/node/.claude,type=volume"
   ],
-  "remoteEnv": {
+  "containerEnv": {
     "NODE_OPTIONS": "--max-old-space-size=4096",
     "CLAUDE_CONFIG_DIR": "/home/node/.claude",
     "POWERLEVEL9K_DISABLE_GITSTATUS": "true"
   },
   "workspaceMount": "source=${localWorkspaceFolder},target=/workspace,type=bind,consistency=delegated",
   "workspaceFolder": "/workspace",
-  "postCreateCommand": "sudo /usr/local/bin/init-firewall.sh"
+  "postStartCommand": "sudo /usr/local/bin/init-firewall.sh",
+  "waitFor": "postStartCommand"
 }

.devcontainer/init-firewall.sh

@@ -2,6 +2,9 @@
 set -euo pipefail  # Exit on error, undefined vars, and pipeline failures
 IFS=$'\n\t'       # Stricter word splitting
 
+# 1. Extract Docker DNS info BEFORE any flushing
+DOCKER_DNS_RULES=$(iptables-save -t nat | grep "127\.0\.0\.11" || true)
+
 # Flush existing rules and delete existing ipsets
 iptables -F
 iptables -X
@@ -11,6 +14,16 @@ iptables -t mangle -F
 iptables -t mangle -X
 ipset destroy allowed-domains 2>/dev/null || true
 
+# 2. Selectively restore ONLY internal Docker DNS resolution
+if [ -n "$DOCKER_DNS_RULES" ]; then
+    echo "Restoring Docker DNS rules..."
+    iptables -t nat -N DOCKER_OUTPUT 2>/dev/null || true
+    iptables -t nat -N DOCKER_POSTROUTING 2>/dev/null || true
+    echo "$DOCKER_DNS_RULES" | xargs -L 1 iptables -t nat
+else
+    echo "No Docker DNS rules to restore"
+fi
+
 # First allow DNS and localhost before any restrictions
 # Allow outbound DNS
 iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
@@ -56,9 +69,12 @@ for domain in \
     "api.anthropic.com" \
     "sentry.io" \
     "statsig.anthropic.com" \
-    "statsig.com"; do
+    "statsig.com" \
+    "marketplace.visualstudio.com" \
+    "vscode.blob.core.windows.net" \
+    "update.code.visualstudio.com"; do
     echo "Resolving $domain..."
-    ips=$(dig +short A "$domain")
+    ips=$(dig +noall +answer A "$domain" | awk '$4 == "A" {print $5}')
     if [ -z "$ips" ]; then
         echo "ERROR: Failed to resolve $domain"
         exit 1
@@ -100,6 +116,9 @@ iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 # Then allow only specific outbound traffic to allowed domains
 iptables -A OUTPUT -m set --match-set allowed-domains dst -j ACCEPT
 
+# Explicitly REJECT all other outbound traffic for immediate feedback
+iptables -A OUTPUT -j REJECT --reject-with icmp-admin-prohibited
+
 echo "Firewall configuration complete"
 echo "Verifying firewall rules..."
 if curl --connect-timeout 5 https://example.com >/dev/null 2>&1; then

.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,34 +0,0 @@
----
-name: Bug report
-about: Create a report to help us improve
-title: '[BUG] '
-labels: bug
-assignees: ''
----
-
-## Environment
-- Platform (select one):
-  - [ ] Anthropic API
-  - [ ] AWS Bedrock
-  - [ ] Google Vertex AI
-  - [ ] Other: <!-- specify -->
-- Claude CLI version: <!-- output of `claude --version` -->
-- Operating System: <!-- e.g. macOS 14.3, Windows 11, Ubuntu 22.04 -->
-- Terminal:  <!-- e.g. iTerm2, Terminal App -->
-
-## Bug Description
-<!-- A clear and concise description of the bug -->
-
-## Steps to Reproduce
-1. <!-- First step -->
-2. <!-- Second step -->
-3. <!-- And so on... -->
-
-## Expected Behavior
-<!-- What you expected to happen -->
-
-## Actual Behavior
-<!-- What actually happened -->
-
-## Additional Context
-<!-- Add any other context about the problem here, such as screenshots, logs, etc. -->

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,188 @@
+name: 🐛 Bug Report
+description: Report a bug or unexpected behavior in Claude Code
+title: "[BUG] "
+labels:
+  - bug
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to report this bug! Please fill out the sections below to help us understand and fix the issue.
+        
+        Before submitting, please check:
+        - You're using the [latest version](https://www.npmjs.com/package/@anthropic-ai/claude-code?activeTab=versions) of Claude Code (`claude --version`) 
+        - This issue hasn't already been reported by searching [existing issues](https://github.com/anthropics/claude-code/issues?q=is%3Aissue%20state%3Aopen%20label%3Abug).
+        - This is a bug, not a feature request or support question
+        
+  - type: checkboxes
+    id: preflight
+    attributes:
+      label: Preflight Checklist
+      description: Please confirm before submitting
+      options:
+        - label: I have searched [existing issues](https://github.com/anthropics/claude-code/issues?q=is%3Aissue%20state%3Aopen%20label%3Abug) and this hasn't been reported yet
+          required: true
+        - label: This is a single bug report (please file separate reports for different bugs)
+          required: true
+        - label: I am using the latest version of Claude Code
+          required: true
+          
+  - type: textarea
+    id: actual
+    attributes:
+      label: What's Wrong?
+      description: Describe what's happening that shouldn't be
+      placeholder: |
+        When I try to create a Python file, Claude shows an error "EACCES: permission denied" and the file isn't created.
+        
+        The command fails immediately after accepting the file write permission...
+    validations:
+      required: true
+      
+  - type: textarea
+    id: expected
+    attributes:
+      label: What Should Happen?
+      description: Describe the expected behavior
+      placeholder: Claude should create a Python script file successfully without errors
+    validations:
+      required: true
+      
+  - type: textarea
+    id: error_output
+    attributes:
+      label: Error Messages/Logs
+      description: If you see any error messages, paste them here
+      placeholder: |
+        Paste any error output, stack traces, or relevant logs here.
+        This will be automatically formatted as code.
+      render: shell
+    validations:
+      required: false
+      
+  - type: textarea
+    id: reproduction
+    attributes:
+      label: Steps to Reproduce
+      description: |
+        Please provide clear, numbered steps that anyone can follow to reproduce the issue.
+        **Important**: Include any necessary code, file contents, or context needed to reproduce the bug.
+        If the issue involves specific files or code, please create a minimal example.
+      placeholder: |
+        1. Create a file `test.py` with this content:
+           ```python
+           def hello():
+               print("test")
+           ```
+        2. Run `claude "add type hints to test.py"`
+        3. When prompted for file access, accept
+        4. Error appears: "Unable to parse..."
+        
+        Note: The bug only happens with Python files containing...
+    validations:
+      required: true
+      
+  - type: dropdown
+    id: model
+    attributes:
+      label: Claude Model
+      description: Which model were you using? (Run `/model` to check)
+      options:
+        - Sonnet (default)
+        - Opus
+        - Not sure / Multiple models
+        - Other
+    validations:
+      required: false
+      
+  - type: dropdown
+    id: regression
+    attributes:
+      label: Is this a regression?
+      description: Did this work in a previous version? 
+      options:
+        - "Yes, this worked in a previous version"
+        - "No, this never worked"
+        - "I don't know"
+    validations:
+      required: true
+      
+  - type: input
+    id: working_version
+    attributes:
+      label: Last Working Version
+      description: If this is a regression, which version last worked? This helps expedite a fix.
+      placeholder: "e.g., 1.0.100"
+    validations:
+      required: false
+      
+  - type: input
+    id: version
+    attributes:
+      label: Claude Code Version
+      description: Run `claude --version` and paste the output
+      placeholder: "e.g., 1.0.123 (Claude Code)"
+    validations:
+      required: true
+      
+  - type: dropdown
+    id: platform
+    attributes:
+      label: Platform
+      description: Which API platform are you using?
+      options:
+        - Anthropic API
+        - AWS Bedrock
+        - Google Vertex AI
+        - Other
+    validations:
+      required: true
+      
+  - type: dropdown
+    id: os
+    attributes:
+      label: Operating System
+      options:
+        - macOS
+        - Windows
+        - Ubuntu/Debian Linux
+        - Other Linux
+        - Other
+    validations:
+      required: true
+      
+  - type: dropdown
+    id: terminal
+    attributes:
+      label: Terminal/Shell
+      description: Which terminal are you using?
+      options:
+        - Terminal.app (macOS)
+        - Warp
+        - Cursor
+        - iTerm2
+        - IntelliJ IDEA terminal
+        - VS Code integrated terminal
+        - PyCharm terminal
+        - Windows Terminal        
+        - PowerShell
+        - WSL (Windows Subsystem for Linux)
+        - Xterm
+        - Non-interactive/CI environment
+        - Other
+    validations:
+      required: true
+      
+  - type: textarea
+    id: additional
+    attributes:
+      label: Additional Information
+      description: |
+        Anything else that might help us understand the issue?
+        - Screenshots (drag and drop images here)
+        - Configuration files
+        - Related files or code
+        - Links to repositories demonstrating the issue
+      placeholder: Any additional context, screenshots, or information...
+    validations:
+      required: false

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,14 @@
+blank_issues_enabled: false
+contact_links:
+  - name: 💬 Discord Community
+    url: https://anthropic.com/discord
+    about: Get help, ask questions, and chat with other Claude Code users
+  - name: 📖 Documentation
+    url: https://docs.claude.com/en/docs/claude-code
+    about: Read the official documentation and guides
+  - name: 🎓 Getting Started Guide
+    url: https://docs.claude.com/en/docs/claude-code/quickstart
+    about: New to Claude Code? Start here
+  - name: 🔧 Troubleshooting Guide
+    url: https://docs.claude.com/en/docs/claude-code/troubleshooting
+    about: Common issues and how to fix them

.github/ISSUE_TEMPLATE/documentation.yml

@@ -0,0 +1,117 @@
+name: 📚 Documentation Issue
+description: Report missing, unclear, or incorrect documentation
+title: "[DOCS] "
+labels:
+  - documentation
+body:
+  - type: markdown
+    attributes:
+      value: |
+        ## Help us improve our documentation!
+        
+        Good documentation is crucial for a great developer experience. Please let us know what's missing or confusing.
+        
+  - type: dropdown
+    id: doc_type
+    attributes:
+      label: Documentation Type
+      description: What kind of documentation issue is this?
+      options:
+        - Missing documentation (feature not documented)
+        - Unclear/confusing documentation
+        - Incorrect/outdated documentation
+        - Typo or formatting issue
+        - Missing code examples
+        - Broken links
+        - Other
+    validations:
+      required: true
+      
+  - type: input
+    id: location
+    attributes:
+      label: Documentation Location
+      description: Where did you encounter this issue? Provide a URL if possible
+      placeholder: "e.g., https://docs.anthropic.com/en/docs/claude-code/getting-started"
+    validations:
+      required: false
+      
+  - type: input
+    id: section
+    attributes:
+      label: Section/Topic
+      description: Which specific section or topic needs improvement?
+      placeholder: "e.g., MCP Server Configuration section"
+    validations:
+      required: true
+      
+  - type: textarea
+    id: current
+    attributes:
+      label: Current Documentation
+      description: |
+        What does the documentation currently say? 
+        Quote the specific text if applicable.
+      placeholder: |
+        The docs currently say:
+        "To configure MCP servers, add them to your configuration..."
+        
+        But it doesn't explain...
+    validations:
+      required: false
+      
+  - type: textarea
+    id: issue
+    attributes:
+      label: What's Wrong or Missing?
+      description: Explain what's incorrect, unclear, or missing
+      placeholder: |
+        The documentation doesn't explain how to:
+        - Configure multiple MCP servers
+        - Handle authentication
+        - Debug connection issues
+        
+        The example code doesn't work because...
+    validations:
+      required: true
+      
+  - type: textarea
+    id: suggested
+    attributes:
+      label: Suggested Improvement
+      description: How should the documentation be improved? Provide suggested text if possible
+      placeholder: |
+        The documentation should include:
+        
+        1. A complete example showing...
+        2. Explanation of common errors like...
+        3. Step-by-step guide for...
+        
+        Suggested text:
+        "To configure multiple MCP servers, create an array in your settings..."
+    validations:
+      required: true
+      
+  - type: dropdown
+    id: impact
+    attributes:
+      label: Impact
+      description: How much does this documentation issue affect users?
+      options:
+        - High - Prevents users from using a feature
+        - Medium - Makes feature difficult to understand
+        - Low - Minor confusion or inconvenience
+    validations:
+      required: true
+          
+  - type: textarea
+    id: additional
+    attributes:
+      label: Additional Context
+      description: |
+        - Screenshots showing the issue
+        - Links to related documentation
+        - Examples from other projects that do this well
+      placeholder: Any additional information that would help...
+    validations:
+      required: false

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,132 @@
+name: ✨ Feature Request
+description: Suggest a new feature or enhancement for Claude Code
+title: "[FEATURE] "
+labels:
+  - enhancement
+body:
+  - type: markdown
+    attributes:
+      value: |
+        ## Thanks for suggesting a feature!
+        
+        We love hearing ideas from our community. Please help us understand your use case by filling out the sections below.
+        Before submitting, please check if this feature has already been requested.
+        
+  - type: checkboxes
+    id: preflight
+    attributes:
+      label: Preflight Checklist
+      options:
+        - label: I have searched [existing requests](https://github.com/anthropics/claude-code/issues?q=is%3Aissue%20label%3Aenhancement) and this feature hasn't been requested yet
+          required: true
+        - label: This is a single feature request (not multiple features)
+          required: true
+          
+  - type: textarea
+    id: problem
+    attributes:
+      label: Problem Statement
+      description: |
+        What problem are you trying to solve? Why do you need this feature?
+        Focus on the problem, not the solution. Help us understand your workflow.
+      placeholder: |
+        I often need to work with multiple projects simultaneously, but Claude Code doesn't support...
+        
+        When I'm debugging code, I find it difficult to...
+        
+        The current workflow requires me to manually...
+    validations:
+      required: true
+      
+  - type: textarea
+    id: solution
+    attributes:
+      label: Proposed Solution
+      description: |
+        How would you like this to work? Describe the ideal user experience.
+        Be specific about how you'd interact with this feature.
+      placeholder: |
+        I'd like to be able to run `claude --workspace project1,project2` to...
+        
+        There should be a command or setting that allows...
+        
+        The interface should show...
+    validations:
+      required: true
+      
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Alternative Solutions
+      description: |
+        What alternatives have you considered or tried?
+        Are there workarounds you're currently using?
+      placeholder: |
+        I've tried using multiple terminal windows but...
+        
+        Currently I work around this by...
+        
+        Other tools solve this by...
+    validations:
+      required: false
+      
+  - type: dropdown
+    id: priority
+    attributes:
+      label: Priority
+      description: How important is this feature to your workflow?
+      options:
+        - Critical - Blocking my work
+        - High - Significant impact on productivity
+        - Medium - Would be very helpful
+        - Low - Nice to have
+    validations:
+      required: true
+      
+  - type: dropdown
+    id: category
+    attributes:
+      label: Feature Category
+      description: What area does this feature relate to?
+      options:
+        - CLI commands and flags
+        - Interactive mode (TUI)
+        - File operations
+        - API and model interactions
+        - MCP server integration
+        - Performance and speed
+        - Configuration and settings
+        - Developer tools/SDK
+        - Documentation
+        - Other
+    validations:
+      required: true
+      
+  - type: textarea
+    id: use_case
+    attributes:
+      label: Use Case Example
+      description: |
+        Provide a concrete, real-world example of when you'd use this feature.
+        Walk us through a scenario step-by-step.
+      placeholder: |
+        Example scenario:
+        1. I'm working on a React app with a Node.js backend
+        2. I need to make changes to both frontend and backend
+        3. With this feature, I could...
+        4. This would save me time because...
+    validations:
+      required: false
+      
+  - type: textarea
+    id: additional
+    attributes:
+      label: Additional Context
+      description: |
+        - Screenshots or mockups of the proposed feature
+        - Links to similar features in other tools
+        - Technical considerations or constraints
+        - Any other relevant information
+      placeholder: Add any other context, mockups, or examples here...
+    validations:
+      required: false

.github/ISSUE_TEMPLATE/model_behavior.yml

@@ -0,0 +1,220 @@
+name: 🤖 Model Behavior Issue
+description: Report unexpected Claude model behavior, incorrect actions, or permission violations
+title: "[MODEL] "
+labels:
+  - model
+body:
+  - type: markdown
+    attributes:
+      value: |
+        ## Report Unexpected Model Behavior
+        
+        Use this template when Claude does something unexpected, makes unwanted changes, or behaves inconsistently with your instructions.
+        
+        **This is for:** Unexpected actions, file modifications outside scope, ignoring instructions, making assumptions
+        **NOT for:** Crashes, API errors, or installation issues (use Bug Report instead)
+        
+  - type: checkboxes
+    id: preflight
+    attributes:
+      label: Preflight Checklist
+      description: Please confirm before submitting
+      options:
+        - label: I have searched [existing issues](https://github.com/anthropics/claude-code/issues?q=is%3Aissue%20state%3Aopen%20label%3Amodel) for similar behavior reports
+          required: true
+        - label: This report does NOT contain sensitive information (API keys, passwords, etc.)
+          required: true
+          
+  - type: dropdown
+    id: behavior_type
+    attributes:
+      label: Type of Behavior Issue
+      description: What category best describes the unexpected behavior?
+      options:
+        - Claude modified files I didn't ask it to modify
+        - Claude accessed files outside the working directory
+        - Claude ignored my instructions or configuration
+        - Claude reverted/undid previous changes without asking
+        - Claude made incorrect assumptions about my project
+        - Claude refused a reasonable request
+        - Claude's behavior changed between sessions
+        - Subagent behaved unexpectedly
+        - Other unexpected behavior
+    validations:
+      required: true
+      
+  - type: textarea
+    id: what_you_asked
+    attributes:
+      label: What You Asked Claude to Do
+      description: Provide the exact prompt or command you gave
+      placeholder: |
+        I asked: "Update the README.md file to add installation instructions"
+        
+        Or I ran: `claude "fix the bug in auth.js"`
+    validations:
+      required: true
+      
+  - type: textarea
+    id: what_claude_did
+    attributes:
+      label: What Claude Actually Did
+      description: Describe step-by-step what Claude did instead
+      placeholder: |
+        1. Claude read README.md
+        2. Instead of updating it, Claude deleted the entire file
+        3. Created a new README from scratch with different content
+        4. Also modified package.json without being asked
+        5. Changed .gitignore file
+    validations:
+      required: true
+      
+  - type: textarea
+    id: expected_behavior
+    attributes:
+      label: Expected Behavior
+      description: What should Claude have done?
+      placeholder: |
+        Claude should have:
+        1. Read the existing README.md
+        2. Added an "Installation" section
+        3. Only modified that single file
+        4. Not touched any other files
+    validations:
+      required: true
+      
+  - type: textarea
+    id: files_affected
+    attributes:
+      label: Files Affected
+      description: |
+        List all files that were accessed or modified (even if you didn't expect them to be)
+      placeholder: |
+        Modified:
+        - README.md (deleted and recreated)
+        - package.json (version bumped - not requested)
+        - .gitignore (added entries - not requested)
+        
+        Read (unexpectedly):
+        - /Users/me/.ssh/config
+        - ../../../parent-directory/secrets.env
+      render: shell
+    validations:
+      required: false
+      
+  - type: dropdown
+    id: permission_mode
+    attributes:
+      label: Permission Mode
+      description: What permission settings were active?
+      options:
+        - Accept Edits was ON (auto-accepting changes)
+        - Accept Edits was OFF (manual approval required)
+        - I don't know / Not sure
+    validations:
+      required: true
+      
+  - type: dropdown
+    id: reproducible
+    attributes:
+      label: Can You Reproduce This?
+      description: Does this happen consistently?
+      options:
+        - Yes, every time with the same prompt
+        - Sometimes (intermittent)
+        - No, only happened once
+        - Haven't tried to reproduce
+    validations:
+      required: true
+      
+  - type: textarea
+    id: reproduction_steps
+    attributes:
+      label: Steps to Reproduce
+      description: If reproducible, provide minimal steps
+      placeholder: |
+        1. Create a new directory with a simple README.md
+        2. Ask Claude Code to "improve the README"
+        3. Claude will delete and recreate the file instead of editing
+    validations:
+      required: false
+      
+  - type: dropdown
+    id: model
+    attributes:
+      label: Claude Model
+      description: Which model were you using? (Run `/model` to check)
+      options:
+        - Sonnet
+        - Opus
+        - Haiku
+        - Not sure
+        - Other
+    validations:
+      required: true
+      
+  - type: textarea
+    id: conversation_log
+    attributes:
+      label: Relevant Conversation
+      description: |
+        Include relevant parts of Claude's responses, especially where it explains what it's doing
+      placeholder: |
+        Claude said: "I'll help you update the README. Let me first delete the old one and create a fresh version..."
+        
+        [Then proceeded to delete without asking for confirmation]
+      render: markdown
+    validations:
+      required: false
+      
+  - type: dropdown
+    id: impact
+    attributes:
+      label: Impact
+      description: How severe was the impact of this behavior?
+      options:
+        - Critical - Data loss or corrupted project
+        - High - Significant unwanted changes
+        - Medium - Extra work to undo changes
+        - Low - Minor inconvenience
+    validations:
+      required: true
+      
+  - type: input
+    id: version
+    attributes:
+      label: Claude Code Version
+      description: Run `claude --version` and paste the output
+      placeholder: "e.g., 1.0.123 (Claude Code)"
+    validations:
+      required: true
+      
+  - type: dropdown
+    id: platform
+    attributes:
+      label: Platform
+      description: Which API platform are you using?
+      options:
+        - Anthropic API
+        - AWS Bedrock
+        - Google Vertex AI
+        - Other
+    validations:
+      required: true
+      
+  - type: textarea
+    id: additional
+    attributes:
+      label: Additional Context
+      description: |
+        - Any patterns you've noticed
+        - Similar behavior in other sessions
+        - Specific file types or project structures that trigger this
+        - Screenshots if relevant
+      placeholder: |
+        This seems to happen more often with:
+        - Python projects
+        - When there are multiple similar files
+        - After long conversations
+    validations:
+      required: false

.github/workflows/auto-close-duplicates.yml

@@ -0,0 +1,31 @@
+name: Auto-close duplicate issues
+description: Auto-closes issues that are duplicates of existing issues
+on:
+  schedule:
+    - cron: "0 9 * * *"
+  workflow_dispatch:
+
+jobs:
+  auto-close-duplicates:
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    permissions:
+      contents: read
+      issues: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup Bun
+        uses: oven-sh/setup-bun@v2
+        with:
+          bun-version: latest
+
+      - name: Auto-close duplicate issues
+        run: bun run scripts/auto-close-duplicates.ts
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_REPOSITORY_OWNER: ${{ github.repository_owner }}
+          GITHUB_REPOSITORY_NAME: ${{ github.event.repository.name }}
+          STATSIG_API_KEY: ${{ secrets.STATSIG_API_KEY }}

.github/workflows/backfill-duplicate-comments.yml

@@ -0,0 +1,44 @@
+name: Backfill Duplicate Comments
+description: Triggers duplicate detection for old issues that don't have duplicate comments
+
+on:
+  workflow_dispatch:
+    inputs:
+      days_back:
+        description: 'How many days back to look for old issues'
+        required: false
+        default: '90'
+        type: string
+      dry_run:
+        description: 'Dry run mode (true to only log what would be done)'
+        required: false
+        default: 'true'
+        type: choice
+        options:
+          - 'true'
+          - 'false'
+
+jobs:
+  backfill-duplicate-comments:
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+    permissions:
+      contents: read
+      issues: read
+      actions: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      
+      - name: Setup Bun
+        uses: oven-sh/setup-bun@v2
+        with:
+          bun-version: latest
+      
+      - name: Backfill duplicate comments
+        run: bun run scripts/backfill-duplicate-comments.ts
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          DAYS_BACK: ${{ inputs.days_back }}
+          DRY_RUN: ${{ inputs.dry_run }}

.github/workflows/claude-dedupe-issues.yml

@@ -0,0 +1,84 @@
+name: Claude Issue Dedupe
+description: Automatically dedupe GitHub issues using Claude Code
+on:
+  issues:
+    types: [opened]
+  workflow_dispatch:
+    inputs:
+      issue_number:
+        description: 'Issue number to process for duplicate detection'
+        required: true
+        type: string
+
+jobs:
+  claude-dedupe-issues:
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    permissions:
+      contents: read
+      issues: write
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Run Claude Code slash command
+        uses: anthropics/claude-code-action@v1
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          allowed_non_write_users: "*"
+          prompt: "/dedupe ${{ github.repository }}/issues/${{ github.event.issue.number || inputs.issue_number }}"
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          claude_args: "--model claude-sonnet-4-5-20250929"
+
+      - name: Log duplicate comment event to Statsig
+        if: always()
+        env:
+          STATSIG_API_KEY: ${{ secrets.STATSIG_API_KEY }}
+        run: |
+          ISSUE_NUMBER=${{ github.event.issue.number || inputs.issue_number }}
+          REPO=${{ github.repository }}
+          
+          if [ -z "$STATSIG_API_KEY" ]; then
+            echo "STATSIG_API_KEY not found, skipping Statsig logging"
+            exit 0
+          fi
+          
+          # Prepare the event payload
+          EVENT_PAYLOAD=$(jq -n \
+            --arg issue_number "$ISSUE_NUMBER" \
+            --arg repo "$REPO" \
+            --arg triggered_by "${{ github.event_name }}" \
+            '{
+              events: [{
+                eventName: "github_duplicate_comment_added",
+                value: 1,
+                metadata: {
+                  repository: $repo,
+                  issue_number: ($issue_number | tonumber),
+                  triggered_by: $triggered_by,
+                  workflow_run_id: "${{ github.run_id }}"
+                },
+                time: (now | floor | tostring)
+              }]
+            }')
+          
+          # Send to Statsig API
+          echo "Logging duplicate comment event to Statsig for issue #${ISSUE_NUMBER}"
+          
+          RESPONSE=$(curl -s -w "\n%{http_code}" -X POST https://events.statsigapi.net/v1/log_event \
+            -H "Content-Type: application/json" \
+            -H "STATSIG-API-KEY: ${STATSIG_API_KEY}" \
+            -d "$EVENT_PAYLOAD")
+          
+          HTTP_CODE=$(echo "$RESPONSE" | tail -n1)
+          BODY=$(echo "$RESPONSE" | head -n-1)
+          
+          if [ "$HTTP_CODE" -eq 200 ] || [ "$HTTP_CODE" -eq 202 ]; then
+            echo "Successfully logged duplicate comment event for issue #${ISSUE_NUMBER}"
+          else
+            echo "Failed to log duplicate comment event for issue #${ISSUE_NUMBER}. HTTP ${HTTP_CODE}: ${BODY}"
+          fi

.github/workflows/claude-issue-triage.yml

@@ -11,61 +11,11 @@ jobs:
     permissions:
       contents: read
       issues: write
+      id-token: write
 
     steps:
-      - name: Create triage prompt
-        run: |
-          mkdir -p /tmp/claude-prompts
-          cat > /tmp/claude-prompts/triage-prompt.txt << 'EOF'
-          You're an issue triage assistant for GitHub issues. Your task is to analyze the issue and select appropriate labels from the provided list.
-
-          IMPORTANT: Don't post any comments or messages to the issue. Your only action should be to apply labels.
-
-          Issue Information:
-          - REPO: ${{ github.repository }}
-          - ISSUE_NUMBER: ${{ github.event.issue.number }}
-
-          TASK OVERVIEW:
-
-          1. First, fetch the list of labels available in this repository by running: `gh label list`. Run exactly this command with nothing else.
-
-          2. Next, use the GitHub tools to get context about the issue:
-             - You have access to these tools:
-               - mcp__github__get_issue: Use this to retrieve the current issue's details including title, description, and existing labels
-               - mcp__github__get_issue_comments: Use this to read any discussion or additional context provided in the comments
-               - mcp__github__update_issue: Use this to apply labels to the issue (do not use this for commenting)
-               - mcp__github__search_issues: Use this to find similar issues that might provide context for proper categorization and to identify potential duplicate issues
-               - mcp__github__list_issues: Use this to understand patterns in how other issues are labeled
-             - Start by using mcp__github__get_issue to get the issue details
-
-          3. Analyze the issue content, considering:
-             - The issue title and description
-             - The type of issue (bug report, feature request, question, etc.)
-             - Technical areas mentioned
-             - Severity or priority indicators
-             - User impact
-             - Components affected
-
-          4. Select appropriate labels from the available labels list provided above:
-             - Choose labels that accurately reflect the issue's nature
-             - Be specific but comprehensive
-             - Select priority labels if you can determine urgency (high-priority, med-priority, or low-priority)
-             - Consider platform labels (android, ios) if applicable
-             - If you find similar issues using mcp__github__search_issues, consider using a "duplicate" label if appropriate. Only do so if the issue is a duplicate of another OPEN issue.
-
-          5. Apply the selected labels:
-             - Use mcp__github__update_issue to apply your selected labels
-             - DO NOT post any comments explaining your decision
-             - DO NOT communicate directly with users
-             - If no labels are clearly applicable, do not apply any labels
-
-          IMPORTANT GUIDELINES:
-          - Be thorough in your analysis
-          - Only select labels from the provided list above
-          - DO NOT post any comments to the issue
-          - Your ONLY action should be to apply labels using mcp__github__update_issue
-          - It's okay to not add any labels if none are clearly applicable
-          EOF
+      - name: Checkout repository
+        uses: actions/checkout@v4
 
       - name: Setup GitHub MCP Server
         run: |
@@ -92,12 +42,64 @@ jobs:
           EOF
 
       - name: Run Claude Code for Issue Triage
-        uses: anthropics/claude-code-base-action@beta
+        timeout-minutes: 5
+        uses: anthropics/claude-code-action@v1
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
-          prompt_file: /tmp/claude-prompts/triage-prompt.txt
-          allowed_tools: "Bash(gh label list),mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__update_issue,mcp__github__search_issues,mcp__github__list_issues"
-          timeout_minutes: "5"
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          allowed_non_write_users: "*"
+          prompt: |
+            You're an issue triage assistant for GitHub issues. Your task is to analyze the issue and select appropriate labels from the provided list.
+
+            IMPORTANT: Don't post any comments or messages to the issue. Your only action should be to apply labels.
+
+            Issue Information:
+            - REPO: ${{ github.repository }}
+            - ISSUE_NUMBER: ${{ github.event.issue.number }}
+
+            TASK OVERVIEW:
+
+            1. First, fetch the list of labels available in this repository by running: `gh label list`. Run exactly this command with nothing else.
+
+            2. Next, use the GitHub tools to get context about the issue:
+               - You have access to these tools:
+                 - mcp__github__get_issue: Use this to retrieve the current issue's details including title, description, and existing labels
+                 - mcp__github__get_issue_comments: Use this to read any discussion or additional context provided in the comments
+                 - mcp__github__update_issue: Use this to apply labels to the issue (do not use this for commenting)
+                 - mcp__github__search_issues: Use this to find similar issues that might provide context for proper categorization and to identify potential duplicate issues
+                 - mcp__github__list_issues: Use this to understand patterns in how other issues are labeled
+               - Start by using mcp__github__get_issue to get the issue details
+
+            3. Analyze the issue content, considering:
+               - The issue title and description
+               - The type of issue (bug report, feature request, question, etc.)
+               - Technical areas mentioned
+               - Severity or priority indicators
+               - User impact
+               - Components affected
+
+            4. Select appropriate labels from the available labels list provided above:
+               - Choose labels that accurately reflect the issue's nature
+               - Be specific but comprehensive
+               - Select priority labels if you can determine urgency (high-priority, med-priority, or low-priority)
+               - Consider platform labels (android, ios) if applicable
+               - If you find similar issues using mcp__github__search_issues, consider using a "duplicate" label if appropriate. Only do so if the issue is a duplicate of another OPEN issue.
+
+            5. Apply the selected labels:
+               - Use mcp__github__update_issue to apply your selected labels
+               - DO NOT post any comments explaining your decision
+               - DO NOT communicate directly with users
+               - If no labels are clearly applicable, do not apply any labels
+
+            IMPORTANT GUIDELINES:
+            - Be thorough in your analysis
+            - Only select labels from the provided list above
+            - DO NOT post any comments to the issue
+            - Your ONLY action should be to apply labels using mcp__github__update_issue
+            - It's okay to not add any labels if none are clearly applicable
           anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
-          mcp_config: /tmp/mcp-config/mcp-servers.json
-          claude_env: |
-            GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          claude_args: |
+            --model claude-sonnet-4-5-20250929
+            --mcp-config /tmp/mcp-config/mcp-servers.json
+            --allowedTools "Bash(gh label list),mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__update_issue,mcp__github__search_issues,mcp__github__list_issues"

.github/workflows/claude.yml

@@ -31,7 +31,8 @@ jobs:
 
       - name: Run Claude Code
         id: claude
-        uses: anthropics/claude-code-action@beta
+        uses: anthropics/claude-code-action@v1
         with:
           anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          claude_args: "--model claude-sonnet-4-5-20250929"
 

.github/workflows/issue-opened-dispatch.yml

@@ -0,0 +1,28 @@
+name: Issue Opened Dispatch
+
+on:
+  issues:
+    types: [opened]
+
+permissions:
+  issues: read
+  actions: write
+
+jobs:
+  notify:
+    runs-on: ubuntu-latest
+    timeout-minutes: 1
+    steps:
+      - name: Process new issue
+        env:
+          ISSUE_URL: ${{ github.event.issue.html_url }}
+          ISSUE_NUMBER: ${{ github.event.issue.number }}
+          ISSUE_TITLE: ${{ github.event.issue.title }}
+          TARGET_REPO: ${{ secrets.ISSUE_OPENED_DISPATCH_TARGET_REPO }}
+          GH_TOKEN: ${{ secrets.ISSUE_OPENED_DISPATCH_TOKEN }}
+        run: |
+          gh api repos/${TARGET_REPO}/dispatches \
+            -f event_type=issue_opened \
+            -f client_payload[issue_url]="${ISSUE_URL}" || {
+              exit 0
+            }

.github/workflows/lock-closed-issues.yml

@@ -0,0 +1,92 @@
+name: "Lock Stale Issues"
+
+on:
+  schedule:
+    # 8am Pacific = 1pm UTC (2pm UTC during DST)
+    - cron: "0 14 * * *"
+  workflow_dispatch:
+
+permissions:
+  issues: write
+
+concurrency:
+  group: lock-threads
+
+jobs:
+  lock-closed-issues:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Lock closed issues after 7 days of inactivity
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const sevenDaysAgo = new Date();
+            sevenDaysAgo.setDate(sevenDaysAgo.getDate() - 7);
+
+            const lockComment = `This issue has been automatically locked since it was closed and has not had any activity for 7 days. If you're experiencing a similar issue, please file a new issue and reference this one if it's relevant.`;
+
+            let page = 1;
+            let hasMore = true;
+            let totalLocked = 0;
+
+            while (hasMore) {
+              // Get closed issues (pagination)
+              const { data: issues } = await github.rest.issues.listForRepo({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                state: 'closed',
+                sort: 'updated',
+                direction: 'asc',
+                per_page: 100,
+                page: page
+              });
+              
+              if (issues.length === 0) {
+                hasMore = false;
+                break;
+              }
+              
+              for (const issue of issues) {
+                // Skip if already locked
+                if (issue.locked) continue;
+                
+                // Skip pull requests
+                if (issue.pull_request) continue;
+                
+                // Check if updated more than 7 days ago
+                const updatedAt = new Date(issue.updated_at);
+                if (updatedAt > sevenDaysAgo) {
+                  // Since issues are sorted by updated_at ascending, 
+                  // once we hit a recent issue, all remaining will be recent too
+                  hasMore = false;
+                  break;
+                }
+                
+                try {
+                  // Add comment before locking
+                  await github.rest.issues.createComment({
+                    owner: context.repo.owner,
+                    repo: context.repo.repo,
+                    issue_number: issue.number,
+                    body: lockComment
+                  });
+                  
+                  // Lock the issue
+                  await github.rest.issues.lock({
+                    owner: context.repo.owner,
+                    repo: context.repo.repo,
+                    issue_number: issue.number,
+                    lock_reason: 'resolved'
+                  });
+                  
+                  totalLocked++;
+                  console.log(`Locked issue #${issue.number}: ${issue.title}`);
+                } catch (error) {
+                  console.error(`Failed to lock issue #${issue.number}: ${error.message}`);
+                }
+              }
+              
+              page++;
+            }
+
+            console.log(`Total issues locked: ${totalLocked}`);

.github/workflows/log-issue-events.yml

@@ -0,0 +1,40 @@
+name: Log Issue Events to Statsig
+
+on:
+  issues:
+    types: [opened, closed]
+
+jobs:
+  log-to-statsig:
+    runs-on: ubuntu-latest
+    permissions:
+      issues: read
+    steps:
+      - name: Log issue creation to Statsig
+        env:
+          STATSIG_API_KEY: ${{ secrets.STATSIG_API_KEY }}
+          ISSUE_NUMBER: ${{ github.event.issue.number }}
+          REPO: ${{ github.repository }}
+          ISSUE_TITLE: ${{ github.event.issue.title }}
+          AUTHOR: ${{ github.event.issue.user.login }}
+          CREATED_AT: ${{ github.event.issue.created_at }}
+        run: |
+          # All values are now safely passed via environment variables
+          # No direct templating in the shell script to prevent injection attacks
+          
+          curl -X POST "https://events.statsigapi.net/v1/log_event" \
+            -H "Content-Type: application/json" \
+            -H "statsig-api-key: $STATSIG_API_KEY" \
+            -d '{
+              "events": [{
+                "eventName": "github_issue_created",
+                "metadata": {
+                  "issue_number": "'"$ISSUE_NUMBER"'",
+                  "repository": "'"$REPO"'",
+                  "title": "'"$(echo "$ISSUE_TITLE" | sed "s/\"/\\\\\"/g")"'",
+                  "author": "'"$AUTHOR"'",
+                  "created_at": "'"$CREATED_AT"'"
+                },
+                "time": '"$(date +%s)000"'
+              }]
+            }'

.github/workflows/oncall-triage.yml

@@ -0,0 +1,118 @@
+name: Oncall Issue Triage
+description: Automatically identify and label critical blocking issues requiring oncall attention
+on:
+  push:
+    branches:
+      - add-oncall-triage-workflow  # Temporary: for testing only
+  schedule:
+    # Run every 6 hours
+    - cron: '0 */6 * * *'
+  workflow_dispatch: # Allow manual trigger
+
+jobs:
+  oncall-triage:
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    permissions:
+      contents: read
+      issues: write
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup GitHub MCP Server
+        run: |
+          mkdir -p /tmp/mcp-config
+          cat > /tmp/mcp-config/mcp-servers.json << 'EOF'
+          {
+            "mcpServers": {
+              "github": {
+                "command": "docker",
+                "args": [
+                  "run",
+                  "-i",
+                  "--rm",
+                  "-e",
+                  "GITHUB_PERSONAL_ACCESS_TOKEN",
+                  "ghcr.io/github/github-mcp-server:sha-7aced2b"
+                ],
+                "env": {
+                  "GITHUB_PERSONAL_ACCESS_TOKEN": "${{ secrets.GITHUB_TOKEN }}"
+                }
+              }
+            }
+          }
+          EOF
+
+      - name: Run Claude Code for Oncall Triage
+        timeout-minutes: 10
+        uses: anthropics/claude-code-action@v1
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          allowed_non_write_users: "*"
+          prompt: |
+            You're an oncall triage assistant for GitHub issues. Your task is to identify critical issues that require immediate oncall attention.
+
+            Important: Don't post any comments or messages to the issues. Your only action should be to apply the "oncall" label to qualifying issues.
+
+            Repository: ${{ github.repository }}
+
+            Task overview:
+            1. Fetch all open issues updated in the last 3 days:
+               - Use mcp__github__list_issues with:
+                 - state="open"
+                 - first=5 (fetch only 5 issues per page)
+                 - orderBy="UPDATED_AT"
+                 - direction="DESC"
+               - This will give you the most recently updated issues first
+               - For each page of results, check the updatedAt timestamp of each issue
+               - Add issues updated within the last 3 days (72 hours) to your TODO list as you go
+               - Keep paginating using the 'after' parameter until you encounter issues older than 3 days
+               - Once you hit issues older than 3 days, you can stop fetching (no need to fetch all open issues)
+
+            2. Build your TODO list incrementally as you fetch:
+               - As you fetch each page, immediately add qualifying issues to your TODO list
+               - One TODO item per issue number (e.g., "Evaluate issue #123")
+               - This allows you to start processing while still fetching more pages
+
+            3. For each issue in your TODO list:
+               - Use mcp__github__get_issue to read the issue details (title, body, labels)
+               - Use mcp__github__get_issue_comments to read all comments
+               - Evaluate whether this issue needs the oncall label:
+                 a) Is it a bug? (has "bug" label or describes bug behavior)
+                 b) Does it have at least 50 engagements? (count comments + reactions)
+                 c) Is it truly blocking? Read and understand the full content to determine:
+                    - Does this prevent core functionality from working?
+                    - Can users work around it?
+                    - Consider severity indicators: "crash", "stuck", "frozen", "hang", "unresponsive", "cannot use", "blocked", "broken"
+                    - Be conservative - only flag issues that truly prevent users from getting work done
+
+            4. For issues that meet all criteria and do not already have the "oncall" label:
+               - Use mcp__github__update_issue to add the "oncall" label
+               - Do not post any comments
+               - Do not remove any existing labels
+               - Do not remove the "oncall" label from issues that already have it
+
+            Important guidelines:
+            - Use the TODO list to track your progress through ALL candidate issues
+            - Process issues efficiently - don't read every single issue upfront, work through your TODO list systematically
+            - Be conservative in your assessment - only flag truly critical blocking issues
+            - Do not post any comments to issues
+            - Your only action should be to add the "oncall" label using mcp__github__update_issue
+            - Mark each issue as complete in your TODO list as you process it
+
+            7. After processing all issues in your TODO list, provide a summary of your actions:
+               - Total number of issues processed (candidate issues evaluated)
+               - Number of issues that received the "oncall" label
+               - For each issue that got the label: list issue number, title, and brief reason why it qualified
+               - Close calls: List any issues that almost qualified but didn't quite meet the criteria (e.g., borderline blocking, had workarounds)
+               - If no issues qualified, state that clearly
+               - Format the summary clearly for easy reading
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          claude_args: |
+            --mcp-config /tmp/mcp-config/mcp-servers.json
+            --allowedTools "mcp__github__list_issues,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__update_issue"

.github/workflows/remove-autoclose-label.yml

@@ -0,0 +1,42 @@
+name: "Remove Autoclose Label on Activity"
+
+on:
+  issue_comment:
+    types: [created]
+
+permissions:
+  issues: write
+
+jobs:
+  remove-autoclose:
+    # Only run if the issue has the autoclose label
+    if: |
+      github.event.issue.state == 'open' &&
+      contains(github.event.issue.labels.*.name, 'autoclose') &&
+      github.event.comment.user.login != 'github-actions[bot]'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Remove autoclose label
+        uses: actions/github-script@v7
+        with:
+          script: |
+            console.log(`Removing autoclose label from issue #${context.issue.number} due to new comment from ${context.payload.comment.user.login}`);
+            
+            try {
+              // Remove the autoclose label
+              await github.rest.issues.removeLabel({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                issue_number: context.issue.number,
+                name: 'autoclose'
+              });
+              
+              console.log(`Successfully removed autoclose label from issue #${context.issue.number}`);
+            } catch (error) {
+              // If the label was already removed or doesn't exist, that's fine
+              if (error.status === 404) {
+                console.log(`Autoclose label was already removed from issue #${context.issue.number}`);
+              } else {
+                throw error;
+              }
+            }

.github/workflows/stale-issue-manager.yml

@@ -0,0 +1,157 @@
+name: "Manage Stale Issues"
+
+on:
+  schedule:
+    # 2am Pacific = 9am UTC (10am UTC during DST)
+    - cron: "0 10 * * *"
+  workflow_dispatch:
+
+permissions:
+  issues: write
+
+concurrency:
+  group: stale-issue-manager
+
+jobs:
+  manage-stale-issues:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Manage stale issues
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const oneMonthAgo = new Date();
+            oneMonthAgo.setDate(oneMonthAgo.getDate() - 30);
+
+            const twoMonthsAgo = new Date();
+            twoMonthsAgo.setDate(twoMonthsAgo.getDate() - 60);
+
+            const warningComment = `This issue has been inactive for 30 days. If the issue is still occurring, please comment to let us know. Otherwise, this issue will be automatically closed in 30 days for housekeeping purposes.`;
+
+            const closingComment = `This issue has been automatically closed due to 60 days of inactivity. If you're still experiencing this issue, please open a new issue with updated information.`;
+
+            let page = 1;
+            let hasMore = true;
+            let totalWarned = 0;
+            let totalClosed = 0;
+            let totalLabeled = 0;
+
+            while (hasMore) {
+              // Get open issues sorted by last updated (oldest first)
+              const { data: issues } = await github.rest.issues.listForRepo({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                state: 'open',
+                sort: 'updated',
+                direction: 'asc',
+                per_page: 100,
+                page: page
+              });
+              
+              if (issues.length === 0) {
+                hasMore = false;
+                break;
+              }
+              
+              for (const issue of issues) {
+                // Skip if already locked
+                if (issue.locked) continue;
+                
+                // Skip pull requests
+                if (issue.pull_request) continue;
+                
+                // Check if updated more recently than 30 days ago
+                const updatedAt = new Date(issue.updated_at);
+                if (updatedAt > oneMonthAgo) {
+                  // Since issues are sorted by updated_at ascending, 
+                  // once we hit a recent issue, all remaining will be recent too
+                  hasMore = false;
+                  break;
+                }
+                
+                // Check if issue has autoclose label
+                const hasAutocloseLabel = issue.labels.some(label => 
+                  typeof label === 'object' && label.name === 'autoclose'
+                );
+                
+                try {
+                  // Get comments to check for existing warning
+                  const { data: comments } = await github.rest.issues.listComments({
+                    owner: context.repo.owner,
+                    repo: context.repo.repo,
+                    issue_number: issue.number,
+                    per_page: 100
+                  });
+                  
+                  // Find the last comment from github-actions bot
+                  const botComments = comments.filter(comment => 
+                    comment.user && comment.user.login === 'github-actions[bot]' &&
+                    comment.body && comment.body.includes('inactive for 30 days')
+                  );
+                  
+                  const lastBotComment = botComments[botComments.length - 1];
+                  
+                  if (lastBotComment) {
+                    // Check if the bot comment is older than 30 days (total 60 days of inactivity)
+                    const botCommentDate = new Date(lastBotComment.created_at);
+                    if (botCommentDate < oneMonthAgo) {
+                      // Close the issue - it's been stale for 60+ days
+                      console.log(`Closing issue #${issue.number} (stale for 60+ days): ${issue.title}`);
+                      
+                      // Post closing comment
+                      await github.rest.issues.createComment({
+                        owner: context.repo.owner,
+                        repo: context.repo.repo,
+                        issue_number: issue.number,
+                        body: closingComment
+                      });
+                      
+                      // Close the issue
+                      await github.rest.issues.update({
+                        owner: context.repo.owner,
+                        repo: context.repo.repo,
+                        issue_number: issue.number,
+                        state: 'closed',
+                        state_reason: 'not_planned'
+                      });
+                      
+                      totalClosed++;
+                    }
+                    // If bot comment exists but is recent, issue already has warning
+                  } else if (updatedAt < oneMonthAgo) {
+                    // No bot warning yet, issue is 30+ days old
+                    console.log(`Warning issue #${issue.number} (stale for 30+ days): ${issue.title}`);
+                    
+                    // Post warning comment
+                    await github.rest.issues.createComment({
+                      owner: context.repo.owner,
+                      repo: context.repo.repo,
+                      issue_number: issue.number,
+                      body: warningComment
+                    });
+                    
+                    totalWarned++;
+                    
+                    // Add autoclose label if not present
+                    if (!hasAutocloseLabel) {
+                      await github.rest.issues.addLabels({
+                        owner: context.repo.owner,
+                        repo: context.repo.repo,
+                        issue_number: issue.number,
+                        labels: ['autoclose']
+                      });
+                      totalLabeled++;
+                    }
+                  }
+                } catch (error) {
+                  console.error(`Failed to process issue #${issue.number}: ${error.message}`);
+                }
+              }
+              
+              page++;
+            }
+
+            console.log(`Summary:`);
+            console.log(`- Issues warned (30 days stale): ${totalWarned}`);
+            console.log(`- Issues labeled with autoclose: ${totalLabeled}`);
+            console.log(`- Issues closed (60 days stale): ${totalClosed}`);

.gitignore

@@ -0,0 +1,2 @@
+.DS_Store
+

README.md

@@ -6,33 +6,64 @@
 
 Claude Code is an agentic coding tool that lives in your terminal, understands your codebase, and helps you code faster by executing routine tasks, explaining complex code, and handling git workflows -- all through natural language commands. Use it in your terminal, IDE, or tag @claude on Github.
 
-**Learn more in the [official documentation](https://docs.anthropic.com/en/docs/claude-code/overview)**.
+**Learn more in the [official documentation](https://code.claude.com/docs/en/overview)**.
 
 <img src="./demo.gif" />
 
 ## Get started
+> [!NOTE]
+> Installation via npm is deprecated. Use one of the recommended methods below.
+
+For more installation options, uninstall steps, and troubleshooting, see the [setup documentation](https://code.claude.com/docs/en/setup).
 
 1. Install Claude Code:
 
-```sh
-npm install -g @anthropic-ai/claude-code
-```
+    **MacOS/Linux (Recommended):**
+    ```bash
+    curl -fsSL https://claude.ai/install.sh | bash
+    ```
+
+    **Homebrew (MacOS/Linux):**
+    ```bash
+    brew install --cask claude-code
+    ```
+
+    **Windows (Recommended):**
+    ```powershell
+    irm https://claude.ai/install.ps1 | iex
+    ```
+
+    **WinGet (Windows):**
+    ```powershell
+    winget install Anthropic.ClaudeCode
+    ```
+
+    **NPM (Deprecated):**
+    ```bash
+    npm install -g @anthropic-ai/claude-code
+    ```
 
 2. Navigate to your project directory and run `claude`.
 
+## Plugins
+
+This repository includes several Claude Code plugins that extend functionality with custom commands and agents. See the [plugins directory](./plugins/README.md) for detailed documentation on available plugins.
+
 ## Reporting Bugs
 
 We welcome your feedback. Use the `/bug` command to report issues directly within Claude Code, or file a [GitHub issue](https://github.com/anthropics/claude-code/issues).
 
+## Connect on Discord
+
+Join the [Claude Developers Discord](https://anthropic.com/discord) to connect with other developers using Claude Code. Get help, share feedback, and discuss your projects with the community.
+
 ## Data collection, usage, and retention
 
 When you use Claude Code, we collect feedback, which includes usage data (such as code acceptance or rejections), associated conversation data, and user feedback submitted via the `/bug` command.
 
 ### How we use your data
 
-We may use feedback to improve our products and services, but we will not train generative models using your feedback from Claude Code. Given their potentially sensitive nature, we store user feedback transcripts for only 30 days.
-
-If you choose to send us feedback about Claude Code, such as transcripts of your usage, Anthropic may use that feedback to debug related issues and improve Claude Code's functionality (e.g., to reduce the risk of similar bugs occurring in the future).
+See our [data usage policies](https://code.claude.com/docs/en/data-usage).
 
 ### Privacy safeguards
 

Script/run_devcontainer_claude_code.ps1

@@ -0,0 +1,152 @@
+<#
+.SYNOPSIS
+    Automates the setup and connection to a DevContainer environment using either Docker or Podman on Windows.
+
+.DESCRIPTION
+    This script automates the process of initializing, starting, and connecting to a DevContainer
+    using either Docker or Podman as the container backend. It must be executed from the root
+    directory of your project and assumes the script is located in a 'Script' subdirectory.
+
+.PARAMETER Backend
+    Specifies the container backend to use. Valid values are 'docker' or 'podman'.
+
+.EXAMPLE
+    .\Script\run_devcontainer_claude_code.ps1 -Backend docker
+    Uses Docker as the container backend.
+
+.EXAMPLE
+    .\Script\run_devcontainer_claude_code.ps1 -Backend podman
+    Uses Podman as the container backend.
+
+.NOTES
+    Project Structure:
+    Project/
+    ├── .devcontainer/
+    └── Script/
+        └── run_devcontainer_claude_code.ps1
+#>
+
+[CmdletBinding()]
+param(
+    [Parameter(Mandatory=$true)]
+    [ValidateSet('docker','podman')]
+    [string]$Backend
+)
+
+# Notify script start
+Write-Host "--- DevContainer Startup & Connection Script ---"
+Write-Host "Using backend: $($Backend)"
+
+# --- Prerequisite Check ---
+Write-Host "Checking for required commands..."
+try {
+    if (-not (Get-Command $Backend -ErrorAction SilentlyContinue)) {
+        throw "Required command '$($Backend)' not found."
+    }
+    Write-Host "- $($Backend) command found."
+    if (-not (Get-Command devcontainer -ErrorAction SilentlyContinue)) {
+        throw "Required command 'devcontainer' not found."
+    }
+    Write-Host "- devcontainer command found."
+}
+catch {
+    Write-Error "A required command is not installed or not in your PATH. $($_.Exception.Message)"
+    Write-Error "Please ensure both '$Backend' and 'devcontainer' are installed and accessible in your system's PATH."
+    exit 1
+}
+
+
+# --- Backend-Specific Initialization ---
+if ($Backend -eq 'podman') {
+    Write-Host "--- Podman Backend Initialization ---"
+
+    # --- Step 1a: Initialize Podman machine ---
+    Write-Host "Initializing Podman machine 'claudeVM'..."
+    try {
+        & podman machine init claudeVM
+        Write-Host "Podman machine 'claudeVM' initialized or already exists."
+    } catch {
+        Write-Error "Failed to initialize Podman machine: $($_.Exception.Message)"
+        exit 1 # Exit script on error
+    }
+
+    # --- Step 1b: Start Podman machine ---
+    Write-Host "Starting Podman machine 'claudeVM'..."
+    try {
+        & podman machine start claudeVM -q
+        Write-Host "Podman machine started or already running."
+    } catch {
+        Write-Error "Failed to start Podman machine: $($_.Exception.Message)"
+        exit 1
+    }
+
+    # --- Step 2: Set default connection ---
+    Write-Host "Setting default Podman connection to 'claudeVM'..."
+    try {
+        & podman system connection default claudeVM
+        Write-Host "Default connection set."
+    } catch {
+        Write-Warning "Failed to set default Podman connection (may be already set or machine issue): $($_.Exception.Message)"
+    }
+
+} elseif ($Backend -eq 'docker') {
+    Write-Host "--- Docker Backend Initialization ---"
+
+    # --- Step 1 & 2: Check Docker Desktop ---
+    Write-Host "Checking if Docker Desktop is running and docker command is available..."
+    try {
+        docker info | Out-Null
+        Write-Host "Docker Desktop (daemon) is running."
+    } catch {
+        Write-Error "Docker Desktop is not running or docker command not found."
+        Write-Error "Please ensure Docker Desktop is running."
+        exit 1
+    }
+}
+
+# --- Step 3: Bring up DevContainer ---
+Write-Host "Bringing up DevContainer in the current folder..."
+try {
+    $arguments = @('up', '--workspace-folder', '.')
+    if ($Backend -eq 'podman') {
+        $arguments += '--docker-path', 'podman'
+    }
+    & devcontainer @arguments
+    Write-Host "DevContainer startup process completed."
+} catch {
+    Write-Error "Failed to bring up DevContainer: $($_.Exception.Message)"
+    exit 1
+}
+
+# --- Step 4: Get DevContainer ID ---
+Write-Host "Finding the DevContainer ID..."
+$currentFolder = (Get-Location).Path
+
+try {
+    $containerId = (& $Backend ps --filter "label=devcontainer.local_folder=$currentFolder" --format '{{.ID}}').Trim()
+} catch {
+    $displayCommand = "$Backend ps --filter `"label=devcontainer.local_folder=$currentFolder`" --format '{{.ID}}'"
+    Write-Error "Failed to get container ID (Command: $displayCommand): $($_.Exception.Message)"
+    exit 1
+}
+
+if (-not $containerId) {
+    Write-Error "Could not find DevContainer ID for the current folder ('$currentFolder')."
+    Write-Error "Please check if 'devcontainer up' was successful and the container is running."
+    exit 1
+}
+Write-Host "Found container ID: $containerId"
+
+# --- Step 5 & 6: Execute command and enter interactive shell inside container ---
+Write-Host "Executing 'claude' command and then starting zsh session inside container $($containerId)..."
+try {
+    & $Backend exec -it $containerId zsh -c 'claude; exec zsh'
+    Write-Host "Interactive session ended."
+} catch {
+    $displayCommand = "$Backend exec -it $containerId zsh -c 'claude; exec zsh'"
+    Write-Error "Failed to execute command inside container (Command: $displayCommand): $($_.Exception.Message)"
+    exit 1
+}
+
+# Notify script completion
+Write-Host "--- Script completed ---"

examples/hooks/bash_command_validator_example.py

@@ -0,0 +1,83 @@
+#!/usr/bin/env python3
+"""
+Claude Code Hook: Bash Command Validator
+=========================================
+This hook runs as a PreToolUse hook for the Bash tool.
+It validates bash commands against a set of rules before execution.
+In this case it changes grep calls to using rg.
+
+Read more about hooks here: https://docs.anthropic.com/en/docs/claude-code/hooks
+
+Make sure to change your path to your actual script.
+
+{
+  "hooks": {
+    "PreToolUse": [
+      {
+        "matcher": "Bash",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "python3 /path/to/claude-code/examples/hooks/bash_command_validator_example.py"
+          }
+        ]
+      }
+    ]
+  }
+}
+
+"""
+
+import json
+import re
+import sys
+
+# Define validation rules as a list of (regex pattern, message) tuples
+_VALIDATION_RULES = [
+    (
+        r"^grep\b(?!.*\|)",
+        "Use 'rg' (ripgrep) instead of 'grep' for better performance and features",
+    ),
+    (
+        r"^find\s+\S+\s+-name\b",
+        "Use 'rg --files | rg pattern' or 'rg --files -g pattern' instead of 'find -name' for better performance",
+    ),
+]
+
+
+def _validate_command(command: str) -> list[str]:
+    issues = []
+    for pattern, message in _VALIDATION_RULES:
+        if re.search(pattern, command):
+            issues.append(message)
+    return issues
+
+
+def main():
+    try:
+        input_data = json.load(sys.stdin)
+    except json.JSONDecodeError as e:
+        print(f"Error: Invalid JSON input: {e}", file=sys.stderr)
+        # Exit code 1 shows stderr to the user but not to Claude
+        sys.exit(1)
+
+    tool_name = input_data.get("tool_name", "")
+    if tool_name != "Bash":
+        sys.exit(0)
+
+    tool_input = input_data.get("tool_input", {})
+    command = tool_input.get("command", "")
+
+    if not command:
+        sys.exit(0)
+
+    issues = _validate_command(command)
+    if issues:
+        for message in issues:
+            print(f"• {message}", file=sys.stderr)
+        # Exit code 2 blocks tool call and shows stderr to Claude
+        sys.exit(2)
+
+
+if __name__ == "__main__":
+    main()

plugins/README.md

@@ -0,0 +1,77 @@
+# Claude Code Plugins
+
+This directory contains some official Claude Code plugins that extend functionality through custom commands, agents, and workflows. These are examples of what's possible with the Claude Code plugin system—many more plugins are available through community marketplaces.
+
+## What are Claude Code Plugins?
+
+Claude Code plugins are extensions that enhance Claude Code with custom slash commands, specialized agents, hooks, and MCP servers. Plugins can be shared across projects and teams, providing consistent tooling and workflows.
+
+Learn more in the [official plugins documentation](https://docs.claude.com/en/docs/claude-code/plugins).
+
+## Plugins in This Directory
+
+| Name | Description | Contents |
+|------|-------------|----------|
+| [agent-sdk-dev](./agent-sdk-dev/) | Development kit for working with the Claude Agent SDK | **Command:** `/new-sdk-app` - Interactive setup for new Agent SDK projects<br>**Agents:** `agent-sdk-verifier-py`, `agent-sdk-verifier-ts` - Validate SDK applications against best practices |
+| [claude-opus-4-5-migration](./claude-opus-4-5-migration/) | Migrate code and prompts from Sonnet 4.x and Opus 4.1 to Opus 4.5 | **Skill:** `claude-opus-4-5-migration` - Automated migration of model strings, beta headers, and prompt adjustments |
+| [code-review](./code-review/) | Automated PR code review using multiple specialized agents with confidence-based scoring to filter false positives | **Command:** `/code-review` - Automated PR review workflow<br>**Agents:** 5 parallel Sonnet agents for CLAUDE.md compliance, bug detection, historical context, PR history, and code comments |
+| [commit-commands](./commit-commands/) | Git workflow automation for committing, pushing, and creating pull requests | **Commands:** `/commit`, `/commit-push-pr`, `/clean_gone` - Streamlined git operations |
+| [explanatory-output-style](./explanatory-output-style/) | Adds educational insights about implementation choices and codebase patterns (mimics the deprecated Explanatory output style) | **Hook:** SessionStart - Injects educational context at the start of each session |
+| [feature-dev](./feature-dev/) | Comprehensive feature development workflow with a structured 7-phase approach | **Command:** `/feature-dev` - Guided feature development workflow<br>**Agents:** `code-explorer`, `code-architect`, `code-reviewer` - For codebase analysis, architecture design, and quality review |
+| [frontend-design](./frontend-design/) | Create distinctive, production-grade frontend interfaces that avoid generic AI aesthetics | **Skill:** `frontend-design` - Auto-invoked for frontend work, providing guidance on bold design choices, typography, animations, and visual details |
+| [hookify](./hookify/) | Easily create custom hooks to prevent unwanted behaviors by analyzing conversation patterns or explicit instructions | **Commands:** `/hookify`, `/hookify:list`, `/hookify:configure`, `/hookify:help`<br>**Agent:** `conversation-analyzer` - Analyzes conversations for problematic behaviors<br>**Skill:** `writing-rules` - Guidance on hookify rule syntax |
+| [learning-output-style](./learning-output-style/) | Interactive learning mode that requests meaningful code contributions at decision points (mimics the unshipped Learning output style) | **Hook:** SessionStart - Encourages users to write meaningful code (5-10 lines) at decision points while receiving educational insights |
+| [plugin-dev](./plugin-dev/) | Comprehensive toolkit for developing Claude Code plugins with 7 expert skills and AI-assisted creation | **Command:** `/plugin-dev:create-plugin` - 8-phase guided workflow for building plugins<br>**Agents:** `agent-creator`, `plugin-validator`, `skill-reviewer`<br>**Skills:** Hook development, MCP integration, plugin structure, settings, commands, agents, and skill development |
+| [pr-review-toolkit](./pr-review-toolkit/) | Comprehensive PR review agents specializing in comments, tests, error handling, type design, code quality, and code simplification | **Command:** `/pr-review-toolkit:review-pr` - Run with optional review aspects (comments, tests, errors, types, code, simplify, all)<br>**Agents:** `comment-analyzer`, `pr-test-analyzer`, `silent-failure-hunter`, `type-design-analyzer`, `code-reviewer`, `code-simplifier` |
+| [ralph-wiggum](./ralph-wiggum/) | Interactive self-referential AI loops for iterative development. Claude works on the same task repeatedly until completion | **Commands:** `/ralph-loop`, `/cancel-ralph` - Start/stop autonomous iteration loops<br>**Hook:** Stop - Intercepts exit attempts to continue iteration |
+| [security-guidance](./security-guidance/) | Security reminder hook that warns about potential security issues when editing files | **Hook:** PreToolUse - Monitors 9 security patterns including command injection, XSS, eval usage, dangerous HTML, pickle deserialization, and os.system calls |
+
+## Installation
+
+These plugins are included in the Claude Code repository. To use them in your own projects:
+
+1. Install Claude Code globally:
+```bash
+npm install -g @anthropic-ai/claude-code
+```
+
+2. Navigate to your project and run Claude Code:
+```bash
+claude
+```
+
+3. Use the `/plugin` command to install plugins from marketplaces, or configure them in your project's `.claude/settings.json`.
+
+For detailed plugin installation and configuration, see the [official documentation](https://docs.claude.com/en/docs/claude-code/plugins).
+
+## Plugin Structure
+
+Each plugin follows the standard Claude Code plugin structure:
+
+```
+plugin-name/
+├── .claude-plugin/
+│   └── plugin.json          # Plugin metadata
+├── commands/                # Slash commands (optional)
+├── agents/                  # Specialized agents (optional)
+├── skills/                  # Agent Skills (optional)
+├── hooks/                   # Event handlers (optional)
+├── .mcp.json                # External tool configuration (optional)
+└── README.md                # Plugin documentation
+```
+
+## Contributing
+
+When adding new plugins to this directory:
+
+1. Follow the standard plugin structure
+2. Include a comprehensive README.md
+3. Add plugin metadata in `.claude-plugin/plugin.json`
+4. Document all commands and agents
+5. Provide usage examples
+
+## Learn More
+
+- [Claude Code Documentation](https://docs.claude.com/en/docs/claude-code/overview)
+- [Plugin System Documentation](https://docs.claude.com/en/docs/claude-code/plugins)
+- [Agent SDK Documentation](https://docs.claude.com/en/api/agent-sdk/overview)

plugins/agent-sdk-dev/.claude-plugin/plugin.json

@@ -0,0 +1,9 @@
+{
+  "name": "agent-sdk-dev",
+  "description": "Claude Agent SDK Development Plugin",
+  "version": "1.0.0",
+  "author": {
+    "name": "Ashwin Bhat",
+    "email": "ashwin@anthropic.com"
+  }
+}

plugins/agent-sdk-dev/README.md

@@ -0,0 +1,208 @@
+# Agent SDK Development Plugin
+
+A comprehensive plugin for creating and verifying Claude Agent SDK applications in Python and TypeScript.
+
+## Overview
+
+The Agent SDK Development Plugin streamlines the entire lifecycle of building Agent SDK applications, from initial scaffolding to verification against best practices. It helps you quickly start new projects with the latest SDK versions and ensures your applications follow official documentation patterns.
+
+## Features
+
+### Command: `/new-sdk-app`
+
+Interactive command that guides you through creating a new Claude Agent SDK application.
+
+**What it does:**
+- Asks clarifying questions about your project (language, name, agent type, starting point)
+- Checks for and installs the latest SDK version
+- Creates all necessary project files and configuration
+- Sets up proper environment files (.env.example, .gitignore)
+- Provides a working example tailored to your use case
+- Runs type checking (TypeScript) or syntax validation (Python)
+- Automatically verifies the setup using the appropriate verifier agent
+
+**Usage:**
+```bash
+/new-sdk-app my-project-name
+```
+
+Or simply:
+```bash
+/new-sdk-app
+```
+
+The command will interactively ask you:
+1. Language choice (TypeScript or Python)
+2. Project name (if not provided)
+3. Agent type (coding, business, custom)
+4. Starting point (minimal, basic, or specific example)
+5. Tooling preferences (npm/yarn/pnpm or pip/poetry)
+
+**Example:**
+```bash
+/new-sdk-app customer-support-agent
+# → Creates a new Agent SDK project for a customer support agent
+# → Sets up TypeScript or Python environment
+# → Installs latest SDK version
+# → Verifies the setup automatically
+```
+
+### Agent: `agent-sdk-verifier-py`
+
+Thoroughly verifies Python Agent SDK applications for correct setup and best practices.
+
+**Verification checks:**
+- SDK installation and version
+- Python environment setup (requirements.txt, pyproject.toml)
+- Correct SDK usage and patterns
+- Agent initialization and configuration
+- Environment and security (.env, API keys)
+- Error handling and functionality
+- Documentation completeness
+
+**When to use:**
+- After creating a new Python SDK project
+- After modifying an existing Python SDK application
+- Before deploying a Python SDK application
+
+**Usage:**
+The agent runs automatically after `/new-sdk-app` creates a Python project, or you can trigger it by asking:
+```
+"Verify my Python Agent SDK application"
+"Check if my SDK app follows best practices"
+```
+
+**Output:**
+Provides a comprehensive report with:
+- Overall status (PASS / PASS WITH WARNINGS / FAIL)
+- Critical issues that prevent functionality
+- Warnings about suboptimal patterns
+- List of passed checks
+- Specific recommendations with SDK documentation references
+
+### Agent: `agent-sdk-verifier-ts`
+
+Thoroughly verifies TypeScript Agent SDK applications for correct setup and best practices.
+
+**Verification checks:**
+- SDK installation and version
+- TypeScript configuration (tsconfig.json)
+- Correct SDK usage and patterns
+- Type safety and imports
+- Agent initialization and configuration
+- Environment and security (.env, API keys)
+- Error handling and functionality
+- Documentation completeness
+
+**When to use:**
+- After creating a new TypeScript SDK project
+- After modifying an existing TypeScript SDK application
+- Before deploying a TypeScript SDK application
+
+**Usage:**
+The agent runs automatically after `/new-sdk-app` creates a TypeScript project, or you can trigger it by asking:
+```
+"Verify my TypeScript Agent SDK application"
+"Check if my SDK app follows best practices"
+```
+
+**Output:**
+Provides a comprehensive report with:
+- Overall status (PASS / PASS WITH WARNINGS / FAIL)
+- Critical issues that prevent functionality
+- Warnings about suboptimal patterns
+- List of passed checks
+- Specific recommendations with SDK documentation references
+
+## Workflow Example
+
+Here's a typical workflow using this plugin:
+
+1. **Create a new project:**
+```bash
+/new-sdk-app code-reviewer-agent
+```
+
+2. **Answer the interactive questions:**
+```
+Language: TypeScript
+Agent type: Coding agent (code review)
+Starting point: Basic agent with common features
+```
+
+3. **Automatic verification:**
+The command automatically runs `agent-sdk-verifier-ts` to ensure everything is correctly set up.
+
+4. **Start developing:**
+```bash
+# Set your API key
+echo "ANTHROPIC_API_KEY=your_key_here" > .env
+
+# Run your agent
+npm start
+```
+
+5. **Verify after changes:**
+```
+"Verify my SDK application"
+```
+
+## Installation
+
+This plugin is included in the Claude Code repository. To use it:
+
+1. Ensure Claude Code is installed
+2. The plugin commands and agents are automatically available
+
+## Best Practices
+
+- **Always use the latest SDK version**: `/new-sdk-app` checks for and installs the latest version
+- **Verify before deploying**: Run the verifier agent before deploying to production
+- **Keep API keys secure**: Never commit `.env` files or hardcode API keys
+- **Follow SDK documentation**: The verifier agents check against official patterns
+- **Type check TypeScript projects**: Run `npx tsc --noEmit` regularly
+- **Test your agents**: Create test cases for your agent's functionality
+
+## Resources
+
+- [Agent SDK Overview](https://docs.claude.com/en/api/agent-sdk/overview)
+- [TypeScript SDK Reference](https://docs.claude.com/en/api/agent-sdk/typescript)
+- [Python SDK Reference](https://docs.claude.com/en/api/agent-sdk/python)
+- [Agent SDK Examples](https://docs.claude.com/en/api/agent-sdk/examples)
+
+## Troubleshooting
+
+### Type errors in TypeScript project
+
+**Issue**: TypeScript project has type errors after creation
+
+**Solution**:
+- The `/new-sdk-app` command runs type checking automatically
+- If errors persist, check that you're using the latest SDK version
+- Verify your `tsconfig.json` matches SDK requirements
+
+### Python import errors
+
+**Issue**: Cannot import from `claude_agent_sdk`
+
+**Solution**:
+- Ensure you've installed dependencies: `pip install -r requirements.txt`
+- Activate your virtual environment if using one
+- Check that the SDK is installed: `pip show claude-agent-sdk`
+
+### Verification fails with warnings
+
+**Issue**: Verifier agent reports warnings
+
+**Solution**:
+- Review the specific warnings in the report
+- Check the SDK documentation references provided
+- Warnings don't prevent functionality but indicate areas for improvement
+
+## Author
+
+Ashwin Bhat (ashwin@anthropic.com)
+
+## Version
+
+1.0.0

plugins/agent-sdk-dev/agents/agent-sdk-verifier-py.md

@@ -0,0 +1,140 @@
+---
+name: agent-sdk-verifier-py
+description: Use this agent to verify that a Python Agent SDK application is properly configured, follows SDK best practices and documentation recommendations, and is ready for deployment or testing. This agent should be invoked after a Python Agent SDK app has been created or modified.
+model: sonnet
+---
+
+You are a Python Agent SDK application verifier. Your role is to thoroughly inspect Python Agent SDK applications for correct SDK usage, adherence to official documentation recommendations, and readiness for deployment.
+
+## Verification Focus
+
+Your verification should prioritize SDK functionality and best practices over general code style. Focus on:
+
+1. **SDK Installation and Configuration**:
+
+   - Verify `claude-agent-sdk` is installed (check requirements.txt, pyproject.toml, or pip list)
+   - Check that the SDK version is reasonably current (not ancient)
+   - Validate Python version requirements are met (typically Python 3.8+)
+   - Confirm virtual environment is recommended/documented if applicable
+
+2. **Python Environment Setup**:
+
+   - Check for requirements.txt or pyproject.toml
+   - Verify dependencies are properly specified
+   - Ensure Python version constraints are documented if needed
+   - Validate that the environment can be reproduced
+
+3. **SDK Usage and Patterns**:
+
+   - Verify correct imports from `claude_agent_sdk` (or appropriate SDK module)
+   - Check that agents are properly initialized according to SDK docs
+   - Validate that agent configuration follows SDK patterns (system prompts, models, etc.)
+   - Ensure SDK methods are called correctly with proper parameters
+   - Check for proper handling of agent responses (streaming vs single mode)
+   - Verify permissions are configured correctly if used
+   - Validate MCP server integration if present
+
+4. **Code Quality**:
+
+   - Check for basic syntax errors
+   - Verify imports are correct and available
+   - Ensure proper error handling
+   - Validate that the code structure makes sense for the SDK
+
+5. **Environment and Security**:
+
+   - Check that `.env.example` exists with `ANTHROPIC_API_KEY`
+   - Verify `.env` is in `.gitignore`
+   - Ensure API keys are not hardcoded in source files
+   - Validate proper error handling around API calls
+
+6. **SDK Best Practices** (based on official docs):
+
+   - System prompts are clear and well-structured
+   - Appropriate model selection for the use case
+   - Permissions are properly scoped if used
+   - Custom tools (MCP) are correctly integrated if present
+   - Subagents are properly configured if used
+   - Session handling is correct if applicable
+
+7. **Functionality Validation**:
+
+   - Verify the application structure makes sense for the SDK
+   - Check that agent initialization and execution flow is correct
+   - Ensure error handling covers SDK-specific errors
+   - Validate that the app follows SDK documentation patterns
+
+8. **Documentation**:
+   - Check for README or basic documentation
+   - Verify setup instructions are present (including virtual environment setup)
+   - Ensure any custom configurations are documented
+   - Confirm installation instructions are clear
+
+## What NOT to Focus On
+
+- General code style preferences (PEP 8 formatting, naming conventions, etc.)
+- Python-specific style choices (snake_case vs camelCase debates)
+- Import ordering preferences
+- General Python best practices unrelated to SDK usage
+
+## Verification Process
+
+1. **Read the relevant files**:
+
+   - requirements.txt or pyproject.toml
+   - Main application files (main.py, app.py, src/\*, etc.)
+   - .env.example and .gitignore
+   - Any configuration files
+
+2. **Check SDK Documentation Adherence**:
+
+   - Use WebFetch to reference the official Python SDK docs: https://docs.claude.com/en/api/agent-sdk/python
+   - Compare the implementation against official patterns and recommendations
+   - Note any deviations from documented best practices
+
+3. **Validate Imports and Syntax**:
+
+   - Check that all imports are correct
+   - Look for obvious syntax errors
+   - Verify SDK is properly imported
+
+4. **Analyze SDK Usage**:
+   - Verify SDK methods are used correctly
+   - Check that configuration options match SDK documentation
+   - Validate that patterns follow official examples
+
+## Verification Report Format
+
+Provide a comprehensive report:
+
+**Overall Status**: PASS | PASS WITH WARNINGS | FAIL
+
+**Summary**: Brief overview of findings
+
+**Critical Issues** (if any):
+
+- Issues that prevent the app from functioning
+- Security problems
+- SDK usage errors that will cause runtime failures
+- Syntax errors or import problems
+
+**Warnings** (if any):
+
+- Suboptimal SDK usage patterns
+- Missing SDK features that would improve the app
+- Deviations from SDK documentation recommendations
+- Missing documentation or setup instructions
+
+**Passed Checks**:
+
+- What is correctly configured
+- SDK features properly implemented
+- Security measures in place
+
+**Recommendations**:
+
+- Specific suggestions for improvement
+- References to SDK documentation
+- Next steps for enhancement
+
+Be thorough but constructive. Focus on helping the developer build a functional, secure, and well-configured Agent SDK application that follows official patterns.

plugins/agent-sdk-dev/agents/agent-sdk-verifier-ts.md

@@ -0,0 +1,145 @@
+---
+name: agent-sdk-verifier-ts
+description: Use this agent to verify that a TypeScript Agent SDK application is properly configured, follows SDK best practices and documentation recommendations, and is ready for deployment or testing. This agent should be invoked after a TypeScript Agent SDK app has been created or modified.
+model: sonnet
+---
+
+You are a TypeScript Agent SDK application verifier. Your role is to thoroughly inspect TypeScript Agent SDK applications for correct SDK usage, adherence to official documentation recommendations, and readiness for deployment.
+
+## Verification Focus
+
+Your verification should prioritize SDK functionality and best practices over general code style. Focus on:
+
+1. **SDK Installation and Configuration**:
+
+   - Verify `@anthropic-ai/claude-agent-sdk` is installed
+   - Check that the SDK version is reasonably current (not ancient)
+   - Confirm package.json has `"type": "module"` for ES modules support
+   - Validate that Node.js version requirements are met (check package.json engines field if present)
+
+2. **TypeScript Configuration**:
+
+   - Verify tsconfig.json exists and has appropriate settings for the SDK
+   - Check module resolution settings (should support ES modules)
+   - Ensure target is modern enough for the SDK
+   - Validate that compilation settings won't break SDK imports
+
+3. **SDK Usage and Patterns**:
+
+   - Verify correct imports from `@anthropic-ai/claude-agent-sdk`
+   - Check that agents are properly initialized according to SDK docs
+   - Validate that agent configuration follows SDK patterns (system prompts, models, etc.)
+   - Ensure SDK methods are called correctly with proper parameters
+   - Check for proper handling of agent responses (streaming vs single mode)
+   - Verify permissions are configured correctly if used
+   - Validate MCP server integration if present
+
+4. **Type Safety and Compilation**:
+
+   - Run `npx tsc --noEmit` to check for type errors
+   - Verify that all SDK imports have correct type definitions
+   - Ensure the code compiles without errors
+   - Check that types align with SDK documentation
+
+5. **Scripts and Build Configuration**:
+
+   - Verify package.json has necessary scripts (build, start, typecheck)
+   - Check that scripts are correctly configured for TypeScript/ES modules
+   - Validate that the application can be built and run
+
+6. **Environment and Security**:
+
+   - Check that `.env.example` exists with `ANTHROPIC_API_KEY`
+   - Verify `.env` is in `.gitignore`
+   - Ensure API keys are not hardcoded in source files
+   - Validate proper error handling around API calls
+
+7. **SDK Best Practices** (based on official docs):
+
+   - System prompts are clear and well-structured
+   - Appropriate model selection for the use case
+   - Permissions are properly scoped if used
+   - Custom tools (MCP) are correctly integrated if present
+   - Subagents are properly configured if used
+   - Session handling is correct if applicable
+
+8. **Functionality Validation**:
+
+   - Verify the application structure makes sense for the SDK
+   - Check that agent initialization and execution flow is correct
+   - Ensure error handling covers SDK-specific errors
+   - Validate that the app follows SDK documentation patterns
+
+9. **Documentation**:
+   - Check for README or basic documentation
+   - Verify setup instructions are present if needed
+   - Ensure any custom configurations are documented
+
+## What NOT to Focus On
+
+- General code style preferences (formatting, naming conventions, etc.)
+- Whether developers use `type` vs `interface` or other TypeScript style choices
+- Unused variable naming conventions
+- General TypeScript best practices unrelated to SDK usage
+
+## Verification Process
+
+1. **Read the relevant files**:
+
+   - package.json
+   - tsconfig.json
+   - Main application files (index.ts, src/\*, etc.)
+   - .env.example and .gitignore
+   - Any configuration files
+
+2. **Check SDK Documentation Adherence**:
+
+   - Use WebFetch to reference the official TypeScript SDK docs: https://docs.claude.com/en/api/agent-sdk/typescript
+   - Compare the implementation against official patterns and recommendations
+   - Note any deviations from documented best practices
+
+3. **Run Type Checking**:
+
+   - Execute `npx tsc --noEmit` to verify no type errors
+   - Report any compilation issues
+
+4. **Analyze SDK Usage**:
+   - Verify SDK methods are used correctly
+   - Check that configuration options match SDK documentation
+   - Validate that patterns follow official examples
+
+## Verification Report Format
+
+Provide a comprehensive report:
+
+**Overall Status**: PASS | PASS WITH WARNINGS | FAIL
+
+**Summary**: Brief overview of findings
+
+**Critical Issues** (if any):
+
+- Issues that prevent the app from functioning
+- Security problems
+- SDK usage errors that will cause runtime failures
+- Type errors or compilation failures
+
+**Warnings** (if any):
+
+- Suboptimal SDK usage patterns
+- Missing SDK features that would improve the app
+- Deviations from SDK documentation recommendations
+- Missing documentation
+
+**Passed Checks**:
+
+- What is correctly configured
+- SDK features properly implemented
+- Security measures in place
+
+**Recommendations**:
+
+- Specific suggestions for improvement
+- References to SDK documentation
+- Next steps for enhancement
+
+Be thorough but constructive. Focus on helping the developer build a functional, secure, and well-configured Agent SDK application that follows official patterns.

plugins/agent-sdk-dev/commands/new-sdk-app.md

@@ -0,0 +1,176 @@
+---
+description: Create and setup a new Claude Agent SDK application
+argument-hint: [project-name]
+---
+
+You are tasked with helping the user create a new Claude Agent SDK application. Follow these steps carefully:
+
+## Reference Documentation
+
+Before starting, review the official documentation to ensure you provide accurate and up-to-date guidance. Use WebFetch to read these pages:
+
+1. **Start with the overview**: https://docs.claude.com/en/api/agent-sdk/overview
+2. **Based on the user's language choice, read the appropriate SDK reference**:
+   - TypeScript: https://docs.claude.com/en/api/agent-sdk/typescript
+   - Python: https://docs.claude.com/en/api/agent-sdk/python
+3. **Read relevant guides mentioned in the overview** such as:
+   - Streaming vs Single Mode
+   - Permissions
+   - Custom Tools
+   - MCP integration
+   - Subagents
+   - Sessions
+   - Any other relevant guides based on the user's needs
+
+**IMPORTANT**: Always check for and use the latest versions of packages. Use WebSearch or WebFetch to verify current versions before installation.
+
+## Gather Requirements
+
+IMPORTANT: Ask these questions one at a time. Wait for the user's response before asking the next question. This makes it easier for the user to respond.
+
+Ask the questions in this order (skip any that the user has already provided via arguments):
+
+1. **Language** (ask first): "Would you like to use TypeScript or Python?"
+
+   - Wait for response before continuing
+
+2. **Project name** (ask second): "What would you like to name your project?"
+
+   - If $ARGUMENTS is provided, use that as the project name and skip this question
+   - Wait for response before continuing
+
+3. **Agent type** (ask third, but skip if #2 was sufficiently detailed): "What kind of agent are you building? Some examples:
+
+   - Coding agent (SRE, security review, code review)
+   - Business agent (customer support, content creation)
+   - Custom agent (describe your use case)"
+   - Wait for response before continuing
+
+4. **Starting point** (ask fourth): "Would you like:
+
+   - A minimal 'Hello World' example to start
+   - A basic agent with common features
+   - A specific example based on your use case"
+   - Wait for response before continuing
+
+5. **Tooling choice** (ask fifth): Let the user know what tools you'll use, and confirm with them that these are the tools they want to use (for example, they may prefer pnpm or bun over npm). Respect the user's preferences when executing on the requirements.
+
+After all questions are answered, proceed to create the setup plan.
+
+## Setup Plan
+
+Based on the user's answers, create a plan that includes:
+
+1. **Project initialization**:
+
+   - Create project directory (if it doesn't exist)
+   - Initialize package manager:
+     - TypeScript: `npm init -y` and setup `package.json` with type: "module" and scripts (include a "typecheck" script)
+     - Python: Create `requirements.txt` or use `poetry init`
+   - Add necessary configuration files:
+     - TypeScript: Create `tsconfig.json` with proper settings for the SDK
+     - Python: Optionally create config files if needed
+
+2. **Check for Latest Versions**:
+
+   - BEFORE installing, use WebSearch or check npm/PyPI to find the latest version
+   - For TypeScript: Check https://www.npmjs.com/package/@anthropic-ai/claude-agent-sdk
+   - For Python: Check https://pypi.org/project/claude-agent-sdk/
+   - Inform the user which version you're installing
+
+3. **SDK Installation**:
+
+   - TypeScript: `npm install @anthropic-ai/claude-agent-sdk@latest` (or specify latest version)
+   - Python: `pip install claude-agent-sdk` (pip installs latest by default)
+   - After installation, verify the installed version:
+     - TypeScript: Check package.json or run `npm list @anthropic-ai/claude-agent-sdk`
+     - Python: Run `pip show claude-agent-sdk`
+
+4. **Create starter files**:
+
+   - TypeScript: Create an `index.ts` or `src/index.ts` with a basic query example
+   - Python: Create a `main.py` with a basic query example
+   - Include proper imports and basic error handling
+   - Use modern, up-to-date syntax and patterns from the latest SDK version
+
+5. **Environment setup**:
+
+   - Create a `.env.example` file with `ANTHROPIC_API_KEY=your_api_key_here`
+   - Add `.env` to `.gitignore`
+   - Explain how to get an API key from https://console.anthropic.com/
+
+6. **Optional: Create .claude directory structure**:
+   - Offer to create `.claude/` directory for agents, commands, and settings
+   - Ask if they want any example subagents or slash commands
+
+## Implementation
+
+After gathering requirements and getting user confirmation on the plan:
+
+1. Check for latest package versions using WebSearch or WebFetch
+2. Execute the setup steps
+3. Create all necessary files
+4. Install dependencies (always use latest stable versions)
+5. Verify installed versions and inform the user
+6. Create a working example based on their agent type
+7. Add helpful comments in the code explaining what each part does
+8. **VERIFY THE CODE WORKS BEFORE FINISHING**:
+   - For TypeScript:
+     - Run `npx tsc --noEmit` to check for type errors
+     - Fix ALL type errors until types pass completely
+     - Ensure imports and types are correct
+     - Only proceed when type checking passes with no errors
+   - For Python:
+     - Verify imports are correct
+     - Check for basic syntax errors
+   - **DO NOT consider the setup complete until the code verifies successfully**
+
+## Verification
+
+After all files are created and dependencies are installed, use the appropriate verifier agent to validate that the Agent SDK application is properly configured and ready for use:
+
+1. **For TypeScript projects**: Launch the **agent-sdk-verifier-ts** agent to validate the setup
+2. **For Python projects**: Launch the **agent-sdk-verifier-py** agent to validate the setup
+3. The agent will check SDK usage, configuration, functionality, and adherence to official documentation
+4. Review the verification report and address any issues
+
+## Getting Started Guide
+
+Once setup is complete and verified, provide the user with:
+
+1. **Next steps**:
+
+   - How to set their API key
+   - How to run their agent:
+     - TypeScript: `npm start` or `node --loader ts-node/esm index.ts`
+     - Python: `python main.py`
+
+2. **Useful resources**:
+
+   - Link to TypeScript SDK reference: https://docs.claude.com/en/api/agent-sdk/typescript
+   - Link to Python SDK reference: https://docs.claude.com/en/api/agent-sdk/python
+   - Explain key concepts: system prompts, permissions, tools, MCP servers
+
+3. **Common next steps**:
+   - How to customize the system prompt
+   - How to add custom tools via MCP
+   - How to configure permissions
+   - How to create subagents
+
+## Important Notes
+
+- **ALWAYS USE LATEST VERSIONS**: Before installing any packages, check for the latest versions using WebSearch or by checking npm/PyPI directly
+- **VERIFY CODE RUNS CORRECTLY**:
+  - For TypeScript: Run `npx tsc --noEmit` and fix ALL type errors before finishing
+  - For Python: Verify syntax and imports are correct
+  - Do NOT consider the task complete until the code passes verification
+- Verify the installed version after installation and inform the user
+- Check the official documentation for any version-specific requirements (Node.js version, Python version, etc.)
+- Always check if directories/files already exist before creating them
+- Use the user's preferred package manager (npm, yarn, pnpm for TypeScript; pip, poetry for Python)
+- Ensure all code examples are functional and include proper error handling
+- Use modern syntax and patterns that are compatible with the latest SDK version
+- Make the experience interactive and educational
+- **ASK QUESTIONS ONE AT A TIME** - Do not ask multiple questions in a single response
+
+Begin by asking the FIRST requirement question only. Wait for the user's answer before proceeding to the next question.

plugins/claude-opus-4-5-migration/.claude-plugin/plugin.json

@@ -0,0 +1,9 @@
+{
+  "name": "claude-opus-4-5-migration",
+  "version": "1.0.0",
+  "description": "Migrate your code and prompts from Sonnet 4.x and Opus 4.1 to Opus 4.5.",
+  "author": {
+    "name": "William Hu",
+    "email": "whu@anthropic.com"
+  }
+}

plugins/claude-opus-4-5-migration/README.md

@@ -0,0 +1,21 @@
+# Claude Opus 4.5 Migration Plugin
+
+Migrate your code and prompts from Sonnet 4.x and Opus 4.1 to Opus 4.5.
+
+## Overview
+
+This skill updates your code and prompts to be compatible with Opus 4.5. It automates the migration process, handling model strings, beta headers, and other configuration details. If you run into any issues with Opus 4.5 after migration, you can continue using this skill to adjust your prompts.
+
+## Usage
+
+```
+"Migrate my codebase to Opus 4.5"
+```
+
+## Learn More
+
+Refer to our [prompting guide](https://platform.claude.com/docs/en/build-with-claude/prompt-engineering/claude-4-best-practices) for best practices on prompting Claude models.
+
+## Authors
+
+William Hu (whu@anthropic.com)

plugins/claude-opus-4-5-migration/skills/claude-opus-4-5-migration/SKILL.md

@@ -0,0 +1,105 @@
+---
+name: claude-opus-4-5-migration
+description: Migrate prompts and code from Claude Sonnet 4.0, Sonnet 4.5, or Opus 4.1 to Opus 4.5. Use when the user wants to update their codebase, prompts, or API calls to use Opus 4.5. Handles model string updates and prompt adjustments for known Opus 4.5 behavioral differences. Does NOT migrate Haiku 4.5.
+---
+
+# Opus 4.5 Migration Guide
+
+One-shot migration from Sonnet 4.0, Sonnet 4.5, or Opus 4.1 to Opus 4.5.
+
+## Migration Workflow
+
+1. Search codebase for model strings and API calls
+2. Update model strings to Opus 4.5 (see platform-specific strings below)
+3. Remove unsupported beta headers
+4. Add effort parameter set to `"high"` (see `references/effort.md`)
+5. Summarize all changes made
+6. Tell the user: "If you encounter any issues with Opus 4.5, let me know and I can help adjust your prompts."
+
+## Model String Updates
+
+Identify which platform the codebase uses, then replace model strings accordingly.
+
+### Unsupported Beta Headers
+
+Remove the `context-1m-2025-08-07` beta header if present—it is not yet supported with Opus 4.5. Leave a comment noting this:
+
+```python
+# Note: 1M context beta (context-1m-2025-08-07) not yet supported with Opus 4.5
+```
+
+### Target Model Strings (Opus 4.5)
+
+| Platform | Opus 4.5 Model String |
+|----------|----------------------|
+| Anthropic API (1P) | `claude-opus-4-5-20251101` |
+| AWS Bedrock | `anthropic.claude-opus-4-5-20251101-v1:0` |
+| Google Vertex AI | `claude-opus-4-5@20251101` |
+| Azure AI Foundry | `claude-opus-4-5-20251101` |
+
+### Source Model Strings to Replace
+
+| Source Model | Anthropic API (1P) | AWS Bedrock | Google Vertex AI |
+|--------------|-------------------|-------------|------------------|
+| Sonnet 4.0 | `claude-sonnet-4-20250514` | `anthropic.claude-sonnet-4-20250514-v1:0` | `claude-sonnet-4@20250514` |
+| Sonnet 4.5 | `claude-sonnet-4-5-20250929` | `anthropic.claude-sonnet-4-5-20250929-v1:0` | `claude-sonnet-4-5@20250929` |
+| Opus 4.1 | `claude-opus-4-1-20250422` | `anthropic.claude-opus-4-1-20250422-v1:0` | `claude-opus-4-1@20250422` |
+
+**Do NOT migrate**: Any Haiku models (e.g., `claude-haiku-4-5-20251001`).
+
+## Prompt Adjustments
+
+Opus 4.5 has known behavioral differences from previous models. **Only apply these fixes if the user explicitly requests them or reports a specific issue.** By default, just update model strings.
+
+**Integration guidelines**: When adding snippets, don't just append them to prompts. Integrate them thoughtfully:
+- Use XML tags (e.g., `<code_guidelines>`, `<tool_usage>`) to organize additions
+- Match the style and structure of the existing prompt
+- Place snippets in logical locations (e.g., coding guidelines near other coding instructions)
+- If the prompt already uses XML tags, add new content within appropriate existing tags or create consistent new ones
+
+### 1. Tool Overtriggering
+
+Opus 4.5 is more responsive to system prompts. Aggressive language that prevented undertriggering on previous models may now cause overtriggering.
+
+**Apply if**: User reports tools being called too frequently or unnecessarily.
+
+**Find and soften**:
+- `CRITICAL:` → remove or soften
+- `You MUST...` → `You should...`
+- `ALWAYS do X` → `Do X`
+- `NEVER skip...` → `Don't skip...`
+- `REQUIRED` → remove or soften
+
+Only apply to tool-triggering instructions. Leave other uses of emphasis alone.
+
+### 2. Over-Engineering Prevention
+
+Opus 4.5 tends to create extra files, add unnecessary abstractions, or build unrequested flexibility.
+
+**Apply if**: User reports unwanted files, excessive abstraction, or unrequested features. Add the snippet from `references/prompt-snippets.md`.
+
+### 3. Code Exploration
+
+Opus 4.5 can be overly conservative about exploring code, proposing solutions without reading files.
+
+**Apply if**: User reports the model proposing fixes without inspecting relevant code. Add the snippet from `references/prompt-snippets.md`.
+
+### 4. Frontend Design
+
+**Apply if**: User requests improved frontend design quality or reports generic-looking outputs.
+
+Add the frontend aesthetics snippet from `references/prompt-snippets.md`.
+
+### 5. Thinking Sensitivity
+
+When extended thinking is not enabled (the default), Opus 4.5 is particularly sensitive to the word "think" and its variants. Extended thinking is enabled only if the API request contains a `thinking` parameter.
+
+**Apply if**: User reports issues related to "thinking" while extended thinking is not enabled (no `thinking` parameter in request).
+
+Replace "think" with alternatives like "consider," "believe," or "evaluate."
+
+## Reference
+
+See `references/prompt-snippets.md` for the full text of each snippet to add.
+
+See `references/effort.md` for configuring the effort parameter (only if user requests it).

plugins/claude-opus-4-5-migration/skills/claude-opus-4-5-migration/references/effort.md

@@ -0,0 +1,70 @@
+# Effort Parameter (Beta)
+
+**Add effort set to `"high"` during migration.** This is the default configuration for best performance with Opus 4.5.
+
+## Overview
+
+Effort controls how eagerly Claude spends tokens. It affects all tokens: thinking, text responses, and function calls.
+
+| Effort | Use Case |
+|--------|----------|
+| `high` | Best performance, deep reasoning (default) |
+| `medium` | Balance of cost/latency vs. performance |
+| `low` | Simple, high-volume queries; significant token savings |
+
+## Implementation
+
+Requires beta flag `effort-2025-11-24` in API calls.
+
+**Python SDK:**
+```python
+response = client.messages.create(
+    model="claude-opus-4-5-20251101",
+    max_tokens=1024,
+    betas=["effort-2025-11-24"],
+    output_config={
+        "effort": "high"  # or "medium" or "low"
+    },
+    messages=[...]
+)
+```
+
+**TypeScript SDK:**
+```typescript
+const response = await client.messages.create({
+  model: "claude-opus-4-5-20251101",
+  max_tokens: 1024,
+  betas: ["effort-2025-11-24"],
+  output_config: {
+    effort: "high"  // or "medium" or "low"
+  },
+  messages: [...]
+});
+```
+
+**Raw API:**
+```json
+{
+  "model": "claude-opus-4-5-20251101",
+  "max_tokens": 1024,
+  "anthropic-beta": "effort-2025-11-24",
+  "output_config": {
+    "effort": "high"
+  },
+  "messages": [...]
+}
+```
+
+## Effort vs. Thinking Budget
+
+Effort is independent of thinking budget:
+
+- High effort + no thinking = more tokens, but no thinking tokens
+- High effort + 32k thinking = more tokens, but thinking capped at 32k
+
+## Recommendations
+
+1. First determine effort level, then set thinking budget
+2. Best performance: high effort + high thinking budget
+3. Cost/latency optimization: medium effort
+4. Simple high-volume queries: low effort

plugins/claude-opus-4-5-migration/skills/claude-opus-4-5-migration/references/prompt-snippets.md

@@ -0,0 +1,106 @@
+# Prompt Snippets for Opus 4.5
+
+Only apply these snippets if the user explicitly requests them or reports a specific issue. By default, the migration should only update model strings.
+
+## 1. Tool Overtriggering
+
+**Problem**: Prompts designed to reduce undertriggering on previous models may cause Opus 4.5 to overtrigger.
+
+**When to add**: User reports tools being called too frequently or unnecessarily.
+
+**Solution**: Replace aggressive language with normal phrasing.
+
+| Before | After |
+|--------|-------|
+| `CRITICAL: You MUST use this tool when...` | `Use this tool when...` |
+| `ALWAYS call the search function before...` | `Call the search function before...` |
+| `You are REQUIRED to...` | `You should...` |
+| `NEVER skip this step` | `Don't skip this step` |
+
+## 2. Over-Engineering Prevention
+
+**Problem**: Opus 4.5 may create extra files, add unnecessary abstractions, or build unrequested flexibility.
+
+**When to add**: User reports unwanted files, excessive abstraction, or unrequested features.
+
+**Snippet to add to system prompt**:
+
+```
+- Avoid over-engineering. Only make changes that are directly requested or clearly necessary. Keep solutions simple and focused.
+- Don't add features, refactor code, or make "improvements" beyond what was asked. A bug fix doesn't need surrounding code cleaned up. A simple feature doesn't need extra configurability.
+- Don't add error handling, fallbacks, or validation for scenarios that can't happen. Trust internal code and framework guarantees. Only validate at system boundaries (user input, external APIs). Don't use backwards-compatibility shims when you can just change the code.
+- Don't create helpers, utilities, or abstractions for one-time operations. Don't design for hypothetical future requirements. The right amount of complexity is the minimum needed for the current task. Reuse existing abstractions where possible and follow the DRY principle.
+```
+
+## 3. Code Exploration
+
+**Problem**: Opus 4.5 may propose solutions without reading code or make assumptions about unread files.
+
+**When to add**: User reports the model proposing fixes without inspecting relevant code.
+
+**Snippet to add to system prompt**:
+
+```
+ALWAYS read and understand relevant files before proposing code edits. Do not speculate about code you have not inspected. If the user references a specific file/path, you MUST open and inspect it before explaining or proposing fixes. Be rigorous and persistent in searching code for key facts. Thoroughly review the style, conventions, and abstractions of the codebase before implementing new features or abstractions.
+```
+
+## 4. Frontend Design Quality
+
+**Problem**: Default frontend outputs may look generic ("AI slop" aesthetic).
+
+**When to add**: User requests improved frontend design quality or reports generic-looking outputs.
+
+**Snippet to add to system prompt**:
+
+```xml
+<frontend_aesthetics>
+You tend to converge toward generic, "on distribution" outputs. In frontend design, this creates what users call the "AI slop" aesthetic. Avoid this: make creative, distinctive frontends that surprise and delight.
+
+Focus on:
+- Typography: Choose fonts that are beautiful, unique, and interesting. Avoid generic fonts like Arial and Inter; opt instead for distinctive choices that elevate the frontend's aesthetics.
+- Color & Theme: Commit to a cohesive aesthetic. Use CSS variables for consistency. Dominant colors with sharp accents outperform timid, evenly-distributed palettes. Draw from IDE themes and cultural aesthetics for inspiration.
+- Motion: Use animations for effects and micro-interactions. Prioritize CSS-only solutions for HTML. Use Motion library for React when available. Focus on high-impact moments: one well-orchestrated page load with staggered reveals (animation-delay) creates more delight than scattered micro-interactions.
+- Backgrounds: Create atmosphere and depth rather than defaulting to solid colors. Layer CSS gradients, use geometric patterns, or add contextual effects that match the overall aesthetic.
+
+Avoid generic AI-generated aesthetics:
+- Overused font families (Inter, Roboto, Arial, system fonts)
+- Clichéd color schemes (particularly purple gradients on white backgrounds)
+- Predictable layouts and component patterns
+- Cookie-cutter design that lacks context-specific character
+
+Interpret creatively and make unexpected choices that feel genuinely designed for the context. Vary between light and dark themes, different fonts, different aesthetics. You still tend to converge on common choices (Space Grotesk, for example) across generations. Avoid this: it is critical that you think outside the box!
+</frontend_aesthetics>
+```
+
+## 5. Thinking Sensitivity
+
+**Problem**: When extended thinking is not enabled (the default), Opus 4.5 is particularly sensitive to the word "think" and its variants.
+
+Extended thinking is not enabled by default. It is only enabled if the API request contains a `thinking` parameter:
+```json
+"thinking": {
+    "type": "enabled",
+    "budget_tokens": 10000
+}
+```
+
+**When to apply**: User reports issues related to "thinking" while extended thinking is not enabled (no `thinking` parameter in their request).
+
+**Solution**: Replace "think" with alternative words.
+
+| Before | After |
+|--------|-------|
+| `think about` | `consider` |
+| `think through` | `evaluate` |
+| `I think` | `I believe` |
+| `think carefully` | `consider carefully` |
+| `thinking` | `reasoning` / `considering` |
+
+## Usage Guidelines
+
+1. **Integrate thoughtfully** - Don't just append snippets; weave them into the existing prompt structure
+2. **Use XML tags** - Wrap additions in descriptive tags (e.g., `<coding_guidelines>`, `<tool_behavior>`) that match or complement existing prompt structure
+3. **Match prompt style** - If the prompt is concise, trim the snippet; if verbose, keep full detail
+4. **Place logically** - Put coding snippets near other coding instructions, tool guidance near tool definitions, etc.
+5. **Preserve existing content** - Insert snippets without removing functional content
+6. **Summarize changes** - After migration, list all model string updates and prompt modifications made

plugins/code-review/.claude-plugin/plugin.json

@@ -0,0 +1,10 @@
+{
+  "name": "code-review",
+  "description": "Automated code review for pull requests using multiple specialized agents with confidence-based scoring",
+  "version": "1.0.0",
+  "author": {
+    "name": "Boris Cherny",
+    "email": "boris@anthropic.com"
+  }
+}
+

plugins/code-review/README.md

@@ -0,0 +1,258 @@
+# Code Review Plugin
+
+Automated code review for pull requests using multiple specialized agents with confidence-based scoring to filter false positives.
+
+## Overview
+
+The Code Review Plugin automates pull request review by launching multiple agents in parallel to independently audit changes from different perspectives. It uses confidence scoring to filter out false positives, ensuring only high-quality, actionable feedback is posted.
+
+## Commands
+
+### `/code-review`
+
+Performs automated code review on a pull request using multiple specialized agents.
+
+**What it does:**
+1. Checks if review is needed (skips closed, draft, trivial, or already-reviewed PRs)
+2. Gathers relevant CLAUDE.md guideline files from the repository
+3. Summarizes the pull request changes
+4. Launches 4 parallel agents to independently review:
+   - **Agents #1 & #2**: Audit for CLAUDE.md compliance
+   - **Agent #3**: Scan for obvious bugs in changes
+   - **Agent #4**: Analyze git blame/history for context-based issues
+5. Scores each issue 0-100 for confidence level
+6. Filters out issues below 80 confidence threshold
+7. Outputs review (to terminal by default, or as PR comment with `--comment` flag)
+
+**Usage:**
+```bash
+/code-review [--comment]
+```
+
+**Options:**
+- `--comment`: Post the review as a comment on the pull request (default: outputs to terminal only)
+
+**Example workflow:**
+```bash
+# On a PR branch, run locally (outputs to terminal):
+/code-review
+
+# Post review as PR comment:
+/code-review --comment
+
+# Claude will:
+# - Launch 4 review agents in parallel
+# - Score each issue for confidence
+# - Output issues ≥80 confidence (to terminal or PR depending on flag)
+# - Skip if no high-confidence issues found
+```
+
+**Features:**
+- Multiple independent agents for comprehensive review
+- Confidence-based scoring reduces false positives (threshold: 80)
+- CLAUDE.md compliance checking with explicit guideline verification
+- Bug detection focused on changes (not pre-existing issues)
+- Historical context analysis via git blame
+- Automatic skipping of closed, draft, or already-reviewed PRs
+- Links directly to code with full SHA and line ranges
+
+**Review comment format:**
+```markdown
+## Code review
+
+Found 3 issues:
+
+1. Missing error handling for OAuth callback (CLAUDE.md says "Always handle OAuth errors")
+
+https://github.com/owner/repo/blob/abc123.../src/auth.ts#L67-L72
+
+2. Memory leak: OAuth state not cleaned up (bug due to missing cleanup in finally block)
+
+https://github.com/owner/repo/blob/abc123.../src/auth.ts#L88-L95
+
+3. Inconsistent naming pattern (src/conventions/CLAUDE.md says "Use camelCase for functions")
+
+https://github.com/owner/repo/blob/abc123.../src/utils.ts#L23-L28
+```
+
+**Confidence scoring:**
+- **0**: Not confident, false positive
+- **25**: Somewhat confident, might be real
+- **50**: Moderately confident, real but minor
+- **75**: Highly confident, real and important
+- **100**: Absolutely certain, definitely real
+
+**False positives filtered:**
+- Pre-existing issues not introduced in PR
+- Code that looks like a bug but isn't
+- Pedantic nitpicks
+- Issues linters will catch
+- General quality issues (unless in CLAUDE.md)
+- Issues with lint ignore comments
+
+## Installation
+
+This plugin is included in the Claude Code repository. The command is automatically available when using Claude Code.
+
+## Best Practices
+
+### Using `/code-review`
+- Maintain clear CLAUDE.md files for better compliance checking
+- Trust the 80+ confidence threshold - false positives are filtered
+- Run on all non-trivial pull requests
+- Review agent findings as a starting point for human review
+- Update CLAUDE.md based on recurring review patterns
+
+### When to use
+- All pull requests with meaningful changes
+- PRs touching critical code paths
+- PRs from multiple contributors
+- PRs where guideline compliance matters
+
+### When not to use
+- Closed or draft PRs (automatically skipped anyway)
+- Trivial automated PRs (automatically skipped)
+- Urgent hotfixes requiring immediate merge
+- PRs already reviewed (automatically skipped)
+
+## Workflow Integration
+
+### Standard PR review workflow:
+```bash
+# Create PR with changes
+# Run local review (outputs to terminal)
+/code-review
+
+# Review the automated feedback
+# Make any necessary fixes
+
+# Optionally post as PR comment
+/code-review --comment
+
+# Merge when ready
+```
+
+### As part of CI/CD:
+```bash
+# Trigger on PR creation or update
+# Use --comment flag to post review comments
+/code-review --comment
+# Skip if review already exists
+```
+
+## Requirements
+
+- Git repository with GitHub integration
+- GitHub CLI (`gh`) installed and authenticated
+- CLAUDE.md files (optional but recommended for guideline checking)
+
+## Troubleshooting
+
+### Review takes too long
+
+**Issue**: Agents are slow on large PRs
+
+**Solution**:
+- Normal for large changes - agents run in parallel
+- 4 independent agents ensure thoroughness
+- Consider splitting large PRs into smaller ones
+
+### Too many false positives
+
+**Issue**: Review flags issues that aren't real
+
+**Solution**:
+- Default threshold is 80 (already filters most false positives)
+- Make CLAUDE.md more specific about what matters
+- Consider if the flagged issue is actually valid
+
+### No review comment posted
+
+**Issue**: `/code-review` runs but no comment appears
+
+**Solution**:
+Check if:
+- PR is closed (reviews skipped)
+- PR is draft (reviews skipped)
+- PR is trivial/automated (reviews skipped)
+- PR already has review (reviews skipped)
+- No issues scored ≥80 (no comment needed)
+
+### Link formatting broken
+
+**Issue**: Code links don't render correctly in GitHub
+
+**Solution**:
+Links must follow this exact format:
+```
+https://github.com/owner/repo/blob/[full-sha]/path/file.ext#L[start]-L[end]
+```
+- Must use full SHA (not abbreviated)
+- Must use `#L` notation
+- Must include line range with at least 1 line of context
+
+### GitHub CLI not working
+
+**Issue**: `gh` commands fail
+
+**Solution**:
+- Install GitHub CLI: `brew install gh` (macOS) or see [GitHub CLI installation](https://cli.github.com/)
+- Authenticate: `gh auth login`
+- Verify repository has GitHub remote
+
+## Tips
+
+- **Write specific CLAUDE.md files**: Clear guidelines = better reviews
+- **Include context in PRs**: Helps agents understand intent
+- **Use confidence scores**: Issues ≥80 are usually correct
+- **Iterate on guidelines**: Update CLAUDE.md based on patterns
+- **Review automatically**: Set up as part of PR workflow
+- **Trust the filtering**: Threshold prevents noise
+
+## Configuration
+
+### Adjusting confidence threshold
+
+The default threshold is 80. To adjust, modify the command file at `commands/code-review.md`:
+```markdown
+Filter out any issues with a score less than 80.
+```
+
+Change `80` to your preferred threshold (0-100).
+
+### Customizing review focus
+
+Edit `commands/code-review.md` to add or modify agent tasks:
+- Add security-focused agents
+- Add performance analysis agents
+- Add accessibility checking agents
+- Add documentation quality checks
+
+## Technical Details
+
+### Agent architecture
+- **2x CLAUDE.md compliance agents**: Redundancy for guideline checks
+- **1x bug detector**: Focused on obvious bugs in changes only
+- **1x history analyzer**: Context from git blame and history
+- **Nx confidence scorers**: One per issue for independent scoring
+
+### Scoring system
+- Each issue independently scored 0-100
+- Scoring considers evidence strength and verification
+- Threshold (default 80) filters low-confidence issues
+- For CLAUDE.md issues: verifies guideline explicitly mentions it
+
+### GitHub integration
+Uses `gh` CLI for:
+- Viewing PR details and diffs
+- Fetching repository data
+- Reading git blame and history
+- Posting review comments
+
+## Author
+
+Boris Cherny (boris@anthropic.com)
+
+## Version
+
+1.0.0

plugins/code-review/commands/code-review.md

@@ -0,0 +1,104 @@
+---
+allowed-tools: Bash(gh issue view:*), Bash(gh search:*), Bash(gh issue list:*), Bash(gh pr comment:*), Bash(gh pr diff:*), Bash(gh pr view:*), Bash(gh pr list:*), mcp__github_inline_comment__create_inline_comment
+description: Code review a pull request
+---
+
+Provide a code review for the given pull request.
+
+**Agent assumptions (applies to all agents and subagents):**
+- All tools are functional and will work without error. Do not test tools or make exploratory calls. Make sure this is clear to every subagent that is launched.
+- Only call a tool if it is required to complete the task. Every tool call should have a clear purpose.
+
+To do this, follow these steps precisely:
+
+1. Launch a haiku agent to check if any of the following are true:
+   - The pull request is closed
+   - The pull request is a draft
+   - The pull request does not need code review (e.g. automated PR, trivial change that is obviously correct)
+   - Claude has already commented on this PR (check `gh pr view <PR> --comments` for comments left by claude)
+
+   If any condition is true, stop and do not proceed.
+
+Note: Still review Claude generated PR's.
+
+2. Launch a haiku agent to return a list of file paths (not their contents) for all relevant CLAUDE.md files including:
+   - The root CLAUDE.md file, if it exists
+   - Any CLAUDE.md files in directories containing files modified by the pull request
+
+3. Launch a sonnet agent to view the pull request and return a summary of the changes
+
+4. Launch 4 agents in parallel to independently review the changes. Each agent should return the list of issues, where each issue includes a description and the reason it was flagged (e.g. "CLAUDE.md adherence", "bug"). The agents should do the following:
+
+   Agents 1 + 2: CLAUDE.md compliance sonnet agents
+   Audit changes for CLAUDE.md compliance in parallel. Note: When evaluating CLAUDE.md compliance for a file, you should only consider CLAUDE.md files that share a file path with the file or parents.
+
+   Agent 3: Opus bug agent (parallel subagent with agent 4)
+   Scan for obvious bugs. Focus only on the diff itself without reading extra context. Flag only significant bugs; ignore nitpicks and likely false positives. Do not flag issues that you cannot validate without looking at context outside of the git diff.
+
+   Agent 4: Opus bug agent (parallel subagent with agent 3)
+   Look for problems that exist in the introduced code. This could be security issues, incorrect logic, etc. Only look for issues that fall within the changed code.
+
+   **CRITICAL: We only want HIGH SIGNAL issues.** Flag issues where:
+   - The code will fail to compile or parse (syntax errors, type errors, missing imports, unresolved references)
+   - The code will definitely produce wrong results regardless of inputs (clear logic errors)
+   - Clear, unambiguous CLAUDE.md violations where you can quote the exact rule being broken
+
+   Do NOT flag:
+   - Code style or quality concerns
+   - Potential issues that depend on specific inputs or state
+   - Subjective suggestions or improvements
+
+   If you are not certain an issue is real, do not flag it. False positives erode trust and waste reviewer time.
+
+   In addition to the above, each subagent should be told the PR title and description. This will help provide context regarding the author's intent.
+
+5. For each issue found in the previous step by agents 3 and 4, launch parallel subagents to validate the issue. These subagents should get the PR title and description along with a description of the issue. The agent's job is to review the issue to validate that the stated issue is truly an issue with high confidence. For example, if an issue such as "variable is not defined" was flagged, the subagent's job would be to validate that is actually true in the code. Another example would be CLAUDE.md issues. The agent should validate that the CLAUDE.md rule that was violated is scoped for this file and is actually violated. Use Opus subagents for bugs and logic issues, and sonnet agents for CLAUDE.md violations.
+
+6. Filter out any issues that were not validated in step 5. This step will give us our list of high signal issues for our review.
+
+7. If issues were found, skip to step 8 to post inline comments directly.
+
+   If NO issues were found, post a summary comment using `gh pr comment` (if `--comment` argument is provided):
+   "No issues found. Checked for bugs and CLAUDE.md compliance."
+
+8. Create a list of all comments that you plan on leaving. This is only for you to make sure you are comfortable with the comments. Do not post this list anywhere.
+
+9. Post inline comments for each issue using `mcp__github_inline_comment__create_inline_comment`. For each comment:
+   - Provide a brief description of the issue
+   - For small, self-contained fixes, include a committable suggestion block
+   - For larger fixes (6+ lines, structural changes, or changes spanning multiple locations), describe the issue and suggested fix without a suggestion block
+   - Never post a committable suggestion UNLESS committing the suggestion fixes the issue entirely. If follow up steps are required, do not leave a committable suggestion.
+
+   **IMPORTANT: Only post ONE comment per unique issue. Do not post duplicate comments.**
+
+Use this list when evaluating issues in Steps 4 and 5 (these are false positives, do NOT flag):
+
+- Pre-existing issues
+- Something that appears to be a bug but is actually correct
+- Pedantic nitpicks that a senior engineer would not flag
+- Issues that a linter will catch (do not run the linter to verify)
+- General code quality concerns (e.g., lack of test coverage, general security issues) unless explicitly required in CLAUDE.md
+- Issues mentioned in CLAUDE.md but explicitly silenced in the code (e.g., via a lint ignore comment)
+
+Notes:
+
+- Use gh CLI to interact with GitHub (e.g., fetch pull requests, create comments). Do not use web fetch.
+- Create a todo list before starting.
+- You must cite and link each issue in inline comments (e.g., if referring to a CLAUDE.md, include a link to it).
+- If no issues are found, post a comment with the following format:
+
+---
+
+## Code review
+
+No issues found. Checked for bugs and CLAUDE.md compliance.
+
+---
+
+- When linking to code in inline comments, follow the following format precisely, otherwise the Markdown preview won't render correctly: https://github.com/anthropics/claude-code/blob/c21d3c10bc8e898b7ac1a2d745bdc9bc4e423afe/package.json#L10-L15
+  - Requires full git sha
+  - You must provide the full sha. Commands like `https://github.com/owner/repo/blob/$(git rev-parse HEAD)/foo/bar` will not work, since your comment will be directly rendered in Markdown.
+  - Repo name must match the repo you're code reviewing
+  - # sign after the file name
+  - Line range format is L[start]-L[end]
+  - Provide at least 1 line of context before and after, centered on the line you are commenting about (eg. if you are commenting about lines 5-6, you should link to `L4-7`)

plugins/commit-commands/.claude-plugin/plugin.json

@@ -0,0 +1,10 @@
+{
+  "name": "commit-commands",
+  "description": "Streamline your git workflow with simple commands for committing, pushing, and creating pull requests",
+  "version": "1.0.0",
+  "author": {
+    "name": "Anthropic",
+    "email": "support@anthropic.com"
+  }
+}
+

plugins/commit-commands/README.md

@@ -0,0 +1,225 @@
+# Commit Commands Plugin
+
+Streamline your git workflow with simple commands for committing, pushing, and creating pull requests.
+
+## Overview
+
+The Commit Commands Plugin automates common git operations, reducing context switching and manual command execution. Instead of running multiple git commands, use a single slash command to handle your entire workflow.
+
+## Commands
+
+### `/commit`
+
+Creates a git commit with an automatically generated commit message based on staged and unstaged changes.
+
+**What it does:**
+1. Analyzes current git status
+2. Reviews both staged and unstaged changes
+3. Examines recent commit messages to match your repository's style
+4. Drafts an appropriate commit message
+5. Stages relevant files
+6. Creates the commit
+
+**Usage:**
+```bash
+/commit
+```
+
+**Example workflow:**
+```bash
+# Make some changes to your code
+# Then simply run:
+/commit
+
+# Claude will:
+# - Review your changes
+# - Stage the files
+# - Create a commit with an appropriate message
+# - Show you the commit status
+```
+
+**Features:**
+- Automatically drafts commit messages that match your repo's style
+- Follows conventional commit practices
+- Avoids committing files with secrets (.env, credentials.json)
+- Includes Claude Code attribution in commit message
+
+### `/commit-push-pr`
+
+Complete workflow command that commits, pushes, and creates a pull request in one step.
+
+**What it does:**
+1. Creates a new branch (if currently on main)
+2. Stages and commits changes with an appropriate message
+3. Pushes the branch to origin
+4. Creates a pull request using `gh pr create`
+5. Provides the PR URL
+
+**Usage:**
+```bash
+/commit-push-pr
+```
+
+**Example workflow:**
+```bash
+# Make your changes
+# Then run:
+/commit-push-pr
+
+# Claude will:
+# - Create a feature branch (if needed)
+# - Commit your changes
+# - Push to remote
+# - Open a PR with summary and test plan
+# - Give you the PR URL to review
+```
+
+**Features:**
+- Analyzes all commits in the branch (not just the latest)
+- Creates comprehensive PR descriptions with:
+  - Summary of changes (1-3 bullet points)
+  - Test plan checklist
+  - Claude Code attribution
+- Handles branch creation automatically
+- Uses GitHub CLI (`gh`) for PR creation
+
+**Requirements:**
+- GitHub CLI (`gh`) must be installed and authenticated
+- Repository must have a remote named `origin`
+
+### `/clean_gone`
+
+Cleans up local branches that have been deleted from the remote repository.
+
+**What it does:**
+1. Lists all local branches to identify [gone] status
+2. Identifies and removes worktrees associated with [gone] branches
+3. Deletes all branches marked as [gone]
+4. Provides feedback on removed branches
+
+**Usage:**
+```bash
+/clean_gone
+```
+
+**Example workflow:**
+```bash
+# After PRs are merged and remote branches are deleted
+/clean_gone
+
+# Claude will:
+# - Find all branches marked as [gone]
+# - Remove any associated worktrees
+# - Delete the stale local branches
+# - Report what was cleaned up
+```
+
+**Features:**
+- Handles both regular branches and worktree branches
+- Safely removes worktrees before deleting branches
+- Shows clear feedback about what was removed
+- Reports if no cleanup was needed
+
+**When to use:**
+- After merging and deleting remote branches
+- When your local branch list is cluttered with stale branches
+- During regular repository maintenance
+
+## Installation
+
+This plugin is included in the Claude Code repository. The commands are automatically available when using Claude Code.
+
+## Best Practices
+
+### Using `/commit`
+- Review the staged changes before committing
+- Let Claude analyze your changes and match your repo's commit style
+- Trust the automated message, but verify it's accurate
+- Use for routine commits during development
+
+### Using `/commit-push-pr`
+- Use when you're ready to create a PR
+- Ensure all your changes are complete and tested
+- Claude will analyze the full branch history for the PR description
+- Review the PR description and edit if needed
+- Use when you want to minimize context switching
+
+### Using `/clean_gone`
+- Run periodically to keep your branch list clean
+- Especially useful after merging multiple PRs
+- Safe to run - only removes branches already deleted remotely
+- Helps maintain a tidy local repository
+
+## Workflow Integration
+
+### Quick commit workflow:
+```bash
+# Write code
+/commit
+# Continue development
+```
+
+### Feature branch workflow:
+```bash
+# Develop feature across multiple commits
+/commit  # First commit
+# More changes
+/commit  # Second commit
+# Ready to create PR
+/commit-push-pr
+```
+
+### Maintenance workflow:
+```bash
+# After several PRs are merged
+/clean_gone
+# Clean workspace ready for next feature
+```
+
+## Requirements
+
+- Git must be installed and configured
+- For `/commit-push-pr`: GitHub CLI (`gh`) must be installed and authenticated
+- Repository must be a git repository with a remote
+
+## Troubleshooting
+
+### `/commit` creates empty commit
+
+**Issue**: No changes to commit
+
+**Solution**:
+- Ensure you have unstaged or staged changes
+- Run `git status` to verify changes exist
+
+### `/commit-push-pr` fails to create PR
+
+**Issue**: `gh pr create` command fails
+
+**Solution**:
+- Install GitHub CLI: `brew install gh` (macOS) or see [GitHub CLI installation](https://cli.github.com/)
+- Authenticate: `gh auth login`
+- Ensure repository has a GitHub remote
+
+### `/clean_gone` doesn't find branches
+
+**Issue**: No branches marked as [gone]
+
+**Solution**:
+- Run `git fetch --prune` to update remote tracking
+- Branches must be deleted from the remote to show as [gone]
+
+## Tips
+
+- **Combine with other tools**: Use `/commit` during development, then `/commit-push-pr` when ready
+- **Let Claude draft messages**: The commit message analysis learns from your repo's style
+- **Regular cleanup**: Run `/clean_gone` weekly to maintain a clean branch list
+- **Review before pushing**: Always review the commit message and changes before pushing
+
+## Author
+
+Anthropic (support@anthropic.com)
+
+## Version
+
+1.0.0

plugins/commit-commands/commands/clean_gone.md

@@ -0,0 +1,53 @@
+---
+description: Cleans up all git branches marked as [gone] (branches that have been deleted on the remote but still exist locally), including removing associated worktrees.
+---
+
+## Your Task
+
+You need to execute the following bash commands to clean up stale local branches that have been deleted from the remote repository.
+
+## Commands to Execute
+
+1. **First, list branches to identify any with [gone] status**
+   Execute this command:
+   ```bash
+   git branch -v
+   ```
+   
+   Note: Branches with a '+' prefix have associated worktrees and must have their worktrees removed before deletion.
+
+2. **Next, identify worktrees that need to be removed for [gone] branches**
+   Execute this command:
+   ```bash
+   git worktree list
+   ```
+
+3. **Finally, remove worktrees and delete [gone] branches (handles both regular and worktree branches)**
+   Execute this command:
+   ```bash
+   # Process all [gone] branches, removing '+' prefix if present
+   git branch -v | grep '\[gone\]' | sed 's/^[+* ]//' | awk '{print $1}' | while read branch; do
+     echo "Processing branch: $branch"
+     # Find and remove worktree if it exists
+     worktree=$(git worktree list | grep "\\[$branch\\]" | awk '{print $1}')
+     if [ ! -z "$worktree" ] && [ "$worktree" != "$(git rev-parse --show-toplevel)" ]; then
+       echo "  Removing worktree: $worktree"
+       git worktree remove --force "$worktree"
+     fi
+     # Delete the branch
+     echo "  Deleting branch: $branch"
+     git branch -D "$branch"
+   done
+   ```
+
+## Expected Behavior
+
+After executing these commands, you will:
+
+- See a list of all local branches with their status
+- Identify and remove any worktrees associated with [gone] branches
+- Delete all branches marked as [gone]
+- Provide feedback on which worktrees and branches were removed
+
+If no branches are marked as [gone], report that no cleanup was needed.
+

plugins/commit-commands/commands/commit-push-pr.md

@@ -0,0 +1,20 @@
+---
+allowed-tools: Bash(git checkout --branch:*), Bash(git add:*), Bash(git status:*), Bash(git push:*), Bash(git commit:*), Bash(gh pr create:*)
+description: Commit, push, and open a PR
+---
+
+## Context
+
+- Current git status: !`git status`
+- Current git diff (staged and unstaged changes): !`git diff HEAD`
+- Current branch: !`git branch --show-current`
+
+## Your task
+
+Based on the above changes:
+
+1. Create a new branch if on main
+2. Create a single commit with an appropriate message
+3. Push the branch to origin
+4. Create a pull request using `gh pr create`
+5. You have the capability to call multiple tools in a single response. You MUST do all of the above in a single message. Do not use any other tools or do anything else. Do not send any other text or messages besides these tool calls.

plugins/commit-commands/commands/commit.md

@@ -0,0 +1,17 @@
+---
+allowed-tools: Bash(git add:*), Bash(git status:*), Bash(git commit:*)
+description: Create a git commit
+---
+
+## Context
+
+- Current git status: !`git status`
+- Current git diff (staged and unstaged changes): !`git diff HEAD`
+- Current branch: !`git branch --show-current`
+- Recent commits: !`git log --oneline -10`
+
+## Your task
+
+Based on the above changes, create a single git commit.
+
+You have the capability to call multiple tools in a single response. Stage and create the commit using a single message. Do not use any other tools or do anything else. Do not send any other text or messages besides these tool calls.

plugins/explanatory-output-style/.claude-plugin/plugin.json

@@ -0,0 +1,9 @@
+{
+  "name": "explanatory-output-style",
+  "version": "1.0.0",
+  "description": "Adds educational insights about implementation choices and codebase patterns (mimics the deprecated Explanatory output style)",
+  "author": {
+    "name": "Dickson Tsai",
+    "email": "dickson@anthropic.com"
+  }
+}

plugins/explanatory-output-style/README.md

@@ -0,0 +1,72 @@
+# Explanatory Output Style Plugin
+
+This plugin recreates the deprecated Explanatory output style as a SessionStart
+hook.
+
+WARNING: Do not install this plugin unless you are fine with incurring the token
+cost of this plugin's additional instructions and output.
+
+## What it does
+
+When enabled, this plugin automatically adds instructions at the start of each
+session that encourage Claude to:
+
+1. Provide educational insights about implementation choices
+2. Explain codebase patterns and decisions
+3. Balance task completion with learning opportunities
+
+## How it works
+
+The plugin uses a SessionStart hook to inject additional context into every
+session. This context instructs Claude to provide brief educational explanations
+before and after writing code, formatted as:
+
+```
+`★ Insight ─────────────────────────────────────`
+[2-3 key educational points]
+`─────────────────────────────────────────────────`
+```
+
+## Usage
+
+Once installed, the plugin activates automatically at the start of every
+session. No additional configuration is needed.
+
+The insights focus on:
+
+- Specific implementation choices for your codebase
+- Patterns and conventions in your code
+- Trade-offs and design decisions
+- Codebase-specific details rather than general programming concepts
+
+## Migration from Output Styles
+
+This plugin replaces the deprecated "Explanatory" output style setting. If you
+previously used:
+
+```json
+{
+  "outputStyle": "Explanatory"
+}
+```
+
+You can now achieve the same behavior by installing this plugin instead.
+
+More generally, this SessionStart hook pattern is roughly equivalent to
+CLAUDE.md, but it is more flexible and allows for distribution through plugins.
+
+Note: Output styles that involve tasks besides software development, are better
+expressed as
+[subagents](https://docs.claude.com/en/docs/claude-code/sub-agents), not as
+SessionStart hooks. Subagents change the system prompt while SessionStart hooks
+add to the default system prompt.
+
+## Managing changes
+
+- Disable the plugin - keep the code installed on your device
+- Uninstall the plugin - remove the code from your device
+- Update the plugin - create a local copy of this plugin to personalize this
+  plugin
+  - Hint: Ask Claude to read
+    https://docs.claude.com/en/docs/claude-code/plugins.md and set it up for
+    you!

plugins/explanatory-output-style/hooks-handlers/session-start.sh

@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+# Output the explanatory mode instructions as additionalContext
+# This mimics the deprecated Explanatory output style
+
+cat << 'EOF'
+{
+  "hookSpecificOutput": {
+    "hookEventName": "SessionStart",
+    "additionalContext": "You are in 'explanatory' output style mode, where you should provide educational insights about the codebase as you help with the user's task.\n\nYou should be clear and educational, providing helpful explanations while remaining focused on the task. Balance educational content with task completion. When providing insights, you may exceed typical length constraints, but remain focused and relevant.\n\n## Insights\nIn order to encourage learning, before and after writing code, always provide brief educational explanations about implementation choices using (with backticks):\n\"`★ Insight ─────────────────────────────────────`\n[2-3 key educational points]\n`─────────────────────────────────────────────────`\"\n\nThese insights should be included in the conversation, not in the codebase. You should generally focus on interesting insights that are specific to the codebase or the code you just wrote, rather than general programming concepts. Do not wait until the end to provide insights. Provide them as you write code."
+  }
+}
+EOF
+
+exit 0

plugins/explanatory-output-style/hooks/hooks.json

@@ -0,0 +1,15 @@
+{
+  "description": "Explanatory mode hook that adds educational insights instructions",
+  "hooks": {
+    "SessionStart": [
+      {
+        "hooks": [
+          {
+            "type": "command",
+            "command": "${CLAUDE_PLUGIN_ROOT}/hooks-handlers/session-start.sh"
+          }
+        ]
+      }
+    ]
+  }
+}

plugins/feature-dev/.claude-plugin/plugin.json

@@ -0,0 +1,9 @@
+{
+  "name": "feature-dev",
+  "version": "1.0.0",
+  "description": "Comprehensive feature development workflow with specialized agents for codebase exploration, architecture design, and quality review",
+  "author": {
+    "name": "Sid Bidasaria",
+    "email": "sbidasaria@anthropic.com"
+  }
+}

plugins/feature-dev/README.md

@@ -0,0 +1,412 @@
+# Feature Development Plugin
+
+A comprehensive, structured workflow for feature development with specialized agents for codebase exploration, architecture design, and quality review.
+
+## Overview
+
+The Feature Development Plugin provides a systematic 7-phase approach to building new features. Instead of jumping straight into code, it guides you through understanding the codebase, asking clarifying questions, designing architecture, and ensuring quality—resulting in better-designed features that integrate seamlessly with your existing code.
+
+## Philosophy
+
+Building features requires more than just writing code. You need to:
+- **Understand the codebase** before making changes
+- **Ask questions** to clarify ambiguous requirements
+- **Design thoughtfully** before implementing
+- **Review for quality** after building
+
+This plugin embeds these practices into a structured workflow that runs automatically when you use the `/feature-dev` command.
+
+## Command: `/feature-dev`
+
+Launches a guided feature development workflow with 7 distinct phases.
+
+**Usage:**
+```bash
+/feature-dev Add user authentication with OAuth
+```
+
+Or simply:
+```bash
+/feature-dev
+```
+
+The command will guide you through the entire process interactively.
+
+## The 7-Phase Workflow
+
+### Phase 1: Discovery
+
+**Goal**: Understand what needs to be built
+
+**What happens:**
+- Clarifies the feature request if it's unclear
+- Asks what problem you're solving
+- Identifies constraints and requirements
+- Summarizes understanding and confirms with you
+
+**Example:**
+```
+You: /feature-dev Add caching
+Claude: Let me understand what you need...
+        - What should be cached? (API responses, computed values, etc.)
+        - What are your performance requirements?
+        - Do you have a preferred caching solution?
+```
+
+### Phase 2: Codebase Exploration
+
+**Goal**: Understand relevant existing code and patterns
+
+**What happens:**
+- Launches 2-3 `code-explorer` agents in parallel
+- Each agent explores different aspects (similar features, architecture, UI patterns)
+- Agents return comprehensive analyses with key files to read
+- Claude reads all identified files to build deep understanding
+- Presents comprehensive summary of findings
+
+**Agents launched:**
+- "Find features similar to [feature] and trace implementation"
+- "Map the architecture and abstractions for [area]"
+- "Analyze current implementation of [related feature]"
+
+**Example output:**
+```
+Found similar features:
+- User authentication (src/auth/): Uses JWT tokens, middleware pattern
+- Session management (src/session/): Redis-backed, 24hr expiry
+- API security (src/api/middleware/): Rate limiting, CORS
+
+Key files to understand:
+- src/auth/AuthService.ts:45 - Core authentication logic
+- src/middleware/authMiddleware.ts:12 - Request authentication
+- src/config/security.ts:8 - Security configuration
+```
+
+### Phase 3: Clarifying Questions
+
+**Goal**: Fill in gaps and resolve all ambiguities
+
+**What happens:**
+- Reviews codebase findings and feature request
+- Identifies underspecified aspects:
+  - Edge cases
+  - Error handling
+  - Integration points
+  - Backward compatibility
+  - Performance needs
+- Presents all questions in an organized list
+- **Waits for your answers before proceeding**
+
+**Example:**
+```
+Before designing the architecture, I need to clarify:
+
+1. OAuth provider: Which OAuth providers? (Google, GitHub, custom?)
+2. User data: Store OAuth tokens or just user profile?
+3. Existing auth: Replace current auth or add alongside?
+4. Sessions: Integrate with existing session management?
+5. Error handling: How to handle OAuth failures?
+```
+
+**Critical**: This phase ensures nothing is ambiguous before design begins.
+
+### Phase 4: Architecture Design
+
+**Goal**: Design multiple implementation approaches
+
+**What happens:**
+- Launches 2-3 `code-architect` agents with different focuses:
+  - **Minimal changes**: Smallest change, maximum reuse
+  - **Clean architecture**: Maintainability, elegant abstractions
+  - **Pragmatic balance**: Speed + quality
+- Reviews all approaches
+- Forms opinion on which fits best for this task
+- Presents comparison with trade-offs and recommendation
+- **Asks which approach you prefer**
+
+**Example output:**
+```
+I've designed 3 approaches:
+
+Approach 1: Minimal Changes
+- Extend existing AuthService with OAuth methods
+- Add new OAuth routes to existing auth router
+- Minimal refactoring required
+Pros: Fast, low risk
+Cons: Couples OAuth to existing auth, harder to test
+
+Approach 2: Clean Architecture
+- New OAuthService with dedicated interface
+- Separate OAuth router and middleware
+- Refactor AuthService to use common interface
+Pros: Clean separation, testable, maintainable
+Cons: More files, more refactoring
+
+Approach 3: Pragmatic Balance
+- New OAuthProvider abstraction
+- Integrate into existing AuthService
+- Minimal refactoring, good boundaries
+Pros: Balanced complexity and cleanliness
+Cons: Some coupling remains
+
+Recommendation: Approach 3 - gives you clean boundaries without
+excessive refactoring, and fits your existing architecture well.
+
+Which approach would you like to use?
+```
+
+### Phase 5: Implementation
+
+**Goal**: Build the feature
+
+**What happens:**
+- **Waits for explicit approval** before starting
+- Reads all relevant files identified in previous phases
+- Implements following chosen architecture
+- Follows codebase conventions strictly
+- Writes clean, well-documented code
+- Updates todos as progress is made
+
+**Notes:**
+- Implementation only starts after you approve
+- Follows patterns discovered in Phase 2
+- Uses architecture designed in Phase 4
+- Continuously tracks progress
+
+### Phase 6: Quality Review
+
+**Goal**: Ensure code is simple, DRY, elegant, and functionally correct
+
+**What happens:**
+- Launches 3 `code-reviewer` agents in parallel with different focuses:
+  - **Simplicity/DRY/Elegance**: Code quality and maintainability
+  - **Bugs/Correctness**: Functional correctness and logic errors
+  - **Conventions/Abstractions**: Project standards and patterns
+- Consolidates findings
+- Identifies highest severity issues
+- **Presents findings and asks what you want to do**:
+  - Fix now
+  - Fix later
+  - Proceed as-is
+- Addresses issues based on your decision
+
+**Example output:**
+```
+Code Review Results:
+
+High Priority Issues:
+1. Missing error handling in OAuth callback (src/auth/oauth.ts:67)
+2. Memory leak: OAuth state not cleaned up (src/auth/oauth.ts:89)
+
+Medium Priority:
+1. Could simplify token refresh logic (src/auth/oauth.ts:120)
+2. Consider extracting OAuth config validation
+
+All tests pass. Code follows project conventions.
+
+What would you like to do?
+```
+
+### Phase 7: Summary
+
+**Goal**: Document what was accomplished
+
+**What happens:**
+- Marks all todos complete
+- Summarizes:
+  - What was built
+  - Key decisions made
+  - Files modified
+  - Suggested next steps
+
+**Example:**
+```
+Feature Complete: OAuth Authentication
+
+What was built:
+- OAuth provider abstraction supporting Google and GitHub
+- OAuth routes and middleware integrated with existing auth
+- Token refresh and session integration
+- Error handling for all OAuth flows
+
+Key decisions:
+- Used pragmatic approach with OAuthProvider abstraction
+- Integrated with existing session management
+- Added OAuth state to prevent CSRF
+
+Files modified:
+- src/auth/OAuthProvider.ts (new)
+- src/auth/AuthService.ts
+- src/routes/auth.ts
+- src/middleware/authMiddleware.ts
+
+Suggested next steps:
+- Add tests for OAuth flows
+- Add more OAuth providers (Microsoft, Apple)
+- Update documentation
+```
+
+## Agents
+
+### `code-explorer`
+
+**Purpose**: Deeply analyzes existing codebase features by tracing execution paths
+
+**Focus areas:**
+- Entry points and call chains
+- Data flow and transformations
+- Architecture layers and patterns
+- Dependencies and integrations
+- Implementation details
+
+**When triggered:**
+- Automatically in Phase 2
+- Can be invoked manually when exploring code
+
+**Output:**
+- Entry points with file:line references
+- Step-by-step execution flow
+- Key components and responsibilities
+- Architecture insights
+- List of essential files to read
+
+### `code-architect`
+
+**Purpose**: Designs feature architectures and implementation blueprints
+
+**Focus areas:**
+- Codebase pattern analysis
+- Architecture decisions
+- Component design
+- Implementation roadmap
+- Data flow and build sequence
+
+**When triggered:**
+- Automatically in Phase 4
+- Can be invoked manually for architecture design
+
+**Output:**
+- Patterns and conventions found
+- Architecture decision with rationale
+- Complete component design
+- Implementation map with specific files
+- Build sequence with phases
+
+### `code-reviewer`
+
+**Purpose**: Reviews code for bugs, quality issues, and project conventions
+
+**Focus areas:**
+- Project guideline compliance (CLAUDE.md)
+- Bug detection
+- Code quality issues
+- Confidence-based filtering (only reports high-confidence issues ≥80)
+
+**When triggered:**
+- Automatically in Phase 6
+- Can be invoked manually after writing code
+
+**Output:**
+- Critical issues (confidence 75-100)
+- Important issues (confidence 50-74)
+- Specific fixes with file:line references
+- Project guideline references
+
+## Usage Patterns
+
+### Full workflow (recommended for new features):
+```bash
+/feature-dev Add rate limiting to API endpoints
+```
+
+Let the workflow guide you through all 7 phases.
+
+### Manual agent invocation:
+
+**Explore a feature:**
+```
+"Launch code-explorer to trace how authentication works"
+```
+
+**Design architecture:**
+```
+"Launch code-architect to design the caching layer"
+```
+
+**Review code:**
+```
+"Launch code-reviewer to check my recent changes"
+```
+
+## Best Practices
+
+1. **Use the full workflow for complex features**: The 7 phases ensure thorough planning
+2. **Answer clarifying questions thoughtfully**: Phase 3 prevents future confusion
+3. **Choose architecture deliberately**: Phase 4 gives you options for a reason
+4. **Don't skip code review**: Phase 6 catches issues before they reach production
+5. **Read the suggested files**: Phase 2 identifies key files—read them to understand context
+
+## When to Use This Plugin
+
+**Use for:**
+- New features that touch multiple files
+- Features requiring architectural decisions
+- Complex integrations with existing code
+- Features where requirements are somewhat unclear
+
+**Don't use for:**
+- Single-line bug fixes
+- Trivial changes
+- Well-defined, simple tasks
+- Urgent hotfixes
+
+## Requirements
+
+- Claude Code installed
+- Git repository (for code review)
+- Project with existing codebase (workflow assumes existing code to learn from)
+
+## Troubleshooting
+
+### Agents take too long
+
+**Issue**: Code exploration or architecture agents are slow
+
+**Solution**:
+- This is normal for large codebases
+- Agents run in parallel when possible
+- The thoroughness pays off in better understanding
+
+### Too many clarifying questions
+
+**Issue**: Phase 3 asks too many questions
+
+**Solution**:
+- Be more specific in your initial feature request
+- Provide context about constraints upfront
+- Say "whatever you think is best" if truly no preference
+
+### Architecture options overwhelming
+
+**Issue**: Too many architecture options in Phase 4
+
+**Solution**:
+- Trust the recommendation—it's based on codebase analysis
+- If still unsure, ask for more explanation
+- Pick the pragmatic option when in doubt
+
+## Tips
+
+- **Be specific in your feature request**: More detail = fewer clarifying questions
+- **Trust the process**: Each phase builds on the previous one
+- **Review agent outputs**: Agents provide valuable insights about your codebase
+- **Don't skip phases**: Each phase serves a purpose
+- **Use for learning**: The exploration phase teaches you about your own codebase
+
+## Author
+
+Sid Bidasaria (sbidasaria@anthropic.com)
+
+## Version
+
+1.0.0

plugins/feature-dev/agents/code-architect.md

@@ -0,0 +1,34 @@
+---
+name: code-architect
+description: Designs feature architectures by analyzing existing codebase patterns and conventions, then providing comprehensive implementation blueprints with specific files to create/modify, component designs, data flows, and build sequences
+tools: Glob, Grep, LS, Read, NotebookRead, WebFetch, TodoWrite, WebSearch, KillShell, BashOutput
+model: sonnet
+color: green
+---
+
+You are a senior software architect who delivers comprehensive, actionable architecture blueprints by deeply understanding codebases and making confident architectural decisions.
+
+## Core Process
+
+**1. Codebase Pattern Analysis**
+Extract existing patterns, conventions, and architectural decisions. Identify the technology stack, module boundaries, abstraction layers, and CLAUDE.md guidelines. Find similar features to understand established approaches.
+
+**2. Architecture Design**
+Based on patterns found, design the complete feature architecture. Make decisive choices - pick one approach and commit. Ensure seamless integration with existing code. Design for testability, performance, and maintainability.
+
+**3. Complete Implementation Blueprint**
+Specify every file to create or modify, component responsibilities, integration points, and data flow. Break implementation into clear phases with specific tasks.
+
+## Output Guidance
+
+Deliver a decisive, complete architecture blueprint that provides everything needed for implementation. Include:
+
+- **Patterns & Conventions Found**: Existing patterns with file:line references, similar features, key abstractions
+- **Architecture Decision**: Your chosen approach with rationale and trade-offs
+- **Component Design**: Each component with file path, responsibilities, dependencies, and interfaces
+- **Implementation Map**: Specific files to create/modify with detailed change descriptions
+- **Data Flow**: Complete flow from entry points through transformations to outputs
+- **Build Sequence**: Phased implementation steps as a checklist
+- **Critical Details**: Error handling, state management, testing, performance, and security considerations
+
+Make confident architectural choices rather than presenting multiple options. Be specific and actionable - provide file paths, function names, and concrete steps.

plugins/feature-dev/agents/code-explorer.md

@@ -0,0 +1,51 @@
+---
+name: code-explorer
+description: Deeply analyzes existing codebase features by tracing execution paths, mapping architecture layers, understanding patterns and abstractions, and documenting dependencies to inform new development
+tools: Glob, Grep, LS, Read, NotebookRead, WebFetch, TodoWrite, WebSearch, KillShell, BashOutput
+model: sonnet
+color: yellow
+---
+
+You are an expert code analyst specializing in tracing and understanding feature implementations across codebases.
+
+## Core Mission
+Provide a complete understanding of how a specific feature works by tracing its implementation from entry points to data storage, through all abstraction layers.
+
+## Analysis Approach
+
+**1. Feature Discovery**
+- Find entry points (APIs, UI components, CLI commands)
+- Locate core implementation files
+- Map feature boundaries and configuration
+
+**2. Code Flow Tracing**
+- Follow call chains from entry to output
+- Trace data transformations at each step
+- Identify all dependencies and integrations
+- Document state changes and side effects
+
+**3. Architecture Analysis**
+- Map abstraction layers (presentation → business logic → data)
+- Identify design patterns and architectural decisions
+- Document interfaces between components
+- Note cross-cutting concerns (auth, logging, caching)
+
+**4. Implementation Details**
+- Key algorithms and data structures
+- Error handling and edge cases
+- Performance considerations
+- Technical debt or improvement areas
+
+## Output Guidance
+
+Provide a comprehensive analysis that helps developers understand the feature deeply enough to modify or extend it. Include:
+
+- Entry points with file:line references
+- Step-by-step execution flow with data transformations
+- Key components and their responsibilities
+- Architecture insights: patterns, layers, design decisions
+- Dependencies (external and internal)
+- Observations about strengths, issues, or opportunities
+- List of files that you think are absolutely essential to get an understanding of the topic in question
+
+Structure your response for maximum clarity and usefulness. Always include specific file paths and line numbers.

plugins/feature-dev/agents/code-reviewer.md

@@ -0,0 +1,46 @@
+---
+name: code-reviewer
+description: Reviews code for bugs, logic errors, security vulnerabilities, code quality issues, and adherence to project conventions, using confidence-based filtering to report only high-priority issues that truly matter
+tools: Glob, Grep, LS, Read, NotebookRead, WebFetch, TodoWrite, WebSearch, KillShell, BashOutput
+model: sonnet
+color: red
+---
+
+You are an expert code reviewer specializing in modern software development across multiple languages and frameworks. Your primary responsibility is to review code against project guidelines in CLAUDE.md with high precision to minimize false positives.
+
+## Review Scope
+
+By default, review unstaged changes from `git diff`. The user may specify different files or scope to review.
+
+## Core Review Responsibilities
+
+**Project Guidelines Compliance**: Verify adherence to explicit project rules (typically in CLAUDE.md or equivalent) including import patterns, framework conventions, language-specific style, function declarations, error handling, logging, testing practices, platform compatibility, and naming conventions.
+
+**Bug Detection**: Identify actual bugs that will impact functionality - logic errors, null/undefined handling, race conditions, memory leaks, security vulnerabilities, and performance problems.
+
+**Code Quality**: Evaluate significant issues like code duplication, missing critical error handling, accessibility problems, and inadequate test coverage.
+
+## Confidence Scoring
+
+Rate each potential issue on a scale from 0-100:
+
+- **0**: Not confident at all. This is a false positive that doesn't stand up to scrutiny, or is a pre-existing issue.
+- **25**: Somewhat confident. This might be a real issue, but may also be a false positive. If stylistic, it wasn't explicitly called out in project guidelines.
+- **50**: Moderately confident. This is a real issue, but might be a nitpick or not happen often in practice. Not very important relative to the rest of the changes.
+- **75**: Highly confident. Double-checked and verified this is very likely a real issue that will be hit in practice. The existing approach is insufficient. Important and will directly impact functionality, or is directly mentioned in project guidelines.
+- **100**: Absolutely certain. Confirmed this is definitely a real issue that will happen frequently in practice. The evidence directly confirms this.
+
+**Only report issues with confidence ≥ 80.** Focus on issues that truly matter - quality over quantity.
+
+## Output Guidance
+
+Start by clearly stating what you're reviewing. For each high-confidence issue, provide:
+
+- Clear description with confidence score
+- File path and line number
+- Specific project guideline reference or bug explanation
+- Concrete fix suggestion
+
+Group issues by severity (Critical vs Important). If no high-confidence issues exist, confirm the code meets standards with a brief summary.
+
+Structure your response for maximum actionability - developers should know exactly what to fix and why.

plugins/feature-dev/commands/feature-dev.md

@@ -0,0 +1,125 @@
+---
+description: Guided feature development with codebase understanding and architecture focus
+argument-hint: Optional feature description
+---
+
+# Feature Development
+
+You are helping a developer implement a new feature. Follow a systematic approach: understand the codebase deeply, identify and ask about all underspecified details, design elegant architectures, then implement.
+
+## Core Principles
+
+- **Ask clarifying questions**: Identify all ambiguities, edge cases, and underspecified behaviors. Ask specific, concrete questions rather than making assumptions. Wait for user answers before proceeding with implementation. Ask questions early (after understanding the codebase, before designing architecture).
+- **Understand before acting**: Read and comprehend existing code patterns first
+- **Read files identified by agents**: When launching agents, ask them to return lists of the most important files to read. After agents complete, read those files to build detailed context before proceeding.
+- **Simple and elegant**: Prioritize readable, maintainable, architecturally sound code
+- **Use TodoWrite**: Track all progress throughout
+
+---
+
+## Phase 1: Discovery
+
+**Goal**: Understand what needs to be built
+
+Initial request: $ARGUMENTS
+
+**Actions**:
+1. Create todo list with all phases
+2. If feature unclear, ask user for:
+   - What problem are they solving?
+   - What should the feature do?
+   - Any constraints or requirements?
+3. Summarize understanding and confirm with user
+
+---
+
+## Phase 2: Codebase Exploration
+
+**Goal**: Understand relevant existing code and patterns at both high and low levels
+
+**Actions**:
+1. Launch 2-3 code-explorer agents in parallel. Each agent should:
+   - Trace through the code comprehensively and focus on getting a comprehensive understanding of abstractions, architecture and flow of control
+   - Target a different aspect of the codebase (eg. similar features, high level understanding, architectural understanding, user experience, etc)
+   - Include a list of 5-10 key files to read
+
+   **Example agent prompts**:
+   - "Find features similar to [feature] and trace through their implementation comprehensively"
+   - "Map the architecture and abstractions for [feature area], tracing through the code comprehensively"
+   - "Analyze the current implementation of [existing feature/area], tracing through the code comprehensively"
+   - "Identify UI patterns, testing approaches, or extension points relevant to [feature]"
+
+2. Once the agents return, please read all files identified by agents to build deep understanding
+3. Present comprehensive summary of findings and patterns discovered
+
+---
+
+## Phase 3: Clarifying Questions
+
+**Goal**: Fill in gaps and resolve all ambiguities before designing
+
+**CRITICAL**: This is one of the most important phases. DO NOT SKIP.
+
+**Actions**:
+1. Review the codebase findings and original feature request
+2. Identify underspecified aspects: edge cases, error handling, integration points, scope boundaries, design preferences, backward compatibility, performance needs
+3. **Present all questions to the user in a clear, organized list**
+4. **Wait for answers before proceeding to architecture design**
+
+If the user says "whatever you think is best", provide your recommendation and get explicit confirmation.
+
+---
+
+## Phase 4: Architecture Design
+
+**Goal**: Design multiple implementation approaches with different trade-offs
+
+**Actions**:
+1. Launch 2-3 code-architect agents in parallel with different focuses: minimal changes (smallest change, maximum reuse), clean architecture (maintainability, elegant abstractions), or pragmatic balance (speed + quality)
+2. Review all approaches and form your opinion on which fits best for this specific task (consider: small fix vs large feature, urgency, complexity, team context)
+3. Present to user: brief summary of each approach, trade-offs comparison, **your recommendation with reasoning**, concrete implementation differences
+4. **Ask user which approach they prefer**
+
+---
+
+## Phase 5: Implementation
+
+**Goal**: Build the feature
+
+**DO NOT START WITHOUT USER APPROVAL**
+
+**Actions**:
+1. Wait for explicit user approval
+2. Read all relevant files identified in previous phases
+3. Implement following chosen architecture
+4. Follow codebase conventions strictly
+5. Write clean, well-documented code
+6. Update todos as you progress
+
+---
+
+## Phase 6: Quality Review
+
+**Goal**: Ensure code is simple, DRY, elegant, easy to read, and functionally correct
+
+**Actions**:
+1. Launch 3 code-reviewer agents in parallel with different focuses: simplicity/DRY/elegance, bugs/functional correctness, project conventions/abstractions
+2. Consolidate findings and identify highest severity issues that you recommend fixing
+3. **Present findings to user and ask what they want to do** (fix now, fix later, or proceed as-is)
+4. Address issues based on user decision
+
+---
+
+## Phase 7: Summary
+
+**Goal**: Document what was accomplished
+
+**Actions**:
+1. Mark all todos complete
+2. Summarize:
+   - What was built
+   - Key decisions made
+   - Files modified
+   - Suggested next steps
+
+---

plugins/frontend-design/.claude-plugin/plugin.json

@@ -0,0 +1,9 @@
+{
+  "name": "frontend-design",
+  "version": "1.0.0",
+  "description": "Frontend design skill for UI/UX implementation",
+  "author": {
+    "name": "Prithvi Rajasekaran, Alexander Bricken",
+    "email": "prithvi@anthropic.com, alexander@anthropic.com"
+  }
+}

plugins/frontend-design/README.md

@@ -0,0 +1,31 @@
+# Frontend Design Plugin
+
+Generates distinctive, production-grade frontend interfaces that avoid generic AI aesthetics.
+
+## What It Does
+
+Claude automatically uses this skill for frontend work. Creates production-ready code with:
+
+- Bold aesthetic choices
+- Distinctive typography and color palettes
+- High-impact animations and visual details
+- Context-aware implementation
+
+## Usage
+
+```
+"Create a dashboard for a music streaming app"
+"Build a landing page for an AI security startup"
+"Design a settings panel with dark mode"
+```
+
+Claude will choose a clear aesthetic direction and implement production code with meticulous attention to detail.
+
+## Learn More
+
+See the [Frontend Aesthetics Cookbook](https://github.com/anthropics/claude-cookbooks/blob/main/coding/prompting_for_frontend_aesthetics.ipynb) for detailed guidance on prompting for high-quality frontend design.
+
+## Authors
+
+Prithvi Rajasekaran (prithvi@anthropic.com)
+Alexander Bricken (alexander@anthropic.com)

plugins/frontend-design/skills/frontend-design/SKILL.md

@@ -0,0 +1,42 @@
+---
+name: frontend-design
+description: Create distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
+license: Complete terms in LICENSE.txt
+---
+
+This skill guides creation of distinctive, production-grade frontend interfaces that avoid generic "AI slop" aesthetics. Implement real working code with exceptional attention to aesthetic details and creative choices.
+
+The user provides frontend requirements: a component, page, application, or interface to build. They may include context about the purpose, audience, or technical constraints.
+
+## Design Thinking
+
+Before coding, understand the context and commit to a BOLD aesthetic direction:
+- **Purpose**: What problem does this interface solve? Who uses it?
+- **Tone**: Pick an extreme: brutally minimal, maximalist chaos, retro-futuristic, organic/natural, luxury/refined, playful/toy-like, editorial/magazine, brutalist/raw, art deco/geometric, soft/pastel, industrial/utilitarian, etc. There are so many flavors to choose from. Use these for inspiration but design one that is true to the aesthetic direction.
+- **Constraints**: Technical requirements (framework, performance, accessibility).
+- **Differentiation**: What makes this UNFORGETTABLE? What's the one thing someone will remember?
+
+**CRITICAL**: Choose a clear conceptual direction and execute it with precision. Bold maximalism and refined minimalism both work - the key is intentionality, not intensity.
+
+Then implement working code (HTML/CSS/JS, React, Vue, etc.) that is:
+- Production-grade and functional
+- Visually striking and memorable
+- Cohesive with a clear aesthetic point-of-view
+- Meticulously refined in every detail
+
+## Frontend Aesthetics Guidelines
+
+Focus on:
+- **Typography**: Choose fonts that are beautiful, unique, and interesting. Avoid generic fonts like Arial and Inter; opt instead for distinctive choices that elevate the frontend's aesthetics; unexpected, characterful font choices. Pair a distinctive display font with a refined body font.
+- **Color & Theme**: Commit to a cohesive aesthetic. Use CSS variables for consistency. Dominant colors with sharp accents outperform timid, evenly-distributed palettes.
+- **Motion**: Use animations for effects and micro-interactions. Prioritize CSS-only solutions for HTML. Use Motion library for React when available. Focus on high-impact moments: one well-orchestrated page load with staggered reveals (animation-delay) creates more delight than scattered micro-interactions. Use scroll-triggering and hover states that surprise.
+- **Spatial Composition**: Unexpected layouts. Asymmetry. Overlap. Diagonal flow. Grid-breaking elements. Generous negative space OR controlled density.
+- **Backgrounds & Visual Details**: Create atmosphere and depth rather than defaulting to solid colors. Add contextual effects and textures that match the overall aesthetic. Apply creative forms like gradient meshes, noise textures, geometric patterns, layered transparencies, dramatic shadows, decorative borders, custom cursors, and grain overlays.
+
+NEVER use generic AI-generated aesthetics like overused font families (Inter, Roboto, Arial, system fonts), cliched color schemes (particularly purple gradients on white backgrounds), predictable layouts and component patterns, and cookie-cutter design that lacks context-specific character.
+
+Interpret creatively and make unexpected choices that feel genuinely designed for the context. No design should be the same. Vary between light and dark themes, different fonts, different aesthetics. NEVER converge on common choices (Space Grotesk, for example) across generations.
+
+**IMPORTANT**: Match implementation complexity to the aesthetic vision. Maximalist designs need elaborate code with extensive animations and effects. Minimalist or refined designs need restraint, precision, and careful attention to spacing, typography, and subtle details. Elegance comes from executing the vision well.
+
+Remember: Claude is capable of extraordinary creative work. Don't hold back, show what can truly be created when thinking outside the box and committing fully to a distinctive vision.

plugins/hookify/.claude-plugin/plugin.json

@@ -0,0 +1,9 @@
+{
+  "name": "hookify",
+  "version": "0.1.0",
+  "description": "Easily create hooks to prevent unwanted behaviors by analyzing conversation patterns",
+  "author": {
+    "name": "Daisy Hollman",
+    "email": "daisy@anthropic.com"
+  }
+}

plugins/hookify/.gitignore

@@ -0,0 +1,30 @@
+# Python
+__pycache__/
+*.py[cod]
+*$py.class
+*.so
+.Python
+
+# Virtual environments
+venv/
+env/
+ENV/
+
+# IDE
+.vscode/
+.idea/
+*.swp
+*.swo
+
+# OS
+.DS_Store
+Thumbs.db
+
+# Testing
+.pytest_cache/
+.coverage
+htmlcov/
+
+# Local configuration (should not be committed)
+.claude/*.local.md
+.claude/*.local.json

plugins/hookify/README.md

@@ -0,0 +1,340 @@
+# Hookify Plugin
+
+Easily create custom hooks to prevent unwanted behaviors by analyzing conversation patterns or from explicit instructions.
+
+## Overview
+
+The hookify plugin makes it simple to create hooks without editing complex `hooks.json` files. Instead, you create lightweight markdown configuration files that define patterns to watch for and messages to show when those patterns match.
+
+**Key features:**
+- 🎯 Analyze conversations to find unwanted behaviors automatically
+- 📝 Simple markdown configuration files with YAML frontmatter
+- 🔍 Regex pattern matching for powerful rules
+- 🚀 No coding required - just describe the behavior
+- 🔄 Easy enable/disable without restarting
+
+## Quick Start
+
+### 1. Create Your First Rule
+
+```bash
+/hookify Warn me when I use rm -rf commands
+```
+
+This analyzes your request and creates `.claude/hookify.warn-rm.local.md`.
+
+### 2. Test It Immediately
+
+**No restart needed!** Rules take effect on the very next tool use.
+
+Ask Claude to run a command that should trigger the rule:
+```
+Run rm -rf /tmp/test
+```
+
+You should see the warning message immediately!
+
+## Usage
+
+### Main Command: /hookify
+
+**With arguments:**
+```
+/hookify Don't use console.log in TypeScript files
+```
+Creates a rule from your explicit instructions.
+
+**Without arguments:**
+```
+/hookify
+```
+Analyzes recent conversation to find behaviors you've corrected or been frustrated by.
+
+### Helper Commands
+
+**List all rules:**
+```
+/hookify:list
+```
+
+**Configure rules interactively:**
+```
+/hookify:configure
+```
+Enable/disable existing rules through an interactive interface.
+
+**Get help:**
+```
+/hookify:help
+```
+
+## Rule Configuration Format
+
+### Simple Rule (Single Pattern)
+
+`.claude/hookify.dangerous-rm.local.md`:
+```markdown
+---
+name: block-dangerous-rm
+enabled: true
+event: bash
+pattern: rm\s+-rf
+action: block
+---
+
+⚠️ **Dangerous rm command detected!**
+
+This command could delete important files. Please:
+- Verify the path is correct
+- Consider using a safer approach
+- Make sure you have backups
+```
+
+**Action field:**
+- `warn`: Shows warning but allows operation (default)
+- `block`: Prevents operation from executing (PreToolUse) or stops session (Stop events)
+
+### Advanced Rule (Multiple Conditions)
+
+`.claude/hookify.sensitive-files.local.md`:
+```markdown
+---
+name: warn-sensitive-files
+enabled: true
+event: file
+action: warn
+conditions:
+  - field: file_path
+    operator: regex_match
+    pattern: \.env$|credentials|secrets
+  - field: new_text
+    operator: contains
+    pattern: KEY
+---
+
+🔐 **Sensitive file edit detected!**
+
+Ensure credentials are not hardcoded and file is in .gitignore.
+```
+
+**All conditions must match** for the rule to trigger.
+
+## Event Types
+
+- **`bash`**: Triggers on Bash tool commands
+- **`file`**: Triggers on Edit, Write, MultiEdit tools
+- **`stop`**: Triggers when Claude wants to stop (for completion checks)
+- **`prompt`**: Triggers on user prompt submission
+- **`all`**: Triggers on all events
+
+## Pattern Syntax
+
+Use Python regex syntax:
+
+| Pattern | Matches | Example |
+|---------|---------|---------|
+| `rm\s+-rf` | rm -rf | rm -rf /tmp |
+| `console\.log\(` | console.log( | console.log("test") |
+| `(eval\|exec)\(` | eval( or exec( | eval("code") |
+| `\.env$` | files ending in .env | .env, .env.local |
+| `chmod\s+777` | chmod 777 | chmod 777 file.txt |
+
+**Tips:**
+- Use `\s` for whitespace
+- Escape special chars: `\.` for literal dot
+- Use `|` for OR: `(foo|bar)`
+- Use `.*` to match anything
+- Set `action: block` for dangerous operations
+- Set `action: warn` (or omit) for informational warnings
+
+## Examples
+
+### Example 1: Block Dangerous Commands
+
+```markdown
+---
+name: block-destructive-ops
+enabled: true
+event: bash
+pattern: rm\s+-rf|dd\s+if=|mkfs|format
+action: block
+---
+
+🛑 **Destructive operation detected!**
+
+This command can cause data loss. Operation blocked for safety.
+Please verify the exact path and use a safer approach.
+```
+
+**This rule blocks the operation** - Claude will not be allowed to execute these commands.
+
+### Example 2: Warn About Debug Code
+
+```markdown
+---
+name: warn-debug-code
+enabled: true
+event: file
+pattern: console\.log\(|debugger;|print\(
+action: warn
+---
+
+🐛 **Debug code detected**
+
+Remember to remove debugging statements before committing.
+```
+
+**This rule warns but allows** - Claude sees the message but can still proceed.
+
+### Example 3: Require Tests Before Stopping
+
+```markdown
+---
+name: require-tests-run
+enabled: false
+event: stop
+action: block
+conditions:
+  - field: transcript
+    operator: not_contains
+    pattern: npm test|pytest|cargo test
+---
+
+**Tests not detected in transcript!**
+
+Before stopping, please run tests to verify your changes work correctly.
+```
+
+**This blocks Claude from stopping** if no test commands appear in the session transcript. Enable only when you want strict enforcement.
+
+## Advanced Usage
+
+### Multiple Conditions
+
+Check multiple fields simultaneously:
+
+```markdown
+---
+name: api-key-in-typescript
+enabled: true
+event: file
+conditions:
+  - field: file_path
+    operator: regex_match
+    pattern: \.tsx?$
+  - field: new_text
+    operator: regex_match
+    pattern: (API_KEY|SECRET|TOKEN)\s*=\s*["']
+---
+
+🔐 **Hardcoded credential in TypeScript!**
+
+Use environment variables instead of hardcoded values.
+```
+
+### Operators Reference
+
+- `regex_match`: Pattern must match (most common)
+- `contains`: String must contain pattern
+- `equals`: Exact string match
+- `not_contains`: String must NOT contain pattern
+- `starts_with`: String starts with pattern
+- `ends_with`: String ends with pattern
+
+### Field Reference
+
+**For bash events:**
+- `command`: The bash command string
+
+**For file events:**
+- `file_path`: Path to file being edited
+- `new_text`: New content being added (Edit, Write)
+- `old_text`: Old content being replaced (Edit only)
+- `content`: File content (Write only)
+
+**For prompt events:**
+- `user_prompt`: The user's submitted prompt text
+
+**For stop events:**
+- Use general matching on session state
+
+## Management
+
+### Enable/Disable Rules
+
+**Temporarily disable:**
+Edit the `.local.md` file and set `enabled: false`
+
+**Re-enable:**
+Set `enabled: true`
+
+**Or use interactive tool:**
+```
+/hookify:configure
+```
+
+### Delete Rules
+
+Simply delete the `.local.md` file:
+```bash
+rm .claude/hookify.my-rule.local.md
+```
+
+### View All Rules
+
+```
+/hookify:list
+```
+
+## Installation
+
+This plugin is part of the Claude Code Marketplace. It should be auto-discovered when the marketplace is installed.
+
+**Manual testing:**
+```bash
+cc --plugin-dir /path/to/hookify
+```
+
+## Requirements
+
+- Python 3.7+
+- No external dependencies (uses stdlib only)
+
+## Troubleshooting
+
+**Rule not triggering:**
+1. Check rule file exists in `.claude/` directory (in project root, not plugin directory)
+2. Verify `enabled: true` in frontmatter
+3. Test regex pattern separately
+4. Rules should work immediately - no restart needed
+5. Try `/hookify:list` to see if rule is loaded
+
+**Import errors:**
+- Ensure Python 3 is available: `python3 --version`
+- Check hookify plugin is installed
+
+**Pattern not matching:**
+- Test regex: `python3 -c "import re; print(re.search(r'pattern', 'text'))"`
+- Use unquoted patterns in YAML to avoid escaping issues
+- Start simple, then add complexity
+
+**Hook seems slow:**
+- Keep patterns simple (avoid complex regex)
+- Use specific event types (bash, file) instead of "all"
+- Limit number of active rules
+
+## Contributing
+
+Found a useful rule pattern? Consider sharing example files via PR!
+
+## Future Enhancements
+
+- Severity levels (error/warning/info distinctions)
+- Rule templates library
+- Interactive pattern builder
+- Hook testing utilities
+- JSON format support (in addition to markdown)
+
+## License
+
+MIT License

plugins/hookify/agents/conversation-analyzer.md

@@ -0,0 +1,176 @@
+---
+name: conversation-analyzer
+description: Use this agent when analyzing conversation transcripts to find behaviors worth preventing with hooks. Examples: <example>Context: User is running /hookify command without arguments\nuser: "/hookify"\nassistant: "I'll analyze the conversation to find behaviors you want to prevent"\n<commentary>The /hookify command without arguments triggers conversation analysis to find unwanted behaviors.</commentary></example><example>Context: User wants to create hooks from recent frustrations\nuser: "Can you look back at this conversation and help me create hooks for the mistakes you made?"\nassistant: "I'll use the conversation-analyzer agent to identify the issues and suggest hooks."\n<commentary>User explicitly asks to analyze conversation for mistakes that should be prevented.</commentary></example>
+model: inherit
+color: yellow
+tools: ["Read", "Grep"]
+---
+
+You are a conversation analysis specialist that identifies problematic behaviors in Claude Code sessions that could be prevented with hooks.
+
+**Your Core Responsibilities:**
+1. Read and analyze user messages to find frustration signals
+2. Identify specific tool usage patterns that caused issues
+3. Extract actionable patterns that can be matched with regex
+4. Categorize issues by severity and type
+5. Provide structured findings for hook rule generation
+
+**Analysis Process:**
+
+### 1. Search for User Messages Indicating Issues
+
+Read through user messages in reverse chronological order (most recent first). Look for:
+
+**Explicit correction requests:**
+- "Don't use X"
+- "Stop doing Y"
+- "Please don't Z"
+- "Avoid..."
+- "Never..."
+
+**Frustrated reactions:**
+- "Why did you do X?"
+- "I didn't ask for that"
+- "That's not what I meant"
+- "That was wrong"
+
+**Corrections and reversions:**
+- User reverting changes Claude made
+- User fixing issues Claude created
+- User providing step-by-step corrections
+
+**Repeated issues:**
+- Same type of mistake multiple times
+- User having to remind multiple times
+- Pattern of similar problems
+
+### 2. Identify Tool Usage Patterns
+
+For each issue, determine:
+- **Which tool**: Bash, Edit, Write, MultiEdit
+- **What action**: Specific command or code pattern
+- **When it happened**: During what task/phase
+- **Why problematic**: User's stated reason or implicit concern
+
+**Extract concrete examples:**
+- For Bash: Actual command that was problematic
+- For Edit/Write: Code pattern that was added
+- For Stop: What was missing before stopping
+
+### 3. Create Regex Patterns
+
+Convert behaviors into matchable patterns:
+
+**Bash command patterns:**
+- `rm\s+-rf` for dangerous deletes
+- `sudo\s+` for privilege escalation
+- `chmod\s+777` for permission issues
+
+**Code patterns (Edit/Write):**
+- `console\.log\(` for debug logging
+- `eval\(|new Function\(` for dangerous eval
+- `innerHTML\s*=` for XSS risks
+
+**File path patterns:**
+- `\.env$` for environment files
+- `/node_modules/` for dependency files
+- `dist/|build/` for generated files
+
+### 4. Categorize Severity
+
+**High severity (should block in future):**
+- Dangerous commands (rm -rf, chmod 777)
+- Security issues (hardcoded secrets, eval)
+- Data loss risks
+
+**Medium severity (warn):**
+- Style violations (console.log in production)
+- Wrong file types (editing generated files)
+- Missing best practices
+
+**Low severity (optional):**
+- Preferences (coding style)
+- Non-critical patterns
+
+### 5. Output Format
+
+Return your findings as structured text in this format:
+
+```
+## Hookify Analysis Results
+
+### Issue 1: Dangerous rm Commands
+**Severity**: High
+**Tool**: Bash
+**Pattern**: `rm\s+-rf`
+**Occurrences**: 3 times
+**Context**: Used rm -rf on /tmp directories without verification
+**User Reaction**: "Please be more careful with rm commands"
+
+**Suggested Rule:**
+- Name: warn-dangerous-rm
+- Event: bash
+- Pattern: rm\s+-rf
+- Message: "Dangerous rm command detected. Verify path before proceeding."
+
+---
+
+### Issue 2: Console.log in TypeScript
+**Severity**: Medium
+**Tool**: Edit/Write
+**Pattern**: `console\.log\(`
+**Occurrences**: 2 times
+**Context**: Added console.log statements to production TypeScript files
+**User Reaction**: "Don't use console.log in production code"
+
+**Suggested Rule:**
+- Name: warn-console-log
+- Event: file
+- Pattern: console\.log\(
+- Message: "Console.log detected. Use proper logging library instead."
+
+---
+
+[Continue for each issue found...]
+
+## Summary
+
+Found {N} behaviors worth preventing:
+- {N} high severity
+- {N} medium severity
+- {N} low severity
+
+Recommend creating rules for high and medium severity issues.
+```
+
+**Quality Standards:**
+- Be specific about patterns (don't be overly broad)
+- Include actual examples from conversation
+- Explain why each issue matters
+- Provide ready-to-use regex patterns
+- Don't false-positive on discussions about what NOT to do
+
+**Edge Cases:**
+
+**User discussing hypotheticals:**
+- "What would happen if I used rm -rf?"
+- Don't treat as problematic behavior
+
+**Teaching moments:**
+- "Here's what you shouldn't do: ..."
+- Context indicates explanation, not actual problem
+
+**One-time accidents:**
+- Single occurrence, already fixed
+- Mention but mark as low priority
+
+**Subjective preferences:**
+- "I prefer X over Y"
+- Mark as low severity, let user decide
+
+**Return Results:**
+Provide your analysis in the structured format above. The /hookify command will use this to:
+1. Present findings to user
+2. Ask which rules to create
+3. Generate .local.md configuration files
+4. Save rules to .claude directory

plugins/hookify/commands/configure.md

@@ -0,0 +1,128 @@
+---
+description: Enable or disable hookify rules interactively
+allowed-tools: ["Glob", "Read", "Edit", "AskUserQuestion", "Skill"]
+---
+
+# Configure Hookify Rules
+
+**Load hookify:writing-rules skill first** to understand rule format.
+
+Enable or disable existing hookify rules using an interactive interface.
+
+## Steps
+
+### 1. Find Existing Rules
+
+Use Glob tool to find all hookify rule files:
+```
+pattern: ".claude/hookify.*.local.md"
+```
+
+If no rules found, inform user:
+```
+No hookify rules configured yet. Use `/hookify` to create your first rule.
+```
+
+### 2. Read Current State
+
+For each rule file:
+- Read the file
+- Extract `name` and `enabled` fields from frontmatter
+- Build list of rules with current state
+
+### 3. Ask User Which Rules to Toggle
+
+Use AskUserQuestion to let user select rules:
+
+```json
+{
+  "questions": [
+    {
+      "question": "Which rules would you like to enable or disable?",
+      "header": "Configure",
+      "multiSelect": true,
+      "options": [
+        {
+          "label": "warn-dangerous-rm (currently enabled)",
+          "description": "Warns about rm -rf commands"
+        },
+        {
+          "label": "warn-console-log (currently disabled)",
+          "description": "Warns about console.log in code"
+        },
+        {
+          "label": "require-tests (currently enabled)",
+          "description": "Requires tests before stopping"
+        }
+      ]
+    }
+  ]
+}
+```
+
+**Option format:**
+- Label: `{rule-name} (currently {enabled|disabled})`
+- Description: Brief description from rule's message or pattern
+
+### 4. Parse User Selection
+
+For each selected rule:
+- Determine current state from label (enabled/disabled)
+- Toggle state: enabled → disabled, disabled → enabled
+
+### 5. Update Rule Files
+
+For each rule to toggle:
+- Use Read tool to read current content
+- Use Edit tool to change `enabled: true` to `enabled: false` (or vice versa)
+- Handle both with and without quotes
+
+**Edit pattern for enabling:**
+```
+old_string: "enabled: false"
+new_string: "enabled: true"
+```
+
+**Edit pattern for disabling:**
+```
+old_string: "enabled: true"
+new_string: "enabled: false"
+```
+
+### 6. Confirm Changes
+
+Show user what was changed:
+
+```
+## Hookify Rules Updated
+
+**Enabled:**
+- warn-console-log
+
+**Disabled:**
+- warn-dangerous-rm
+
+**Unchanged:**
+- require-tests
+
+Changes apply immediately - no restart needed
+```
+
+## Important Notes
+
+- Changes take effect immediately on next tool use
+- You can also manually edit .claude/hookify.*.local.md files
+- To permanently remove a rule, delete its .local.md file
+- Use `/hookify:list` to see all configured rules
+
+## Edge Cases
+
+**No rules to configure:**
+- Show message about using `/hookify` to create rules first
+
+**User selects no rules:**
+- Inform that no changes were made
+
+**File read/write errors:**
+- Inform user of specific error
+- Suggest manual editing as fallback

plugins/hookify/commands/help.md

@@ -0,0 +1,175 @@
+---
+description: Get help with the hookify plugin
+allowed-tools: ["Read"]
+---
+
+# Hookify Plugin Help
+
+Explain how the hookify plugin works and how to use it.
+
+## Overview
+
+The hookify plugin makes it easy to create custom hooks that prevent unwanted behaviors. Instead of editing `hooks.json` files, users create simple markdown configuration files that define patterns to watch for.
+
+## How It Works
+
+### 1. Hook System
+
+Hookify installs generic hooks that run on these events:
+- **PreToolUse**: Before any tool executes (Bash, Edit, Write, etc.)
+- **PostToolUse**: After a tool executes
+- **Stop**: When Claude wants to stop working
+- **UserPromptSubmit**: When user submits a prompt
+
+These hooks read configuration files from `.claude/hookify.*.local.md` and check if any rules match the current operation.
+
+### 2. Configuration Files
+
+Users create rules in `.claude/hookify.{rule-name}.local.md` files:
+
+```markdown
+---
+name: warn-dangerous-rm
+enabled: true
+event: bash
+pattern: rm\s+-rf
+---
+
+⚠️ **Dangerous rm command detected!**
+
+This command could delete important files. Please verify the path.
+```
+
+**Key fields:**
+- `name`: Unique identifier for the rule
+- `enabled`: true/false to activate/deactivate
+- `event`: bash, file, stop, prompt, or all
+- `pattern`: Regex pattern to match
+
+The message body is what Claude sees when the rule triggers.
+
+### 3. Creating Rules
+
+**Option A: Use /hookify command**
+```
+/hookify Don't use console.log in production files
+```
+
+This analyzes your request and creates the appropriate rule file.
+
+**Option B: Create manually**
+Create `.claude/hookify.my-rule.local.md` with the format above.
+
+**Option C: Analyze conversation**
+```
+/hookify
+```
+
+Without arguments, hookify analyzes recent conversation to find behaviors you want to prevent.
+
+## Available Commands
+
+- **`/hookify`** - Create hooks from conversation analysis or explicit instructions
+- **`/hookify:help`** - Show this help (what you're reading now)
+- **`/hookify:list`** - List all configured hooks
+- **`/hookify:configure`** - Enable/disable existing hooks interactively
+
+## Example Use Cases
+
+**Prevent dangerous commands:**
+```markdown
+---
+name: block-chmod-777
+enabled: true
+event: bash
+pattern: chmod\s+777
+---
+
+Don't use chmod 777 - it's a security risk. Use specific permissions instead.
+```
+
+**Warn about debugging code:**
+```markdown
+---
+name: warn-console-log
+enabled: true
+event: file
+pattern: console\.log\(
+---
+
+Console.log detected. Remember to remove debug logging before committing.
+```
+
+**Require tests before stopping:**
+```markdown
+---
+name: require-tests
+enabled: true
+event: stop
+pattern: .*
+---
+
+Did you run tests before finishing? Make sure `npm test` or equivalent was executed.
+```
+
+## Pattern Syntax
+
+Use Python regex syntax:
+- `\s` - whitespace
+- `\.` - literal dot
+- `|` - OR
+- `+` - one or more
+- `*` - zero or more
+- `\d` - digit
+- `[abc]` - character class
+
+**Examples:**
+- `rm\s+-rf` - matches "rm -rf"
+- `console\.log\(` - matches "console.log("
+- `(eval|exec)\(` - matches "eval(" or "exec("
+- `\.env$` - matches files ending in .env
+
+## Important Notes
+
+**No Restart Needed**: Hookify rules (`.local.md` files) take effect immediately on the next tool use. The hookify hooks are already loaded and read your rules dynamically.
+
+**Block or Warn**: Rules can either `block` operations (prevent execution) or `warn` (show message but allow). Set `action: block` or `action: warn` in the rule's frontmatter.
+
+**Rule Files**: Keep rules in `.claude/hookify.*.local.md` - they should be git-ignored (add to .gitignore if needed).
+
+**Disable Rules**: Set `enabled: false` in frontmatter or delete the file.
+
+## Troubleshooting
+
+**Hook not triggering:**
+- Check rule file is in `.claude/` directory
+- Verify `enabled: true` in frontmatter
+- Confirm pattern is valid regex
+- Test pattern: `python3 -c "import re; print(re.search('your_pattern', 'test_text'))"`
+- Rules take effect immediately - no restart needed
+
+**Import errors:**
+- Check Python 3 is available: `python3 --version`
+- Verify hookify plugin is installed correctly
+
+**Pattern not matching:**
+- Test regex separately
+- Check for escaping issues (use unquoted patterns in YAML)
+- Try simpler pattern first, then refine
+
+## Getting Started
+
+1. Create your first rule:
+   ```
+   /hookify Warn me when I try to use rm -rf
+   ```
+
+2. Try to trigger it:
+   - Ask Claude to run `rm -rf /tmp/test`
+   - You should see the warning
+
+4. Refine the rule by editing `.claude/hookify.warn-rm.local.md`
+
+5. Create more rules as you encounter unwanted behaviors
+
+For more examples, check the `${CLAUDE_PLUGIN_ROOT}/examples/` directory.

plugins/hookify/commands/hookify.md

@@ -0,0 +1,231 @@
+---
+description: Create hooks to prevent unwanted behaviors from conversation analysis or explicit instructions
+argument-hint: Optional specific behavior to address
+allowed-tools: ["Read", "Write", "AskUserQuestion", "Task", "Grep", "TodoWrite", "Skill"]
+---
+
+# Hookify - Create Hooks from Unwanted Behaviors
+
+**FIRST: Load the hookify:writing-rules skill** using the Skill tool to understand rule file format and syntax.
+
+Create hook rules to prevent problematic behaviors by analyzing the conversation or from explicit user instructions.
+
+## Your Task
+
+You will help the user create hookify rules to prevent unwanted behaviors. Follow these steps:
+
+### Step 1: Gather Behavior Information
+
+**If $ARGUMENTS is provided:**
+- User has given specific instructions: `$ARGUMENTS`
+- Still analyze recent conversation (last 10-15 user messages) for additional context
+- Look for examples of the behavior happening
+
+**If $ARGUMENTS is empty:**
+- Launch the conversation-analyzer agent to find problematic behaviors
+- Agent will scan user prompts for frustration signals
+- Agent will return structured findings
+
+**To analyze conversation:**
+Use the Task tool to launch conversation-analyzer agent:
+```
+{
+  "subagent_type": "general-purpose",
+  "description": "Analyze conversation for unwanted behaviors",
+  "prompt": "You are analyzing a Claude Code conversation to find behaviors the user wants to prevent.
+
+Read user messages in the current conversation and identify:
+1. Explicit requests to avoid something (\"don't do X\", \"stop doing Y\")
+2. Corrections or reversions (user fixing Claude's actions)
+3. Frustrated reactions (\"why did you do X?\", \"I didn't ask for that\")
+4. Repeated issues (same problem multiple times)
+
+For each issue found, extract:
+- What tool was used (Bash, Edit, Write, etc.)
+- Specific pattern or command
+- Why it was problematic
+- User's stated reason
+
+Return findings as a structured list with:
+- category: Type of issue
+- tool: Which tool was involved
+- pattern: Regex or literal pattern to match
+- context: What happened
+- severity: high/medium/low
+
+Focus on the most recent issues (last 20-30 messages). Don't go back further unless explicitly asked."
+}
+```
+
+### Step 2: Present Findings to User
+
+After gathering behaviors (from arguments or agent), present to user using AskUserQuestion:
+
+**Question 1: Which behaviors to hookify?**
+- Header: "Create Rules"
+- multiSelect: true
+- Options: List each detected behavior (max 4)
+  - Label: Short description (e.g., "Block rm -rf")
+  - Description: Why it's problematic
+
+**Question 2: For each selected behavior, ask about action:**
+- "Should this block the operation or just warn?"
+- Options:
+  - "Just warn" (action: warn - shows message but allows)
+  - "Block operation" (action: block - prevents execution)
+
+**Question 3: Ask for example patterns:**
+- "What patterns should trigger this rule?"
+- Show detected patterns
+- Allow user to refine or add more
+
+### Step 3: Generate Rule Files
+
+For each confirmed behavior, create a `.claude/hookify.{rule-name}.local.md` file:
+
+**Rule naming convention:**
+- Use kebab-case
+- Be descriptive: `block-dangerous-rm`, `warn-console-log`, `require-tests-before-stop`
+- Start with action verb: block, warn, prevent, require
+
+**File format:**
+```markdown
+---
+name: {rule-name}
+enabled: true
+event: {bash|file|stop|prompt|all}
+pattern: {regex pattern}
+action: {warn|block}
+---
+
+{Message to show Claude when rule triggers}
+```
+
+**Action values:**
+- `warn`: Show message but allow operation (default)
+- `block`: Prevent operation or stop session
+
+**For more complex rules (multiple conditions):**
+```markdown
+---
+name: {rule-name}
+enabled: true
+event: file
+conditions:
+  - field: file_path
+    operator: regex_match
+    pattern: \.env$
+  - field: new_text
+    operator: contains
+    pattern: API_KEY
+---
+
+{Warning message}
+```
+
+### Step 4: Create Files and Confirm
+
+**IMPORTANT**: Rule files must be created in the current working directory's `.claude/` folder, NOT the plugin directory.
+
+Use the current working directory (where Claude Code was started) as the base path.
+
+1. Check if `.claude/` directory exists in current working directory
+   - If not, create it first with: `mkdir -p .claude`
+
+2. Use Write tool to create each `.claude/hookify.{name}.local.md` file
+   - Use relative path from current working directory: `.claude/hookify.{name}.local.md`
+   - The path should resolve to the project's .claude directory, not the plugin's
+
+3. Show user what was created:
+   ```
+   Created 3 hookify rules:
+   - .claude/hookify.dangerous-rm.local.md
+   - .claude/hookify.console-log.local.md
+   - .claude/hookify.sensitive-files.local.md
+
+   These rules will trigger on:
+   - dangerous-rm: Bash commands matching "rm -rf"
+   - console-log: Edits adding console.log statements
+   - sensitive-files: Edits to .env or credentials files
+   ```
+
+4. Verify files were created in the correct location by listing them
+
+5. Inform user: **"Rules are active immediately - no restart needed!"**
+
+   The hookify hooks are already loaded and will read your new rules on the next tool use.
+
+## Event Types Reference
+
+- **bash**: Matches Bash tool commands
+- **file**: Matches Edit, Write, MultiEdit tools
+- **stop**: Matches when agent wants to stop (use for completion checks)
+- **prompt**: Matches when user submits prompts
+- **all**: Matches all events
+
+## Pattern Writing Tips
+
+**Bash patterns:**
+- Match dangerous commands: `rm\s+-rf|chmod\s+777|dd\s+if=`
+- Match specific tools: `npm\s+install\s+|pip\s+install`
+
+**File patterns:**
+- Match code patterns: `console\.log\(|eval\(|innerHTML\s*=`
+- Match file paths: `\.env$|\.git/|node_modules/`
+
+**Stop patterns:**
+- Check for missing steps: (check transcript or completion criteria)
+
+## Example Workflow
+
+**User says**: "/hookify Don't use rm -rf without asking me first"
+
+**Your response**:
+1. Analyze: User wants to prevent rm -rf commands
+2. Ask: "Should I block this command or just warn you?"
+3. User selects: "Just warn"
+4. Create `.claude/hookify.dangerous-rm.local.md`:
+   ```markdown
+   ---
+   name: warn-dangerous-rm
+   enabled: true
+   event: bash
+   pattern: rm\s+-rf
+   ---
+
+   ⚠️ **Dangerous rm command detected**
+
+   You requested to be warned before using rm -rf.
+   Please verify the path is correct.
+   ```
+5. Confirm: "Created hookify rule. It's active immediately - try triggering it!"
+
+## Important Notes
+
+- **No restart needed**: Rules take effect immediately on the next tool use
+- **File location**: Create files in project's `.claude/` directory (current working directory), NOT the plugin's .claude/
+- **Regex syntax**: Use Python regex syntax (raw strings, no need to escape in YAML)
+- **Action types**: Rules can `warn` (default) or `block` operations
+- **Testing**: Test rules immediately after creating them
+
+## Troubleshooting
+
+**If rule file creation fails:**
+1. Check current working directory with pwd
+2. Ensure `.claude/` directory exists (create with mkdir if needed)
+3. Use absolute path if needed: `{cwd}/.claude/hookify.{name}.local.md`
+4. Verify file was created with Glob or ls
+
+**If rule doesn't trigger after creation:**
+1. Verify file is in project `.claude/` not plugin `.claude/`
+2. Check file with Read tool to ensure pattern is correct
+3. Test pattern with: `python3 -c "import re; print(re.search(r'pattern', 'test text'))"`
+4. Verify `enabled: true` in frontmatter
+5. Remember: Rules work immediately, no restart needed
+
+**If blocking seems too strict:**
+1. Change `action: block` to `action: warn` in the rule file
+2. Or adjust the pattern to be more specific
+3. Changes take effect on next tool use
+
+Use TodoWrite to track your progress through the steps.

plugins/hookify/commands/list.md

@@ -0,0 +1,82 @@
+---
+description: List all configured hookify rules
+allowed-tools: ["Glob", "Read", "Skill"]
+---
+
+# List Hookify Rules
+
+**Load hookify:writing-rules skill first** to understand rule format.
+
+Show all configured hookify rules in the project.
+
+## Steps
+
+1. Use Glob tool to find all hookify rule files:
+   ```
+   pattern: ".claude/hookify.*.local.md"
+   ```
+
+2. For each file found:
+   - Use Read tool to read the file
+   - Extract frontmatter fields: name, enabled, event, pattern
+   - Extract message preview (first 100 chars)
+
+3. Present results in a table:
+
+```
+## Configured Hookify Rules
+
+| Name | Enabled | Event | Pattern | File |
+|------|---------|-------|---------|------|
+| warn-dangerous-rm | ✅ Yes | bash | rm\s+-rf | hookify.dangerous-rm.local.md |
+| warn-console-log | ✅ Yes | file | console\.log\( | hookify.console-log.local.md |
+| check-tests | ❌ No | stop | .* | hookify.require-tests.local.md |
+
+**Total**: 3 rules (2 enabled, 1 disabled)
+```
+
+4. For each rule, show a brief preview:
+```
+### warn-dangerous-rm
+**Event**: bash
+**Pattern**: `rm\s+-rf`
+**Message**: "⚠️ **Dangerous rm command detected!** This command could delete..."
+
+**Status**: ✅ Active
+**File**: .claude/hookify.dangerous-rm.local.md
+```
+
+5. Add helpful footer:
+```
+---
+
+To modify a rule: Edit the .local.md file directly
+To disable a rule: Set `enabled: false` in frontmatter
+To enable a rule: Set `enabled: true` in frontmatter
+To delete a rule: Remove the .local.md file
+To create a rule: Use `/hookify` command
+
+**Remember**: Changes take effect immediately - no restart needed
+```
+
+## If No Rules Found
+
+If no hookify rules exist:
+
+```
+## No Hookify Rules Configured
+
+You haven't created any hookify rules yet.
+
+To get started:
+1. Use `/hookify` to analyze conversation and create rules
+2. Or manually create `.claude/hookify.my-rule.local.md` files
+3. See `/hookify:help` for documentation
+
+Example:
+```
+/hookify Warn me when I use console.log
+```
+
+Check `${CLAUDE_PLUGIN_ROOT}/examples/` for example rule files.
+```

plugins/hookify/core/config_loader.py

@@ -0,0 +1,297 @@
+#!/usr/bin/env python3
+"""Configuration loader for hookify plugin.
+
+Loads and parses .claude/hookify.*.local.md files.
+"""
+
+import os
+import sys
+import glob
+import re
+from typing import List, Optional, Dict, Any
+from dataclasses import dataclass, field
+
+
+@dataclass
+class Condition:
+    """A single condition for matching."""
+    field: str  # "command", "new_text", "old_text", "file_path", etc.
+    operator: str  # "regex_match", "contains", "equals", etc.
+    pattern: str  # Pattern to match
+
+    @classmethod
+    def from_dict(cls, data: Dict[str, Any]) -> 'Condition':
+        """Create Condition from dict."""
+        return cls(
+            field=data.get('field', ''),
+            operator=data.get('operator', 'regex_match'),
+            pattern=data.get('pattern', '')
+        )
+
+
+@dataclass
+class Rule:
+    """A hookify rule."""
+    name: str
+    enabled: bool
+    event: str  # "bash", "file", "stop", "all", etc.
+    pattern: Optional[str] = None  # Simple pattern (legacy)
+    conditions: List[Condition] = field(default_factory=list)
+    action: str = "warn"  # "warn" or "block" (future)
+    tool_matcher: Optional[str] = None  # Override tool matching
+    message: str = ""  # Message body from markdown
+
+    @classmethod
+    def from_dict(cls, frontmatter: Dict[str, Any], message: str) -> 'Rule':
+        """Create Rule from frontmatter dict and message body."""
+        # Handle both simple pattern and complex conditions
+        conditions = []
+
+        # New style: explicit conditions list
+        if 'conditions' in frontmatter:
+            cond_list = frontmatter['conditions']
+            if isinstance(cond_list, list):
+                conditions = [Condition.from_dict(c) for c in cond_list]
+
+        # Legacy style: simple pattern field
+        simple_pattern = frontmatter.get('pattern')
+        if simple_pattern and not conditions:
+            # Convert simple pattern to condition
+            # Infer field from event
+            event = frontmatter.get('event', 'all')
+            if event == 'bash':
+                field = 'command'
+            elif event == 'file':
+                field = 'new_text'
+            else:
+                field = 'content'
+
+            conditions = [Condition(
+                field=field,
+                operator='regex_match',
+                pattern=simple_pattern
+            )]
+
+        return cls(
+            name=frontmatter.get('name', 'unnamed'),
+            enabled=frontmatter.get('enabled', True),
+            event=frontmatter.get('event', 'all'),
+            pattern=simple_pattern,
+            conditions=conditions,
+            action=frontmatter.get('action', 'warn'),
+            tool_matcher=frontmatter.get('tool_matcher'),
+            message=message.strip()
+        )
+
+
+def extract_frontmatter(content: str) -> tuple[Dict[str, Any], str]:
+    """Extract YAML frontmatter and message body from markdown.
+
+    Returns (frontmatter_dict, message_body).
+
+    Supports multi-line dictionary items in lists by preserving indentation.
+    """
+    if not content.startswith('---'):
+        return {}, content
+
+    # Split on --- markers
+    parts = content.split('---', 2)
+    if len(parts) < 3:
+        return {}, content
+
+    frontmatter_text = parts[1]
+    message = parts[2].strip()
+
+    # Simple YAML parser that handles indented list items
+    frontmatter = {}
+    lines = frontmatter_text.split('\n')
+
+    current_key = None
+    current_list = []
+    current_dict = {}
+    in_list = False
+    in_dict_item = False
+
+    for line in lines:
+        # Skip empty lines and comments
+        stripped = line.strip()
+        if not stripped or stripped.startswith('#'):
+            continue
+
+        # Check indentation level
+        indent = len(line) - len(line.lstrip())
+
+        # Top-level key (no indentation or minimal)
+        if indent == 0 and ':' in line and not line.strip().startswith('-'):
+            # Save previous list/dict if any
+            if in_list and current_key:
+                if in_dict_item and current_dict:
+                    current_list.append(current_dict)
+                    current_dict = {}
+                frontmatter[current_key] = current_list
+                in_list = False
+                in_dict_item = False
+                current_list = []
+
+            key, value = line.split(':', 1)
+            key = key.strip()
+            value = value.strip()
+
+            if not value:
+                # Empty value - list or nested structure follows
+                current_key = key
+                in_list = True
+                current_list = []
+            else:
+                # Simple key-value pair
+                value = value.strip('"').strip("'")
+                if value.lower() == 'true':
+                    value = True
+                elif value.lower() == 'false':
+                    value = False
+                frontmatter[key] = value
+
+        # List item (starts with -)
+        elif stripped.startswith('-') and in_list:
+            # Save previous dict item if any
+            if in_dict_item and current_dict:
+                current_list.append(current_dict)
+                current_dict = {}
+
+            item_text = stripped[1:].strip()
+
+            # Check if this is an inline dict (key: value on same line)
+            if ':' in item_text and ',' in item_text:
+                # Inline comma-separated dict: "- field: command, operator: regex_match"
+                item_dict = {}
+                for part in item_text.split(','):
+                    if ':' in part:
+                        k, v = part.split(':', 1)
+                        item_dict[k.strip()] = v.strip().strip('"').strip("'")
+                current_list.append(item_dict)
+                in_dict_item = False
+            elif ':' in item_text:
+                # Start of multi-line dict item: "- field: command"
+                in_dict_item = True
+                k, v = item_text.split(':', 1)
+                current_dict = {k.strip(): v.strip().strip('"').strip("'")}
+            else:
+                # Simple list item
+                current_list.append(item_text.strip('"').strip("'"))
+                in_dict_item = False
+
+        # Continuation of dict item (indented under list item)
+        elif indent > 2 and in_dict_item and ':' in line:
+            # This is a field of the current dict item
+            k, v = stripped.split(':', 1)
+            current_dict[k.strip()] = v.strip().strip('"').strip("'")
+
+    # Save final list/dict if any
+    if in_list and current_key:
+        if in_dict_item and current_dict:
+            current_list.append(current_dict)
+        frontmatter[current_key] = current_list
+
+    return frontmatter, message
+
+
+def load_rules(event: Optional[str] = None) -> List[Rule]:
+    """Load all hookify rules from .claude directory.
+
+    Args:
+        event: Optional event filter ("bash", "file", "stop", etc.)
+
+    Returns:
+        List of enabled Rule objects matching the event.
+    """
+    rules = []
+
+    # Find all hookify.*.local.md files
+    pattern = os.path.join('.claude', 'hookify.*.local.md')
+    files = glob.glob(pattern)
+
+    for file_path in files:
+        try:
+            rule = load_rule_file(file_path)
+            if not rule:
+                continue
+
+            # Filter by event if specified
+            if event:
+                if rule.event != 'all' and rule.event != event:
+                    continue
+
+            # Only include enabled rules
+            if rule.enabled:
+                rules.append(rule)
+
+        except (IOError, OSError, PermissionError) as e:
+            # File I/O errors - log and continue
+            print(f"Warning: Failed to read {file_path}: {e}", file=sys.stderr)
+            continue
+        except (ValueError, KeyError, AttributeError, TypeError) as e:
+            # Parsing errors - log and continue
+            print(f"Warning: Failed to parse {file_path}: {e}", file=sys.stderr)
+            continue
+        except Exception as e:
+            # Unexpected errors - log with type details
+            print(f"Warning: Unexpected error loading {file_path} ({type(e).__name__}): {e}", file=sys.stderr)
+            continue
+
+    return rules
+
+
+def load_rule_file(file_path: str) -> Optional[Rule]:
+    """Load a single rule file.
+
+    Returns:
+        Rule object or None if file is invalid.
+    """
+    try:
+        with open(file_path, 'r') as f:
+            content = f.read()
+
+        frontmatter, message = extract_frontmatter(content)
+
+        if not frontmatter:
+            print(f"Warning: {file_path} missing YAML frontmatter (must start with ---)", file=sys.stderr)
+            return None
+
+        rule = Rule.from_dict(frontmatter, message)
+        return rule
+
+    except (IOError, OSError, PermissionError) as e:
+        print(f"Error: Cannot read {file_path}: {e}", file=sys.stderr)
+        return None
+    except (ValueError, KeyError, AttributeError, TypeError) as e:
+        print(f"Error: Malformed rule file {file_path}: {e}", file=sys.stderr)
+        return None
+    except UnicodeDecodeError as e:
+        print(f"Error: Invalid encoding in {file_path}: {e}", file=sys.stderr)
+        return None
+    except Exception as e:
+        print(f"Error: Unexpected error parsing {file_path} ({type(e).__name__}): {e}", file=sys.stderr)
+        return None
+
+
+# For testing
+if __name__ == '__main__':
+    import sys
+
+    # Test frontmatter parsing
+    test_content = """---
+name: test-rule
+enabled: true
+event: bash
+pattern: "rm -rf"
+---
+
+⚠️ Dangerous command detected!
+"""
+
+    fm, msg = extract_frontmatter(test_content)
+    print("Frontmatter:", fm)
+    print("Message:", msg)
+
+    rule = Rule.from_dict(fm, msg)
+    print("Rule:", rule)

plugins/hookify/core/rule_engine.py

@@ -0,0 +1,313 @@
+#!/usr/bin/env python3
+"""Rule evaluation engine for hookify plugin."""
+
+import re
+import sys
+from functools import lru_cache
+from typing import List, Dict, Any, Optional
+
+# Import from local module
+from hookify.core.config_loader import Rule, Condition
+
+
+# Cache compiled regexes (max 128 patterns)
+@lru_cache(maxsize=128)
+def compile_regex(pattern: str) -> re.Pattern:
+    """Compile regex pattern with caching.
+
+    Args:
+        pattern: Regex pattern string
+
+    Returns:
+        Compiled regex pattern
+    """
+    return re.compile(pattern, re.IGNORECASE)
+
+
+class RuleEngine:
+    """Evaluates rules against hook input data."""
+
+    def __init__(self):
+        """Initialize rule engine."""
+        # No need for instance cache anymore - using global lru_cache
+        pass
+
+    def evaluate_rules(self, rules: List[Rule], input_data: Dict[str, Any]) -> Dict[str, Any]:
+        """Evaluate all rules and return combined results.
+
+        Checks all rules and accumulates matches. Blocking rules take priority
+        over warning rules. All matching rule messages are combined.
+
+        Args:
+            rules: List of Rule objects to evaluate
+            input_data: Hook input JSON (tool_name, tool_input, etc.)
+
+        Returns:
+            Response dict with systemMessage, hookSpecificOutput, etc.
+            Empty dict {} if no rules match.
+        """
+        hook_event = input_data.get('hook_event_name', '')
+        blocking_rules = []
+        warning_rules = []
+
+        for rule in rules:
+            if self._rule_matches(rule, input_data):
+                if rule.action == 'block':
+                    blocking_rules.append(rule)
+                else:
+                    warning_rules.append(rule)
+
+        # If any blocking rules matched, block the operation
+        if blocking_rules:
+            messages = [f"**[{r.name}]**\n{r.message}" for r in blocking_rules]
+            combined_message = "\n\n".join(messages)
+
+            # Use appropriate blocking format based on event type
+            if hook_event == 'Stop':
+                return {
+                    "decision": "block",
+                    "reason": combined_message,
+                    "systemMessage": combined_message
+                }
+            elif hook_event in ['PreToolUse', 'PostToolUse']:
+                return {
+                    "hookSpecificOutput": {
+                        "hookEventName": hook_event,
+                        "permissionDecision": "deny"
+                    },
+                    "systemMessage": combined_message
+                }
+            else:
+                # For other events, just show message
+                return {
+                    "systemMessage": combined_message
+                }
+
+        # If only warnings, show them but allow operation
+        if warning_rules:
+            messages = [f"**[{r.name}]**\n{r.message}" for r in warning_rules]
+            return {
+                "systemMessage": "\n\n".join(messages)
+            }
+
+        # No matches - allow operation
+        return {}
+
+    def _rule_matches(self, rule: Rule, input_data: Dict[str, Any]) -> bool:
+        """Check if rule matches input data.
+
+        Args:
+            rule: Rule to evaluate
+            input_data: Hook input data
+
+        Returns:
+            True if rule matches, False otherwise
+        """
+        # Extract tool information
+        tool_name = input_data.get('tool_name', '')
+        tool_input = input_data.get('tool_input', {})
+
+        # Check tool matcher if specified
+        if rule.tool_matcher:
+            if not self._matches_tool(rule.tool_matcher, tool_name):
+                return False
+
+        # If no conditions, don't match
+        # (Rules must have at least one condition to be valid)
+        if not rule.conditions:
+            return False
+
+        # All conditions must match
+        for condition in rule.conditions:
+            if not self._check_condition(condition, tool_name, tool_input, input_data):
+                return False
+
+        return True
+
+    def _matches_tool(self, matcher: str, tool_name: str) -> bool:
+        """Check if tool_name matches the matcher pattern.
+
+        Args:
+            matcher: Pattern like "Bash", "Edit|Write", "*"
+            tool_name: Actual tool name
+
+        Returns:
+            True if matches
+        """
+        if matcher == '*':
+            return True
+
+        # Split on | for OR matching
+        patterns = matcher.split('|')
+        return tool_name in patterns
+
+    def _check_condition(self, condition: Condition, tool_name: str,
+                        tool_input: Dict[str, Any], input_data: Dict[str, Any] = None) -> bool:
+        """Check if a single condition matches.
+
+        Args:
+            condition: Condition to check
+            tool_name: Tool being used
+            tool_input: Tool input dict
+            input_data: Full hook input data (for Stop events, etc.)
+
+        Returns:
+            True if condition matches
+        """
+        # Extract the field value to check
+        field_value = self._extract_field(condition.field, tool_name, tool_input, input_data)
+        if field_value is None:
+            return False
+
+        # Apply operator
+        operator = condition.operator
+        pattern = condition.pattern
+
+        if operator == 'regex_match':
+            return self._regex_match(pattern, field_value)
+        elif operator == 'contains':
+            return pattern in field_value
+        elif operator == 'equals':
+            return pattern == field_value
+        elif operator == 'not_contains':
+            return pattern not in field_value
+        elif operator == 'starts_with':
+            return field_value.startswith(pattern)
+        elif operator == 'ends_with':
+            return field_value.endswith(pattern)
+        else:
+            # Unknown operator
+            return False
+
+    def _extract_field(self, field: str, tool_name: str,
+                      tool_input: Dict[str, Any], input_data: Dict[str, Any] = None) -> Optional[str]:
+        """Extract field value from tool input or hook input data.
+
+        Args:
+            field: Field name like "command", "new_text", "file_path", "reason", "transcript"
+            tool_name: Tool being used (may be empty for Stop events)
+            tool_input: Tool input dict
+            input_data: Full hook input (for accessing transcript_path, reason, etc.)
+
+        Returns:
+            Field value as string, or None if not found
+        """
+        # Direct tool_input fields
+        if field in tool_input:
+            value = tool_input[field]
+            if isinstance(value, str):
+                return value
+            return str(value)
+
+        # For Stop events and other non-tool events, check input_data
+        if input_data:
+            # Stop event specific fields
+            if field == 'reason':
+                return input_data.get('reason', '')
+            elif field == 'transcript':
+                # Read transcript file if path provided
+                transcript_path = input_data.get('transcript_path')
+                if transcript_path:
+                    try:
+                        with open(transcript_path, 'r') as f:
+                            return f.read()
+                    except FileNotFoundError:
+                        print(f"Warning: Transcript file not found: {transcript_path}", file=sys.stderr)
+                        return ''
+                    except PermissionError:
+                        print(f"Warning: Permission denied reading transcript: {transcript_path}", file=sys.stderr)
+                        return ''
+                    except (IOError, OSError) as e:
+                        print(f"Warning: Error reading transcript {transcript_path}: {e}", file=sys.stderr)
+                        return ''
+                    except UnicodeDecodeError as e:
+                        print(f"Warning: Encoding error in transcript {transcript_path}: {e}", file=sys.stderr)
+                        return ''
+            elif field == 'user_prompt':
+                # For UserPromptSubmit events
+                return input_data.get('user_prompt', '')
+
+        # Handle special cases by tool type
+        if tool_name == 'Bash':
+            if field == 'command':
+                return tool_input.get('command', '')
+
+        elif tool_name in ['Write', 'Edit']:
+            if field == 'content':
+                # Write uses 'content', Edit has 'new_string'
+                return tool_input.get('content') or tool_input.get('new_string', '')
+            elif field == 'new_text' or field == 'new_string':
+                return tool_input.get('new_string', '')
+            elif field == 'old_text' or field == 'old_string':
+                return tool_input.get('old_string', '')
+            elif field == 'file_path':
+                return tool_input.get('file_path', '')
+
+        elif tool_name == 'MultiEdit':
+            if field == 'file_path':
+                return tool_input.get('file_path', '')
+            elif field in ['new_text', 'content']:
+                # Concatenate all edits
+                edits = tool_input.get('edits', [])
+                return ' '.join(e.get('new_string', '') for e in edits)
+
+        return None
+
+    def _regex_match(self, pattern: str, text: str) -> bool:
+        """Check if pattern matches text using regex.
+
+        Args:
+            pattern: Regex pattern
+            text: Text to match against
+
+        Returns:
+            True if pattern matches
+        """
+        try:
+            # Use cached compiled regex (LRU cache with max 128 patterns)
+            regex = compile_regex(pattern)
+            return bool(regex.search(text))
+
+        except re.error as e:
+            print(f"Invalid regex pattern '{pattern}': {e}", file=sys.stderr)
+            return False
+
+
+# For testing
+if __name__ == '__main__':
+    from hookify.core.config_loader import Condition, Rule
+
+    # Test rule evaluation
+    rule = Rule(
+        name="test-rm",
+        enabled=True,
+        event="bash",
+        conditions=[
+            Condition(field="command", operator="regex_match", pattern=r"rm\s+-rf")
+        ],
+        message="Dangerous rm command!"
+    )
+
+    engine = RuleEngine()
+
+    # Test matching input
+    test_input = {
+        "tool_name": "Bash",
+        "tool_input": {
+            "command": "rm -rf /tmp/test"
+        }
+    }
+
+    result = engine.evaluate_rules([rule], test_input)
+    print("Match result:", result)
+
+    # Test non-matching input
+    test_input2 = {
+        "tool_name": "Bash",
+        "tool_input": {
+            "command": "ls -la"
+        }
+    }
+
+    result2 = engine.evaluate_rules([rule], test_input2)
+    print("Non-match result:", result2)

plugins/hookify/examples/console-log-warning.local.md

@@ -0,0 +1,14 @@
+---
+name: warn-console-log
+enabled: true
+event: file
+pattern: console\.log\(
+action: warn
+---
+
+🔍 **Console.log detected**
+
+You're adding a console.log statement. Please consider:
+- Is this for debugging or should it be proper logging?
+- Will this ship to production?
+- Should this use a logging library instead?

plugins/hookify/examples/dangerous-rm.local.md

@@ -0,0 +1,14 @@
+---
+name: block-dangerous-rm
+enabled: true
+event: bash
+pattern: rm\s+-rf
+action: block
+---
+
+⚠️ **Dangerous rm command detected!**
+
+This command could delete important files. Please:
+- Verify the path is correct
+- Consider using a safer approach
+- Make sure you have backups

plugins/hookify/examples/require-tests-stop.local.md

@@ -0,0 +1,22 @@
+---
+name: require-tests-run
+enabled: false
+event: stop
+action: block
+conditions:
+  - field: transcript
+    operator: not_contains
+    pattern: npm test|pytest|cargo test
+---
+
+**Tests not detected in transcript!**
+
+Before stopping, please run tests to verify your changes work correctly.
+
+Look for test commands like:
+- `npm test`
+- `pytest`
+- `cargo test`
+
+**Note:** This rule blocks stopping if no test commands appear in the transcript.
+Enable this rule only when you want strict test enforcement.

plugins/hookify/examples/sensitive-files-warning.local.md

@@ -0,0 +1,18 @@
+---
+name: warn-sensitive-files
+enabled: true
+event: file
+action: warn
+conditions:
+  - field: file_path
+    operator: regex_match
+    pattern: \.env$|\.env\.|credentials|secrets
+---
+
+🔐 **Sensitive file detected**
+
+You're editing a file that may contain sensitive data:
+- Ensure credentials are not hardcoded
+- Use environment variables for secrets
+- Verify this file is in .gitignore
+- Consider using a secrets manager

plugins/hookify/hooks/hooks.json

@@ -0,0 +1,49 @@
+{
+  "description": "Hookify plugin - User-configurable hooks from .local.md files",
+  "hooks": {
+    "PreToolUse": [
+      {
+        "hooks": [
+          {
+            "type": "command",
+            "command": "python3 ${CLAUDE_PLUGIN_ROOT}/hooks/pretooluse.py",
+            "timeout": 10
+          }
+        ]
+      }
+    ],
+    "PostToolUse": [
+      {
+        "hooks": [
+          {
+            "type": "command",
+            "command": "python3 ${CLAUDE_PLUGIN_ROOT}/hooks/posttooluse.py",
+            "timeout": 10
+          }
+        ]
+      }
+    ],
+    "Stop": [
+      {
+        "hooks": [
+          {
+            "type": "command",
+            "command": "python3 ${CLAUDE_PLUGIN_ROOT}/hooks/stop.py",
+            "timeout": 10
+          }
+        ]
+      }
+    ],
+    "UserPromptSubmit": [
+      {
+        "hooks": [
+          {
+            "type": "command",
+            "command": "python3 ${CLAUDE_PLUGIN_ROOT}/hooks/userpromptsubmit.py",
+            "timeout": 10
+          }
+        ]
+      }
+    ]
+  }
+}

plugins/hookify/hooks/posttooluse.py

@@ -0,0 +1,66 @@
+#!/usr/bin/env python3
+"""PostToolUse hook executor for hookify plugin.
+
+This script is called by Claude Code after a tool executes.
+It reads .claude/hookify.*.local.md files and evaluates rules.
+"""
+
+import os
+import sys
+import json
+
+# CRITICAL: Add plugin root to Python path for imports
+PLUGIN_ROOT = os.environ.get('CLAUDE_PLUGIN_ROOT')
+if PLUGIN_ROOT:
+    parent_dir = os.path.dirname(PLUGIN_ROOT)
+    if parent_dir not in sys.path:
+        sys.path.insert(0, parent_dir)
+    if PLUGIN_ROOT not in sys.path:
+        sys.path.insert(0, PLUGIN_ROOT)
+
+try:
+    from hookify.core.config_loader import load_rules
+    from hookify.core.rule_engine import RuleEngine
+except ImportError as e:
+    error_msg = {"systemMessage": f"Hookify import error: {e}"}
+    print(json.dumps(error_msg), file=sys.stdout)
+    sys.exit(0)
+
+
+def main():
+    """Main entry point for PostToolUse hook."""
+    try:
+        # Read input from stdin
+        input_data = json.load(sys.stdin)
+
+        # Determine event type based on tool
+        tool_name = input_data.get('tool_name', '')
+        event = None
+        if tool_name == 'Bash':
+            event = 'bash'
+        elif tool_name in ['Edit', 'Write', 'MultiEdit']:
+            event = 'file'
+
+        # Load rules
+        rules = load_rules(event=event)
+
+        # Evaluate rules
+        engine = RuleEngine()
+        result = engine.evaluate_rules(rules, input_data)
+
+        # Always output JSON (even if empty)
+        print(json.dumps(result), file=sys.stdout)
+
+    except Exception as e:
+        error_output = {
+            "systemMessage": f"Hookify error: {str(e)}"
+        }
+        print(json.dumps(error_output), file=sys.stdout)
+
+    finally:
+        # ALWAYS exit 0
+        sys.exit(0)
+
+
+if __name__ == '__main__':
+    main()

plugins/hookify/hooks/pretooluse.py

@@ -0,0 +1,74 @@
+#!/usr/bin/env python3
+"""PreToolUse hook executor for hookify plugin.
+
+This script is called by Claude Code before any tool executes.
+It reads .claude/hookify.*.local.md files and evaluates rules.
+"""
+
+import os
+import sys
+import json
+
+# CRITICAL: Add plugin root to Python path for imports
+# We need to add the parent of the plugin directory so Python can find "hookify" package
+PLUGIN_ROOT = os.environ.get('CLAUDE_PLUGIN_ROOT')
+if PLUGIN_ROOT:
+    # Add the parent directory of the plugin
+    parent_dir = os.path.dirname(PLUGIN_ROOT)
+    if parent_dir not in sys.path:
+        sys.path.insert(0, parent_dir)
+
+    # Also add PLUGIN_ROOT itself in case we have other scripts
+    if PLUGIN_ROOT not in sys.path:
+        sys.path.insert(0, PLUGIN_ROOT)
+
+try:
+    from hookify.core.config_loader import load_rules
+    from hookify.core.rule_engine import RuleEngine
+except ImportError as e:
+    # If imports fail, allow operation and log error
+    error_msg = {"systemMessage": f"Hookify import error: {e}"}
+    print(json.dumps(error_msg), file=sys.stdout)
+    sys.exit(0)
+
+
+def main():
+    """Main entry point for PreToolUse hook."""
+    try:
+        # Read input from stdin
+        input_data = json.load(sys.stdin)
+
+        # Determine event type for filtering
+        # For PreToolUse, we use tool_name to determine "bash" vs "file" event
+        tool_name = input_data.get('tool_name', '')
+
+        event = None
+        if tool_name == 'Bash':
+            event = 'bash'
+        elif tool_name in ['Edit', 'Write', 'MultiEdit']:
+            event = 'file'
+
+        # Load rules
+        rules = load_rules(event=event)
+
+        # Evaluate rules
+        engine = RuleEngine()
+        result = engine.evaluate_rules(rules, input_data)
+
+        # Always output JSON (even if empty)
+        print(json.dumps(result), file=sys.stdout)
+
+    except Exception as e:
+        # On any error, allow the operation and log
+        error_output = {
+            "systemMessage": f"Hookify error: {str(e)}"
+        }
+        print(json.dumps(error_output), file=sys.stdout)
+
+    finally:
+        # ALWAYS exit 0 - never block operations due to hook errors
+        sys.exit(0)
+
+
+if __name__ == '__main__':
+    main()

plugins/hookify/hooks/stop.py

@@ -0,0 +1,59 @@
+#!/usr/bin/env python3
+"""Stop hook executor for hookify plugin.
+
+This script is called by Claude Code when agent wants to stop.
+It reads .claude/hookify.*.local.md files and evaluates stop rules.
+"""
+
+import os
+import sys
+import json
+
+# CRITICAL: Add plugin root to Python path for imports
+PLUGIN_ROOT = os.environ.get('CLAUDE_PLUGIN_ROOT')
+if PLUGIN_ROOT:
+    parent_dir = os.path.dirname(PLUGIN_ROOT)
+    if parent_dir not in sys.path:
+        sys.path.insert(0, parent_dir)
+    if PLUGIN_ROOT not in sys.path:
+        sys.path.insert(0, PLUGIN_ROOT)
+
+try:
+    from hookify.core.config_loader import load_rules
+    from hookify.core.rule_engine import RuleEngine
+except ImportError as e:
+    error_msg = {"systemMessage": f"Hookify import error: {e}"}
+    print(json.dumps(error_msg), file=sys.stdout)
+    sys.exit(0)
+
+
+def main():
+    """Main entry point for Stop hook."""
+    try:
+        # Read input from stdin
+        input_data = json.load(sys.stdin)
+
+        # Load stop rules
+        rules = load_rules(event='stop')
+
+        # Evaluate rules
+        engine = RuleEngine()
+        result = engine.evaluate_rules(rules, input_data)
+
+        # Always output JSON (even if empty)
+        print(json.dumps(result), file=sys.stdout)
+
+    except Exception as e:
+        # On any error, allow the operation
+        error_output = {
+            "systemMessage": f"Hookify error: {str(e)}"
+        }
+        print(json.dumps(error_output), file=sys.stdout)
+
+    finally:
+        # ALWAYS exit 0
+        sys.exit(0)
+
+
+if __name__ == '__main__':
+    main()

plugins/hookify/hooks/userpromptsubmit.py

@@ -0,0 +1,58 @@
+#!/usr/bin/env python3
+"""UserPromptSubmit hook executor for hookify plugin.
+
+This script is called by Claude Code when user submits a prompt.
+It reads .claude/hookify.*.local.md files and evaluates rules.
+"""
+
+import os
+import sys
+import json
+
+# CRITICAL: Add plugin root to Python path for imports
+PLUGIN_ROOT = os.environ.get('CLAUDE_PLUGIN_ROOT')
+if PLUGIN_ROOT:
+    parent_dir = os.path.dirname(PLUGIN_ROOT)
+    if parent_dir not in sys.path:
+        sys.path.insert(0, parent_dir)
+    if PLUGIN_ROOT not in sys.path:
+        sys.path.insert(0, PLUGIN_ROOT)
+
+try:
+    from hookify.core.config_loader import load_rules
+    from hookify.core.rule_engine import RuleEngine
+except ImportError as e:
+    error_msg = {"systemMessage": f"Hookify import error: {e}"}
+    print(json.dumps(error_msg), file=sys.stdout)
+    sys.exit(0)
+
+
+def main():
+    """Main entry point for UserPromptSubmit hook."""
+    try:
+        # Read input from stdin
+        input_data = json.load(sys.stdin)
+
+        # Load user prompt rules
+        rules = load_rules(event='prompt')
+
+        # Evaluate rules
+        engine = RuleEngine()
+        result = engine.evaluate_rules(rules, input_data)
+
+        # Always output JSON (even if empty)
+        print(json.dumps(result), file=sys.stdout)
+
+    except Exception as e:
+        error_output = {
+            "systemMessage": f"Hookify error: {str(e)}"
+        }
+        print(json.dumps(error_output), file=sys.stdout)
+
+    finally:
+        # ALWAYS exit 0
+        sys.exit(0)
+
+
+if __name__ == '__main__':
+    main()

plugins/hookify/skills/writing-rules/SKILL.md

@@ -0,0 +1,374 @@
+---
+name: Writing Hookify Rules
+description: This skill should be used when the user asks to "create a hookify rule", "write a hook rule", "configure hookify", "add a hookify rule", or needs guidance on hookify rule syntax and patterns.
+version: 0.1.0
+---
+
+# Writing Hookify Rules
+
+## Overview
+
+Hookify rules are markdown files with YAML frontmatter that define patterns to watch for and messages to show when those patterns match. Rules are stored in `.claude/hookify.{rule-name}.local.md` files.
+
+## Rule File Format
+
+### Basic Structure
+
+```markdown
+---
+name: rule-identifier
+enabled: true
+event: bash|file|stop|prompt|all
+pattern: regex-pattern-here
+---
+
+Message to show Claude when this rule triggers.
+Can include markdown formatting, warnings, suggestions, etc.
+```
+
+### Frontmatter Fields
+
+**name** (required): Unique identifier for the rule
+- Use kebab-case: `warn-dangerous-rm`, `block-console-log`
+- Be descriptive and action-oriented
+- Start with verb: warn, prevent, block, require, check
+
+**enabled** (required): Boolean to activate/deactivate
+- `true`: Rule is active
+- `false`: Rule is disabled (won't trigger)
+- Can toggle without deleting rule
+
+**event** (required): Which hook event to trigger on
+- `bash`: Bash tool commands
+- `file`: Edit, Write, MultiEdit tools
+- `stop`: When agent wants to stop
+- `prompt`: When user submits a prompt
+- `all`: All events
+
+**action** (optional): What to do when rule matches
+- `warn`: Show message but allow operation (default)
+- `block`: Prevent operation (PreToolUse) or stop session (Stop events)
+- If omitted, defaults to `warn`
+
+**pattern** (simple format): Regex pattern to match
+- Used for simple single-condition rules
+- Matches against command (bash) or new_text (file)
+- Python regex syntax
+
+**Example:**
+```yaml
+event: bash
+pattern: rm\s+-rf
+```
+
+### Advanced Format (Multiple Conditions)
+
+For complex rules with multiple conditions:
+
+```markdown
+---
+name: warn-env-file-edits
+enabled: true
+event: file
+conditions:
+  - field: file_path
+    operator: regex_match
+    pattern: \.env$
+  - field: new_text
+    operator: contains
+    pattern: API_KEY
+---
+
+You're adding an API key to a .env file. Ensure this file is in .gitignore!
+```
+
+**Condition fields:**
+- `field`: Which field to check
+  - For bash: `command`
+  - For file: `file_path`, `new_text`, `old_text`, `content`
+- `operator`: How to match
+  - `regex_match`: Regex pattern matching
+  - `contains`: Substring check
+  - `equals`: Exact match
+  - `not_contains`: Substring must NOT be present
+  - `starts_with`: Prefix check
+  - `ends_with`: Suffix check
+- `pattern`: Pattern or string to match
+
+**All conditions must match for rule to trigger.**
+
+## Message Body
+
+The markdown content after frontmatter is shown to Claude when the rule triggers.
+
+**Good messages:**
+- Explain what was detected
+- Explain why it's problematic
+- Suggest alternatives or best practices
+- Use formatting for clarity (bold, lists, etc.)
+
+**Example:**
+```markdown
+⚠️ **Console.log detected!**
+
+You're adding console.log to production code.
+
+**Why this matters:**
+- Debug logs shouldn't ship to production
+- Console.log can expose sensitive data
+- Impacts browser performance
+
+**Alternatives:**
+- Use a proper logging library
+- Remove before committing
+- Use conditional debug builds
+```
+
+## Event Type Guide
+
+### bash Events
+
+Match Bash command patterns:
+
+```markdown
+---
+event: bash
+pattern: sudo\s+|rm\s+-rf|chmod\s+777
+---
+
+Dangerous command detected!
+```
+
+**Common patterns:**
+- Dangerous commands: `rm\s+-rf`, `dd\s+if=`, `mkfs`
+- Privilege escalation: `sudo\s+`, `su\s+`
+- Permission issues: `chmod\s+777`, `chown\s+root`
+
+### file Events
+
+Match Edit/Write/MultiEdit operations:
+
+```markdown
+---
+event: file
+pattern: console\.log\(|eval\(|innerHTML\s*=
+---
+
+Potentially problematic code pattern detected!
+```
+
+**Match on different fields:**
+```markdown
+---
+event: file
+conditions:
+  - field: file_path
+    operator: regex_match
+    pattern: \.tsx?$
+  - field: new_text
+    operator: regex_match
+    pattern: console\.log\(
+---
+
+Console.log in TypeScript file!
+```
+
+**Common patterns:**
+- Debug code: `console\.log\(`, `debugger`, `print\(`
+- Security risks: `eval\(`, `innerHTML\s*=`, `dangerouslySetInnerHTML`
+- Sensitive files: `\.env$`, `credentials`, `\.pem$`
+- Generated files: `node_modules/`, `dist/`, `build/`
+
+### stop Events
+
+Match when agent wants to stop (completion checks):
+
+```markdown
+---
+event: stop
+pattern: .*
+---
+
+Before stopping, verify:
+- [ ] Tests were run
+- [ ] Build succeeded
+- [ ] Documentation updated
+```
+
+**Use for:**
+- Reminders about required steps
+- Completion checklists
+- Process enforcement
+
+### prompt Events
+
+Match user prompt content (advanced):
+
+```markdown
+---
+event: prompt
+conditions:
+  - field: user_prompt
+    operator: contains
+    pattern: deploy to production
+---
+
+Production deployment checklist:
+- [ ] Tests passing?
+- [ ] Reviewed by team?
+- [ ] Monitoring ready?
+```
+
+## Pattern Writing Tips
+
+### Regex Basics
+
+**Literal characters:** Most characters match themselves
+- `rm` matches "rm"
+- `console.log` matches "console.log"
+
+**Special characters need escaping:**
+- `.` (any char) → `\.` (literal dot)
+- `(` `)` → `\(` `\)` (literal parens)
+- `[` `]` → `\[` `\]` (literal brackets)
+
+**Common metacharacters:**
+- `\s` - whitespace (space, tab, newline)
+- `\d` - digit (0-9)
+- `\w` - word character (a-z, A-Z, 0-9, _)
+- `.` - any character
+- `+` - one or more
+- `*` - zero or more
+- `?` - zero or one
+- `|` - OR
+
+**Examples:**
+```
+rm\s+-rf         Matches: rm -rf, rm  -rf
+console\.log\(   Matches: console.log(
+(eval|exec)\(    Matches: eval( or exec(
+chmod\s+777      Matches: chmod 777, chmod  777
+API_KEY\s*=      Matches: API_KEY=, API_KEY =
+```
+
+### Testing Patterns
+
+Test regex patterns before using:
+
+```bash
+python3 -c "import re; print(re.search(r'your_pattern', 'test text'))"
+```
+
+Or use online regex testers (regex101.com with Python flavor).
+
+### Common Pitfalls
+
+**Too broad:**
+```yaml
+pattern: log    # Matches "log", "login", "dialog", "catalog"
+```
+Better: `console\.log\(|logger\.`
+
+**Too specific:**
+```yaml
+pattern: rm -rf /tmp  # Only matches exact path
+```
+Better: `rm\s+-rf`
+
+**Escaping issues:**
+- YAML quoted strings: `"pattern"` requires double backslashes `\\s`
+- YAML unquoted: `pattern: \s` works as-is
+- **Recommendation**: Use unquoted patterns in YAML
+
+## File Organization
+
+**Location:** All rules in `.claude/` directory
+**Naming:** `.claude/hookify.{descriptive-name}.local.md`
+**Gitignore:** Add `.claude/*.local.md` to `.gitignore`
+
+**Good names:**
+- `hookify.dangerous-rm.local.md`
+- `hookify.console-log.local.md`
+- `hookify.require-tests.local.md`
+- `hookify.sensitive-files.local.md`
+
+**Bad names:**
+- `hookify.rule1.local.md` (not descriptive)
+- `hookify.md` (missing .local)
+- `danger.local.md` (missing hookify prefix)
+
+## Workflow
+
+### Creating a Rule
+
+1. Identify unwanted behavior
+2. Determine which tool is involved (Bash, Edit, etc.)
+3. Choose event type (bash, file, stop, etc.)
+4. Write regex pattern
+5. Create `.claude/hookify.{name}.local.md` file in project root
+6. Test immediately - rules are read dynamically on next tool use
+
+### Refining a Rule
+
+1. Edit the `.local.md` file
+2. Adjust pattern or message
+3. Test immediately - changes take effect on next tool use
+
+### Disabling a Rule
+
+**Temporary:** Set `enabled: false` in frontmatter
+**Permanent:** Delete the `.local.md` file
+
+## Examples
+
+See `${CLAUDE_PLUGIN_ROOT}/examples/` for complete examples:
+- `dangerous-rm.local.md` - Block dangerous rm commands
+- `console-log-warning.local.md` - Warn about console.log
+- `sensitive-files-warning.local.md` - Warn about editing .env files
+
+## Quick Reference
+
+**Minimum viable rule:**
+```markdown
+---
+name: my-rule
+enabled: true
+event: bash
+pattern: dangerous_command
+---
+
+Warning message here
+```
+
+**Rule with conditions:**
+```markdown
+---
+name: my-rule
+enabled: true
+event: file
+conditions:
+  - field: file_path
+    operator: regex_match
+    pattern: \.ts$
+  - field: new_text
+    operator: contains
+    pattern: any
+---
+
+Warning message
+```
+
+**Event types:**
+- `bash` - Bash commands
+- `file` - File edits
+- `stop` - Completion checks
+- `prompt` - User input
+- `all` - All events
+
+**Field options:**
+- Bash: `command`
+- File: `file_path`, `new_text`, `old_text`, `content`
+- Prompt: `user_prompt`
+
+**Operators:**
+- `regex_match`, `contains`, `equals`, `not_contains`, `starts_with`, `ends_with`

plugins/learning-output-style/.claude-plugin/plugin.json

@@ -0,0 +1,9 @@
+{
+  "name": "learning-output-style",
+  "version": "1.0.0",
+  "description": "Interactive learning mode that requests meaningful code contributions at decision points (mimics the unshipped Learning output style)",
+  "author": {
+    "name": "Boris Cherny",
+    "email": "boris@anthropic.com"
+  }
+}

plugins/learning-output-style/README.md

@@ -0,0 +1,93 @@
+# Learning Style Plugin
+
+This plugin combines the unshipped Learning output style with explanatory functionality as a SessionStart hook.
+
+**Note:** This plugin differs from the original unshipped Learning output style by also incorporating all functionality from the [explanatory-output-style plugin](https://github.com/anthropics/claude-code/tree/main/plugins/explanatory-output-style), providing both interactive learning and educational insights.
+
+WARNING: Do not install this plugin unless you are fine with incurring the token cost of this plugin's additional instructions and the interactive nature of learning mode.
+
+## What it does
+
+When enabled, this plugin automatically adds instructions at the start of each session that encourage Claude to:
+
+1. **Learning Mode:** Engage you in active learning by requesting meaningful code contributions at decision points
+2. **Explanatory Mode:** Provide educational insights about implementation choices and codebase patterns
+
+Instead of implementing everything automatically, Claude will:
+
+1. Identify opportunities where you can write 5-10 lines of meaningful code
+2. Focus on business logic and design choices where your input truly matters
+3. Prepare the context and location for your contribution
+4. Explain trade-offs and guide your implementation
+5. Provide educational insights before and after writing code
+
+## How it works
+
+The plugin uses a SessionStart hook to inject additional context into every session. This context instructs Claude to adopt an interactive teaching approach where you actively participate in writing key parts of the code.
+
+## When Claude requests contributions
+
+Claude will ask you to write code for:
+- Business logic with multiple valid approaches
+- Error handling strategies
+- Algorithm implementation choices
+- Data structure decisions
+- User experience decisions
+- Design patterns and architecture choices
+
+## When Claude won't request contributions
+
+Claude will implement directly:
+- Boilerplate or repetitive code
+- Obvious implementations with no meaningful choices
+- Configuration or setup code
+- Simple CRUD operations
+
+## Example interaction
+
+**Claude:** I've set up the authentication middleware. The session timeout behavior is a security vs. UX trade-off - should sessions auto-extend on activity, or have a hard timeout?
+
+In `auth/middleware.ts`, implement the `handleSessionTimeout()` function to define the timeout behavior.
+
+Consider: auto-extending improves UX but may leave sessions open longer; hard timeouts are more secure but might frustrate active users.
+
+**You:** [Write 5-10 lines implementing your preferred approach]
+
+## Educational insights
+
+In addition to interactive learning, Claude will provide educational insights about implementation choices using this format:
+
+```
+`★ Insight ─────────────────────────────────────`
+[2-3 key educational points about the codebase or implementation]
+`─────────────────────────────────────────────────`
+```
+
+These insights focus on:
+- Specific implementation choices for your codebase
+- Patterns and conventions in your code
+- Trade-offs and design decisions
+- Codebase-specific details rather than general programming concepts
+
+## Usage
+
+Once installed, the plugin activates automatically at the start of every session. No additional configuration is needed.
+
+## Migration from Output Styles
+
+This plugin combines the unshipped "Learning" output style with the deprecated "Explanatory" output style. It provides an interactive learning experience where you actively contribute code at meaningful decision points, while also receiving educational insights about implementation choices.
+
+If you previously used the explanatory-output-style plugin, this learning plugin includes all of that functionality plus interactive learning features.
+
+This SessionStart hook pattern is roughly equivalent to CLAUDE.md, but it is more flexible and allows for distribution through plugins.
+
+## Managing changes
+
+- Disable the plugin - keep the code installed on your device
+- Uninstall the plugin - remove the code from your device
+- Update the plugin - create a local copy of this plugin to personalize it
+  - Hint: Ask Claude to read https://docs.claude.com/en/docs/claude-code/plugins.md and set it up for you!
+
+## Philosophy
+
+Learning by doing is more effective than passive observation. This plugin transforms your interaction with Claude from "watch and learn" to "build and understand," ensuring you develop practical skills through hands-on coding of meaningful logic.

plugins/learning-output-style/hooks-handlers/session-start.sh

@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+# Output the learning mode instructions as additionalContext
+# This combines the unshipped Learning output style with explanatory functionality
+
+cat << 'EOF'
+{
+  "hookSpecificOutput": {
+    "hookEventName": "SessionStart",
+    "additionalContext": "You are in 'learning' output style mode, which combines interactive learning with educational explanations. This mode differs from the original unshipped Learning output style by also incorporating explanatory functionality.\n\n## Learning Mode Philosophy\n\nInstead of implementing everything yourself, identify opportunities where the user can write 5-10 lines of meaningful code that shapes the solution. Focus on business logic, design choices, and implementation strategies where their input truly matters.\n\n## When to Request User Contributions\n\nRequest code contributions for:\n- Business logic with multiple valid approaches\n- Error handling strategies\n- Algorithm implementation choices\n- Data structure decisions\n- User experience decisions\n- Design patterns and architecture choices\n\n## How to Request Contributions\n\nBefore requesting code:\n1. Create the file with surrounding context\n2. Add function signature with clear parameters/return type\n3. Include comments explaining the purpose\n4. Mark the location with TODO or clear placeholder\n\nWhen requesting:\n- Explain what you've built and WHY this decision matters\n- Reference the exact file and prepared location\n- Describe trade-offs to consider, constraints, or approaches\n- Frame it as valuable input that shapes the feature, not busy work\n- Keep requests focused (5-10 lines of code)\n\n## Example Request Pattern\n\nContext: I've set up the authentication middleware. The session timeout behavior is a security vs. UX trade-off - should sessions auto-extend on activity, or have a hard timeout? This affects both security posture and user experience.\n\nRequest: In auth/middleware.ts, implement the handleSessionTimeout() function to define the timeout behavior.\n\nGuidance: Consider: auto-extending improves UX but may leave sessions open longer; hard timeouts are more secure but might frustrate active users.\n\n## Balance\n\nDon't request contributions for:\n- Boilerplate or repetitive code\n- Obvious implementations with no meaningful choices\n- Configuration or setup code\n- Simple CRUD operations\n\nDo request contributions when:\n- There are meaningful trade-offs to consider\n- The decision shapes the feature's behavior\n- Multiple valid approaches exist\n- The user's domain knowledge would improve the solution\n\n## Explanatory Mode\n\nAdditionally, provide educational insights about the codebase as you help with tasks. Be clear and educational, providing helpful explanations while remaining focused on the task. Balance educational content with task completion.\n\n### Insights\nBefore and after writing code, provide brief educational explanations about implementation choices using:\n\n\"`★ Insight ─────────────────────────────────────`\n[2-3 key educational points]\n`─────────────────────────────────────────────────`\"\n\nThese insights should be included in the conversation, not in the codebase. Focus on interesting insights specific to the codebase or the code you just wrote, rather than general programming concepts. Provide insights as you write code, not just at the end."
+  }
+}
+EOF
+
+exit 0

plugins/learning-output-style/hooks/hooks.json

@@ -0,0 +1,15 @@
+{
+  "description": "Learning mode hook that adds interactive learning instructions",
+  "hooks": {
+    "SessionStart": [
+      {
+        "hooks": [
+          {
+            "type": "command",
+            "command": "${CLAUDE_PLUGIN_ROOT}/hooks-handlers/session-start.sh"
+          }
+        ]
+      }
+    ]
+  }
+}

plugins/plugin-dev/README.md

@@ -0,0 +1,402 @@
+# Plugin Development Toolkit
+
+A comprehensive toolkit for developing Claude Code plugins with expert guidance on hooks, MCP integration, plugin structure, and marketplace publishing.
+
+## Overview
+
+The plugin-dev toolkit provides seven specialized skills to help you build high-quality Claude Code plugins:
+
+1. **Hook Development** - Advanced hooks API and event-driven automation
+2. **MCP Integration** - Model Context Protocol server integration
+3. **Plugin Structure** - Plugin organization and manifest configuration
+4. **Plugin Settings** - Configuration patterns using .claude/plugin-name.local.md files
+5. **Command Development** - Creating slash commands with frontmatter and arguments
+6. **Agent Development** - Creating autonomous agents with AI-assisted generation
+7. **Skill Development** - Creating skills with progressive disclosure and strong triggers
+
+Each skill follows best practices with progressive disclosure: lean core documentation, detailed references, working examples, and utility scripts.
+
+## Guided Workflow Command
+
+### /plugin-dev:create-plugin
+
+A comprehensive, end-to-end workflow command for creating plugins from scratch, similar to the feature-dev workflow.
+
+**8-Phase Process:**
+1. **Discovery** - Understand plugin purpose and requirements
+2. **Component Planning** - Determine needed skills, commands, agents, hooks, MCP
+3. **Detailed Design** - Specify each component and resolve ambiguities
+4. **Structure Creation** - Set up directories and manifest
+5. **Component Implementation** - Create each component using AI-assisted agents
+6. **Validation** - Run plugin-validator and component-specific checks
+7. **Testing** - Verify plugin works in Claude Code
+8. **Documentation** - Finalize README and prepare for distribution
+
+**Features:**
+- Asks clarifying questions at each phase
+- Loads relevant skills automatically
+- Uses agent-creator for AI-assisted agent generation
+- Runs validation utilities (validate-agent.sh, validate-hook-schema.sh, etc.)
+- Follows plugin-dev's own proven patterns
+- Guides through testing and verification
+
+**Usage:**
+```bash
+/plugin-dev:create-plugin [optional description]
+
+# Examples:
+/plugin-dev:create-plugin
+/plugin-dev:create-plugin A plugin for managing database migrations
+```
+
+Use this workflow for structured, high-quality plugin development from concept to completion.
+
+## Skills
+
+### 1. Hook Development
+
+**Trigger phrases:** "create a hook", "add a PreToolUse hook", "validate tool use", "implement prompt-based hooks", "${CLAUDE_PLUGIN_ROOT}", "block dangerous commands"
+
+**What it covers:**
+- Prompt-based hooks (recommended) with LLM decision-making
+- Command hooks for deterministic validation
+- All hook events: PreToolUse, PostToolUse, Stop, SubagentStop, SessionStart, SessionEnd, UserPromptSubmit, PreCompact, Notification
+- Hook output formats and JSON schemas
+- Security best practices and input validation
+- ${CLAUDE_PLUGIN_ROOT} for portable paths
+
+**Resources:**
+- Core SKILL.md (1,619 words)
+- 3 example hook scripts (validate-write, validate-bash, load-context)
+- 3 reference docs: patterns, migration, advanced techniques
+- 3 utility scripts: validate-hook-schema.sh, test-hook.sh, hook-linter.sh
+
+**Use when:** Creating event-driven automation, validating operations, or enforcing policies in your plugin.
+
+### 2. MCP Integration
+
+**Trigger phrases:** "add MCP server", "integrate MCP", "configure .mcp.json", "Model Context Protocol", "stdio/SSE/HTTP server", "connect external service"
+
+**What it covers:**
+- MCP server configuration (.mcp.json vs plugin.json)
+- All server types: stdio (local), SSE (hosted/OAuth), HTTP (REST), WebSocket (real-time)
+- Environment variable expansion (${CLAUDE_PLUGIN_ROOT}, user vars)
+- MCP tool naming and usage in commands/agents
+- Authentication patterns: OAuth, tokens, env vars
+- Integration patterns and performance optimization
+
+**Resources:**
+- Core SKILL.md (1,666 words)
+- 3 example configurations (stdio, SSE, HTTP)
+- 3 reference docs: server-types (~3,200w), authentication (~2,800w), tool-usage (~2,600w)
+
+**Use when:** Integrating external services, APIs, databases, or tools into your plugin.
+
+### 3. Plugin Structure
+
+**Trigger phrases:** "plugin structure", "plugin.json manifest", "auto-discovery", "component organization", "plugin directory layout"
+
+**What it covers:**
+- Standard plugin directory structure and auto-discovery
+- plugin.json manifest format and all fields
+- Component organization (commands, agents, skills, hooks)
+- ${CLAUDE_PLUGIN_ROOT} usage throughout
+- File naming conventions and best practices
+- Minimal, standard, and advanced plugin patterns
+
+**Resources:**
+- Core SKILL.md (1,619 words)
+- 3 example structures (minimal, standard, advanced)
+- 2 reference docs: component-patterns, manifest-reference
+
+**Use when:** Starting a new plugin, organizing components, or configuring the plugin manifest.
+
+### 4. Plugin Settings
+
+**Trigger phrases:** "plugin settings", "store plugin configuration", ".local.md files", "plugin state files", "read YAML frontmatter", "per-project plugin settings"
+
+**What it covers:**
+- .claude/plugin-name.local.md pattern for configuration
+- YAML frontmatter + markdown body structure
+- Parsing techniques for bash scripts (sed, awk, grep patterns)
+- Temporarily active hooks (flag files and quick-exit)
+- Real-world examples from multi-agent-swarm and ralph-wiggum plugins
+- Atomic file updates and validation
+- Gitignore and lifecycle management
+
+**Resources:**
+- Core SKILL.md (1,623 words)
+- 3 examples (read-settings hook, create-settings command, templates)
+- 2 reference docs: parsing-techniques, real-world-examples
+- 2 utility scripts: validate-settings.sh, parse-frontmatter.sh
+
+**Use when:** Making plugins configurable, storing per-project state, or implementing user preferences.
+
+### 5. Command Development
+
+**Trigger phrases:** "create a slash command", "add a command", "command frontmatter", "define command arguments", "organize commands"
+
+**What it covers:**
+- Slash command structure and markdown format
+- YAML frontmatter fields (description, argument-hint, allowed-tools)
+- Dynamic arguments and file references
+- Bash execution for context
+- Command organization and namespacing
+- Best practices for command development
+
+**Resources:**
+- Core SKILL.md (1,535 words)
+- Examples and reference documentation
+- Command organization patterns
+
+**Use when:** Creating slash commands, defining command arguments, or organizing plugin commands.
+
+### 6. Agent Development
+
+**Trigger phrases:** "create an agent", "add an agent", "write a subagent", "agent frontmatter", "when to use description", "agent examples", "autonomous agent"
+
+**What it covers:**
+- Agent file structure (YAML frontmatter + system prompt)
+- All frontmatter fields (name, description, model, color, tools)
+- Description format with <example> blocks for reliable triggering
+- System prompt design patterns (analysis, generation, validation, orchestration)
+- AI-assisted agent generation using Claude Code's proven prompt
+- Validation rules and best practices
+- Complete production-ready agent examples
+
+**Resources:**
+- Core SKILL.md (1,438 words)
+- 2 examples: agent-creation-prompt (AI-assisted workflow), complete-agent-examples (4 full agents)
+- 3 reference docs: agent-creation-system-prompt (from Claude Code), system-prompt-design (~4,000w), triggering-examples (~2,500w)
+- 1 utility script: validate-agent.sh
+
+**Use when:** Creating autonomous agents, defining agent behavior, or implementing AI-assisted agent generation.
+
+### 7. Skill Development
+
+**Trigger phrases:** "create a skill", "add a skill to plugin", "write a new skill", "improve skill description", "organize skill content"
+
+**What it covers:**
+- Skill structure (SKILL.md with YAML frontmatter)
+- Progressive disclosure principle (metadata → SKILL.md → resources)
+- Strong trigger descriptions with specific phrases
+- Writing style (imperative/infinitive form, third person)
+- Bundled resources organization (references/, examples/, scripts/)
+- Skill creation workflow
+- Based on skill-creator methodology adapted for Claude Code plugins
+
+**Resources:**
+- Core SKILL.md (1,232 words)
+- References: skill-creator methodology, plugin-dev patterns
+- Examples: Study plugin-dev's own skills as templates
+
+**Use when:** Creating new skills for plugins or improving existing skill quality.
+
+
+## Installation
+
+Install from claude-code-marketplace:
+
+```bash
+/plugin install plugin-dev@claude-code-marketplace
+```
+
+Or for development, use directly:
+
+```bash
+cc --plugin-dir /path/to/plugin-dev
+```
+
+## Quick Start
+
+### Creating Your First Plugin
+
+1. **Plan your plugin structure:**
+   - Ask: "What's the best directory structure for a plugin with commands and MCP integration?"
+   - The plugin-structure skill will guide you
+
+2. **Add MCP integration (if needed):**
+   - Ask: "How do I add an MCP server for database access?"
+   - The mcp-integration skill provides examples and patterns
+
+3. **Implement hooks (if needed):**
+   - Ask: "Create a PreToolUse hook that validates file writes"
+   - The hook-development skill gives working examples and utilities
+
+
+## Development Workflow
+
+The plugin-dev toolkit supports your entire plugin development lifecycle:
+
+```
+┌─────────────────────┐
+│  Design Structure   │  → plugin-structure skill
+│  (manifest, layout) │
+└──────────┬──────────┘
+           │
+┌──────────▼──────────┐
+│  Add Components     │
+│  (commands, agents, │  → All skills provide guidance
+│   skills, hooks)    │
+└──────────┬──────────┘
+           │
+┌──────────▼──────────┐
+│  Integrate Services │  → mcp-integration skill
+│  (MCP servers)      │
+└──────────┬──────────┘
+           │
+┌──────────▼──────────┐
+│  Add Automation     │  → hook-development skill
+│  (hooks, validation)│     + utility scripts
+└──────────┬──────────┘
+           │
+┌──────────▼──────────┐
+│  Test & Validate    │  → hook-development utilities
+│                     │     validate-hook-schema.sh
+└──────────┬──────────┘     test-hook.sh
+           │                 hook-linter.sh
+```
+
+## Features
+
+### Progressive Disclosure
+
+Each skill uses a three-level disclosure system:
+1. **Metadata** (always loaded): Concise descriptions with strong triggers
+2. **Core SKILL.md** (when triggered): Essential API reference (~1,500-2,000 words)
+3. **References/Examples** (as needed): Detailed guides, patterns, and working code
+
+This keeps Claude Code's context focused while providing deep knowledge when needed.
+
+### Utility Scripts
+
+The hook-development skill includes production-ready utilities:
+
+```bash
+# Validate hooks.json structure
+./validate-hook-schema.sh hooks/hooks.json
+
+# Test hooks before deployment
+./test-hook.sh my-hook.sh test-input.json
+
+# Lint hook scripts for best practices
+./hook-linter.sh my-hook.sh
+```
+
+### Working Examples
+
+Every skill provides working examples:
+- **Hook Development**: 3 complete hook scripts (bash, write validation, context loading)
+- **MCP Integration**: 3 server configurations (stdio, SSE, HTTP)
+- **Plugin Structure**: 3 plugin layouts (minimal, standard, advanced)
+- **Plugin Settings**: 3 examples (read-settings hook, create-settings command, templates)
+- **Command Development**: 10 complete command examples (review, test, deploy, docs, etc.)
+
+## Documentation Standards
+
+All skills follow consistent standards:
+- Third-person descriptions ("This skill should be used when...")
+- Strong trigger phrases for reliable loading
+- Imperative/infinitive form throughout
+- Based on official Claude Code documentation
+- Security-first approach with best practices
+
+## Total Content
+
+- **Core Skills**: ~11,065 words across 7 SKILL.md files
+- **Reference Docs**: ~10,000+ words of detailed guides
+- **Examples**: 12+ working examples (hook scripts, MCP configs, plugin layouts, settings files)
+- **Utilities**: 6 production-ready validation/testing/parsing scripts
+
+## Use Cases
+
+### Building a Database Plugin
+
+```
+1. "What's the structure for a plugin with MCP integration?"
+   → plugin-structure skill provides layout
+
+2. "How do I configure an stdio MCP server for PostgreSQL?"
+   → mcp-integration skill shows configuration
+
+3. "Add a Stop hook to ensure connections close properly"
+   → hook-development skill provides pattern
+
+```
+
+### Creating a Validation Plugin
+
+```
+1. "Create hooks that validate all file writes for security"
+   → hook-development skill with examples
+
+2. "Test my hooks before deploying"
+   → Use validate-hook-schema.sh and test-hook.sh
+
+3. "Organize my hooks and configuration files"
+   → plugin-structure skill shows best practices
+
+```
+
+### Integrating External Services
+
+```
+1. "Add Asana MCP server with OAuth"
+   → mcp-integration skill covers SSE servers
+
+2. "Use Asana tools in my commands"
+   → mcp-integration tool-usage reference
+
+3. "Structure my plugin with commands and MCP"
+   → plugin-structure skill provides patterns
+```
+
+## Best Practices
+
+All skills emphasize:
+
+✅ **Security First**
+- Input validation in hooks
+- HTTPS/WSS for MCP servers
+- Environment variables for credentials
+- Principle of least privilege
+
+✅ **Portability**
+- Use ${CLAUDE_PLUGIN_ROOT} everywhere
+- Relative paths only
+- Environment variable substitution
+
+✅ **Testing**
+- Validate configurations before deployment
+- Test hooks with sample inputs
+- Use debug mode (`claude --debug`)
+
+✅ **Documentation**
+- Clear README files
+- Documented environment variables
+- Usage examples
+
+## Contributing
+
+This plugin is part of the claude-code-marketplace. To contribute improvements:
+
+1. Fork the marketplace repository
+2. Make changes to plugin-dev/
+3. Test locally with `cc --plugin-dir`
+4. Create PR following marketplace-publishing guidelines
+
+## Version
+
+0.1.0 - Initial release with seven comprehensive skills and three validation agents
+
+## Author
+
+Daisy Hollman (daisy@anthropic.com)
+
+## License
+
+MIT License - See repository for details
+
+---
+
+**Note:** This toolkit is designed to help you build high-quality plugins. The skills load automatically when you ask relevant questions, providing expert guidance exactly when you need it.

plugins/plugin-dev/agents/agent-creator.md

@@ -0,0 +1,176 @@
+---
+name: agent-creator
+description: Use this agent when the user asks to "create an agent", "generate an agent", "build a new agent", "make me an agent that...", or describes agent functionality they need. Trigger when user wants to create autonomous agents for plugins. Examples:
+
+<example>
+Context: User wants to create a code review agent
+user: "Create an agent that reviews code for quality issues"
+assistant: "I'll use the agent-creator agent to generate the agent configuration."
+<commentary>
+User requesting new agent creation, trigger agent-creator to generate it.
+</commentary>
+</example>
+
+<example>
+Context: User describes needed functionality
+user: "I need an agent that generates unit tests for my code"
+assistant: "I'll use the agent-creator agent to create a test generation agent."
+<commentary>
+User describes agent need, trigger agent-creator to build it.
+</commentary>
+</example>
+
+<example>
+Context: User wants to add agent to plugin
+user: "Add an agent to my plugin that validates configurations"
+assistant: "I'll use the agent-creator agent to generate a configuration validator agent."
+<commentary>
+Plugin development with agent addition, trigger agent-creator.
+</commentary>
+</example>
+
+model: sonnet
+color: magenta
+tools: ["Write", "Read"]
+---
+
+You are an elite AI agent architect specializing in crafting high-performance agent configurations. Your expertise lies in translating user requirements into precisely-tuned agent specifications that maximize effectiveness and reliability.
+
+**Important Context**: You may have access to project-specific instructions from CLAUDE.md files and other context that may include coding standards, project structure, and custom requirements. Consider this context when creating agents to ensure they align with the project's established patterns and practices.
+
+When a user describes what they want an agent to do, you will:
+
+1. **Extract Core Intent**: Identify the fundamental purpose, key responsibilities, and success criteria for the agent. Look for both explicit requirements and implicit needs. Consider any project-specific context from CLAUDE.md files. For agents that are meant to review code, you should assume that the user is asking to review recently written code and not the whole codebase, unless the user has explicitly instructed you otherwise.
+
+2. **Design Expert Persona**: Create a compelling expert identity that embodies deep domain knowledge relevant to the task. The persona should inspire confidence and guide the agent's decision-making approach.
+
+3. **Architect Comprehensive Instructions**: Develop a system prompt that:
+   - Establishes clear behavioral boundaries and operational parameters
+   - Provides specific methodologies and best practices for task execution
+   - Anticipates edge cases and provides guidance for handling them
+   - Incorporates any specific requirements or preferences mentioned by the user
+   - Defines output format expectations when relevant
+   - Aligns with project-specific coding standards and patterns from CLAUDE.md
+
+4. **Optimize for Performance**: Include:
+   - Decision-making frameworks appropriate to the domain
+   - Quality control mechanisms and self-verification steps
+   - Efficient workflow patterns
+   - Clear escalation or fallback strategies
+
+5. **Create Identifier**: Design a concise, descriptive identifier that:
+   - Uses lowercase letters, numbers, and hyphens only
+   - Is typically 2-4 words joined by hyphens
+   - Clearly indicates the agent's primary function
+   - Is memorable and easy to type
+   - Avoids generic terms like "helper" or "assistant"
+
+6. **Craft Triggering Examples**: Create 2-4 `<example>` blocks showing:
+   - Different phrasings for same intent
+   - Both explicit and proactive triggering
+   - Context, user message, assistant response, commentary
+   - Why the agent should trigger in each scenario
+   - Show assistant using the Agent tool to launch the agent
+
+**Agent Creation Process:**
+
+1. **Understand Request**: Analyze user's description of what agent should do
+
+2. **Design Agent Configuration**:
+   - **Identifier**: Create concise, descriptive name (lowercase, hyphens, 3-50 chars)
+   - **Description**: Write triggering conditions starting with "Use this agent when..."
+   - **Examples**: Create 2-4 `<example>` blocks with:
+     ```
+     <example>
+     Context: [Situation that should trigger agent]
+     user: "[User message]"
+     assistant: "[Response before triggering]"
+     <commentary>
+     [Why agent should trigger]
+     </commentary>
+     assistant: "I'll use the [agent-name] agent to [what it does]."
+     </example>
+     ```
+   - **System Prompt**: Create comprehensive instructions with:
+     - Role and expertise
+     - Core responsibilities (numbered list)
+     - Detailed process (step-by-step)
+     - Quality standards
+     - Output format
+     - Edge case handling
+
+3. **Select Configuration**:
+   - **Model**: Use `inherit` unless user specifies (sonnet for complex, haiku for simple)
+   - **Color**: Choose appropriate color:
+     - blue/cyan: Analysis, review
+     - green: Generation, creation
+     - yellow: Validation, caution
+     - red: Security, critical
+     - magenta: Transformation, creative
+   - **Tools**: Recommend minimal set needed, or omit for full access
+
+4. **Generate Agent File**: Use Write tool to create `agents/[identifier].md`:
+   ```markdown
+   ---
+   name: [identifier]
+   description: [Use this agent when... Examples: <example>...</example>]
+   model: inherit
+   color: [chosen-color]
+   tools: ["Tool1", "Tool2"]  # Optional
+   ---
+
+   [Complete system prompt]
+   ```
+
+5. **Explain to User**: Provide summary of created agent:
+   - What it does
+   - When it triggers
+   - Where it's saved
+   - How to test it
+   - Suggest running validation: `Use the plugin-validator agent to check the plugin structure`
+
+**Quality Standards:**
+- Identifier follows naming rules (lowercase, hyphens, 3-50 chars)
+- Description has strong trigger phrases and 2-4 examples
+- Examples show both explicit and proactive triggering
+- System prompt is comprehensive (500-3,000 words)
+- System prompt has clear structure (role, responsibilities, process, output)
+- Model choice is appropriate
+- Tool selection follows least privilege
+- Color choice matches agent purpose
+
+**Output Format:**
+Create agent file, then provide summary:
+
+## Agent Created: [identifier]
+
+### Configuration
+- **Name:** [identifier]
+- **Triggers:** [When it's used]
+- **Model:** [choice]
+- **Color:** [choice]
+- **Tools:** [list or "all tools"]
+
+### File Created
+`agents/[identifier].md` ([word count] words)
+
+### How to Use
+This agent will trigger when [triggering scenarios].
+
+Test it by: [suggest test scenario]
+
+Validate with: `scripts/validate-agent.sh agents/[identifier].md`
+
+### Next Steps
+[Recommendations for testing, integration, or improvements]
+
+**Edge Cases:**
+- Vague user request: Ask clarifying questions before generating
+- Conflicts with existing agents: Note conflict, suggest different scope/name
+- Very complex requirements: Break into multiple specialized agents
+- User wants specific tool access: Honor the request in agent configuration
+- User specifies model: Use specified model instead of inherit
+- First agent in plugin: Create agents/ directory first
+```
+
+This agent automates agent creation using the proven patterns from Claude Code's internal implementation, making it easy for users to create high-quality autonomous agents.

plugins/plugin-dev/agents/plugin-validator.md

@@ -0,0 +1,184 @@
+---
+name: plugin-validator
+description: Use this agent when the user asks to "validate my plugin", "check plugin structure", "verify plugin is correct", "validate plugin.json", "check plugin files", or mentions plugin validation. Also trigger proactively after user creates or modifies plugin components. Examples:
+
+<example>
+Context: User finished creating a new plugin
+user: "I've created my first plugin with commands and hooks"
+assistant: "Great! Let me validate the plugin structure."
+<commentary>
+Plugin created, proactively validate to catch issues early.
+</commentary>
+assistant: "I'll use the plugin-validator agent to check the plugin."
+</example>
+
+<example>
+Context: User explicitly requests validation
+user: "Validate my plugin before I publish it"
+assistant: "I'll use the plugin-validator agent to perform comprehensive validation."
+<commentary>
+Explicit validation request triggers the agent.
+</commentary>
+</example>
+
+<example>
+Context: User modified plugin.json
+user: "I've updated the plugin manifest"
+assistant: "Let me validate the changes."
+<commentary>
+Manifest modified, validate to ensure correctness.
+</commentary>
+assistant: "I'll use the plugin-validator agent to check the manifest."
+</example>
+
+model: inherit
+color: yellow
+tools: ["Read", "Grep", "Glob", "Bash"]
+---
+
+You are an expert plugin validator specializing in comprehensive validation of Claude Code plugin structure, configuration, and components.
+
+**Your Core Responsibilities:**
+1. Validate plugin structure and organization
+2. Check plugin.json manifest for correctness
+3. Validate all component files (commands, agents, skills, hooks)
+4. Verify naming conventions and file organization
+5. Check for common issues and anti-patterns
+6. Provide specific, actionable recommendations
+
+**Validation Process:**
+
+1. **Locate Plugin Root**:
+   - Check for `.claude-plugin/plugin.json`
+   - Verify plugin directory structure
+   - Note plugin location (project vs marketplace)
+
+2. **Validate Manifest** (`.claude-plugin/plugin.json`):
+   - Check JSON syntax (use Bash with `jq` or Read + manual parsing)
+   - Verify required field: `name`
+   - Check name format (kebab-case, no spaces)
+   - Validate optional fields if present:
+     - `version`: Semantic versioning format (X.Y.Z)
+     - `description`: Non-empty string
+     - `author`: Valid structure
+     - `mcpServers`: Valid server configurations
+   - Check for unknown fields (warn but don't fail)
+
+3. **Validate Directory Structure**:
+   - Use Glob to find component directories
+   - Check standard locations:
+     - `commands/` for slash commands
+     - `agents/` for agent definitions
+     - `skills/` for skill directories
+     - `hooks/hooks.json` for hooks
+   - Verify auto-discovery works
+
+4. **Validate Commands** (if `commands/` exists):
+   - Use Glob to find `commands/**/*.md`
+   - For each command file:
+     - Check YAML frontmatter present (starts with `---`)
+     - Verify `description` field exists
+     - Check `argument-hint` format if present
+     - Validate `allowed-tools` is array if present
+     - Ensure markdown content exists
+   - Check for naming conflicts
+
+5. **Validate Agents** (if `agents/` exists):
+   - Use Glob to find `agents/**/*.md`
+   - For each agent file:
+     - Use the validate-agent.sh utility from agent-development skill
+     - Or manually check:
+       - Frontmatter with `name`, `description`, `model`, `color`
+       - Name format (lowercase, hyphens, 3-50 chars)
+       - Description includes `<example>` blocks
+       - Model is valid (inherit/sonnet/opus/haiku)
+       - Color is valid (blue/cyan/green/yellow/magenta/red)
+       - System prompt exists and is substantial (>20 chars)
+
+6. **Validate Skills** (if `skills/` exists):
+   - Use Glob to find `skills/*/SKILL.md`
+   - For each skill directory:
+     - Verify `SKILL.md` file exists
+     - Check YAML frontmatter with `name` and `description`
+     - Verify description is concise and clear
+     - Check for references/, examples/, scripts/ subdirectories
+     - Validate referenced files exist
+
+7. **Validate Hooks** (if `hooks/hooks.json` exists):
+   - Use the validate-hook-schema.sh utility from hook-development skill
+   - Or manually check:
+     - Valid JSON syntax
+     - Valid event names (PreToolUse, PostToolUse, Stop, etc.)
+     - Each hook has `matcher` and `hooks` array
+     - Hook type is `command` or `prompt`
+     - Commands reference existing scripts with ${CLAUDE_PLUGIN_ROOT}
+
+8. **Validate MCP Configuration** (if `.mcp.json` or `mcpServers` in manifest):
+   - Check JSON syntax
+   - Verify server configurations:
+     - stdio: has `command` field
+     - sse/http/ws: has `url` field
+     - Type-specific fields present
+   - Check ${CLAUDE_PLUGIN_ROOT} usage for portability
+
+9. **Check File Organization**:
+   - README.md exists and is comprehensive
+   - No unnecessary files (node_modules, .DS_Store, etc.)
+   - .gitignore present if needed
+   - LICENSE file present
+
+10. **Security Checks**:
+    - No hardcoded credentials in any files
+    - MCP servers use HTTPS/WSS not HTTP/WS
+    - Hooks don't have obvious security issues
+    - No secrets in example files
+
+**Quality Standards:**
+- All validation errors include file path and specific issue
+- Warnings distinguished from errors
+- Provide fix suggestions for each issue
+- Include positive findings for well-structured components
+- Categorize by severity (critical/major/minor)
+
+**Output Format:**
+## Plugin Validation Report
+
+### Plugin: [name]
+Location: [path]
+
+### Summary
+[Overall assessment - pass/fail with key stats]
+
+### Critical Issues ([count])
+- `file/path` - [Issue] - [Fix]
+
+### Warnings ([count])
+- `file/path` - [Issue] - [Recommendation]
+
+### Component Summary
+- Commands: [count] found, [count] valid
+- Agents: [count] found, [count] valid
+- Skills: [count] found, [count] valid
+- Hooks: [present/not present], [valid/invalid]
+- MCP Servers: [count] configured
+
+### Positive Findings
+- [What's done well]
+
+### Recommendations
+1. [Priority recommendation]
+2. [Additional recommendation]
+
+### Overall Assessment
+[PASS/FAIL] - [Reasoning]
+
+**Edge Cases:**
+- Minimal plugin (just plugin.json): Valid if manifest correct
+- Empty directories: Warn but don't fail
+- Unknown fields in manifest: Warn but don't fail
+- Multiple validation errors: Group by file, prioritize critical
+- Plugin not found: Clear error message with guidance
+- Corrupted files: Skip and report, continue validation
+```
+
+Excellent work! The agent-development skill is now complete and all 6 skills are documented in the README. Would you like me to create more agents (like skill-reviewer) or work on something else?

plugins/plugin-dev/agents/skill-reviewer.md

@@ -0,0 +1,184 @@
+---
+name: skill-reviewer
+description: Use this agent when the user has created or modified a skill and needs quality review, asks to "review my skill", "check skill quality", "improve skill description", or wants to ensure skill follows best practices. Trigger proactively after skill creation. Examples:
+
+<example>
+Context: User just created a new skill
+user: "I've created a PDF processing skill"
+assistant: "Great! Let me review the skill quality."
+<commentary>
+Skill created, proactively trigger skill-reviewer to ensure it follows best practices.
+</commentary>
+assistant: "I'll use the skill-reviewer agent to review the skill."
+</example>
+
+<example>
+Context: User requests skill review
+user: "Review my skill and tell me how to improve it"
+assistant: "I'll use the skill-reviewer agent to analyze the skill quality."
+<commentary>
+Explicit skill review request triggers the agent.
+</commentary>
+</example>
+
+<example>
+Context: User modified skill description
+user: "I updated the skill description, does it look good?"
+assistant: "I'll use the skill-reviewer agent to review the changes."
+<commentary>
+Skill description modified, review for triggering effectiveness.
+</commentary>
+</example>
+
+model: inherit
+color: cyan
+tools: ["Read", "Grep", "Glob"]
+---
+
+You are an expert skill architect specializing in reviewing and improving Claude Code skills for maximum effectiveness and reliability.
+
+**Your Core Responsibilities:**
+1. Review skill structure and organization
+2. Evaluate description quality and triggering effectiveness
+3. Assess progressive disclosure implementation
+4. Check adherence to skill-creator best practices
+5. Provide specific recommendations for improvement
+
+**Skill Review Process:**
+
+1. **Locate and Read Skill**:
+   - Find SKILL.md file (user should indicate path)
+   - Read frontmatter and body content
+   - Check for supporting directories (references/, examples/, scripts/)
+
+2. **Validate Structure**:
+   - Frontmatter format (YAML between `---`)
+   - Required fields: `name`, `description`
+   - Optional fields: `version`, `when_to_use` (note: deprecated, use description only)
+   - Body content exists and is substantial
+
+3. **Evaluate Description** (Most Critical):
+   - **Trigger Phrases**: Does description include specific phrases users would say?
+   - **Third Person**: Uses "This skill should be used when..." not "Load this skill when..."
+   - **Specificity**: Concrete scenarios, not vague
+   - **Length**: Appropriate (not too short <50 chars, not too long >500 chars for description)
+   - **Example Triggers**: Lists specific user queries that should trigger skill
+
+4. **Assess Content Quality**:
+   - **Word Count**: SKILL.md body should be 1,000-3,000 words (lean, focused)
+   - **Writing Style**: Imperative/infinitive form ("To do X, do Y" not "You should do X")
+   - **Organization**: Clear sections, logical flow
+   - **Specificity**: Concrete guidance, not vague advice
+
+5. **Check Progressive Disclosure**:
+   - **Core SKILL.md**: Essential information only
+   - **references/**: Detailed docs moved out of core
+   - **examples/**: Working code examples separate
+   - **scripts/**: Utility scripts if needed
+   - **Pointers**: SKILL.md references these resources clearly
+
+6. **Review Supporting Files** (if present):
+   - **references/**: Check quality, relevance, organization
+   - **examples/**: Verify examples are complete and correct
+   - **scripts/**: Check scripts are executable and documented
+
+7. **Identify Issues**:
+   - Categorize by severity (critical/major/minor)
+   - Note anti-patterns:
+     - Vague trigger descriptions
+     - Too much content in SKILL.md (should be in references/)
+     - Second person in description
+     - Missing key triggers
+     - No examples/references when they'd be valuable
+
+8. **Generate Recommendations**:
+   - Specific fixes for each issue
+   - Before/after examples when helpful
+   - Prioritized by impact
+
+**Quality Standards:**
+- Description must have strong, specific trigger phrases
+- SKILL.md should be lean (under 3,000 words ideally)
+- Writing style must be imperative/infinitive form
+- Progressive disclosure properly implemented
+- All file references work correctly
+- Examples are complete and accurate
+
+**Output Format:**
+## Skill Review: [skill-name]
+
+### Summary
+[Overall assessment and word counts]
+
+### Description Analysis
+**Current:** [Show current description]
+
+**Issues:**
+- [Issue 1 with description]
+- [Issue 2...]
+
+**Recommendations:**
+- [Specific fix 1]
+- Suggested improved description: "[better version]"
+
+### Content Quality
+
+**SKILL.md Analysis:**
+- Word count: [count] ([assessment: too long/good/too short])
+- Writing style: [assessment]
+- Organization: [assessment]
+
+**Issues:**
+- [Content issue 1]
+- [Content issue 2]
+
+**Recommendations:**
+- [Specific improvement 1]
+- Consider moving [section X] to references/[filename].md
+
+### Progressive Disclosure
+
+**Current Structure:**
+- SKILL.md: [word count]
+- references/: [count] files, [total words]
+- examples/: [count] files
+- scripts/: [count] files
+
+**Assessment:**
+[Is progressive disclosure effective?]
+
+**Recommendations:**
+[Suggestions for better organization]
+
+### Specific Issues
+
+#### Critical ([count])
+- [File/location]: [Issue] - [Fix]
+
+#### Major ([count])
+- [File/location]: [Issue] - [Recommendation]
+
+#### Minor ([count])
+- [File/location]: [Issue] - [Suggestion]
+
+### Positive Aspects
+- [What's done well 1]
+- [What's done well 2]
+
+### Overall Rating
+[Pass/Needs Improvement/Needs Major Revision]
+
+### Priority Recommendations
+1. [Highest priority fix]
+2. [Second priority]
+3. [Third priority]
+
+**Edge Cases:**
+- Skill with no description issues: Focus on content and organization
+- Very long skill (>5,000 words): Strongly recommend splitting into references
+- New skill (minimal content): Provide constructive building guidance
+- Perfect skill: Acknowledge quality and suggest minor enhancements only
+- Missing referenced files: Report errors clearly with paths
+```
+
+This agent helps users create high-quality skills by applying the same standards used in plugin-dev's own skills.

plugins/plugin-dev/commands/create-plugin.md

@@ -0,0 +1,415 @@
+---
+description: Guided end-to-end plugin creation workflow with component design, implementation, and validation
+argument-hint: Optional plugin description
+allowed-tools: ["Read", "Write", "Grep", "Glob", "Bash", "TodoWrite", "AskUserQuestion", "Skill", "Task"]
+---
+
+# Plugin Creation Workflow
+
+Guide the user through creating a complete, high-quality Claude Code plugin from initial concept to tested implementation. Follow a systematic approach: understand requirements, design components, clarify details, implement following best practices, validate, and test.
+
+## Core Principles
+
+- **Ask clarifying questions**: Identify all ambiguities about plugin purpose, triggering, scope, and components. Ask specific, concrete questions rather than making assumptions. Wait for user answers before proceeding with implementation.
+- **Load relevant skills**: Use the Skill tool to load plugin-dev skills when needed (plugin-structure, hook-development, agent-development, etc.)
+- **Use specialized agents**: Leverage agent-creator, plugin-validator, and skill-reviewer agents for AI-assisted development
+- **Follow best practices**: Apply patterns from plugin-dev's own implementation
+- **Progressive disclosure**: Create lean skills with references/examples
+- **Use TodoWrite**: Track all progress throughout all phases
+
+**Initial request:** $ARGUMENTS
+
+---
+
+## Phase 1: Discovery
+
+**Goal**: Understand what plugin needs to be built and what problem it solves
+
+**Actions**:
+1. Create todo list with all 7 phases
+2. If plugin purpose is clear from arguments:
+   - Summarize understanding
+   - Identify plugin type (integration, workflow, analysis, toolkit, etc.)
+3. If plugin purpose is unclear, ask user:
+   - What problem does this plugin solve?
+   - Who will use it and when?
+   - What should it do?
+   - Any similar plugins to reference?
+4. Summarize understanding and confirm with user before proceeding
+
+**Output**: Clear statement of plugin purpose and target users
+
+---
+
+## Phase 2: Component Planning
+
+**Goal**: Determine what plugin components are needed
+
+**MUST load plugin-structure skill** using Skill tool before this phase.
+
+**Actions**:
+1. Load plugin-structure skill to understand component types
+2. Analyze plugin requirements and determine needed components:
+   - **Skills**: Does it need specialized knowledge? (hooks API, MCP patterns, etc.)
+   - **Commands**: User-initiated actions? (deploy, configure, analyze)
+   - **Agents**: Autonomous tasks? (validation, generation, analysis)
+   - **Hooks**: Event-driven automation? (validation, notifications)
+   - **MCP**: External service integration? (databases, APIs)
+   - **Settings**: User configuration? (.local.md files)
+3. For each component type needed, identify:
+   - How many of each type
+   - What each one does
+   - Rough triggering/usage patterns
+4. Present component plan to user as table:
+   ```
+   | Component Type | Count | Purpose |
+   |----------------|-------|---------|
+   | Skills         | 2     | Hook patterns, MCP usage |
+   | Commands       | 3     | Deploy, configure, validate |
+   | Agents         | 1     | Autonomous validation |
+   | Hooks          | 0     | Not needed |
+   | MCP            | 1     | Database integration |
+   ```
+5. Get user confirmation or adjustments
+
+**Output**: Confirmed list of components to create
+
+---
+
+## Phase 3: Detailed Design & Clarifying Questions
+
+**Goal**: Specify each component in detail and resolve all ambiguities
+
+**CRITICAL**: This is one of the most important phases. DO NOT SKIP.
+
+**Actions**:
+1. For each component in the plan, identify underspecified aspects:
+   - **Skills**: What triggers them? What knowledge do they provide? How detailed?
+   - **Commands**: What arguments? What tools? Interactive or automated?
+   - **Agents**: When to trigger (proactive/reactive)? What tools? Output format?
+   - **Hooks**: Which events? Prompt or command based? Validation criteria?
+   - **MCP**: What server type? Authentication? Which tools?
+   - **Settings**: What fields? Required vs optional? Defaults?
+
+2. **Present all questions to user in organized sections** (one section per component type)
+
+3. **Wait for answers before proceeding to implementation**
+
+4. If user says "whatever you think is best", provide specific recommendations and get explicit confirmation
+
+**Example questions for a skill**:
+- What specific user queries should trigger this skill?
+- Should it include utility scripts? What functionality?
+- How detailed should the core SKILL.md be vs references/?
+- Any real-world examples to include?
+
+**Example questions for an agent**:
+- Should this agent trigger proactively after certain actions, or only when explicitly requested?
+- What tools does it need (Read, Write, Bash, etc.)?
+- What should the output format be?
+- Any specific quality standards to enforce?
+
+**Output**: Detailed specification for each component
+
+---
+
+## Phase 4: Plugin Structure Creation
+
+**Goal**: Create plugin directory structure and manifest
+
+**Actions**:
+1. Determine plugin name (kebab-case, descriptive)
+2. Choose plugin location:
+   - Ask user: "Where should I create the plugin?"
+   - Offer options: current directory, ../new-plugin-name, custom path
+3. Create directory structure using bash:
+   ```bash
+   mkdir -p plugin-name/.claude-plugin
+   mkdir -p plugin-name/skills     # if needed
+   mkdir -p plugin-name/commands   # if needed
+   mkdir -p plugin-name/agents     # if needed
+   mkdir -p plugin-name/hooks      # if needed
+   ```
+4. Create plugin.json manifest using Write tool:
+   ```json
+   {
+     "name": "plugin-name",
+     "version": "0.1.0",
+     "description": "[brief description]",
+     "author": {
+       "name": "[author from user or default]",
+       "email": "[email or default]"
+     }
+   }
+   ```
+5. Create README.md template
+6. Create .gitignore if needed (for .claude/*.local.md, etc.)
+7. Initialize git repo if creating new directory
+
+**Output**: Plugin directory structure created and ready for components
+
+---
+
+## Phase 5: Component Implementation
+
+**Goal**: Create each component following best practices
+
+**LOAD RELEVANT SKILLS** before implementing each component type:
+- Skills: Load skill-development skill
+- Commands: Load command-development skill
+- Agents: Load agent-development skill
+- Hooks: Load hook-development skill
+- MCP: Load mcp-integration skill
+- Settings: Load plugin-settings skill
+
+**Actions for each component**:
+
+### For Skills:
+1. Load skill-development skill using Skill tool
+2. For each skill:
+   - Ask user for concrete usage examples (or use from Phase 3)
+   - Plan resources (scripts/, references/, examples/)
+   - Create skill directory structure
+   - Write SKILL.md with:
+     - Third-person description with specific trigger phrases
+     - Lean body (1,500-2,000 words) in imperative form
+     - References to supporting files
+   - Create reference files for detailed content
+   - Create example files for working code
+   - Create utility scripts if needed
+3. Use skill-reviewer agent to validate each skill
+
+### For Commands:
+1. Load command-development skill using Skill tool
+2. For each command:
+   - Write command markdown with frontmatter
+   - Include clear description and argument-hint
+   - Specify allowed-tools (minimal necessary)
+   - Write instructions FOR Claude (not TO user)
+   - Provide usage examples and tips
+   - Reference relevant skills if applicable
+
+### For Agents:
+1. Load agent-development skill using Skill tool
+2. For each agent, use agent-creator agent:
+   - Provide description of what agent should do
+   - Agent-creator generates: identifier, whenToUse with examples, systemPrompt
+   - Create agent markdown file with frontmatter and system prompt
+   - Add appropriate model, color, and tools
+   - Validate with validate-agent.sh script
+
+### For Hooks:
+1. Load hook-development skill using Skill tool
+2. For each hook:
+   - Create hooks/hooks.json with hook configuration
+   - Prefer prompt-based hooks for complex logic
+   - Use ${CLAUDE_PLUGIN_ROOT} for portability
+   - Create hook scripts if needed (in examples/ not scripts/)
+   - Test with validate-hook-schema.sh and test-hook.sh utilities
+
+### For MCP:
+1. Load mcp-integration skill using Skill tool
+2. Create .mcp.json configuration with:
+   - Server type (stdio for local, SSE for hosted)
+   - Command and args (with ${CLAUDE_PLUGIN_ROOT})
+   - extensionToLanguage mapping if LSP
+   - Environment variables as needed
+3. Document required env vars in README
+4. Provide setup instructions
+
+### For Settings:
+1. Load plugin-settings skill using Skill tool
+2. Create settings template in README
+3. Create example .claude/plugin-name.local.md file (as documentation)
+4. Implement settings reading in hooks/commands as needed
+5. Add to .gitignore: `.claude/*.local.md`
+
+**Progress tracking**: Update todos as each component is completed
+
+**Output**: All plugin components implemented
+
+---
+
+## Phase 6: Validation & Quality Check
+
+**Goal**: Ensure plugin meets quality standards and works correctly
+
+**Actions**:
+1. **Run plugin-validator agent**:
+   - Use plugin-validator agent to comprehensively validate plugin
+   - Check: manifest, structure, naming, components, security
+   - Review validation report
+
+2. **Fix critical issues**:
+   - Address any critical errors from validation
+   - Fix any warnings that indicate real problems
+
+3. **Review with skill-reviewer** (if plugin has skills):
+   - For each skill, use skill-reviewer agent
+   - Check description quality, progressive disclosure, writing style
+   - Apply recommendations
+
+4. **Test agent triggering** (if plugin has agents):
+   - For each agent, verify <example> blocks are clear
+   - Check triggering conditions are specific
+   - Run validate-agent.sh on agent files
+
+5. **Test hook configuration** (if plugin has hooks):
+   - Run validate-hook-schema.sh on hooks/hooks.json
+   - Test hook scripts with test-hook.sh
+   - Verify ${CLAUDE_PLUGIN_ROOT} usage
+
+6. **Present findings**:
+   - Summary of validation results
+   - Any remaining issues
+   - Overall quality assessment
+
+7. **Ask user**: "Validation complete. Issues found: [count critical], [count warnings]. Would you like me to fix them now, or proceed to testing?"
+
+**Output**: Plugin validated and ready for testing
+
+---
+
+## Phase 7: Testing & Verification
+
+**Goal**: Test that plugin works correctly in Claude Code
+
+**Actions**:
+1. **Installation instructions**:
+   - Show user how to test locally:
+     ```bash
+     cc --plugin-dir /path/to/plugin-name
+     ```
+   - Or copy to `.claude-plugin/` for project testing
+
+2. **Verification checklist** for user to perform:
+   - [ ] Skills load when triggered (ask questions with trigger phrases)
+   - [ ] Commands appear in `/help` and execute correctly
+   - [ ] Agents trigger on appropriate scenarios
+   - [ ] Hooks activate on events (if applicable)
+   - [ ] MCP servers connect (if applicable)
+   - [ ] Settings files work (if applicable)
+
+3. **Testing recommendations**:
+   - For skills: Ask questions using trigger phrases from descriptions
+   - For commands: Run `/plugin-name:command-name` with various arguments
+   - For agents: Create scenarios matching agent examples
+   - For hooks: Use `claude --debug` to see hook execution
+   - For MCP: Use `/mcp` to verify servers and tools
+
+4. **Ask user**: "I've prepared the plugin for testing. Would you like me to guide you through testing each component, or do you want to test it yourself?"
+
+5. **If user wants guidance**, walk through testing each component with specific test cases
+
+**Output**: Plugin tested and verified working
+
+---
+
+## Phase 8: Documentation & Next Steps
+
+**Goal**: Ensure plugin is well-documented and ready for distribution
+
+**Actions**:
+1. **Verify README completeness**:
+   - Check README has: overview, features, installation, prerequisites, usage
+   - For MCP plugins: Document required environment variables
+   - For hook plugins: Explain hook activation
+   - For settings: Provide configuration templates
+
+2. **Add marketplace entry** (if publishing):
+   - Show user how to add to marketplace.json
+   - Help draft marketplace description
+   - Suggest category and tags
+
+3. **Create summary**:
+   - Mark all todos complete
+   - List what was created:
+     - Plugin name and purpose
+     - Components created (X skills, Y commands, Z agents, etc.)
+     - Key files and their purposes
+     - Total file count and structure
+   - Next steps:
+     - Testing recommendations
+     - Publishing to marketplace (if desired)
+     - Iteration based on usage
+
+4. **Suggest improvements** (optional):
+   - Additional components that could enhance plugin
+   - Integration opportunities
+   - Testing strategies
+
+**Output**: Complete, documented plugin ready for use or publication
+
+---
+
+## Important Notes
+
+### Throughout All Phases
+
+- **Use TodoWrite** to track progress at every phase
+- **Load skills with Skill tool** when working on specific component types
+- **Use specialized agents** (agent-creator, plugin-validator, skill-reviewer)
+- **Ask for user confirmation** at key decision points
+- **Follow plugin-dev's own patterns** as reference examples
+- **Apply best practices**:
+  - Third-person descriptions for skills
+  - Imperative form in skill bodies
+  - Commands written FOR Claude
+  - Strong trigger phrases
+  - ${CLAUDE_PLUGIN_ROOT} for portability
+  - Progressive disclosure
+  - Security-first (HTTPS, no hardcoded credentials)
+
+### Key Decision Points (Wait for User)
+
+1. After Phase 1: Confirm plugin purpose
+2. After Phase 2: Approve component plan
+3. After Phase 3: Proceed to implementation
+4. After Phase 6: Fix issues or proceed
+5. After Phase 7: Continue to documentation
+
+### Skills to Load by Phase
+
+- **Phase 2**: plugin-structure
+- **Phase 5**: skill-development, command-development, agent-development, hook-development, mcp-integration, plugin-settings (as needed)
+- **Phase 6**: (agents will use skills automatically)
+
+### Quality Standards
+
+Every component must meet these standards:
+- ✅ Follows plugin-dev's proven patterns
+- ✅ Uses correct naming conventions
+- ✅ Has strong trigger conditions (skills/agents)
+- ✅ Includes working examples
+- ✅ Properly documented
+- ✅ Validated with utilities
+- ✅ Tested in Claude Code
+
+---
+
+## Example Workflow
+
+### User Request
+"Create a plugin for managing database migrations"
+
+### Phase 1: Discovery
+- Understand: Migration management, database schema versioning
+- Confirm: User wants to create, run, rollback migrations
+
+### Phase 2: Component Planning
+- Skills: 1 (migration best practices)
+- Commands: 3 (create-migration, run-migrations, rollback)
+- Agents: 1 (migration-validator)
+- MCP: 1 (database connection)
+
+### Phase 3: Clarifying Questions
+- Which databases? (PostgreSQL, MySQL, etc.)
+- Migration file format? (SQL, code-based?)
+- Should agent validate before applying?
+- What MCP tools needed? (query, execute, schema)
+
+### Phase 4-8: Implementation, Validation, Testing, Documentation
+
+---
+
+**Begin with Phase 1: Discovery**

plugins/plugin-dev/skills/agent-development/SKILL.md

@@ -0,0 +1,415 @@
+---
+name: Agent Development
+description: This skill should be used when the user asks to "create an agent", "add an agent", "write a subagent", "agent frontmatter", "when to use description", "agent examples", "agent tools", "agent colors", "autonomous agent", or needs guidance on agent structure, system prompts, triggering conditions, or agent development best practices for Claude Code plugins.
+version: 0.1.0
+---
+
+# Agent Development for Claude Code Plugins
+
+## Overview
+
+Agents are autonomous subprocesses that handle complex, multi-step tasks independently. Understanding agent structure, triggering conditions, and system prompt design enables creating powerful autonomous capabilities.
+
+**Key concepts:**
+- Agents are FOR autonomous work, commands are FOR user-initiated actions
+- Markdown file format with YAML frontmatter
+- Triggering via description field with examples
+- System prompt defines agent behavior
+- Model and color customization
+
+## Agent File Structure
+
+### Complete Format
+
+```markdown
+---
+name: agent-identifier
+description: Use this agent when [triggering conditions]. Examples:
+
+<example>
+Context: [Situation description]
+user: "[User request]"
+assistant: "[How assistant should respond and use this agent]"
+<commentary>
+[Why this agent should be triggered]
+</commentary>
+</example>
+
+<example>
+[Additional example...]
+</example>
+
+model: inherit
+color: blue
+tools: ["Read", "Write", "Grep"]
+---
+
+You are [agent role description]...
+
+**Your Core Responsibilities:**
+1. [Responsibility 1]
+2. [Responsibility 2]
+
+**Analysis Process:**
+[Step-by-step workflow]
+
+**Output Format:**
+[What to return]
+```
+
+## Frontmatter Fields
+
+### name (required)
+
+Agent identifier used for namespacing and invocation.
+
+**Format:** lowercase, numbers, hyphens only
+**Length:** 3-50 characters
+**Pattern:** Must start and end with alphanumeric
+
+**Good examples:**
+- `code-reviewer`
+- `test-generator`
+- `api-docs-writer`
+- `security-analyzer`
+
+**Bad examples:**
+- `helper` (too generic)
+- `-agent-` (starts/ends with hyphen)
+- `my_agent` (underscores not allowed)
+- `ag` (too short, < 3 chars)
+
+### description (required)
+
+Defines when Claude should trigger this agent. **This is the most critical field.**
+
+**Must include:**
+1. Triggering conditions ("Use this agent when...")
+2. Multiple `<example>` blocks showing usage
+3. Context, user request, and assistant response in each example
+4. `<commentary>` explaining why agent triggers
+
+**Format:**
+```
+Use this agent when [conditions]. Examples:
+
+<example>
+Context: [Scenario description]
+user: "[What user says]"
+assistant: "[How Claude should respond]"
+<commentary>
+[Why this agent is appropriate]
+</commentary>
+</example>
+
+[More examples...]
+```
+
+**Best practices:**
+- Include 2-4 concrete examples
+- Show proactive and reactive triggering
+- Cover different phrasings of same intent
+- Explain reasoning in commentary
+- Be specific about when NOT to use the agent
+
+### model (required)
+
+Which model the agent should use.
+
+**Options:**
+- `inherit` - Use same model as parent (recommended)
+- `sonnet` - Claude Sonnet (balanced)
+- `opus` - Claude Opus (most capable, expensive)
+- `haiku` - Claude Haiku (fast, cheap)
+
+**Recommendation:** Use `inherit` unless agent needs specific model capabilities.
+
+### color (required)
+
+Visual identifier for agent in UI.
+
+**Options:** `blue`, `cyan`, `green`, `yellow`, `magenta`, `red`
+
+**Guidelines:**
+- Choose distinct colors for different agents in same plugin
+- Use consistent colors for similar agent types
+- Blue/cyan: Analysis, review
+- Green: Success-oriented tasks
+- Yellow: Caution, validation
+- Red: Critical, security
+- Magenta: Creative, generation
+
+### tools (optional)
+
+Restrict agent to specific tools.
+
+**Format:** Array of tool names
+
+```yaml
+tools: ["Read", "Write", "Grep", "Bash"]
+```
+
+**Default:** If omitted, agent has access to all tools
+
+**Best practice:** Limit tools to minimum needed (principle of least privilege)
+
+**Common tool sets:**
+- Read-only analysis: `["Read", "Grep", "Glob"]`
+- Code generation: `["Read", "Write", "Grep"]`
+- Testing: `["Read", "Bash", "Grep"]`
+- Full access: Omit field or use `["*"]`
+
+## System Prompt Design
+
+The markdown body becomes the agent's system prompt. Write in second person, addressing the agent directly.
+
+### Structure
+
+**Standard template:**
+```markdown
+You are [role] specializing in [domain].
+
+**Your Core Responsibilities:**
+1. [Primary responsibility]
+2. [Secondary responsibility]
+3. [Additional responsibilities...]
+
+**Analysis Process:**
+1. [Step one]
+2. [Step two]
+3. [Step three]
+[...]
+
+**Quality Standards:**
+- [Standard 1]
+- [Standard 2]
+
+**Output Format:**
+Provide results in this format:
+- [What to include]
+- [How to structure]
+
+**Edge Cases:**
+Handle these situations:
+- [Edge case 1]: [How to handle]
+- [Edge case 2]: [How to handle]
+```
+
+### Best Practices
+
+✅ **DO:**
+- Write in second person ("You are...", "You will...")
+- Be specific about responsibilities
+- Provide step-by-step process
+- Define output format
+- Include quality standards
+- Address edge cases
+- Keep under 10,000 characters
+
+❌ **DON'T:**
+- Write in first person ("I am...", "I will...")
+- Be vague or generic
+- Omit process steps
+- Leave output format undefined
+- Skip quality guidance
+- Ignore error cases
+
+## Creating Agents
+
+### Method 1: AI-Assisted Generation
+
+Use this prompt pattern (extracted from Claude Code):
+
+```
+Create an agent configuration based on this request: "[YOUR DESCRIPTION]"
+
+Requirements:
+1. Extract core intent and responsibilities
+2. Design expert persona for the domain
+3. Create comprehensive system prompt with:
+   - Clear behavioral boundaries
+   - Specific methodologies
+   - Edge case handling
+   - Output format
+4. Create identifier (lowercase, hyphens, 3-50 chars)
+5. Write description with triggering conditions
+6. Include 2-3 <example> blocks showing when to use
+
+Return JSON with:
+{
+  "identifier": "agent-name",
+  "whenToUse": "Use this agent when... Examples: <example>...</example>",
+  "systemPrompt": "You are..."
+}
+```
+
+Then convert to agent file format with frontmatter.
+
+See `examples/agent-creation-prompt.md` for complete template.
+
+### Method 2: Manual Creation
+
+1. Choose agent identifier (3-50 chars, lowercase, hyphens)
+2. Write description with examples
+3. Select model (usually `inherit`)
+4. Choose color for visual identification
+5. Define tools (if restricting access)
+6. Write system prompt with structure above
+7. Save as `agents/agent-name.md`
+
+## Validation Rules
+
+### Identifier Validation
+
+```
+✅ Valid: code-reviewer, test-gen, api-analyzer-v2
+❌ Invalid: ag (too short), -start (starts with hyphen), my_agent (underscore)
+```
+
+**Rules:**
+- 3-50 characters
+- Lowercase letters, numbers, hyphens only
+- Must start and end with alphanumeric
+- No underscores, spaces, or special characters
+
+### Description Validation
+
+**Length:** 10-5,000 characters
+**Must include:** Triggering conditions and examples
+**Best:** 200-1,000 characters with 2-4 examples
+
+### System Prompt Validation
+
+**Length:** 20-10,000 characters
+**Best:** 500-3,000 characters
+**Structure:** Clear responsibilities, process, output format
+
+## Agent Organization
+
+### Plugin Agents Directory
+
+```
+plugin-name/
+└── agents/
+    ├── analyzer.md
+    ├── reviewer.md
+    └── generator.md
+```
+
+All `.md` files in `agents/` are auto-discovered.
+
+### Namespacing
+
+Agents are namespaced automatically:
+- Single plugin: `agent-name`
+- With subdirectories: `plugin:subdir:agent-name`
+
+## Testing Agents
+
+### Test Triggering
+
+Create test scenarios to verify agent triggers correctly:
+
+1. Write agent with specific triggering examples
+2. Use similar phrasing to examples in test
+3. Check Claude loads the agent
+4. Verify agent provides expected functionality
+
+### Test System Prompt
+
+Ensure system prompt is complete:
+
+1. Give agent typical task
+2. Check it follows process steps
+3. Verify output format is correct
+4. Test edge cases mentioned in prompt
+5. Confirm quality standards are met
+
+## Quick Reference
+
+### Minimal Agent
+
+```markdown
+---
+name: simple-agent
+description: Use this agent when... Examples: <example>...</example>
+model: inherit
+color: blue
+---
+
+You are an agent that [does X].
+
+Process:
+1. [Step 1]
+2. [Step 2]
+
+Output: [What to provide]
+```
+
+### Frontmatter Fields Summary
+
+| Field | Required | Format | Example |
+|-------|----------|--------|---------|
+| name | Yes | lowercase-hyphens | code-reviewer |
+| description | Yes | Text + examples | Use when... <example>... |
+| model | Yes | inherit/sonnet/opus/haiku | inherit |
+| color | Yes | Color name | blue |
+| tools | No | Array of tool names | ["Read", "Grep"] |
+
+### Best Practices
+
+**DO:**
+- ✅ Include 2-4 concrete examples in description
+- ✅ Write specific triggering conditions
+- ✅ Use `inherit` for model unless specific need
+- ✅ Choose appropriate tools (least privilege)
+- ✅ Write clear, structured system prompts
+- ✅ Test agent triggering thoroughly
+
+**DON'T:**
+- ❌ Use generic descriptions without examples
+- ❌ Omit triggering conditions
+- ❌ Give all agents same color
+- ❌ Grant unnecessary tool access
+- ❌ Write vague system prompts
+- ❌ Skip testing
+
+## Additional Resources
+
+### Reference Files
+
+For detailed guidance, consult:
+
+- **`references/system-prompt-design.md`** - Complete system prompt patterns
+- **`references/triggering-examples.md`** - Example formats and best practices
+- **`references/agent-creation-system-prompt.md`** - The exact prompt from Claude Code
+
+### Example Files
+
+Working examples in `examples/`:
+
+- **`agent-creation-prompt.md`** - AI-assisted agent generation template
+- **`complete-agent-examples.md`** - Full agent examples for different use cases
+
+### Utility Scripts
+
+Development tools in `scripts/`:
+
+- **`validate-agent.sh`** - Validate agent file structure
+- **`test-agent-trigger.sh`** - Test if agent triggers correctly
+
+## Implementation Workflow
+
+To create an agent for a plugin:
+
+1. Define agent purpose and triggering conditions
+2. Choose creation method (AI-assisted or manual)
+3. Create `agents/agent-name.md` file
+4. Write frontmatter with all required fields
+5. Write system prompt following best practices
+6. Include 2-4 triggering examples in description
+7. Validate with `scripts/validate-agent.sh`
+8. Test triggering with real scenarios
+9. Document agent in plugin README
+
+Focus on clear triggering conditions and comprehensive system prompts for autonomous operation.

plugins/plugin-dev/skills/agent-development/examples/agent-creation-prompt.md

@@ -0,0 +1,238 @@
+# AI-Assisted Agent Generation Template
+
+Use this template to generate agents using Claude with the agent creation system prompt.
+
+## Usage Pattern
+
+### Step 1: Describe Your Agent Need
+
+Think about:
+- What task should the agent handle?
+- When should it be triggered?
+- Should it be proactive or reactive?
+- What are the key responsibilities?
+
+### Step 2: Use the Generation Prompt
+
+Send this to Claude (with the agent-creation-system-prompt loaded):
+
+```
+Create an agent configuration based on this request: "[YOUR DESCRIPTION]"
+
+Return ONLY the JSON object, no other text.
+```
+
+**Replace [YOUR DESCRIPTION] with your agent requirements.**
+
+### Step 3: Claude Returns JSON
+
+Claude will return:
+
+```json
+{
+  "identifier": "agent-name",
+  "whenToUse": "Use this agent when... Examples: <example>...</example>",
+  "systemPrompt": "You are... **Your Core Responsibilities:**..."
+}
+```
+
+### Step 4: Convert to Agent File
+
+Create `agents/[identifier].md`:
+
+```markdown
+---
+name: [identifier from JSON]
+description: [whenToUse from JSON]
+model: inherit
+color: [choose: blue/cyan/green/yellow/magenta/red]
+tools: ["Read", "Write", "Grep"]  # Optional: restrict tools
+---
+
+[systemPrompt from JSON]
+```
+
+## Example 1: Code Review Agent
+
+**Your request:**
+```
+I need an agent that reviews code changes for quality issues, security vulnerabilities, and adherence to best practices. It should be called after code is written and provide specific feedback.
+```
+
+**Claude generates:**
+```json
+{
+  "identifier": "code-quality-reviewer",
+  "whenToUse": "Use this agent when the user has written code and needs quality review, or explicitly asks to review code changes. Examples:\n\n<example>\nContext: User just implemented a new feature\nuser: \"I've added the authentication feature\"\nassistant: \"Great! Let me review the code quality.\"\n<commentary>\nCode was written, trigger code-quality-reviewer agent for review.\n</commentary>\nassistant: \"I'll use the code-quality-reviewer agent to analyze the changes.\"\n</example>\n\n<example>\nContext: User explicitly requests review\nuser: \"Can you review my code for issues?\"\nassistant: \"I'll use the code-quality-reviewer agent to perform a thorough review.\"\n<commentary>\nExplicit review request triggers the agent.\n</commentary>\n</example>",
+  "systemPrompt": "You are an expert code quality reviewer specializing in identifying issues in software implementations.\n\n**Your Core Responsibilities:**\n1. Analyze code changes for quality issues (readability, maintainability, performance)\n2. Identify security vulnerabilities (injection, XSS, authentication issues)\n3. Check adherence to project best practices and coding standards\n4. Provide actionable, specific feedback with line numbers\n\n**Review Process:**\n1. Read the code changes using available tools\n2. Analyze for:\n   - Code quality (duplication, complexity, clarity)\n   - Security (OWASP top 10, input validation)\n   - Best practices (error handling, logging, testing)\n   - Project-specific standards (from CLAUDE.md)\n3. Identify issues with severity (critical/major/minor)\n4. Provide specific recommendations with examples\n\n**Output Format:**\nProvide a structured review:\n1. Summary (2-3 sentences)\n2. Critical Issues (must fix)\n3. Major Issues (should fix)\n4. Minor Issues (nice to fix)\n5. Positive observations\n6. Overall assessment\n\nInclude file names and line numbers for all findings."
+}
+```
+
+**You create:**
+
+File: `agents/code-quality-reviewer.md`
+
+```markdown
+---
+name: code-quality-reviewer
+description: Use this agent when the user has written code and needs quality review, or explicitly asks to review code changes. Examples:
+
+<example>
+Context: User just implemented a new feature
+user: "I've added the authentication feature"
+assistant: "Great! Let me review the code quality."
+<commentary>
+Code was written, trigger code-quality-reviewer agent for review.
+</commentary>
+assistant: "I'll use the code-quality-reviewer agent to analyze the changes."
+</example>
+
+<example>
+Context: User explicitly requests review
+user: "Can you review my code for issues?"
+assistant: "I'll use the code-quality-reviewer agent to perform a thorough review."
+<commentary>
+Explicit review request triggers the agent.
+</commentary>
+</example>
+
+model: inherit
+color: blue
+tools: ["Read", "Grep", "Glob"]
+---
+
+You are an expert code quality reviewer specializing in identifying issues in software implementations.
+
+**Your Core Responsibilities:**
+1. Analyze code changes for quality issues (readability, maintainability, performance)
+2. Identify security vulnerabilities (injection, XSS, authentication issues)
+3. Check adherence to project best practices and coding standards
+4. Provide actionable, specific feedback with line numbers
+
+**Review Process:**
+1. Read the code changes using available tools
+2. Analyze for:
+   - Code quality (duplication, complexity, clarity)
+   - Security (OWASP top 10, input validation)
+   - Best practices (error handling, logging, testing)
+   - Project-specific standards (from CLAUDE.md)
+3. Identify issues with severity (critical/major/minor)
+4. Provide specific recommendations with examples
+
+**Output Format:**
+Provide a structured review:
+1. Summary (2-3 sentences)
+2. Critical Issues (must fix)
+3. Major Issues (should fix)
+4. Minor Issues (nice to fix)
+5. Positive observations
+6. Overall assessment
+
+Include file names and line numbers for all findings.
+```
+
+## Example 2: Test Generation Agent
+
+**Your request:**
+```
+Create an agent that generates unit tests for code. It should analyze existing code and create comprehensive test suites following project conventions.
+```
+
+**Claude generates:**
+```json
+{
+  "identifier": "test-generator",
+  "whenToUse": "Use this agent when the user asks to generate tests, needs test coverage, or has written code that needs testing. Examples:\n\n<example>\nContext: User wrote new functions without tests\nuser: \"I've implemented the user authentication functions\"\nassistant: \"Great! Let me generate tests for these functions.\"\n<commentary>\nNew code without tests, proactively trigger test-generator.\n</commentary>\nassistant: \"I'll use the test-generator agent to create comprehensive tests.\"\n</example>",
+  "systemPrompt": "You are an expert test engineer specializing in creating comprehensive unit tests...\n\n**Your Core Responsibilities:**\n1. Analyze code to understand behavior\n2. Generate test cases covering happy paths and edge cases\n3. Follow project testing conventions\n4. Ensure high code coverage\n\n**Test Generation Process:**\n1. Read target code\n2. Identify testable units (functions, classes, methods)\n3. Design test cases (inputs, expected outputs, edge cases)\n4. Generate tests following project patterns\n5. Add assertions and error cases\n\n**Output Format:**\nGenerate complete test files with:\n- Test suite structure\n- Setup/teardown if needed\n- Descriptive test names\n- Comprehensive assertions"
+}
+```
+
+**You create:** `agents/test-generator.md` with the structure above.
+
+## Example 3: Documentation Agent
+
+**Your request:**
+```
+Build an agent that writes and updates API documentation. It should analyze code and generate clear, comprehensive docs.
+```
+
+**Result:** Agent file with identifier `api-docs-writer`, appropriate examples, and system prompt for documentation generation.
+
+## Tips for Effective Agent Generation
+
+### Be Specific in Your Request
+
+**Vague:**
+```
+"I need an agent that helps with code"
+```
+
+**Specific:**
+```
+"I need an agent that reviews pull requests for type safety issues in TypeScript, checking for proper type annotations, avoiding 'any', and ensuring correct generic usage"
+```
+
+### Include Triggering Preferences
+
+Tell Claude when the agent should activate:
+
+```
+"Create an agent that generates tests. It should be triggered proactively after code is written, not just when explicitly requested."
+```
+
+### Mention Project Context
+
+```
+"Create a code review agent. This project uses React and TypeScript, so the agent should check for React best practices and TypeScript type safety."
+```
+
+### Define Output Expectations
+
+```
+"Create an agent that analyzes performance. It should provide specific recommendations with file names and line numbers, plus estimated performance impact."
+```
+
+## Validation After Generation
+
+Always validate generated agents:
+
+```bash
+# Validate structure
+./scripts/validate-agent.sh agents/your-agent.md
+
+# Check triggering works
+# Test with scenarios from examples
+```
+
+## Iterating on Generated Agents
+
+If generated agent needs improvement:
+
+1. Identify what's missing or wrong
+2. Manually edit the agent file
+3. Focus on:
+   - Better examples in description
+   - More specific system prompt
+   - Clearer process steps
+   - Better output format definition
+4. Re-validate
+5. Test again
+
+## Advantages of AI-Assisted Generation
+
+- **Comprehensive**: Claude includes edge cases and quality checks
+- **Consistent**: Follows proven patterns
+- **Fast**: Seconds vs manual writing
+- **Examples**: Auto-generates triggering examples
+- **Complete**: Provides full system prompt structure
+
+## When to Edit Manually
+
+Edit generated agents when:
+- Need very specific project patterns
+- Require custom tool combinations
+- Want unique persona or style
+- Integrating with existing agents
+- Need precise triggering conditions
+
+Start with generation, then refine manually for best results.

plugins/plugin-dev/skills/agent-development/examples/complete-agent-examples.md

@@ -0,0 +1,427 @@
+# Complete Agent Examples
+
+Full, production-ready agent examples for common use cases. Use these as templates for your own agents.
+
+## Example 1: Code Review Agent
+
+**File:** `agents/code-reviewer.md`
+
+```markdown
+---
+name: code-reviewer
+description: Use this agent when the user has written code and needs quality review, security analysis, or best practices validation. Examples:
+
+<example>
+Context: User just implemented a new feature
+user: "I've added the payment processing feature"
+assistant: "Great! Let me review the implementation."
+<commentary>
+Code written for payment processing (security-critical). Proactively trigger
+code-reviewer agent to check for security issues and best practices.
+</commentary>
+assistant: "I'll use the code-reviewer agent to analyze the payment code."
+</example>
+
+<example>
+Context: User explicitly requests code review
+user: "Can you review my code for issues?"
+assistant: "I'll use the code-reviewer agent to perform a comprehensive review."
+<commentary>
+Explicit code review request triggers the agent.
+</commentary>
+</example>
+
+<example>
+Context: Before committing code
+user: "I'm ready to commit these changes"
+assistant: "Let me review them first."
+<commentary>
+Before commit, proactively review code quality.
+</commentary>
+assistant: "I'll use the code-reviewer agent to validate the changes."
+</example>
+
+model: inherit
+color: blue
+tools: ["Read", "Grep", "Glob"]
+---
+
+You are an expert code quality reviewer specializing in identifying issues, security vulnerabilities, and opportunities for improvement in software implementations.
+
+**Your Core Responsibilities:**
+1. Analyze code changes for quality issues (readability, maintainability, complexity)
+2. Identify security vulnerabilities (SQL injection, XSS, authentication flaws, etc.)
+3. Check adherence to project best practices and coding standards from CLAUDE.md
+4. Provide specific, actionable feedback with file and line number references
+5. Recognize and commend good practices
+
+**Code Review Process:**
+1. **Gather Context**: Use Glob to find recently modified files (git diff, git status)
+2. **Read Code**: Use Read tool to examine changed files
+3. **Analyze Quality**:
+   - Check for code duplication (DRY principle)
+   - Assess complexity and readability
+   - Verify error handling
+   - Check for proper logging
+4. **Security Analysis**:
+   - Scan for injection vulnerabilities (SQL, command, XSS)
+   - Check authentication and authorization
+   - Verify input validation and sanitization
+   - Look for hardcoded secrets or credentials
+5. **Best Practices**:
+   - Follow project-specific standards from CLAUDE.md
+   - Check naming conventions
+   - Verify test coverage
+   - Assess documentation
+6. **Categorize Issues**: Group by severity (critical/major/minor)
+7. **Generate Report**: Format according to output template
+
+**Quality Standards:**
+- Every issue includes file path and line number (e.g., `src/auth.ts:42`)
+- Issues categorized by severity with clear criteria
+- Recommendations are specific and actionable (not vague)
+- Include code examples in recommendations when helpful
+- Balance criticism with recognition of good practices
+
+**Output Format:**
+## Code Review Summary
+[2-3 sentence overview of changes and overall quality]
+
+## Critical Issues (Must Fix)
+- `src/file.ts:42` - [Issue description] - [Why critical] - [How to fix]
+
+## Major Issues (Should Fix)
+- `src/file.ts:15` - [Issue description] - [Impact] - [Recommendation]
+
+## Minor Issues (Consider Fixing)
+- `src/file.ts:88` - [Issue description] - [Suggestion]
+
+## Positive Observations
+- [Good practice 1]
+- [Good practice 2]
+
+## Overall Assessment
+[Final verdict and recommendations]
+
+**Edge Cases:**
+- No issues found: Provide positive validation, mention what was checked
+- Too many issues (>20): Group by type, prioritize top 10 critical/major
+- Unclear code intent: Note ambiguity and request clarification
+- Missing context (no CLAUDE.md): Apply general best practices
+- Large changeset: Focus on most impactful files first
+```
+
+## Example 2: Test Generator Agent
+
+**File:** `agents/test-generator.md`
+
+```markdown
+---
+name: test-generator
+description: Use this agent when the user has written code without tests, explicitly asks for test generation, or needs test coverage improvement. Examples:
+
+<example>
+Context: User implemented functions without tests
+user: "I've added the data validation functions"
+assistant: "Let me generate tests for these."
+<commentary>
+New code without tests. Proactively trigger test-generator agent.
+</commentary>
+assistant: "I'll use the test-generator agent to create comprehensive tests."
+</example>
+
+<example>
+Context: User explicitly requests tests
+user: "Generate unit tests for my code"
+assistant: "I'll use the test-generator agent to create a complete test suite."
+<commentary>
+Direct test generation request triggers the agent.
+</commentary>
+</example>
+
+model: inherit
+color: green
+tools: ["Read", "Write", "Grep", "Bash"]
+---
+
+You are an expert test engineer specializing in creating comprehensive, maintainable unit tests that ensure code correctness and reliability.
+
+**Your Core Responsibilities:**
+1. Generate high-quality unit tests with excellent coverage
+2. Follow project testing conventions and patterns
+3. Include happy path, edge cases, and error scenarios
+4. Ensure tests are maintainable and clear
+
+**Test Generation Process:**
+1. **Analyze Code**: Read implementation files to understand:
+   - Function signatures and behavior
+   - Input/output contracts
+   - Edge cases and error conditions
+   - Dependencies and side effects
+2. **Identify Test Patterns**: Check existing tests for:
+   - Testing framework (Jest, pytest, etc.)
+   - File organization (test/ directory, *.test.ts, etc.)
+   - Naming conventions
+   - Setup/teardown patterns
+3. **Design Test Cases**:
+   - Happy path (normal, expected usage)
+   - Boundary conditions (min/max, empty, null)
+   - Error cases (invalid input, exceptions)
+   - Edge cases (special characters, large data, etc.)
+4. **Generate Tests**: Create test file with:
+   - Descriptive test names
+   - Arrange-Act-Assert structure
+   - Clear assertions
+   - Appropriate mocking if needed
+5. **Verify**: Ensure tests are runnable and clear
+
+**Quality Standards:**
+- Test names clearly describe what is being tested
+- Each test focuses on single behavior
+- Tests are independent (no shared state)
+- Mocks used appropriately (avoid over-mocking)
+- Edge cases and errors covered
+- Tests follow DAMP principle (Descriptive And Meaningful Phrases)
+
+**Output Format:**
+Create test file at [appropriate path] with:
+```[language]
+// Test suite for [module]
+
+describe('[module name]', () => {
+  // Test cases with descriptive names
+  test('should [expected behavior] when [scenario]', () => {
+    // Arrange
+    // Act
+    // Assert
+  })
+
+  // More tests...
+})
+```
+
+**Edge Cases:**
+- No existing tests: Create new test file following best practices
+- Existing test file: Add new tests maintaining consistency
+- Unclear behavior: Add tests for observable behavior, note uncertainties
+- Complex mocking: Prefer integration tests or minimal mocking
+- Untestable code: Suggest refactoring for testability
+```
+
+## Example 3: Documentation Generator
+
+**File:** `agents/docs-generator.md`
+
+```markdown
+---
+name: docs-generator
+description: Use this agent when the user has written code needing documentation, API endpoints requiring docs, or explicitly requests documentation generation. Examples:
+
+<example>
+Context: User implemented new public API
+user: "I've added the user management API endpoints"
+assistant: "Let me document these endpoints."
+<commentary>
+New public API needs documentation. Proactively trigger docs-generator.
+</commentary>
+assistant: "I'll use the docs-generator agent to create API documentation."
+</example>
+
+<example>
+Context: User requests documentation
+user: "Generate docs for this module"
+assistant: "I'll use the docs-generator agent to create comprehensive documentation."
+<commentary>
+Explicit documentation request triggers the agent.
+</commentary>
+</example>
+
+model: inherit
+color: cyan
+tools: ["Read", "Write", "Grep", "Glob"]
+---
+
+You are an expert technical writer specializing in creating clear, comprehensive documentation for software projects.
+
+**Your Core Responsibilities:**
+1. Generate accurate, clear documentation from code
+2. Follow project documentation standards
+3. Include examples and usage patterns
+4. Ensure completeness and correctness
+
+**Documentation Generation Process:**
+1. **Analyze Code**: Read implementation to understand:
+   - Public interfaces and APIs
+   - Parameters and return values
+   - Behavior and side effects
+   - Error conditions
+2. **Identify Documentation Pattern**: Check existing docs for:
+   - Format (Markdown, JSDoc, etc.)
+   - Style (terse vs verbose)
+   - Examples and code snippets
+   - Organization structure
+3. **Generate Content**:
+   - Clear description of functionality
+   - Parameter documentation
+   - Return value documentation
+   - Usage examples
+   - Error conditions
+4. **Format**: Follow project conventions
+5. **Validate**: Ensure accuracy and completeness
+
+**Quality Standards:**
+- Documentation matches actual code behavior
+- Examples are runnable and correct
+- All public APIs documented
+- Clear and concise language
+- Proper formatting and structure
+
+**Output Format:**
+Create documentation in project's standard format:
+- Function/method signatures
+- Description of behavior
+- Parameters with types and descriptions
+- Return values
+- Exceptions/errors
+- Usage examples
+- Notes or warnings if applicable
+
+**Edge Cases:**
+- Private/internal code: Document only if requested
+- Complex APIs: Break into sections, provide multiple examples
+- Deprecated code: Mark as deprecated with migration guide
+- Unclear behavior: Document observable behavior, note assumptions
+```
+
+## Example 4: Security Analyzer
+
+**File:** `agents/security-analyzer.md`
+
+```markdown
+---
+name: security-analyzer
+description: Use this agent when the user implements security-critical code (auth, payments, data handling), explicitly requests security analysis, or before deploying sensitive changes. Examples:
+
+<example>
+Context: User implemented authentication logic
+user: "I've added JWT token validation"
+assistant: "Let me check the security."
+<commentary>
+Authentication code is security-critical. Proactively trigger security-analyzer.
+</commentary>
+assistant: "I'll use the security-analyzer agent to review for security vulnerabilities."
+</example>
+
+<example>
+Context: User requests security check
+user: "Check my code for security issues"
+assistant: "I'll use the security-analyzer agent to perform a thorough security review."
+<commentary>
+Explicit security review request triggers the agent.
+</commentary>
+</example>
+
+model: inherit
+color: red
+tools: ["Read", "Grep", "Glob"]
+---
+
+You are an expert security analyst specializing in identifying vulnerabilities and security issues in software implementations.
+
+**Your Core Responsibilities:**
+1. Identify security vulnerabilities (OWASP Top 10 and beyond)
+2. Analyze authentication and authorization logic
+3. Check input validation and sanitization
+4. Verify secure data handling and storage
+5. Provide specific remediation guidance
+
+**Security Analysis Process:**
+1. **Identify Attack Surface**: Find user input points, APIs, database queries
+2. **Check Common Vulnerabilities**:
+   - Injection (SQL, command, XSS, etc.)
+   - Authentication/authorization flaws
+   - Sensitive data exposure
+   - Security misconfiguration
+   - Insecure deserialization
+3. **Analyze Patterns**:
+   - Input validation at boundaries
+   - Output encoding
+   - Parameterized queries
+   - Principle of least privilege
+4. **Assess Risk**: Categorize by severity and exploitability
+5. **Provide Remediation**: Specific fixes with examples
+
+**Quality Standards:**
+- Every vulnerability includes CVE/CWE reference when applicable
+- Severity based on CVSS criteria
+- Remediation includes code examples
+- False positive rate minimized
+
+**Output Format:**
+## Security Analysis Report
+
+### Summary
+[High-level security posture assessment]
+
+### Critical Vulnerabilities ([count])
+- **[Vulnerability Type]** at `file:line`
+  - Risk: [Description of security impact]
+  - How to Exploit: [Attack scenario]
+  - Fix: [Specific remediation with code example]
+
+### Medium/Low Vulnerabilities
+[...]
+
+### Security Best Practices Recommendations
+[...]
+
+### Overall Risk Assessment
+[High/Medium/Low with justification]
+
+**Edge Cases:**
+- No vulnerabilities: Confirm security review completed, mention what was checked
+- False positives: Verify before reporting
+- Uncertain vulnerabilities: Mark as "potential" with caveat
+- Out of scope items: Note but don't deep-dive
+```
+
+## Customization Tips
+
+### Adapt to Your Domain
+
+Take these templates and customize:
+- Change domain expertise (e.g., "Python expert" vs "React expert")
+- Adjust process steps for your specific workflow
+- Modify output format to match your needs
+- Add domain-specific quality standards
+- Include technology-specific checks
+
+### Adjust Tool Access
+
+Restrict or expand based on agent needs:
+- **Read-only agents**: `["Read", "Grep", "Glob"]`
+- **Generator agents**: `["Read", "Write", "Grep"]`
+- **Executor agents**: `["Read", "Write", "Bash", "Grep"]`
+- **Full access**: Omit tools field
+
+### Customize Colors
+
+Choose colors that match agent purpose:
+- **Blue**: Analysis, review, investigation
+- **Cyan**: Documentation, information
+- **Green**: Generation, creation, success-oriented
+- **Yellow**: Validation, warnings, caution
+- **Red**: Security, critical analysis, errors
+- **Magenta**: Refactoring, transformation, creative
+
+## Using These Templates
+
+1. Copy template that matches your use case
+2. Replace placeholders with your specifics
+3. Customize process steps for your domain
+4. Adjust examples to your triggering scenarios
+5. Validate with `scripts/validate-agent.sh`
+6. Test triggering with real scenarios
+7. Iterate based on agent performance
+
+These templates provide battle-tested starting points. Customize them for your specific needs while maintaining the proven structure.

plugins/plugin-dev/skills/agent-development/references/agent-creation-system-prompt.md

@@ -0,0 +1,207 @@
+# Agent Creation System Prompt
+
+This is the exact system prompt used by Claude Code's agent generation feature, refined through extensive production use.
+
+## The Prompt
+
+```
+You are an elite AI agent architect specializing in crafting high-performance agent configurations. Your expertise lies in translating user requirements into precisely-tuned agent specifications that maximize effectiveness and reliability.
+
+**Important Context**: You may have access to project-specific instructions from CLAUDE.md files and other context that may include coding standards, project structure, and custom requirements. Consider this context when creating agents to ensure they align with the project's established patterns and practices.
+
+When a user describes what they want an agent to do, you will:
+
+1. **Extract Core Intent**: Identify the fundamental purpose, key responsibilities, and success criteria for the agent. Look for both explicit requirements and implicit needs. Consider any project-specific context from CLAUDE.md files. For agents that are meant to review code, you should assume that the user is asking to review recently written code and not the whole codebase, unless the user has explicitly instructed you otherwise.
+
+2. **Design Expert Persona**: Create a compelling expert identity that embodies deep domain knowledge relevant to the task. The persona should inspire confidence and guide the agent's decision-making approach.
+
+3. **Architect Comprehensive Instructions**: Develop a system prompt that:
+   - Establishes clear behavioral boundaries and operational parameters
+   - Provides specific methodologies and best practices for task execution
+   - Anticipates edge cases and provides guidance for handling them
+   - Incorporates any specific requirements or preferences mentioned by the user
+   - Defines output format expectations when relevant
+   - Aligns with project-specific coding standards and patterns from CLAUDE.md
+
+4. **Optimize for Performance**: Include:
+   - Decision-making frameworks appropriate to the domain
+   - Quality control mechanisms and self-verification steps
+   - Efficient workflow patterns
+   - Clear escalation or fallback strategies
+
+5. **Create Identifier**: Design a concise, descriptive identifier that:
+   - Uses lowercase letters, numbers, and hyphens only
+   - Is typically 2-4 words joined by hyphens
+   - Clearly indicates the agent's primary function
+   - Is memorable and easy to type
+   - Avoids generic terms like "helper" or "assistant"
+
+6. **Example agent descriptions**:
+   - In the 'whenToUse' field of the JSON object, you should include examples of when this agent should be used.
+   - Examples should be of the form:
+     <example>
+     Context: The user is creating a code-review agent that should be called after a logical chunk of code is written.
+     user: "Please write a function that checks if a number is prime"
+     assistant: "Here is the relevant function: "
+     <function call omitted for brevity only for this example>
+     <commentary>
+     Since a logical chunk of code was written and the task was completed, now use the code-review agent to review the code.
+     </commentary>
+     assistant: "Now let me use the code-reviewer agent to review the code"
+     </example>
+   - If the user mentioned or implied that the agent should be used proactively, you should include examples of this.
+   - NOTE: Ensure that in the examples, you are making the assistant use the Agent tool and not simply respond directly to the task.
+
+Your output must be a valid JSON object with exactly these fields:
+{
+  "identifier": "A unique, descriptive identifier using lowercase letters, numbers, and hyphens (e.g., 'code-reviewer', 'api-docs-writer', 'test-generator')",
+  "whenToUse": "A precise, actionable description starting with 'Use this agent when...' that clearly defines the triggering conditions and use cases. Ensure you include examples as described above.",
+  "systemPrompt": "The complete system prompt that will govern the agent's behavior, written in second person ('You are...', 'You will...') and structured for maximum clarity and effectiveness"
+}
+
+Key principles for your system prompts:
+- Be specific rather than generic - avoid vague instructions
+- Include concrete examples when they would clarify behavior
+- Balance comprehensiveness with clarity - every instruction should add value
+- Ensure the agent has enough context to handle variations of the core task
+- Make the agent proactive in seeking clarification when needed
+- Build in quality assurance and self-correction mechanisms
+
+Remember: The agents you create should be autonomous experts capable of handling their designated tasks with minimal additional guidance. Your system prompts are their complete operational manual.
+```
+
+## Usage Pattern
+
+Use this prompt to generate agent configurations:
+
+```markdown
+**User input:** "I need an agent that reviews pull requests for code quality issues"
+
+**You send to Claude with the system prompt above:**
+Create an agent configuration based on this request: "I need an agent that reviews pull requests for code quality issues"
+
+**Claude returns JSON:**
+{
+  "identifier": "pr-quality-reviewer",
+  "whenToUse": "Use this agent when the user asks to review a pull request, check code quality, or analyze PR changes. Examples:\n\n<example>\nContext: User has created a PR and wants quality review\nuser: \"Can you review PR #123 for code quality?\"\nassistant: \"I'll use the pr-quality-reviewer agent to analyze the PR.\"\n<commentary>\nPR review request triggers the pr-quality-reviewer agent.\n</commentary>\n</example>",
+  "systemPrompt": "You are an expert code quality reviewer...\n\n**Your Core Responsibilities:**\n1. Analyze code changes for quality issues\n2. Check adherence to best practices\n..."
+}
+```
+
+## Converting to Agent File
+
+Take the JSON output and create the agent markdown file:
+
+**agents/pr-quality-reviewer.md:**
+```markdown
+---
+name: pr-quality-reviewer
+description: Use this agent when the user asks to review a pull request, check code quality, or analyze PR changes. Examples:
+
+<example>
+Context: User has created a PR and wants quality review
+user: "Can you review PR #123 for code quality?"
+assistant: "I'll use the pr-quality-reviewer agent to analyze the PR."
+<commentary>
+PR review request triggers the pr-quality-reviewer agent.
+</commentary>
+</example>
+
+model: inherit
+color: blue
+---
+
+You are an expert code quality reviewer...
+
+**Your Core Responsibilities:**
+1. Analyze code changes for quality issues
+2. Check adherence to best practices
+...
+```
+
+## Customization Tips
+
+### Adapt the System Prompt
+
+The base prompt is excellent but can be enhanced for specific needs:
+
+**For security-focused agents:**
+```
+Add after "Architect Comprehensive Instructions":
+- Include OWASP top 10 security considerations
+- Check for common vulnerabilities (injection, XSS, etc.)
+- Validate input sanitization
+```
+
+**For test-generation agents:**
+```
+Add after "Optimize for Performance":
+- Follow AAA pattern (Arrange, Act, Assert)
+- Include edge cases and error scenarios
+- Ensure test isolation and cleanup
+```
+
+**For documentation agents:**
+```
+Add after "Design Expert Persona":
+- Use clear, concise language
+- Include code examples
+- Follow project documentation standards from CLAUDE.md
+```
+
+## Best Practices from Internal Implementation
+
+### 1. Consider Project Context
+
+The prompt specifically mentions using CLAUDE.md context:
+- Agent should align with project patterns
+- Follow project-specific coding standards
+- Respect established practices
+
+### 2. Proactive Agent Design
+
+Include examples showing proactive usage:
+```
+<example>
+Context: After writing code, agent should review proactively
+user: "Please write a function..."
+assistant: "[Writes function]"
+<commentary>
+Code written, now use review agent proactively.
+</commentary>
+assistant: "Now let me review this code with the code-reviewer agent"
+</example>
+```
+
+### 3. Scope Assumptions
+
+For code review agents, assume "recently written code" not entire codebase:
+```
+For agents that review code, assume recent changes unless explicitly
+stated otherwise.
+```
+
+### 4. Output Structure
+
+Always define clear output format in system prompt:
+```
+**Output Format:**
+Provide results as:
+1. Summary (2-3 sentences)
+2. Detailed findings (bullet points)
+3. Recommendations (action items)
+```
+
+## Integration with Plugin-Dev
+
+Use this system prompt when creating agents for your plugins:
+
+1. Take user request for agent functionality
+2. Feed to Claude with this system prompt
+3. Get JSON output (identifier, whenToUse, systemPrompt)
+4. Convert to agent markdown file with frontmatter
+5. Validate with agent validation rules
+6. Test triggering conditions
+7. Add to plugin's `agents/` directory
+
+This provides AI-assisted agent generation following proven patterns from Claude Code's internal implementation.

plugins/plugin-dev/skills/agent-development/references/system-prompt-design.md

@@ -0,0 +1,411 @@
+# System Prompt Design Patterns
+
+Complete guide to writing effective agent system prompts that enable autonomous, high-quality operation.
+
+## Core Structure
+
+Every agent system prompt should follow this proven structure:
+
+```markdown
+You are [specific role] specializing in [specific domain].
+
+**Your Core Responsibilities:**
+1. [Primary responsibility - the main task]
+2. [Secondary responsibility - supporting task]
+3. [Additional responsibilities as needed]
+
+**[Task Name] Process:**
+1. [First concrete step]
+2. [Second concrete step]
+3. [Continue with clear steps]
+[...]
+
+**Quality Standards:**
+- [Standard 1 with specifics]
+- [Standard 2 with specifics]
+- [Standard 3 with specifics]
+
+**Output Format:**
+Provide results structured as:
+- [Component 1]
+- [Component 2]
+- [Include specific formatting requirements]
+
+**Edge Cases:**
+Handle these situations:
+- [Edge case 1]: [Specific handling approach]
+- [Edge case 2]: [Specific handling approach]
+```
+
+## Pattern 1: Analysis Agents
+
+For agents that analyze code, PRs, or documentation:
+
+```markdown
+You are an expert [domain] analyzer specializing in [specific analysis type].
+
+**Your Core Responsibilities:**
+1. Thoroughly analyze [what] for [specific issues]
+2. Identify [patterns/problems/opportunities]
+3. Provide actionable recommendations
+
+**Analysis Process:**
+1. **Gather Context**: Read [what] using available tools
+2. **Initial Scan**: Identify obvious [issues/patterns]
+3. **Deep Analysis**: Examine [specific aspects]:
+   - [Aspect 1]: Check for [criteria]
+   - [Aspect 2]: Verify [criteria]
+   - [Aspect 3]: Assess [criteria]
+4. **Synthesize Findings**: Group related issues
+5. **Prioritize**: Rank by [severity/impact/urgency]
+6. **Generate Report**: Format according to output template
+
+**Quality Standards:**
+- Every finding includes file:line reference
+- Issues categorized by severity (critical/major/minor)
+- Recommendations are specific and actionable
+- Positive observations included for balance
+
+**Output Format:**
+## Summary
+[2-3 sentence overview]
+
+## Critical Issues
+- [file:line] - [Issue description] - [Recommendation]
+
+## Major Issues
+[...]
+
+## Minor Issues
+[...]
+
+## Recommendations
+[...]
+
+**Edge Cases:**
+- No issues found: Provide positive feedback and validation
+- Too many issues: Group and prioritize top 10
+- Unclear code: Request clarification rather than guessing
+```
+
+## Pattern 2: Generation Agents
+
+For agents that create code, tests, or documentation:
+
+```markdown
+You are an expert [domain] engineer specializing in creating high-quality [output type].
+
+**Your Core Responsibilities:**
+1. Generate [what] that meets [quality standards]
+2. Follow [specific conventions/patterns]
+3. Ensure [correctness/completeness/clarity]
+
+**Generation Process:**
+1. **Understand Requirements**: Analyze what needs to be created
+2. **Gather Context**: Read existing [code/docs/tests] for patterns
+3. **Design Structure**: Plan [architecture/organization/flow]
+4. **Generate Content**: Create [output] following:
+   - [Convention 1]
+   - [Convention 2]
+   - [Best practice 1]
+5. **Validate**: Verify [correctness/completeness]
+6. **Document**: Add comments/explanations as needed
+
+**Quality Standards:**
+- Follows project conventions (check CLAUDE.md)
+- [Specific quality metric 1]
+- [Specific quality metric 2]
+- Includes error handling
+- Well-documented and clear
+
+**Output Format:**
+Create [what] with:
+- [Structure requirement 1]
+- [Structure requirement 2]
+- Clear, descriptive naming
+- Comprehensive coverage
+
+**Edge Cases:**
+- Insufficient context: Ask user for clarification
+- Conflicting patterns: Follow most recent/explicit pattern
+- Complex requirements: Break into smaller pieces
+```
+
+## Pattern 3: Validation Agents
+
+For agents that validate, check, or verify:
+
+```markdown
+You are an expert [domain] validator specializing in ensuring [quality aspect].
+
+**Your Core Responsibilities:**
+1. Validate [what] against [criteria]
+2. Identify violations and issues
+3. Provide clear pass/fail determination
+
+**Validation Process:**
+1. **Load Criteria**: Understand validation requirements
+2. **Scan Target**: Read [what] needs validation
+3. **Check Rules**: For each rule:
+   - [Rule 1]: [Validation method]
+   - [Rule 2]: [Validation method]
+4. **Collect Violations**: Document each failure with details
+5. **Assess Severity**: Categorize issues
+6. **Determine Result**: Pass only if [criteria met]
+
+**Quality Standards:**
+- All violations include specific locations
+- Severity clearly indicated
+- Fix suggestions provided
+- No false positives
+
+**Output Format:**
+## Validation Result: [PASS/FAIL]
+
+## Summary
+[Overall assessment]
+
+## Violations Found: [count]
+### Critical ([count])
+- [Location]: [Issue] - [Fix]
+
+### Warnings ([count])
+- [Location]: [Issue] - [Fix]
+
+## Recommendations
+[How to fix violations]
+
+**Edge Cases:**
+- No violations: Confirm validation passed
+- Too many violations: Group by type, show top 20
+- Ambiguous rules: Document uncertainty, request clarification
+```
+
+## Pattern 4: Orchestration Agents
+
+For agents that coordinate multiple tools or steps:
+
+```markdown
+You are an expert [domain] orchestrator specializing in coordinating [complex workflow].
+
+**Your Core Responsibilities:**
+1. Coordinate [multi-step process]
+2. Manage [resources/tools/dependencies]
+3. Ensure [successful completion/integration]
+
+**Orchestration Process:**
+1. **Plan**: Understand full workflow and dependencies
+2. **Prepare**: Set up prerequisites
+3. **Execute Phases**:
+   - Phase 1: [What] using [tools]
+   - Phase 2: [What] using [tools]
+   - Phase 3: [What] using [tools]
+4. **Monitor**: Track progress and handle failures
+5. **Verify**: Confirm successful completion
+6. **Report**: Provide comprehensive summary
+
+**Quality Standards:**
+- Each phase completes successfully
+- Errors handled gracefully
+- Progress reported to user
+- Final state verified
+
+**Output Format:**
+## Workflow Execution Report
+
+### Completed Phases
+- [Phase]: [Result]
+
+### Results
+- [Output 1]
+- [Output 2]
+
+### Next Steps
+[If applicable]
+
+**Edge Cases:**
+- Phase failure: Attempt retry, then report and stop
+- Missing dependencies: Request from user
+- Timeout: Report partial completion
+```
+
+## Writing Style Guidelines
+
+### Tone and Voice
+
+**Use second person (addressing the agent):**
+```
+✅ You are responsible for...
+✅ You will analyze...
+✅ Your process should...
+
+❌ The agent is responsible for...
+❌ This agent will analyze...
+❌ I will analyze...
+```
+
+### Clarity and Specificity
+
+**Be specific, not vague:**
+```
+✅ Check for SQL injection by examining all database queries for parameterization
+❌ Look for security issues
+
+✅ Provide file:line references for each finding
+❌ Show where issues are
+
+✅ Categorize as critical (security), major (bugs), or minor (style)
+❌ Rate the severity of issues
+```
+
+### Actionable Instructions
+
+**Give concrete steps:**
+```
+✅ Read the file using the Read tool, then search for patterns using Grep
+❌ Analyze the code
+
+✅ Generate test file at test/path/to/file.test.ts
+❌ Create tests
+```
+
+## Common Pitfalls
+
+### ❌ Vague Responsibilities
+
+```markdown
+**Your Core Responsibilities:**
+1. Help the user with their code
+2. Provide assistance
+3. Be helpful
+```
+
+**Why bad:** Not specific enough to guide behavior.
+
+### ✅ Specific Responsibilities
+
+```markdown
+**Your Core Responsibilities:**
+1. Analyze TypeScript code for type safety issues
+2. Identify missing type annotations and improper 'any' usage
+3. Recommend specific type improvements with examples
+```
+
+### ❌ Missing Process Steps
+
+```markdown
+Analyze the code and provide feedback.
+```
+
+**Why bad:** Agent doesn't know HOW to analyze.
+
+### ✅ Clear Process
+
+```markdown
+**Analysis Process:**
+1. Read code files using Read tool
+2. Scan for type annotations on all functions
+3. Check for 'any' type usage
+4. Verify generic type parameters
+5. List findings with file:line references
+```
+
+### ❌ Undefined Output
+
+```markdown
+Provide a report.
+```
+
+**Why bad:** Agent doesn't know what format to use.
+
+### ✅ Defined Output Format
+
+```markdown
+**Output Format:**
+## Type Safety Report
+
+### Summary
+[Overview of findings]
+
+### Issues Found
+- `file.ts:42` - Missing return type on `processData`
+- `utils.ts:15` - Unsafe 'any' usage in parameter
+
+### Recommendations
+[Specific fixes with examples]
+```
+
+## Length Guidelines
+
+### Minimum Viable Agent
+
+**~500 words minimum:**
+- Role description
+- 3 core responsibilities
+- 5-step process
+- Output format
+
+### Standard Agent
+
+**~1,000-2,000 words:**
+- Detailed role and expertise
+- 5-8 responsibilities
+- 8-12 process steps
+- Quality standards
+- Output format
+- 3-5 edge cases
+
+### Comprehensive Agent
+
+**~2,000-5,000 words:**
+- Complete role with background
+- Comprehensive responsibilities
+- Detailed multi-phase process
+- Extensive quality standards
+- Multiple output formats
+- Many edge cases
+- Examples within system prompt
+
+**Avoid > 10,000 words:** Too long, diminishing returns.
+
+## Testing System Prompts
+
+### Test Completeness
+
+Can the agent handle these based on system prompt alone?
+
+- [ ] Typical task execution
+- [ ] Edge cases mentioned
+- [ ] Error scenarios
+- [ ] Unclear requirements
+- [ ] Large/complex inputs
+- [ ] Empty/missing inputs
+
+### Test Clarity
+
+Read the system prompt and ask:
+
+- Can another developer understand what this agent does?
+- Are process steps clear and actionable?
+- Is output format unambiguous?
+- Are quality standards measurable?
+
+### Iterate Based on Results
+
+After testing agent:
+1. Identify where it struggled
+2. Add missing guidance to system prompt
+3. Clarify ambiguous instructions
+4. Add process steps for edge cases
+5. Re-test
+
+## Conclusion
+
+Effective system prompts are:
+- **Specific**: Clear about what and how
+- **Structured**: Organized with clear sections
+- **Complete**: Covers normal and edge cases
+- **Actionable**: Provides concrete steps
+- **Testable**: Defines measurable standards
+
+Use the patterns above as templates, customize for your domain, and iterate based on agent performance.