WonderLab

Posted on May 20

One Open Source Project a Day (No. 70): Claude Plugins Official — A Complete Tour of Anthropic's Official Claude Code Plugin Ecosystem

#opensource #claude #mcp #agentskills

Introduction

"Plugins extend Claude Code with commands, agents, skills, hooks, and MCP servers."

This is the NO.70 article in the "One Open Source Project a Day" series. Today we are exploring claude-plugins-official.

This is Anthropic's officially maintained plugin registry on GitHub. If you have been using Claude Code lately, you have almost certainly seen the /plugin install command — this repository is the official plugin source behind that command.

20.2k Stars, 2.5k Forks, 669 open issues. Behind these numbers is a rapidly maturing ecosystem: Anthropic engineers have contributed 30+ plugins covering LSP support for 12 languages, a multi-agent PR review toolkit, Git workflow automation, and code quality analysis. 15 external partners — including GitHub, Firebase, Linear, and Terraform — have already joined.

But this article is not just about "what plugins exist." What deserves equal attention is the design of the plugin specification itself: a single plugin.json file, three extension mechanisms (Skills/Commands/MCP), and two trigger modes (user-invoked vs. model-invoked). Understanding this architecture means understanding the boundaries and possibilities of Claude Code extensibility.

What You Will Learn

The complete plugin directory structure of claude-plugins-official (internal vs. external plugins)
The Claude Code plugin specification: from plugin.json to Skills/Commands/MCP
Deep dives into five key plugins: pr-review-toolkit, agent-sdk-dev, code-review, hookify, commit-commands
How to build a spec-compliant Claude Code plugin from scratch
The current state of the external partner plugin ecosystem

Prerequisites

Familiarity with Claude Code (basic slash command usage)
A basic understanding of MCP (Model Context Protocol)
Interest in building your own Claude Code extensions

Project Background

Project Introduction

claude-plugins-official is Anthropic's official plugin registry, serving the Claude Code plugin ecosystem. It plays two roles simultaneously:

Plugin registry: Users install plugins via /plugin install <name>@claude-plugins-official
Development specification reference: plugins/example-plugin is the official complete reference implementation, demonstrating all extension mechanisms

The repository is divided into two main directories:

/plugins: Developed by Anthropic engineers, covering LSP, development workflows, code quality, output styles, and more
/external_plugins: Submitted by partners and the community, subject to quality and security review

Author/Team Introduction

This is a multi-contributor Anthropic internal project, with different engineers leading each plugin:

pr-review-toolkit: Daisy (daisy@anthropic.com)
agent-sdk-dev: Ashwin Bhat (ashwin@anthropic.com)
code-review: Boris Cherny (boris@anthropic.com)
frontend-design: Prithvi Rajasekaran + Alexander Bricken
commit-commands: Anthropic team

Project Stats

⭐ GitHub Stars: 20,200+
🍴 Forks: 2,500+
👁️ Watchers: 147
🐛 Open Issues: 669
💻 Languages: Python (31.6%), TypeScript (28.9%), HTML (19.5%), Shell (13.0%), JavaScript (7.0%)
🏷️ Topics: skills, mcp, claude-code
🌐 Repository: anthropics/claude-plugins-official
📖 Docs: code.claude.com/docs/en/plugins

Main Features

Core Utility

claude-plugins-official provides a standardized way to extend Claude Code's capabilities:

Native Claude Code capabilities
        ↓
  /plugin install <name>@claude-plugins-official
        ↓
  Extended Claude Code
  ├── New Slash Commands (user-invoked)
  ├── New Skills (model-auto-triggered)
  ├── New Agents (specialized task delegates)
  └── New MCP Tools (external service integrations)

Quick Start

Installing plugins (CLI):

# PR review toolkit
/plugin install pr-review-toolkit@claude-plugins-official

# Git commit command suite
/plugin install commit-commands@claude-plugins-official

# Agent SDK development tools
/plugin install agent-sdk-dev@claude-plugins-official

# Code review plugin
/plugin install code-review@claude-plugins-official

# Hook management tool
/plugin install hookify@claude-plugins-official

Installing plugins (UI):

In Claude Code, type: /plugin
→ Click "Discover"
→ Browse and install desired plugins

Installing external partner plugins:

# GitHub integration
/plugin install github@claude-plugins-official

# Linear project management
/plugin install linear@claude-plugins-official

# Firebase integration
/plugin install firebase@claude-plugins-official

# Terraform infrastructure
/plugin install terraform@claude-plugins-official

Plugin Directory Overview

Internal Plugins (/plugins)

Category	Plugins
LSP Language Support	clangd-lsp, csharp-lsp, gopls-lsp, jdtls-lsp, kotlin-lsp, lua-lsp, php-lsp, pyright-lsp, ruby-lsp, rust-analyzer-lsp, swift-lsp, typescript-lsp
Development Workflows	agent-sdk-dev, claude-code-setup, commit-commands, feature-dev, mcp-server-dev, plugin-dev, pr-review-toolkit, ralph-loop
Code Quality	code-modernization, code-review, code-simplifier, security-guidance
Output Styles	explanatory-output-style, learning-output-style
Utility Tools	claude-md-management, cwc-makers, frontend-design, hookify, math-olympiad, session-report, skill-creator
Reference	example-plugin

External Partner Plugins (/external_plugins): asana, context7, discord, fakechat, firebase, github, gitlab, greptile, imessage, laravel-boost, linear, playwright, serena, telegram, terraform

Five Key Plugins: Deep Dives

Plugin 1: pr-review-toolkit — Six Parallel PR Review Agents

This is arguably the most elegantly designed plugin in the entire directory: 6 specialized agents running in parallel, reviewing the same Pull Request from different angles simultaneously.

PR submitted
  ↓
comment-analyzer      ← Comment accuracy, documentation completeness, comment rot
pr-test-analyzer      ← Test coverage quality, edge cases, behavioral vs. line coverage
silent-failure-hunter ← Silent failures, empty catch blocks, missing error logging
type-design-analyzer  ← Type encapsulation, invariants (rated 1–10 on 4 dimensions)
code-reviewer         ← CLAUDE.md compliance, style, bugs (0–100 score)
code-simplifier       ← Readability, unnecessary complexity, redundant abstractions

Natural language triggering:

"Are the tests thorough?"                  → triggers pr-test-analyzer
"Check the error handling in the API client" → triggers silent-failure-hunter
"Is this documentation accurate?"           → triggers comment-analyzer
"Simplify this code"                        → triggers code-simplifier

Full PR review (trigger all agents at once):

"I'm ready to create this PR. Please:
1. Review test coverage
2. Check for silent failures
3. Verify code comments are accurate
4. Review any new types
5. General code review"

Recommended workflow:

Write code → code-reviewer
Fix issues → silent-failure-hunter (if error handling changed)
Add tests  → pr-test-analyzer
Document   → comment-analyzer
Polish     → code-simplifier
→ Create PR

Plugin 2: agent-sdk-dev — Agent SDK Project Scaffolding

This plugin compresses "building a Claude Agent SDK project from scratch" into a single command.

/new-sdk-app command (interactive project creation):

/new-sdk-app my-agent-project
# Interactive prompts:
# 1. Language: TypeScript or Python?
# 2. Agent type: coding / business / custom
# 3. Starting point: minimal / basic / specific example
# 4. Package manager: npm/yarn/pnpm or pip/poetry

What it does automatically:

Checks and installs the latest SDK version
Creates project file structure, .env.example, .gitignore
Runs type checking (TS) or syntax validation (Python)
Automatically runs the appropriate Verifier agent (validates the project against SDK best practices)

Two Verifier Agents:

# Python project verification
"Verify my Python Agent SDK application"
→ Checks: SDK installation, requirements.txt/pyproject.toml,
           SDK usage patterns, agent init/config, .env security, error handling

# TypeScript project verification
"Verify my TypeScript Agent SDK application"
→ Checks: SDK installation, tsconfig.json, type safety/imports,
           agent init/config, .env security, error handling

Verifier output format:

Overall Status: PASS / PASS WITH WARNINGS / FAIL
- Critical Issues (blocking functionality)
- Warnings (suboptimal patterns)
- Passed Checks
- Recommendations (with SDK documentation links)

Plugin 3: code-review — Confidence-Filtered 4-Agent Code Review

This plugin addresses the most common problem with AI code review: too many false positives.

How it works:

1. Pre-checks — Skip closed, draft, or trivial PRs
2. Collect CLAUDE.md guideline files from the repo
3. Summarize PR changes
4. Launch 4 parallel agents:
   - Agent #1 & #2 → CLAUDE.md compliance checks
   - Agent #3 → Bug detection (changed code only)
   - Agent #4 → Git blame/history context analysis
5. Score each issue 0–100 for confidence
6. Filter out issues below threshold (default: 80)
7. Post review comment with high-confidence issues only

Confidence scale:

Score	Meaning
0	Not confident, likely false positive
25	Somewhat confident, might be real
50	Moderately confident, real but minor
75	Highly confident, real and important
100	Absolutely certain, must fix

What gets filtered out:

Pre-existing issues not introduced by this PR
Code that looks buggy but isn't
Issues that linters will catch
Items with lint-ignore comments

Configuring the confidence threshold (in commands/code-review.md):

# Change 80 to your preferred threshold
Filter out any issues with a score less than 80.

Plugin 4: hookify — Create Claude Code Hooks in Plain English

Claude Code's Hooks feature (triggering custom logic before/after tool executions) requires manually editing complex JSON configuration. hookify eliminates that friction.

Core commands:

# Create a rule from plain English
/hookify Warn me when I use rm -rf commands

# Analyze recent conversation, auto-suggest behaviors to block
/hookify

# List all rules
/hookify:list

# Enable/disable rules interactively
/hookify:configure

Rules take effect immediately — no restart required.

Rule file format (stored as .claude/hookify.<name>.local.md):

---
name: block-dangerous-rm
enabled: true
event: bash
pattern: rm\s+-rf
action: block
---

⚠️ **Dangerous rm command detected!**

Please verify the path and ensure you have backups.

Advanced rules (multiple conditions):

---
name: warn-sensitive-files
enabled: true
event: file
action: warn
conditions:
  - field: file_path
    operator: regex_match
    pattern: \.env$|credentials|secrets
  - field: new_text
    operator: contains
    pattern: KEY
---

🔐 **Sensitive file edit detected!**

Event types and when they fire:

event	Fires when
`bash`	Before a Bash command executes
`file`	On file read/write operations
`prompt`	When the user submits a prompt
`stop`	When Claude is about to stop responding
`all`	All of the above

Practical rule examples:

# Block destructive commands
event: bash
pattern: rm\s+-rf|dd\s+if=|mkfs|format
action: block

# Warn about debug code
event: file
pattern: console\.log\(|debugger;
action: warn

# Require tests before stopping
event: stop
action: block
conditions:
  - field: transcript
    operator: not_contains
    pattern: npm test|pytest|cargo test

# Prevent hardcoded API keys in TypeScript
event: file
conditions:
  - field: file_path
    operator: regex_match
    pattern: \.tsx?$
  - field: new_text
    operator: regex_match
    pattern: (API_KEY|SECRET|TOKEN)\s*=\s*["']

Plugin 5: commit-commands — Three-Command Git Workflow

# Auto-generate commit message and commit
/commit

# Full one-command workflow: commit → push → create PR
/commit-push-pr

# Clean up local branches whose remotes have been deleted
/clean_gone

What /commit does:

Analyzes staged and unstaged changes
Reviews recent commit history to match repo style
Stages files and creates a commit message with Claude Code attribution
Automatically skips sensitive files (.env, credentials.json, etc.)

What /commit-push-pr does:

Creates a new branch if currently on main
Commits the changes
Pushes to origin
Creates a PR via GitHub CLI (includes Summary + test checklist)

Plugin Specification Deep Dive

Standard Plugin Directory Structure

plugin-name/
├── .claude-plugin/
│   └── plugin.json      # Plugin metadata (required)
├── .mcp.json            # MCP server config (optional)
├── skills/              # Skill definitions (preferred)
│   ├── my-skill/
│   │   └── SKILL.md     # Model-auto-triggered skill
│   └── my-command/
│       └── SKILL.md     # User-invoked slash command (also uses SKILL.md)
├── commands/            # Slash commands (legacy format)
│   └── my-command.md
├── agents/              # Agent definitions
└── README.md

The plugin.json Metadata Format

{
  "name": "my-plugin",
  "description": "A description of what this plugin does",
  "author": {
    "name": "Your Name",
    "email": "you@example.com"
  }
}

Deliberately minimal by design: only three fields — no version, no dependency declarations. A plugin's capabilities are determined by its directory contents, not its metadata.

Three Extension Mechanisms Compared

Mechanism 1: Skills (Recommended for new plugins)

# Model-auto-triggered (context-based)
---
name: security-review
description: Automatically trigger security review when security-related code is detected
version: 1.0.0
---

# User-invoked (becomes /skill-name command)
---
name: my-command
description: Short description shown in /help
argument-hint: <arg1> [optional-arg]
allowed-tools: [Read, Glob, Grep]
---

Mechanism 2: Commands (Legacy format, functionally equivalent)

# commands/my-command.md
---
# YAML frontmatter
---
# Command content (same as SKILL.md)

Mechanism 3: MCP Servers (External service integration)

// .mcp.json
{
  "my-service": {
    "type": "http",
    "url": "https://api.myservice.com/mcp"
  }
}

The Key Difference Between Two Skill Trigger Modes

Trigger Type	Activation	Best For
User-invoked	User types `/skill-name`	Explicit one-time operations (commit, review)
Model-auto-triggered	Claude judges from task context	Continuous context enhancement (output styles, security checks)

This distinction is critical: the frontend-design plugin is a perfect example of model-auto-triggered — the user simply says "create a dashboard" and Claude automatically applies that plugin's design principles, no explicit invocation required.

External Plugin Submission Process

To get your own plugin listed in the official directory:

1. Ensure your plugin meets quality and security standards
   ↓
2. Visit https://clau.de/plugin-directory-submission
   ↓
3. Fill out the plugin submission form
   ↓
4. Anthropic review (quality + security)
   ↓
5. Merged into /external_plugins directory

Review criteria (inferred from documentation):

Plugin must have a complete README and plugin.json
MCP servers, if used, must be clearly documented
No malicious code or unauthorized data collection
Must provide real value, not duplicate existing functionality

Project Links & Resources

Official Resources

🌟 GitHub: https://github.com/anthropics/claude-plugins-official
📖 Plugin Development Docs: code.claude.com/docs/en/plugins
📝 External Plugin Submission: clau.de/plugin-directory-submission
🔧 Reference Implementation: /plugins/example-plugin (best starting point for plugin development)

Target Audience

Power Claude Code users: Looking to extend their workflow capabilities with official plugins
Plugin developers: Learning how to build spec-compliant Claude Code plugins
Toolchain engineers: Connecting their own services to the Claude Code ecosystem via MCP servers
Engineering productivity leads: Building custom team plugins and standardizing development workflows

Summary

Key Takeaways

Plugin ecosystem:

30+ internal plugins: Covering LSP (12 languages), PR review, Git workflows, code quality, output styles, and other core development scenarios
15 external plugins: GitHub, Firebase, Linear, Terraform, and other mainstream tools already integrated
Unified installation: One command handles everything — /plugin install <name>@claude-plugins-official

Plugin specification:

Minimal metadata: plugin.json needs only name, description, and author
Three extension mechanisms: Skills (recommended) / Commands (legacy) / MCP Servers (external services)
Two trigger modes: User-invoked vs. model-auto-triggered based on context
Security awareness built in: Official docs explicitly note that Anthropic does not vouch for third-party MCP servers — trust verification is the user's responsibility

Core value of the five key plugins:

pr-review-toolkit: 6 parallel agents → multi-angle coverage, eliminating single-reviewer blind spots
agent-sdk-dev: One-command scaffolding + automatic Verifier → lower barrier to entry for Agent SDK
code-review: Confidence filtering (default threshold 80) → fewer false positives, focus on real issues
hookify: Natural language hook creation → no complex JSON config files
commit-commands: /commit-push-pr → full pipeline from code to PR in one command

One-Line Review

claude-plugins-official is not just a plugin directory — it is Anthropic's public answer to the question "how should AI tools be extended": minimize metadata, maximize compositional flexibility, let Skills appear in the right context automatically rather than forcing users to memorize commands.

Find more useful knowledge and interesting products on my Homepage

DEV Community