Common questions about Claude Code plugins answered - from installation to publishing your own.
Claude Code plugins are extensions that enhance Claude Code with additional functionality. They bundle five component types: slash commands (user-invoked shortcuts), subagents (specialized AI instances), skills (model-invoked capabilities Claude uses automatically), hooks (event-driven automation), and MCP servers (external tool connections). Plugins are distributed as GitHub repositories with a manifest file. Once installed, they seamlessly integrate into your Claude Code environment.
Installing plugins requires two simple commands. First, add the GitHub repository with "/plugin marketplace add owner/repo". Then install the plugin with "/plugin install plugin-name". After installation, plugins are immediately available. Manage plugins with "/plugin list" to see all, "/plugin enable plugin-name" to activate, "/plugin disable plugin-name" to turn off, and "/plugin uninstall plugin-name" to remove completely.
In Claude Code, "marketplaces" are sources for plugins - GitHub repositories or curated collections. The simplest approach is adding a GitHub repository directly (e.g., "/plugin marketplace add owner/repo"). ClaudePluginHub also generates themed collections that bundle related plugins. These are JSON catalogs that Claude Code reads to discover available plugins. The term "marketplace" is historical - think of it as "adding a plugin source."
Plugin safety depends on factors that ClaudePluginHub helps you evaluate. Trust signals include GitHub star counts, maintenance scores, repository activity, and manual review badges. Safety warnings appear for plugins with hooks (which execute code automatically) and MCP servers (which connect to external services). Review each plugin's README, check the GitHub repository, and start with well-maintained plugins from trusted authors.
Hooks are event handlers that execute automatically at specific lifecycle points in Claude Code - there are 10 events including PreToolUse, PostToolUse, PermissionRequest, UserPromptSubmit, SessionStart, SessionEnd, and more. They enable powerful automation but run without explicit user action. MCP (Model Context Protocol) servers connect to external tools, databases, and APIs using HTTP (recommended), Stdio, or SSE transports. Both require additional trust - ClaudePluginHub flags plugins using these features.
Commands and skills differ in how they're invoked. Commands are user-triggered - you explicitly type a slash command like "/deploy" to run them. Skills are model-invoked - Claude autonomously decides when to use them based on your request and the skill's description. If you need explicit control, use commands. If you want Claude to automatically apply expertise when relevant, use skills.
Publishing is automated. Create a GitHub repository with a ".claude-plugin" directory containing a valid "plugin.json" manifest. Add your components (commands, agents, skills) in the appropriate directories at the plugin root (not inside .claude-plugin). Include a README with usage instructions. Push to GitHub and ClaudePluginHub discovers your plugin within 30 minutes. Valid manifests are automatically approved.
Excellent plugins have clear documentation, valid and complete manifests, active maintenance, and solve specific problems well. They follow security best practices - minimizing hooks and external connections when possible, documenting required permissions. Good plugins include usage examples in the README, have well-structured code, and are transparent about data access.
ClaudePluginHub runs auto-discovery every 30 minutes, finding new plugins with valid manifests. SHA-based change detection (also every 30 minutes) compares repository commits against known versions - changes trigger re-ingestion. The ingestion queue processes every 15 minutes, updating metadata, READMEs, stars, and maintenance scores. New plugins appear within 30 minutes; updates are detected and processed quickly.
Explore our learning center for in-depth guides on plugins, safety, and development.