By denobotion
Comprehensive code review system with organization-wide standards.
You must invoke the bitwarden-code-review:bitwarden-code-reviewer agent to perform a comprehensive code review of a GitHub pull request or local changes.
You must invoke the bitwarden-code-reviewer agent to perform a comprehensive code review of a GitHub pull request or local changes.
Use when the user is addressing pull request review comments locally and asks for help evaluating, implementing, or drafting responses to reviewer feedback - requires technical rigor and verification, not performative agreement or blind implementation
Use this skill to validate findings during a code review. For each finding, run the rejection criteria and verification checks. If a finding fails any check, drop it.
Use this skill when categorizing code review findings into severity levels. Apply when determining which emoji and label to use for PR comments, deciding if an issue should be flagged at all, or classifying findings as CRITICAL, IMPORTANT, DEBT, SUGGESTED, or QUESTION.
Perform a rigorous, multi-agent code review with architecture-compliance, parallel quality/security analysis, finding validation, and severity audit. Use whenever the user asks for a structured, deep, thorough, multi-pass, or multi-agent code review — or a review that includes architecture/pattern compliance, confidence-scored findings, or a severity audit — even if they don't say the exact phrase "multi-agent". Prefer this over a single-agent review when the user wants high-signal findings with validation. Also use whenever the user asks for a code review across a commit range, time window, or N most recent commits in a locally checked-out repo (e.g. "review the last week of commits in bitwarden/server", "review the last 20 commits", "review changes since 2026-04-23") — these route to the commit-range mode below.
Use this skill when posting inline comments to GitHub pull requests. Apply when formatting comments following Bitwarden engineering standards with severity emojis, clear explanations, and actionable suggestions. Use after findings are classified and ready to post. DO NOT USE when posting summary comments.
Uses power tools
Uses Bash, Write, or Edit tools
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
A curated collection of plugins for AI-assisted development at Bitwarden. Enables discovery and distribution of quality-controlled plugins for use with Claude Code.
| Plugin | Version | Description |
|---|---|---|
| bitwarden-tech-lead | 2.1.0 | Tech lead for technical planning, architecture coherence, and surfacing patterns to Technical Strategy Ideas |
| bitwarden-atlassian-tools | 2.2.3 | Read-only Atlassian access via MCP server with deep Jira issue research skill |
| bitwarden-code-review | 1.11.0 | Autonomous code review agent following Bitwarden engineering standards with GitHub integration |
| bitwarden-delivery-tools | 1.1.0 | Delivery lifecycle skills: initiative funnel navigation, work transitions, commits, PRs, preflight checks, labeling |
| bitwarden-devops-engineer | 0.1.3 | DevOps engineering assistant: workflow compliance linting, action security auditing, and org-wide CI/CD remediation |
| bitwarden-init | 1.1.0 | Initialize and enhance CLAUDE.md files with Bitwarden's standardized template format |
| bitwarden-product-analyst | 0.1.5 | Product analyst agent for creating comprehensive Bitwarden requirements documents from multiple sources |
| bitwarden-security-engineer | 1.2.0 | Application security engineering: vulnerability triage, threat modeling, and secure code analysis |
| bitwarden-software-engineer | 0.4.1 | Comprehensive full-stack software engineering assistant proficient in modern software development at Bitwarden. |
| claude-config-validator | 1.1.1 | Validates Claude Code configuration files for security, structure, and quality |
| claude-retrospective | 1.1.1 | Analyze Claude Code sessions to identify successful patterns and improvement opportunities |
# Short form (GitHub owner/repo)
/plugin marketplace add bitwarden/ai-plugins
# Full GitHub URL
/plugin marketplace add https://github.com/bitwarden/ai-plugins
After adding the marketplace, restart Claude Code for the changes to take effect.
You can also use /plugin interactively to manage marketplaces and plugins through a guided interface.
Once the marketplace is added, install plugins using:
/plugin install plugin-name@bitwarden-marketplace
Plugins are installed to ~/.claude/plugins/ by default. Restart Claude Code after installing for the plugin to become active.
Third-party marketplaces don't auto-update by default. To enable automatic updates, open /plugin, go to Marketplaces, select this marketplace, and choose Enable auto-update. Claude Code will then refresh marketplace data and update installed plugins at startup.
You can also update manually at any time:
/plugin marketplace update bitwarden-marketplace
See CONTRIBUTING.md for plugin development guidelines, structure requirements, versioning rules, and the review process.
npx claudepluginhub denobotion/ai-plugins --plugin bitwarden-code-reviewTech lead agent for a Bitwarden product team. The team's primary technical resource — architects solutions in the team's domain, partners with the EM on scoping and backlog, partners with peer tech leads on cross-team architecture, and serves as the team's conduit for cross-team technical decisions.
Validates Claude Code configuration files for security, structure, and quality. Reviews CLAUDE.md, skills, agents, prompts, commands, and settings with comprehensive validation checklists.
GitHub Actions workflow compliance, action security auditing, and org-wide CI/CD remediation.
Comprehensive analysis of Claude Code sessions to identify successful patterns, problematic areas, and opportunities for improvement.
Read-only Atlassian access via MCP server with deep Jira issue research skill, JQL search, Confluence pages, CQL search, and attachments
Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.
Comprehensive .NET development skills for modern C#, ASP.NET, MAUI, Blazor, Aspire, EF Core, Native AOT, testing, security, performance optimization, CI/CD, and cloud-native applications
Harness-native ECC operator layer - 67 agents, 278 skills, 94 legacy command shims, reusable hooks, rules, selective install profiles, and production-ready workflows for Claude Code, Codex, OpenCode, Cursor, and related agent harnesses
Complete creative writing suite with 10 specialized agents covering the full writing process: research gathering, character development, story architecture, world-building, dialogue coaching, editing/review, outlining, content strategy, believability auditing, and prose style/voice analysis. Includes genre-specific guides, templates, and quality checklists.
Unity Development Toolkit - Expert agents for scripting/refactoring/optimization, script templates, and Agent Skills for Unity C# development
Evidence-gated AI coding workflow: scan → analyze → plan → TDD → execute → fix → verify → review, powered by Codebase Memory MCP >= 0.9.0 with optional Serena LSP intelligence. Includes blast-radius planning, test/cycle gates, independent review, and Windows Git Bash hook auto-resolution.