Plugin

security-scanning

Name: security-scanning
Author: engineerwithai

SAST analysis, dependency vulnerability scanning, OWASP Top 10 compliance, container security scanning, and automated security hardening

Component Overview

/security-dependencies, /security-hardening +1

Commands

security-auditor, Threat Modeling Expert

Agents

attack-tree-construction, sast-configuration +3

Skills

Hooks

MCP Servers

LSP Servers

Output Styles

Install

npx claudepluginhub EngineerWithAI/engineerwith-agents --plugin security-scanning

Component Details

Commands (3)

Dependency Vulnerability Scanning

/security-dependencies

You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across multiple ecosystems to identify vulnerabilities, assess risks, and provide automated remediation strategies.

Phase 1: Comprehensive Security Assessment

/security-hardening

Implement comprehensive security hardening with defense-in-depth strategy through coordinated multi-agent orchestration:

SAST Security Plugin

/security-sast

Static Application Security Testing (SAST) for code vulnerability analysis across multiple languages and frameworks

Agents (2)

security-auditor

/security-auditor

Expert security auditor specializing in DevSecOps, comprehensive cybersecurity, and compliance frameworks. Masters vulnerability assessment, threat modeling, secure authentication (OAuth2/OIDC), OWASP standards, cloud security, and security automation. Handles DevSecOps integration, compliance (GDPR/HIPAA/SOC2), and incident response. Use PROACTIVELY for security audits, DevSecOps, or compliance implementation.

Threat Modeling Expert

/threat-modeling-expert

Expert in threat modeling methodologies, security architecture review, and risk assessment. Masters STRIDE, PASTA, attack trees, and security requirement extraction. Use PROACTIVELY for security architecture reviews, threat identification, or building secure-by-design systems.

Skills (5)

attack-tree-construction

/skills/attack-tree-construction

Build comprehensive attack trees to visualize threat paths. Use when mapping attack scenarios, identifying defense gaps, or communicating security risks to stakeholders.

sast-configuration

/skills/sast-configuration

Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning, implementing DevSecOps practices, or automating code vulnerability detection.

security-requirement-extraction

/skills/security-requirement-extraction

Derive security requirements from threat models and business context. Use when translating threats into actionable requirements, creating security user stories, or building security test cases.

stride-analysis-patterns

/skills/stride-analysis-patterns

Apply STRIDE methodology to systematically identify threats. Use when analyzing system security, conducting threat modeling sessions, or creating security documentation.

threat-mitigation-mapping

/skills/threat-mitigation-mapping

Map identified threats to appropriate security controls and mitigations. Use when prioritizing security investments, creating remediation plans, or validating control effectiveness.

README

Claude Code Plugins: Orchestration and Automation

⚡ Updated for Opus 4.5, Sonnet 4.5 & Haiku 4.5 — Three-tier model strategy for optimal performance

🎯 Agent Skills Enabled — 107 specialized skills extend Claude's capabilities across plugins with progressive disclosure

A comprehensive production-ready system combining 99 specialized AI agents, 15 multi-agent workflow orchestrators, 107 agent skills, and 71 development tools organized into 67 focused, single-purpose plugins for Claude Code.

Overview

This unified repository provides everything needed for intelligent automation and multi-agent orchestration across modern software development:

67 Focused Plugins - Granular, single-purpose plugins optimized for minimal token usage and composability
99 Specialized Agents - Domain experts with deep knowledge across architecture, languages, infrastructure, quality, data/AI, documentation, business operations, and SEO
107 Agent Skills - Modular knowledge packages with progressive disclosure for specialized expertise
15 Workflow Orchestrators - Multi-agent coordination systems for complex operations like full-stack development, security hardening, ML pipelines, and incident response
71 Development Tools - Optimized utilities including project scaffolding, security scanning, test automation, and infrastructure setup

Key Features

Granular Plugin Architecture: 67 focused plugins optimized for minimal token usage
Comprehensive Tooling: 71 development tools including test generation, scaffolding, and security scanning
100% Agent Coverage: All plugins include specialized agents
Agent Skills: 107 specialized skills following for progressive disclosure and token efficiency
Clear Organization: 23 categories with 1-6 plugins each for easy discovery
Efficient Design: Average 3.4 components per plugin (follows Anthropic's 2-8 pattern)

How It Works

Each plugin is completely isolated with its own agents, commands, and skills:

Install only what you need - Each plugin loads only its specific agents, commands, and skills
Minimal token usage - No unnecessary resources loaded into context
Mix and match - Compose multiple plugins for complex workflows
Clear boundaries - Each plugin has a single, focused purpose
Progressive disclosure - Skills load knowledge only when activated

Example: Installing python-development loads 3 Python agents, 1 scaffolding tool, and makes 5 skills available (~300 tokens), not the entire marketplace.

Quick Start

Step 1: Add the Marketplace

Add this marketplace to Claude Code:

/plugin marketplace add EngineerWithAI/engineerwith-agents

This makes all 67 plugins available for installation, but does not load any agents or tools into your context.

Step 2: Install Plugins

Browse available plugins:

/plugin

Install the plugins you need:

# Essential development plugins
/plugin install python-development          # Python with 5 specialized skills
/plugin install javascript-typescript       # JS/TS with 4 specialized skills
/plugin install backend-development         # Backend APIs with 3 architecture skills

# Infrastructure & operations
/plugin install kubernetes-operations       # K8s with 4 deployment skills
/plugin install cloud-infrastructure        # AWS/Azure/GCP with 4 cloud skills

# Security & quality
/plugin install security-scanning           # SAST with security skill
/plugin install code-review-ai             # AI-powered code review

# Full-stack orchestration
/plugin install full-stack-orchestration   # Multi-agent workflows

Each installed plugin loads only its specific agents, commands, and skills into Claude's context.

Documentation

Core Guides

Plugin Reference - Complete catalog of all 67 plugins
Agent Reference - All 99 agents organized by category
Agent Skills - 107 specialized skills with progressive disclosure
Usage Guide - Commands, workflows, and best practices
Architecture - Design principles and patterns

Quick Links

Installation - Get started in 2 steps
Essential Plugins - Top plugins for immediate productivity
Command Reference - All slash commands organized by category
Multi-Agent Workflows - Pre-configured orchestration examples
Model Configuration - Haiku/Sonnet hybrid orchestration

What's New

View full README on GitHub

Similar Plugins

fullstack-dev-skills

8.4k

165

Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.

Stats

Version1.2.2

Parent Repo Stars0

MaintenanceGood

LicenseMIT

AddedJan 11, 2026

Actions

View on GitHub View README Plugin Marketplace JSON Homepage

Available In

claude-code-workflows

Safety Signals

Caution

Uses power tools

Uses Bash, Write, or Edit tools

Claude Code Plugins: Orchestration and Automation

⚡ Updated for Opus 4.5, Sonnet 4.5 & Haiku 4.5 — Three-tier model strategy for optimal performance

🎯 Agent Skills Enabled — 107 specialized skills extend Claude's capabilities across plugins with progressive disclosure

Overview

This unified repository provides everything needed for intelligent automation and multi-agent orchestration across modern software development:

67 Focused Plugins - Granular, single-purpose plugins optimized for minimal token usage and composability
99 Specialized Agents - Domain experts with deep knowledge across architecture, languages, infrastructure, quality, data/AI, documentation, business operations, and SEO
107 Agent Skills - Modular knowledge packages with progressive disclosure for specialized expertise
15 Workflow Orchestrators - Multi-agent coordination systems for complex operations like full-stack development, security hardening, ML pipelines, and incident response
71 Development Tools - Optimized utilities including project scaffolding, security scanning, test automation, and infrastructure setup

Key Features

Granular Plugin Architecture: 67 focused plugins optimized for minimal token usage
Comprehensive Tooling: 71 development tools including test generation, scaffolding, and security scanning
100% Agent Coverage: All plugins include specialized agents
Agent Skills: 107 specialized skills following for progressive disclosure and token efficiency
Clear Organization: 23 categories with 1-6 plugins each for easy discovery
Efficient Design: Average 3.4 components per plugin (follows Anthropic's 2-8 pattern)

How It Works

Each plugin is completely isolated with its own agents, commands, and skills:

Install only what you need - Each plugin loads only its specific agents, commands, and skills
Minimal token usage - No unnecessary resources loaded into context
Mix and match - Compose multiple plugins for complex workflows
Clear boundaries - Each plugin has a single, focused purpose
Progressive disclosure - Skills load knowledge only when activated

Example: Installing python-development loads 3 Python agents, 1 scaffolding tool, and makes 5 skills available (~300 tokens), not the entire marketplace.

Quick Start

Step 1: Add the Marketplace

Add this marketplace to Claude Code:

/plugin marketplace add EngineerWithAI/engineerwith-agents

This makes all 67 plugins available for installation, but does not load any agents or tools into your context.

Step 2: Install Plugins

Browse available plugins:

/plugin

Install the plugins you need:

# Essential development plugins
/plugin install python-development          # Python with 5 specialized skills
/plugin install javascript-typescript       # JS/TS with 4 specialized skills
/plugin install backend-development         # Backend APIs with 3 architecture skills

# Infrastructure & operations
/plugin install kubernetes-operations       # K8s with 4 deployment skills
/plugin install cloud-infrastructure        # AWS/Azure/GCP with 4 cloud skills

# Security & quality
/plugin install security-scanning           # SAST with security skill
/plugin install code-review-ai             # AI-powered code review

# Full-stack orchestration
/plugin install full-stack-orchestration   # Multi-agent workflows

Each installed plugin loads only its specific agents, commands, and skills into Claude's context.

Documentation

Core Guides

Plugin Reference - Complete catalog of all 67 plugins
Agent Reference - All 99 agents organized by category
Agent Skills - 107 specialized skills with progressive disclosure
Usage Guide - Commands, workflows, and best practices
Architecture - Design principles and patterns

Quick Links

Installation - Get started in 2 steps
Essential Plugins - Top plugins for immediate productivity
Command Reference - All slash commands organized by category
Multi-Agent Workflows - Pre-configured orchestration examples
Model Configuration - Haiku/Sonnet hybrid orchestration

security-scanning

Component Overview

Install

Component Details

Commands (3)

Agents (2)

Skills (5)

README

Claude Code Plugins: Orchestration and Automation

Overview

Key Features

How It Works

Quick Start

Step 1: Add the Marketplace

Step 2: Install Plugins

Documentation

Core Guides

Quick Links

What's New

Similar Plugins

fullstack-dev-skills

security-scanning

Component Overview

Install

Component Details

Commands (3)

Agents (2)

Skills (5)

README

Claude Code Plugins: Orchestration and Automation

Overview

Key Features

How It Works

Quick Start

Step 1: Add the Marketplace

Step 2: Install Plugins

Documentation

Core Guides

Quick Links

What's New

Similar Plugins

fullstack-dev-skills

everything-claude-code

everything-claude-code

prompts.chat

agent-teams

plugin-dev