By friday-james
Security reminder hook that warns about potential security issues when editing files, including command injection, XSS, and unsafe code patterns
A curated directory of high-quality plugins for Claude Code.
⚠️ Important: Make sure you trust a plugin before installing, updating, or using it. Anthropic does not control what MCP servers, files, or other software are included in plugins and cannot verify that they will work as intended or that they won't change. See each plugin's homepage for more information.
/plugins - Internal plugins developed and maintained by Anthropic/external_plugins - Third-party plugins from partners and the communityPlugins can be installed directly from this marketplace via Claude Code's plugin system.
To install, run /plugin install {plugin-name}@claude-plugin-directory
or browse for the plugin in /plugin > Discover
Internal plugins are developed by Anthropic team members. See /plugins/example-plugin for a reference implementation.
Third-party partners can submit plugins for inclusion in the marketplace. External plugins must meet quality and security standards for approval.
Each plugin follows a standard structure:
plugin-name/
├── .claude-plugin/
│ └── plugin.json # Plugin metadata (required)
├── .mcp.json # MCP server configuration (optional)
├── commands/ # Slash commands (optional)
├── agents/ # Agent definitions (optional)
├── skills/ # Skill definitions (optional)
└── README.md # Documentation
For more information on developing Claude Code plugins, see the official documentation.
Modifies files
Hook triggers on file write and edit operations
Based on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimPython language server (Pyright) for type checking and code intelligence
TypeScript/JavaScript language server for enhanced code intelligence
C/C++ language server (clangd) for code intelligence
PHP language server (Intelephense) for code intelligence
Context engineering plugin - offloads large outputs to filesystem, saves 82% of message tokens
npx claudepluginhub friday-james/claude-plugins-james --plugin security-guidanceHarness-native ECC operator layer - 67 agents, 278 skills, 94 legacy command shims, reusable hooks, rules, selective install profiles, and production-ready workflows for Claude Code, Codex, OpenCode, Cursor, and related agent harnesses
Security review for Claude-generated code. Pattern-based warnings on edits, LLM-powered diff review on Stop, and an agentic commit reviewer that catches injection, XSS, SSRF, hardcoded secrets, and 25+ other vulnerability classes.
Complete collection of battle-tested Claude Code configs from an Anthropic hackathon winner - agents, skills, hooks, and rules evolved over 10+ months of intensive daily use