jfrog
By jfrog
Use the JFrog Platform from Claude Code: Artifactory repos and artifacts, security findings and exposures, Catalog package safety and downloads, workflows across the SDLC, and platform administration.
npx claudepluginhub anthropics/claude-plugins-official --plugin jfrogComponent Overview
Component Details
Skills (2)
Check JFrog Public Catalog and stored packages for a version, interpret catalog security signals, and download through Artifactory (Jfrog Platform locations, remote cache, curation-aware package managers, or repo proxy). Use when the user asks whether a package is safe, allowed, curated, or wants to download npm, Maven, PyPI, Go, or similar packages via JFrog. Do NOT use for pure CVE or vulnerability lookups (e.g. "details on CVE-2021-23337") — those are handled by the jfrog skill's Public security domain queries without this workflow.
Interact with the JFrog Platform via the JFrog CLI and REST/GraphQL APIs. Use this skill when the user wants to manage Artifactory repositories, upload or download artifacts, manage builds, configure permissions, manage users and groups, work with access tokens, configure JFrog CLI servers, search artifacts, manage properties, set up replication, manage JFrog Projects, run security audits or scans, look up CVE details, query exposures scan results from JFrog Advanced Security, manage release bundles and lifecycle operations, aggregate or export platform data, or perform any JFrog Platform administration task. Also use when the user mentions jf, jfrog, artifactory, xray, distribution, evidence, apptrust, onemodel, graphql, workers, mission control, curation, advanced security, exposures, or any JFrog product name.
Hooks (1)
README
JFrog Claude Plugin
JFrog integration for Claude Code: artifact management, security scanning, and supply-chain best practices.
This repository is the plugin: manifest at .claude-plugin/plugin.json, skills under skills/.
What's included
| Component | Path | Description |
|---|---|---|
| Manifest | .claude-plugin/plugin.json | Plugin id jfrog, version, metadata. |
| Skills | skills/ | skills/<name>/SKILL.md, invoked as /jfrog:<name> when the plugin is loaded. |
| MCP Gateway hook | hooks/hooks.json, scripts/inject-instructions.mjs, templates/jfrog-mcp-management.md | A SessionStart hook that injects MCP-management instructions into Claude's context so MCP servers can only be added/removed/listed through the JFrog MCP Gateway (@jfrog/mcp-gateway). |
Skills are vendored from jfrog/jfrog-skills; the pinned release and commit are in skills/VENDOR.md.
Prerequisites
- JFrog Platform access (Cloud or self-hosted).
- JFrog CLI (
jf) is used by several skills for authentication and REST API operations. It can be installed automatically if missing, or manually via Get JFrog CLI (installers and downloads) or the Install JFrog CLI documentation for full steps and troubleshooting.
Setup
Local development
From a clone of this repository (repository root is the plugin root):
claude --plugin-dir /path/to/claude-plugin
After Claude Code starts, use /help to confirm skills under the jfrog namespace (for example /jfrog:<skill-name>). Run /reload-plugins after you change plugin files.
Install from a marketplace
Plugins can be installed from catalogs described in Discover and install plugins once this repo is listed (for example in the official directory after submission).
Authentication details (for example browser login with jf) are described in individual skills where they apply.
Similar Plugins
devops-platform
Complete DevOps automation platform with CI/CD pipeline management, infrastructure as code, security scanning, and deployment automation. Includes hooks for config validation and MCP server for deployment tracking.
container-registry-manager
Manage container registries (ECR, GCR, Harbor)
glincker-claude-code-marketplace
Community-driven marketplace with specialized AI agents covering the full SDLC: code review, security scanning, deployment, and performance optimization.
security
Comprehensive security plugin: OWASP Top 10, authentication patterns, cryptography, API security, secrets management, supply chain security, DevSecOps, container security, zero trust, and threat modeling.
fullstack-dev-skills
Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.
Help us improve
Share bugs, ideas, or general feedback.