Discover and install extensions for Claude Code
SAST analysis, dependency vulnerability scanning, OWASP Top 10 compliance, container security scanning, and automated security hardening
End-to-end feature orchestration with testing, security, performance, and deployment
Dependency auditing, version management, and security vulnerability scanning
Multi-perspective code analysis covering architecture, security, and best practices
XSS prevention, CSRF protection, content security policies, mobile app security, and secure storage patterns
API security hardening, authentication implementation, authorization patterns, rate limiting, and input validation
Kubernetes manifest generation, networking configuration, security policies, observability setup, GitOps workflows, and auto-scaling
Content freshness analysis, cannibalization detection, and authority building for SEO
Essential developer skills including Git workflows, SQL optimization, error handling, code review, E2E testing, authentication, debugging, and monorepo management
Security reminder hook that warns about potential security issues when editing files, including command injection, XSS, and unsafe code patterns
Repomix MCP server for AI-powered codebase analysis. Pack local/remote repositories, search outputs, and read files with built-in security scanning. Foundation plugin that enables all Repomix features in Claude Code.
Randomly selects winners from lists, spreadsheets, or Google Sheets for giveaways and contests with cryptographically secure randomness.
Meta-skills for finding, using, and writing Agent Skills - enforces skill usage protocols and provides skill authoring guidance
Check dependencies for known vulnerabilities, outdated packages, and license compliance
Check infrastructure compliance (SOC2, HIPAA, PCI-DSS)
Assist with security incident response
Fuzz testing for APIs with malformed inputs, edge cases, and security vulnerability detection
Validate authentication implementations
Integrate with secrets managers (Vault, AWS Secrets Manager, etc)
Audit access control implementations
Validate CSRF protection
Check OWASP Top 10 compliance
Validate PCI DSS compliance
Validate CORS policies
Scan for GDPR compliance issues
Detect SQL injection vulnerabilities
Scan input validation practices
Automate database backups with scheduling, compression, encryption, and restore procedures
Generate compliance reports
Analyze HTTP security headers
Check session security implementation
Professional security tools for Claude Code: vulnerability scanning, compliance, cryptography audit, container & API security
Manage Kubernetes network policies and firewall rules
Scan containers for vulnerabilities using Trivy, Snyk, and other security tools
Encrypt and decrypt data with various algorithms
Scan codebase for exposed secrets, API keys, passwords, and sensitive credentials
Generate comprehensive security audit reports
Database plugin for database-security-scanner
Specialized security review subagent
Find security misconfigurations
Automated penetration testing for web applications with OWASP Top 10 coverage
Automated security vulnerability testing covering OWASP Top 10, SQL injection, XSS, CSRF, and authentication issues
Check HIPAA compliance
Assist with SOC2 audit preparation
Scan for XSS vulnerabilities
Scan for data privacy issues
Comprehensive vulnerability scanning for code, dependencies, and configurations with CVE detection
Create secure webhook endpoints with signature verification and retry logic
Scan APIs for security vulnerabilities and OWASP API Top 10
Build API gateway with routing, authentication, and rate limiting
Complete fullstack development toolkit: React, Express/FastAPI, PostgreSQL scaffolding with AI agents
Monitor cross-chain bridge activity, track transfers, analyze security, and detect bridge exploits
Production readiness validator for Vertex AI deployments and configurations
Track new token launches, detect rugpulls, and analyze contract security for early-stage crypto projects
Manage and monitor SSL/TLS certificates
Build authentication systems with JWT, OAuth2, and API keys
Terraform infrastructure as code for ADK and Vertex AI Agent Engine deployments
Official InsForge plugin for Claude Code with skills, templates, and commands for building full-stack applications with InsForge BaaS
Firestore database specialist for schema design, queries, and real-time sync
Publish and manage research papers on Hugging Face Hub. Supports creating paper pages, linking papers to models/datasets, claiming authorship, and generating professional markdown-based research articles.
Security code review skill based on Project CodeGuard's comprehensive security rules. Helps AI coding agents write secure code and prevent common vulnerabilities.
Use this agent when you need to design scalable architecture and folder structures for new features or projects. Examples include: when starting a new feature module, refactoring existing code organization, planning microservice boundaries, designing component hierarchies, or establishing project structure conventions. For example: user: 'I need to add a user authentication system to my app' -> assistant: 'I'll use the code-architect agent to design the architecture and folder structure for your authentication system' -> <uses agent>. Another example: user: 'How should I organize my e-commerce product catalog feature?' -> assistant: 'Let me use the code-architect agent to design a scalable structure for your product catalog' -> <uses agent>.
Use proactively for generating creative non-olympian Greek god names with rich backstories, mythological authenticity, and modern accessibility for storytelling projects
this is to analyze the PRs and solve the requested changes in them
Use this agent for comprehensive B2B security assessments, enterprise compliance validation, multi-tenant security reviews, and security audit preparation. This agent specializes in SOC 2, GDPR, ISO 27001 compliance and enterprise-grade security implementations for B2B SaaS platforms. Examples:
Use this agent when you need to create comprehensive Product Requirements Documents (PRDs) that combine business strategy, technical architecture, and user research. Examples: <example>Context: The user needs to create a PRD for a new feature or product launch. user: "I need to create a PRD for our new user authentication system that will support SSO and multi-factor authentication" assistant: "I'll use the prd-specialist agent to create a comprehensive PRD that covers the strategic foundation, technical requirements, and implementation blueprint for your authentication system."</example> <example>Context: The user is planning a major product initiative and needs strategic documentation. user: "We're launching a mobile app for our e-commerce platform and need a detailed PRD to guide development" assistant: "Let me engage the prd-specialist agent to develop a thorough PRD that includes market analysis, user research integration, technical architecture, and implementation roadmap for your mobile app initiative."</example>
Use this agent when you need to create TikTok marketing strategies, develop viral content ideas, plan TikTok campaigns, or optimize for TikTok's algorithm. This agent specializes in creating shareable moments and leveraging TikTok trends for app growth. Examples:\n\n<example>\nContext: Launching a new app and need TikTok strategy\nuser: "We're launching our phone anxiety app next week. How should we approach TikTok?"\nassistant: "TikTok will be crucial for your launch. Let me use the tiktok-strategist agent to create a comprehensive TikTok marketing strategy for your phone anxiety app."\n<commentary>\nNew app launches benefit from TikTok's viral potential and young user base.\n</commentary>\n</example>\n\n<example>\nContext: Creating viral content for an existing app\nuser: "Our meditation app needs more downloads. What kind of TikTok content should we make?"\nassistant: "I'll help you create viral TikTok content ideas. Let me use the tiktok-strategist agent to develop content that showcases your app in trending formats."\n<commentary>\nExisting apps can boost downloads through strategic TikTok content that fits platform culture.\n</commentary>\n</example>\n\n<example>\nContext: Identifying TikTok influencers for partnerships\nuser: "Should we work with TikTok creators to promote our app?"\nassistant: "Creator partnerships can be very effective. Let me use the tiktok-strategist agent to identify the right creators and collaboration strategies for your app."\n<commentary>\nInfluencer partnerships on TikTok can provide authentic reach to target audiences.\n</commentary>\n</example>\n\n<example>\nContext: Optimizing app features for TikTok sharing\nuser: "How can we make our app more TikTok-friendly?"\nassistant: "Making your app TikTok-native is smart. I'll use the tiktok-strategist agent to identify features and moments in your app that users would want to share on TikTok."\n<commentary>\nApps with built-in TikTok-worthy moments see higher organic growth through user-generated content.\n</commentary>\n</example>
Use this agent when code changes have been made and you need to write new tests, run existing tests, analyze failures, and fix them while maintaining test integrity. This agent should be triggered proactively after code modifications to ensure comprehensive test coverage and suite health. Examples:\n\n<example>\nContext: The user has just implemented a new feature or modified existing code.\nuser: "I've updated the user authentication logic to support OAuth"\nassistant: "I've successfully updated the authentication logic. Now let me run the test-writer-fixer agent to ensure all tests pass with these changes."\n<commentary>\nSince code changes were made, use the Task tool to launch the test-writer-fixer agent to run relevant tests and fix any failures.\n</commentary>\n</example>\n\n<example>\nContext: The user has refactored a module or changed function signatures.\nuser: "Please refactor this payment processing module to use async/await"\nassistant: "I've completed the refactoring to use async/await throughout the payment module."\n<function call omitted for brevity>\nassistant: "Now I'll use the test-writer-fixer agent to run the tests and fix any issues caused by the refactoring."\n<commentary>\nAfter refactoring code, proactively use the test-writer-fixer agent to ensure tests still pass.\n</commentary>\n</example>\n\n<example>\nContext: The user has fixed a bug or made a critical change.\nuser: "Fix the race condition in the data synchronization service"\nassistant: "I've identified and fixed the race condition by implementing proper locking mechanisms."\n<function call omitted for brevity>\nassistant: "Let me run the test-writer-fixer agent to verify the fix doesn't break existing functionality."\n<commentary>\nAfter bug fixes, use the test-writer-fixer agent to ensure the fix works and doesn't introduce regressions.\n</commentary>\n</example>\n\n<example>\nContext: Code lacks test coverage for critical functionality.\nuser: "Our payment processing module has no tests"\nassistant: "That's a critical gap. Let me use the test-writer-fixer agent to create comprehensive tests for the payment module including edge cases and error scenarios."\n<commentary>\nCritical modules without tests are high-risk areas that need immediate test coverage.\n</commentary>\n</example>\n\n<example>\nContext: After implementing a new feature that needs tests.\nuser: "I've added the social sharing functionality"\nassistant: "Great! The social sharing is implemented. Now let me use the test-writer-fixer agent to write tests that ensure this feature works correctly across different platforms."\n<commentary>\nNew features should always include comprehensive test coverage from the start.\n</commentary>\n</example>
Use this agent when designing APIs, building server-side logic, implementing databases, or architecting scalable backend systems. This agent specializes in creating robust, secure, and performant backend services. Examples:\n\n<example>\nContext: Designing a new API\nuser: "We need an API for our social sharing feature"\nassistant: "I'll design a RESTful API with proper authentication and rate limiting. Let me use the backend-architect agent to create a scalable backend architecture."\n<commentary>\nAPI design requires careful consideration of security, scalability, and maintainability.\n</commentary>\n</example>\n\n<example>\nContext: Database design and optimization\nuser: "Our queries are getting slow as we scale"\nassistant: "Database performance is critical at scale. I'll use the backend-architect agent to optimize queries and implement proper indexing strategies."\n<commentary>\nDatabase optimization requires deep understanding of query patterns and indexing strategies.\n</commentary>\n</example>\n\n<example>\nContext: Implementing authentication system\nuser: "Add OAuth2 login with Google and GitHub"\nassistant: "I'll implement secure OAuth2 authentication. Let me use the backend-architect agent to ensure proper token handling and security measures."\n<commentary>\nAuthentication systems require careful security considerations and proper implementation.\n</commentary>\n</example>
This is a detailed way you can analyze the GitHub issues and let Claude handle them in best possible way.
Expert code review specialist. Proactively reviews code for quality, security, and maintainability. Use immediately after writing or modifying code.
Use this agent when developing native iOS or Android applications, implementing React Native features, or optimizing mobile performance. This agent specializes in creating smooth, native-feeling mobile experiences. Examples:\n\n<example>\nContext: Building a new mobile app\nuser: "Create a TikTok-style video feed for our app"\nassistant: "I'll build a performant video feed with smooth scrolling. Let me use the mobile-app-builder agent to implement native performance optimizations."\n<commentary>\nVideo feeds require careful mobile optimization for smooth scrolling and memory management.\n</commentary>\n</example>\n\n<example>\nContext: Implementing mobile-specific features\nuser: "Add push notifications and biometric authentication"\nassistant: "I'll implement native push notifications and Face ID/fingerprint auth. Let me use the mobile-app-builder agent to ensure proper platform integration."\n<commentary>\nNative features require platform-specific implementation and proper permissions handling.\n</commentary>\n</example>\n\n<example>\nContext: Cross-platform development\nuser: "We need this feature on both iOS and Android"\nassistant: "I'll implement it using React Native for code reuse. Let me use the mobile-app-builder agent to ensure native performance on both platforms."\n<commentary>\nCross-platform development requires balancing code reuse with platform-specific optimizations.\n</commentary>\n</example>