From plugin-dev
Guides creation and configuration of autonomous agents for Claude Code plugins, covering frontmatter, triggering descriptions, system prompts, tools, teams, permissions, and best practices.
npx claudepluginhub sjnims/plugin-dev --plugin plugin-devThis skill uses the workspace's default tool permissions.
Agents are autonomous subprocesses that handle complex, multi-step tasks independently. Master agent structure, triggering conditions, and system prompt design to create powerful autonomous capabilities.
examples/agent-creation-prompt.mdexamples/complete-agent-examples.mdreferences/advanced-agent-fields.mdreferences/agent-creation-system-prompt.mdreferences/permission-modes-rules.mdreferences/system-prompt-design.mdreferences/triggering-examples.mdscripts/create-agent-skeleton.shscripts/test-agent-trigger.shscripts/validate-agent.shCreates isolated Git worktrees for feature branches with prioritized directory selection, gitignore safety checks, auto project setup for Node/Python/Rust/Go, and baseline verification.
Executes implementation plans in current session by dispatching fresh subagents per independent task, with two-stage reviews: spec compliance then code quality.
Dispatches parallel agents to independently tackle 2+ tasks like separate test failures or subsystems without shared state or dependencies.
Agents are autonomous subprocesses that handle complex, multi-step tasks independently. Master agent structure, triggering conditions, and system prompt design to create powerful autonomous capabilities.
Key concepts:
Important - Field Name Difference: Agents use
toolsto restrict tool access. Skills useallowed-toolsfor the same purpose. Don't confuse these when switching between component types.Note on Official Documentation: The
colorfield documented in this skill is supported by Claude Code and is generated by the built-in/agentscommand, but it is not yet reflected in the official sub-agents documentation. See anthropics/claude-code#8501 for tracking. The plugins-reference.md may show an older agent format using acapabilitiesfield; for Claude Code plugins, prefer the structure documented in this skill which usestoolsfor tool restrictions.
Minimal working agent (copy-paste ready):
---
name: my-reviewer
description: Use this agent when the user asks to review code. Examples:
<example>
Context: User wrote new code
user: "Review my changes"
assistant: "I'll use the my-reviewer agent to analyze the code."
<commentary>
Code review request triggers the agent.
</commentary>
</example>
model: inherit
color: blue
---
You are a code reviewer. Analyze code for issues and provide feedback.
**Process:**
1. Read the code
2. Identify issues
3. Provide recommendations
**Output:** Summary with file:line references for each finding.
For complete format with all options, see Agent File Structure.
| Component | Best For | Triggering | Example Use Case |
|---|---|---|---|
| Agents | Autonomous multi-step tasks | Proactive or description-matched | Code review after implementation |
| Commands | User-initiated actions | Explicit /command invocation | /deploy production |
| Skills | Knowledge and guidance | Model-invoked based on context | Domain expertise for PDF processing |
See also: For command development, load the
command-developmentskill. For skill development, load theskill-developmentskill.
---
name: agent-identifier
description: Use this agent when [triggering conditions]. Examples:
<example>
Context: [Situation description]
user: "[User request]"
assistant: "[How assistant should respond and use this agent]"
<commentary>
[Why this agent should be triggered]
</commentary>
</example>
<example>
[Additional example...]
</example>
model: inherit
color: blue
tools: Read, Write, Grep
---
You are [agent role description]...
**Your Core Responsibilities:**
1. [Responsibility 1]
2. [Responsibility 2]
**Analysis Process:**
[Step-by-step workflow]
**Output Format:**
[What to return]
Agent identifier used for namespacing and invocation.
Format: lowercase, numbers, hyphens only Length: 3-50 characters Pattern: Must start and end with alphanumeric
Good examples:
code-reviewertest-generatorapi-docs-writersecurity-analyzerBad examples:
helper (too generic)-agent- (starts/ends with hyphen)my_agent (underscores not allowed)ag (too short, < 3 chars)Defines when Claude should trigger this agent. This is the most critical field.
Must include:
<example> blocks showing usage<commentary> explaining why agent triggersFormat:
Use this agent when [conditions]. Examples:
<example>
Context: [Scenario description]
user: "[What user says]"
assistant: "[How Claude should respond]"
<commentary>
[Why this agent is appropriate]
</commentary>
</example>
[More examples...]
Best practices:
Which model the agent should use.
Options:
inherit - Use same model as parent (recommended)sonnet - Claude Sonnet (balanced)opus - Claude Opus (most capable, expensive)haiku - Claude Haiku (fast, cheap)When to choose:
haiku - Fast, simple tasks; quick analysis; cost-sensitive operationssonnet - Balanced performance; most use cases (default recommendation)opus - Complex reasoning; detailed analysis; highest capability neededRecommendation: Use inherit (recommended default) unless the agent specifically needs:
haiku for fast, cost-sensitive operationsopus for complex reasoning requiring maximum capabilityVisual identifier for agent in UI.
Note: This field is supported by Claude Code but not yet in official documentation. See the Overview note for details.
Options: blue, cyan, green, yellow, magenta, red
Guidelines:
Restrict agent to specific tools.
Format: Comma-separated tool names
tools: Read, Write, Grep, Bash
Default: If omitted, agent has access to all tools
Best practice: Limit tools to minimum needed (principle of least privilege)
Common tool sets:
Read, Grep, GlobRead, Write, GrepRead, Bash, GrepImportant: Agents use
toolswhile Skills useallowed-tools. The field names differ between component types. For skill tool restrictions, see theskill-developmentskill.
Denylist complement to tools. Block specific tools while allowing all others:
disallowedTools: Bash, Write
Format: Comma-separated tool names
Default: No tools blocked
| Field | Approach | Use When |
|---|---|---|
tools | Allowlist | Few tools needed, restrict to minimum |
disallowedTools | Denylist | Most tools needed, block specific risks |
Best practice: Prefer tools (allowlist) for tighter security. Use disallowedTools when an agent needs broad access but specific tools are dangerous.
Note: Use one or the other. If both are specified, behavior is undefined.
Load specific skills into the agent's context:
skills:
- testing-patterns
- security-audit
- api-design
Use cases:
Skills must be from the same plugin. The skill's SKILL.md content loads into the agent's context.
Control how the agent handles permission requests:
permissionMode: acceptEdits
Values:
default - Standard permission model, prompts user for each action (implicit when omitted)acceptEdits - Auto-accept file edit operations (Write, Edit, NotebookEdit)dontAsk - Skip permission dialogs for all operationsbypassPermissions - Full bypass (requires trust)plan - Planning mode, propose changes without executingdelegate - Coordination-only, restricted to team management tools (spawn, message, manage tasks)Default: default (standard permission model, asks user)
Security note: Use restrictive modes (plan, acceptEdits) for untrusted agents. bypassPermissions should only be used for fully trusted agents. Use delegate for team lead agents that should coordinate work without implementing directly.
For complete permission mode details and permission rule syntax, see references/permission-modes-rules.md.
Limit the maximum number of agentic turns before the agent stops:
maxTurns: 50
Use cases:
If omitted, the agent runs until it completes or the user interrupts.
Enable persistent memory across sessions:
memory: user
Scopes: user (~/.claude/agent-memory/), project (.claude/agent-memory/), local (.claude/agent-memory-local/)
When enabled, the agent's first 200 lines of MEMORY.md are auto-injected into its system prompt. The agent can read/write its memory directory to learn across sessions. See references/advanced-agent-fields.md for details.
Scope MCP servers to this agent:
mcpServers:
slack:
Reference an already-configured server by name, or provide inline config. Restricts which MCP servers the agent can access. See references/advanced-agent-fields.md for configuration examples.
Define lifecycle hooks scoped to this agent:
hooks:
PreToolUse:
- matcher: Bash
hooks:
- type: command
command: "${CLAUDE_PLUGIN_ROOT}/scripts/validate-bash.sh"
Supports all hook events. Note: Stop hooks in agent frontmatter are auto-converted to SubagentStop at runtime. Hooks activate when the agent starts and deactivate when it finishes. See references/advanced-agent-fields.md for full details.
Some frontmatter fields are specific to skills and do not apply to agents:
| Skill-Only Field | Purpose | Why Not for Agents |
|---|---|---|
context: fork | Run skill in separate subagent context | Agents already run as subprocesses by design |
agent | Specify agent type for forked context | Only applies when context: fork is set |
user-invocable | Control slash menu visibility | Agents aren't invoked via slash commands |
disable-model-invocation | Block programmatic Skill tool usage | Agents use Task tool, not Skill tool |
allowed-tools | Restrict tool access (skill syntax) | Agents use tools field instead (different field name) |
Key distinction: Skills provide knowledge and guidance that loads into context. Agents are autonomous subprocesses that execute independently. This architectural difference explains why context-forking options don't apply to agents—they're already isolated processes.
The markdown body becomes the agent's system prompt. Write in second person, addressing the agent directly.
Key elements:
Best practices:
For detailed templates and patterns (Analysis, Generation, Validation, Orchestration agents), see references/system-prompt-design.md.
Use this prompt pattern (extracted from Claude Code):
Create an agent configuration based on this request: "[YOUR DESCRIPTION]"
Requirements:
1. Extract core intent and responsibilities
2. Design expert persona for the domain
3. Create comprehensive system prompt with:
- Clear behavioral boundaries
- Specific methodologies
- Edge case handling
- Output format
4. Create identifier (lowercase, hyphens, 3-50 chars)
5. Write description with triggering conditions
6. Include 2-3 <example> blocks showing when to use
Return JSON with:
{
"identifier": "agent-name",
"whenToUse": "Use this agent when... Examples: <example>...</example>",
"systemPrompt": "You are..."
}
Then convert to agent file format with frontmatter.
See examples/agent-creation-prompt.md for complete template.
inherit)agents/agent-name.md✅ Valid: code-reviewer, test-gen, api-analyzer-v2
❌ Invalid: ag (too short), -start (starts with hyphen), my_agent (underscore)
Rules:
Length: 10-5,000 characters Must include: Triggering conditions and examples Best: 200-1,000 characters with 2-4 examples
Length: 20-10,000 characters Best: 500-3,000 characters Structure: Clear responsibilities, process, output format
plugin-name/
└── agents/
├── analyzer.md
├── reviewer.md
└── generator.md
All .md files in agents/ are auto-discovered.
Agent precedence: --agents CLI flag > .claude/agents/ (project) > ~/.claude/agents/ (personal) > Plugin agents/ directory. Higher-priority agents with the same name shadow lower-priority ones. Use distinctive, namespaced names for plugin agents to avoid collisions.
When referencing files within your plugin (scripts, references, etc.) from agent system prompts, use ${CLAUDE_PLUGIN_ROOT} for portable paths:
Run the validation script at `${CLAUDE_PLUGIN_ROOT}/scripts/validate.sh`
This variable resolves to the plugin's installation directory at runtime, ensuring paths work regardless of where the plugin is installed.
Agents are namespaced automatically:
agent-nameplugin:subdir:agent-nameCreate test scenarios to verify agent triggers correctly:
Use the --agents CLI flag to pre-load specific agents:
# Load single agent
claude --agents code-reviewer
# Load multiple agents
claude --agents "code-reviewer,test-generator"
Use cases:
Ensure system prompt is complete:
| Field | Required | Format | Example |
|---|---|---|---|
| name | Yes | lowercase-hyphens | code-reviewer |
| description | Yes | Text + examples | Use when... ... |
| model | Yes | inherit/sonnet/opus/haiku | inherit |
| color | Yes | Color name | blue |
| tools | No | Comma-separated tool names | Read, Grep |
| disallowedTools | No | Comma-separated tool names | Bash, Write |
| skills | No | Array of skill names | [testing, security] |
| permissionMode | No | Permission mode string | acceptEdits |
| maxTurns | No | Number | 50 |
| memory | No | user/project/local | user |
| mcpServers | No | Object or server names | { "slack": {} } |
| hooks | No | Hook event config | { PreToolUse: [...] } |
Note: Agents use
toolsto restrict tool access. Skills useallowed-toolsfor the same purpose. The field names differ between component types.
DO:
inherit for model unless specific needDON'T:
Agents can run in foreground (blocking) or background (concurrent) mode:
Background agents that need an unapproved permission will fail. Plan tool restrictions accordingly.
MCP limitation: MCP tools are unavailable in background subagents. If your agent relies on MCP tools (from the plugin's .mcp.json), it must run in foreground mode. Design agents that may run in background to use only built-in tools.
Resuming agents: Each Task invocation creates a fresh agent. To continue with full prior context, ask Claude to "resume that agent" — it will restore the previous transcript.
Restricting spawnable agents: Use Task(agent_type1, agent_type2) syntax in settings.json allow rules to control which agent types can be spawned. Omitting Task entirely prevents subagent spawning.
Built-in agent types: Explore (read-only, Haiku), Plan (read-only research), general-purpose (all tools), Bash (terminal commands), statusline-setup (Haiku), Claude Code Guide (Haiku).
Agent teams enable multi-agent coordination where a team lead spawns and manages multiple independent Claude Code sessions as teammates. Requires CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS=1.
Teams provide shared task lists, inter-agent messaging, and parallel execution. Use permissionMode: delegate to restrict a lead to coordination-only tools.
This is an advanced feature — see the official agent teams documentation for details.
For detailed guidance, consult:
references/advanced-agent-fields.md - Detailed docs for maxTurns, memory, mcpServers, hooks, execution modes, and agent teamsreferences/permission-modes-rules.md - Complete permission mode details and permission rule syntax for fine-grained access controlreferences/system-prompt-design.md - Four system prompt patterns (Analysis, Generation, Validation, Orchestration) with complete templates and common pitfallsreferences/triggering-examples.md - Example block anatomy, four example types, template library, and debugging guidereferences/agent-creation-system-prompt.md - The exact prompt used by Claude Code's agent generation feature with usage patternsWorking examples in examples/:
agent-creation-prompt.md - AI-assisted agent generation templatecomplete-agent-examples.md - Full agent examples for different use casesDevelopment tools in scripts/:
create-agent-skeleton.sh - Generate new agent file from templatevalidate-agent.sh - Validate agent file structuretest-agent-trigger.sh - Test if agent triggers correctly