security-analyst

Claude Code Plugin Marketplace

---

What is this?

Claude Code is Anthropic's CLI tool for coding with AI. Plugins extend what Claude Code can do by adding specialized agents, skills, and automation hooks.

This marketplace gives you 53 ready-to-use plugins that turn Claude Code into an autonomous development powerhouse. Instead of telling Claude what to do step by step, you delegate entire tasks to specialized agents that know exactly how to handle them.

Before plugins:

You: "Read the auth module, check for SQL injection, review the error handling,
     look at the input validation, check the session management..."

After plugins:

You: "Run a security review on the auth module"
Claude: *security-analyst agent handles everything autonomously*

---

Quick Start

Prerequisites: Claude Code and Git installed.

macOS / Linux:

git clone https://github.com/a-ariff/ariff-claude-plugins.git
cd ariff-claude-plugins && bash scripts/install.sh

Windows (PowerShell):

git clone https://github.com/a-ariff/ariff-claude-plugins.git
cd ariff-claude-plugins; .\scripts\install.ps1

Done. Start a new Claude Code session and all 65 plugins are available.

---

What's Inside

65 Plugins in 4 Categories

ariff-claude-plugins/
|
|-- 24 Agents      autonomous workers that handle entire tasks
|-- 34 Skills      methodologies and knowledge you can apply on demand
|--  5 Hooks       automatic safeguards that run without you asking
|--  2 Commands    slash commands for common workflows
|
|-- includes 12-plugin Anti-Hallucination Suite

Agents (22) -- delegate entire tasks

Agents are autonomous workers. You give them a task, they figure out the approach, use tools, read files, and deliver results.

Category	Agents	What they do
Development	architect, backend-dev, frontend-dev, performance-engineer, qa-engineer, security-analyst, refactorer, autonomous-dev-assistant	Build, optimize, test, and secure code
Analysis	sequential-thinker, project-planner, analyzer, mentor	Plan, analyze, reason through problems
Safety	context-validator, intent-clarifier, pre-action-verifier, scope-boundary-checker, fact-checker, dependency-validator, rollback-planner	Validate before acting, catch mistakes early
Specialized	smithery-deployment-agent, smart-routing, setup-orchestrator	Deploy MCP servers, route to optimal models, configure environments

Skills (26) -- apply proven methodologies

Skills are knowledge and methodology files that Claude loads when relevant. They teach Claude how to approach specific types of problems.

Superpowers (9): brainstorming, writing-plans, executing-plans, subagent-driven-development, verification-before-completion, root-cause-tracing, defense-in-depth, when-stuck, using-superpowers

Development (12): github, plugin-creator, plugin-checker, canvas-api, api-docs-generator, ci-cd-helper, code-reviewer, commit-message-generator, error-explainer, performance-optimizer, pr-analyzer, refactor-assistant

Testing (3): security-scanner, tdd-workflow, test-writer

Debugging (2): systematic-debugger, memory-sync

Hooks (3) -- automatic safeguards

Hooks run automatically at specific points during Claude's workflow. You don't invoke them -- they watch and act.

Hook	Event	What it does
assumption-checker	PreToolUse	Warns when Claude makes assumptions instead of checking
memory-sync	Stop	Prompts to save learnings at session end
hooks-reference	PreToolUse	Reference implementation for building your own hooks

Anti-Hallucination Suite (12 plugins) -- stop AI from guessing