core

Universal Agent Skills

Battle-tested Claude Code plugins extracted from real projects, generalized for any codebase. Each plugin ships skills, agents, commands, hooks, and shared helper scripts — wired to work together out of the box.

Plugins

core — Universal Workflow

Stack-agnostic skills for commit workflows, project planning, debugging, PR management, and documentation. Works with any language or framework.

13 skills: commit, ship-it, start-work, whats-next, project-status, pr-description, skills-review, debug, pr-fix, document, improve-issues, cleanup, checkout

infra — Enterprise Infrastructure & DevOps

For sysadmins, DevOps engineers, and SREs operating across AWS, GCP, Kubernetes, and baremetal/on-prem. Covers IaC validation, drift / cost / vulnerability triage, cloud IAM and Well-Architected reviews, postmortems and runbooks, and baremetal hardening. All skills are read-only — mutating operations always require approval.

• 23 skills grouped as:
  • Foundations: preflight, security-audit, suggest, infra-inventory
  • Cross-cutting: review-drift, review-costs, triage-vulnerabilities, draft-postmortem, draft-runbook, review-observability, assess-change-risk, review-disaster-recovery
  • AWS: review-aws-iam, review-aws-well-architected, review-aws-tagging, triage-aws-security-findings
  • GCP: review-gcp-iam, triage-gcp-recommender, review-gke
  • Kubernetes: review-kubernetes-rbac
  • Baremetal: review-linux-hardening, review-systemd-units, review-ansible-playbooks, triage-hardware-health
• 1 agent: principal-sre — principal-level sysadmin / DevOps / SRE reviewer persona dispatched by 5 skills (draft-postmortem, assess-change-risk, review-disaster-recovery, review-observability, draft-runbook) when senior production judgment is needed.
• Helper scripts: detect-iac-scope.sh, cloud-auth-check.sh — shared IaC detection and cloud-auth probing used by 12 skills.
• Hooks: 4 PreToolUse safeguards nudging /preflight, /security-audit, /assess-change-risk, /review-drift before mutating terraform, kubectl, helm, or ansible-playbook operations.
• MINDSET.md: import via @plugins/infra/MINDSET.md into a project CLAUDE.md to adopt enterprise infra conventions (change safety, config-as-code, secrets discipline, observability gates, production maxims).

webapp — Web Application Development

For modern Next.js / TypeScript / React full-stack development (Drizzle ORM, Playwright, Vitest). API review, architecture review, testing, coverage analysis, migration safety, and design tokens.

• 19 skills: preflight, api-review, architecture-review, best-practices, dba-review, security-review, docs-review, theme-review, migration-review, claude-review, branch-coverage, write-tests, e2e-spec, e2e-write, mutate, test-matrix, test-quality, drizzle-sql-migration, suggest
• 1 agent: principal-frontend — principal-level TypeScript / Next.js / React reviewer persona dispatched by 5 skills (architecture-review, api-review, best-practices, security-review, migration-review) when the decision is architectural rather than line-level.
• MINDSET.md: import via @plugins/webapp/MINDSET.md into a project CLAUDE.md to adopt type-discipline, server/client boundary, testing, accessibility, and performance conventions.

Installation

Claude Code

claude plugins install <plugin-name>

Each plugin ships a /setup command that adds the recommended read-only tool permissions to .claude/settings.json. Mutating operations are intentionally excluded and will always prompt for approval.

GitHub Copilot CLI

1. Register this marketplace

copilot plugin marketplace add <owner>/<repo>

SSH auth users: the <owner>/<repo> shorthand clones over HTTPS, which no longer accepts passwords — PAT/credential-helper mismatches appear as "Invalid username or token." Pass an explicit SSH URL instead:

# Remove any failed partial clone first
rm -rf ~/Library/Caches/copilot/marketplaces/<owner>-<repo>

copilot plugin marketplace add ssh://[email protected]/<owner>/<repo>.git

Or force all GitHub clones to use SSH globally (then the shorthand works again):

git config --global url."ssh://[email protected]/".insteadOf "https://github.com/"

Verify SSH access first: ssh -T [email protected]

2. Browse available plugins

copilot plugin marketplace list            # confirm the marketplace name
copilot plugin marketplace browse <name>   # list plugins in this marketplace

3. Install a plugin

copilot plugin install <plugin-name>@<marketplace-name>

4. Manage

copilot plugin list
copilot plugin update <plugin-name>
copilot plugin uninstall <plugin-name>

Adopting the MINDSET files