Comprehensive PR review toolkit with 6 specialized agents for analyzing code comments, test coverage, error handling, type design, code quality, and simplification. Each agent focuses on a specific aspect of code quality and provides actionable feedback.

Create new Claude Agent SDK projects with proper setup and configuration. Choose between TypeScript or Python, get the latest SDK version, and automatically verify your application follows best practices.

This skill provides installation instructions for the Lua Language Server (lua-language-server), which enables code intelligence, diagnostics, and language server features for .lua files in Claude Code. Users must install the language server binary separately via Homebrew, snap, pacman, or manual download.

This skill provides setup instructions for Eclipse JDT.LS, a Java language server that enables code intelligence, refactoring, and enhanced editing support for .java files in Claude Code. Requires Java 17+ and manual jdtls installation.

This skill provides instructions for installing the csharp-ls language server, which enables C# code intelligence, diagnostics, and language server features in Claude Code for .cs files.

Provides documentation for integrating Kotlin language server with Claude Code. Requires installing kotlin-lsp CLI separately via Homebrew. Enables code intelligence, refactoring, and analysis for .kt and .kts files.

Swift Lsp is a documentation skill that provides setup instructions for using SourceKit-LSP with Claude Code. It guides users on installing the Swift toolchain (via Xcode on macOS or from swift.org on Linux) to enable Swift code intelligence for .swift files.

A documentation skill that provides installation instructions for the Intelephense PHP language server. It enables PHP code intelligence and diagnostics in Claude Code through the globally installed Intelephense package.

A reference skill that provides installation instructions and documentation for the clangd Language Server Protocol, which enables code intelligence, diagnostics, and formatting for C/C++ projects in Claude Code.

Provides installation instructions for rust-analyzer, the Rust language server that enables code intelligence, autocomplete, and analysis features for .rs files in Claude Code. Requires manual installation of the rust-analyzer binary.

Provides instructions for setting up gopls, the official Go language server that offers code intelligence, refactoring, and analysis features for .go files in Claude Code.

Integrates the Pyright language server to provide static type checking and code intelligence for Python files. Adds support for .py and .pyi extensions with advanced type analysis.

This skill provides setup instructions for the TypeScript Language Server, which adds code intelligence features like go-to-definition, find references, and error checking for TypeScript and JavaScript files in Claude Code.

This is the official Stripe plugin that helps developers build payment integrations. It provides best practices guidance, error code explanations, test card references, and connects to Stripe's MCP server for enhanced payment processing capabilities.

A comprehensive guide for using Semgrep, a fast static analysis tool for finding bugs and security vulnerabilities. Covers installation, custom rule writing, CI/CD integration with GitHub Actions, and best practices for security scanning without sharing code with third parties.

CodeQL is a powerful static analysis framework that queries code as a database for security vulnerabilities and code patterns. This skill provides comprehensive documentation on creating CodeQL databases, writing custom queries, integrating with CI/CD pipelines, and using the framework for interprocedural control flow and data flow analysis across C/C++, Go, Java, JavaScript, Python, and other supported languages.

A comprehensive educational skill that teaches developers how to structure Claude Code plugins. It covers directory layout conventions, plugin.json manifest configuration, component organization (commands, agents, skills, hooks), the ${CLAUDE_PLUGIN_ROOT} portable path variable, and best practices with examples ranging from minimal to enterprise-grade plugins.

This skill provides complete guidance for integrating MCP (Model Context Protocol) servers into Claude Code plugins. It covers all four server types (stdio, SSE, HTTP, WebSocket), authentication patterns (OAuth, tokens, environment variables), tool naming conventions, and security best practices for connecting plugins to external services.

This skill provides comprehensive documentation for writing hookify rules - markdown files with YAML frontmatter that define patterns to watch for and messages to show when those patterns match. It covers rule file format, event types (bash, file, stop, prompt), regex pattern syntax, advanced conditions, and best practices for organizing rule files.

This skill teaches developers how to create autonomous agents for Claude Code plugins. It provides comprehensive documentation on agent file structure, YAML frontmatter fields, system prompt design patterns, and triggering conditions with concrete examples. Includes a bash validation script to check agent files for correct structure.

This skill provides comprehensive guidance on creating Claude Code slash commands, including YAML frontmatter configuration, dynamic arguments ($1, $2, $ARGUMENTS), file references with @ syntax, bash execution, and plugin-specific features like ${CLAUDE_PLUGIN_ROOT}. It covers interactive commands using AskUserQuestion, multi-step workflows, testing strategies, and marketplace distribution considerations.

A comprehensive guide for creating Claude Code plugin hooks that automate validation, context loading, and workflow enforcement. Includes working example scripts for validating file writes and bash commands, plus utility scripts for testing and linting hook implementations before deployment.

A comprehensive guide for modern Python development using uv, ruff, ty, and pytest. It covers project setup, dependency management, testing, security tooling (pre-commit hooks, secret detection, vulnerability scanning), and migration from legacy tools like pip, black, mypy, and pre-commit.

A variant analysis skill that helps security researchers find similar vulnerabilities across a codebase after discovering an initial bug. It provides a structured methodology for pattern-based searching, ready-to-use Semgrep rule templates for multiple languages (Python, JavaScript, Java, Go, C++), and documentation templates for tracking findings.

Wycheproof is a documentation skill that teaches developers how to validate cryptographic implementations using test vectors. It covers testing workflows for AES-GCM, ECDSA, ECDH, RSA, and other algorithms, with examples in Python and JavaScript.

This skill automates the creation of Claude Code skills from the Trail of Bits Testing Handbook (appsec.guide). It analyzes handbook content for security testing tools (static analysis, fuzzers), techniques (sanitizers, coverage), and domains (cryptography, web security), then generates properly structured skills using templates. The generator includes a two-pass system for content and cross-references, automated validation, and self-improvement workflows.

Ruzzy is a reference skill that teaches how to use Trail of Bits' coverage-guided Ruby fuzzer. It provides installation instructions, harness writing patterns, and sanitizer configuration for finding memory corruption bugs in Ruby code and C extensions.

OSS-Fuzz is a technique skill that guides users through setting up continuous fuzzing for open source projects using Google's free distributed infrastructure. It covers project enrollment, running harnesses locally with the helper.py CLI, coverage analysis, and integrating with multiple fuzzing engines including libFuzzer, AFL++, and Atheris for Python projects.

A comprehensive reference guide for libFuzzer, the LLVM-integrated coverage-guided fuzzer for C/C++ projects. Covers harness writing, compilation, corpus management, sanitizer integration, and running fuzzing campaigns with practical examples and troubleshooting tips.

LibAFL is a comprehensive guide for using the modular LibAFL fuzzing library. It covers installation, writing fuzz harnesses, building custom fuzzers in Rust, and running fuzzing campaigns with features like multi-core support, dictionary fuzzing, and crash deduplication.