Can this skill automatically fix plugin issues?

Yes, Plugin Auditor can automatically resolve certain issues like incorrect script permissions, JSON/Markdown formatting errors, and versioning inconsistencies.

Does it work with Model Context Protocol (MCP) plugins?

Yes, it includes specific checks for MCP-based plugins, verifying SDK dependencies, TypeScript configurations, and proper configuration settings.

What kind of security vulnerabilities does Plugin Auditor detect?

It scans for hardcoded secrets, API keys, AWS credentials, private keys, dangerous shell commands, eval statements, and potential command injection vectors.

How do I trigger a plugin audit?

You can activate the skill by asking Claude to 'audit plugin', 'perform a security review', or 'check best practices' for a specific plugin directory.

Plugin Auditor

Name: Plugin Auditor
Author: jeremylongshore

byjeremylongshore

•

884

Security & Testing

Audits Claude Code plugins for security vulnerabilities, best practices, and marketplace compliance standards.

About

Plugin Auditor is a specialized capability designed to ensure Claude Code plugins meet high-quality standards before deployment or publication. It automatically scans repositories for security risks like hardcoded secrets and command injection, verifies compliance with CLAUDE.md and marketplace schemas, and evaluates best practices ranging from directory structure to performance optimization. This skill streamlines the review process, providing detailed reports with severity-rated findings and auto-fix capabilities for common issues like file permissions and formatting.

Key Features

Auto-fix capabilities for script permissions, JSON formatting, and version synchronization
884 GitHub stars
Detailed audit reports with severity levels and actionable recommendations
Automated security scanning for secrets, AWS keys, and dangerous command patterns
Comprehensive compliance checks for CLAUDE.md and marketplace.extended.json standards
Best practice evaluation for code quality, documentation, and directory structure

Use Cases

Pre-publication review to ensure a plugin is safe and ready for the marketplace
Enforcing repository standards and CLAUDE.md compliance across a team of contributors
Automated security auditing during the development of new Claude Code plugins

About

Key Features

Auto-fix capabilities for script permissions, JSON formatting, and version synchronization
884 GitHub stars
Detailed audit reports with severity levels and actionable recommendations
Automated security scanning for secrets, AWS keys, and dangerous command patterns
Comprehensive compliance checks for CLAUDE.md and marketplace.extended.json standards
Best practice evaluation for code quality, documentation, and directory structure

Use Cases

Pre-publication review to ensure a plugin is safe and ready for the marketplace
Enforcing repository standards and CLAUDE.md compliance across a team of contributors
Automated security auditing during the development of new Claude Code plugins