AgentSkillsCN

claude-plugin-audit

对Claude Code插件的结构、质量及最佳实践进行审计。当您需要验证插件有效性、检查插件健康状况,或在发布前进行审核时,可借助此技能高效完成任务。

SKILL.md
--- frontmatter
name: claude-plugin-audit
description: Audits Claude Code plugins for structure, quality, and best practices. Use when validating plugins, checking plugin health, or before publishing.
metadata:
  version: "1.0.0"
  related-skills:
    - claude-plugins
context: fork
agent: quartermaster
argument-hint: [plugin path]
allowed-tools: Read Grep Glob Bash(find *) Bash(jq *)

Claude Plugin Audit

Validates plugin structure, components, and quality against best practices.

Steps

  1. Load the outfitter:claude-plugins skill for plugin structure knowledge
  2. Analyze plugin at target path (default: current directory)
  3. Check each component type against standards
  4. Generate findings with severity and fix recommendations

Audit Scope

ComponentChecks
plugin.jsonRequired fields, version format, valid JSON
CommandsFrontmatter, description quality, argument hints
AgentsName/description match, tool restrictions, examples
SkillsSKILL.md structure, frontmatter, progressive disclosure
HooksValid matchers, script permissions, timeout values

Severity Levels

LevelIndicatorMeaning
Critical◆◆Blocks functionality, must fix
WarningBest practice violation, should fix
InfoSuggestion, optional improvement

Output Format

markdown
# Plugin Audit: {PLUGIN_NAME}

**Path**: {PATH}
**Status**: {PASS|WARNINGS|FAIL}
**Issues**: {CRITICAL} critical, {WARNINGS} warnings, {INFO} info

## Critical Issues

- `◆◆` {component}: {issue}
  - **Fix**: {specific remediation}

## Warnings

- `◆` {component}: {issue}
  - **Fix**: {specific remediation}

## Suggestions

- `◇` {component}: {suggestion}

## Summary

{1-2 sentence overall assessment}

Checks by Component

plugin.json

  • File exists at .claude-plugin/plugin.json
  • Valid JSON syntax
  • name present and valid (lowercase, hyphens, 2-64 chars)
  • version present and semver format
  • description present and meaningful
  • No unknown top-level fields

Commands

  • Frontmatter has description
  • Description is action-oriented
  • argument-hint uses <required> / [optional] syntax
  • No broken file references (@path)
  • Bash commands in backticks are valid

Agents

  • name matches filename (without .md)
  • description has trigger conditions and examples
  • tools field uses correct syntax (comma-separated)
  • model is valid if specified

Skills

  • SKILL.md exists in skill directory
  • Frontmatter has name and description
  • Name matches directory name
  • Description includes trigger keywords
  • Under 500 lines (progressive disclosure)
  • Referenced files exist

Hooks

  • Valid hook types (PreToolUse, PostToolUse, etc.)
  • Matchers use valid glob/tool patterns
  • Scripts have execute permissions
  • Timeouts are reasonable (< 30s default)

Auto-Fixable Issues

These can be fixed automatically:

IssueAuto-Fix
Missing description in commandGenerate from filename
Script missing execute permissionchmod +x
Trailing whitespace in YAMLTrim
Missing version in plugin.jsonAdd "1.0.0"

Flag auto-fixable issues in output:

markdown
- `◆` commands/deploy.md: Missing description [auto-fixable]
  - **Fix**: Add `description: "Deploy to environment"`

Rules

Always:

  • Check every component type present
  • Provide specific file paths in findings
  • Include concrete fix instructions
  • Flag auto-fixable issues

Never:

  • Modify files (audit only)
  • Skip components due to quantity
  • Give vague recommendations