Mastering Claude Code Plugins: Skills, MCP, Hooks and Real‑World Configurations

Why Plugins Matter

Claude Code without plugins is like a new phone without apps—functional but limited. Since the public beta in October 2025, the official market has amassed 300 plugins and 4.46 million installations, while the community hosts over 11,900 related repositories and 80 k+ searchable Skills.

Five‑Layer Extension Architecture

The system is organized into five layers (from bottom to top):

Skills : Markdown + YAML files that teach Claude *how* to act in specific scenarios.

MCP (Model Context Protocol): Servers that give Claude *what* tools to use.

Agents / Subagents : Parallel Claude instances that run independent sub‑tasks.

Hooks : Deterministic commands that run at defined lifecycle events.

Plugins : The packaging and distribution layer that bundles the above.

2.1 Skills – Defining New Behaviors

A Skill lives at ~/.claude/skills/<em>skill-name</em>/SKILL.md. Below is a minimal example that audits code for OWASP Top 10 issues:

---
name: code-audit
description: 对代码进行安全和性能审计。当用户提到"审计"或"audit"时自动触发。
allowed-tools: Bash(npm *) Read Grep
---

## 审计流程
1. 读取目标文件或目录
2. 检查 OWASP Top 10 安全风险
3. 检查性能反模式
4. 生成审计报告，按严重程度排序

Skills can be triggered automatically (based on the description field) or manually via /skill-name. They also support forked execution ( context: fork) and dynamic context injection using !`command`.

2.2 MCP Servers – Connecting to the Outside World

MCP defines how Claude talks to external services. Two transport types exist:

stdio : Local processes (e.g., PostgreSQL, file handling).

http : Remote cloud services (e.g., Figma, Supabase, Slack).

Example .mcp.json configuration:

{
  "mcpServers": {
    "postgres": {
      "command": "npx",
      "args": ["@anthropic/pg-mcp", "postgres://localhost/mydb"],
      "env": {"PG_PASSWORD": "secret"}
    },
    "figma": {
      "type": "http",
      "url": "https://mcp.figma.com/mcp"
    }
  }
}

Three configuration scopes are recommended:

Global ( ~/.claude.json) – shared tools like GitHub or Slack.

Project shared ( .mcp.json) – committed to the repo (e.g., PostgreSQL connection string via env vars).

Local ( .claude/settings.local.json) – secrets that never get committed.

Best practice: keep the number of active MCP servers to three (the sweet spot) because each server consumes part of Claude’s context window; more than five noticeably slows responses.

2.3 Agents / Subagents – Parallel Execution

Agents are defined under ~/.claude/agents/<em>agent-name</em>.md. Example security‑reviewer agent:

---
name: security-reviewer
model: sonnet
effort: high
maxTurns: 15
tools: Read, Grep, Glob, Bash(npm audit *)
skills: code-audit
---

你是一个安全审查专家。分析给定的代码变更，检查 OWASP Top 10 漏洞和依赖风险。输出结构化报告。

Subagents run in isolated windows and report back. The newer Agent Teams (enabled via CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS=1) allow agents to share a task inbox and coordinate dependencies.

2.4 Hooks – Deterministic Automation

Hooks run at specific lifecycle events (e.g., PreToolUse, PostToolUse, SessionStart, UserPromptSubmit). They are rule‑based, not model‑driven.

Example JSON to run an ESLint auto‑fix after any file write:

{
  "hooks": {
    "PostToolUse": [
      {
        "matcher": "Write|Edit",
        "hooks": [
          {
            "type": "command",
            "command": "~/.claude/hooks/auto-lint.sh"
          }
        ]
      }
    ]
  }
}

auto-lint.sh

(simplified):

#!/bin/bash
FILE=$(echo "$1" | jq -r '.tool_input.file_path')
if [[ "$FILE" == *.ts || "$FILE" == *.tsx ]]; then
  npx eslint "$FILE" --fix || { echo "Lint 失败" >&2; exit 2; }
fi

Other common hooks:

PreToolUse – safety guard that blocks dangerous commands like rm -rf or DROP TABLE.

{
  "hooks": {
    "PreToolUse": [{
      "matcher": "Bash",
      "hooks": [{"type": "command", "command": "~/.claude/hooks/safety-guard.sh"}]
    }]
  }
}

SessionStart – inject recent GitHub Issue/PR context.

{
  "hooks": {
    "SessionStart": [{
      "hooks": [{"type": "command", "command": "~/.claude/hooks/inject-context.sh"}]
    }]
  }
}

These three hooks together form a basic "AI development guardrail": auto‑lint, dangerous‑command blocking, and session‑wide context injection.

Top‑Installed Plugins (Ranked by Install Count)

frontend-design – 507 k installs; teaches Claude to generate production‑grade front‑end code.

superpowers – 410 k installs / 150 k Stars; provides a full structured‑development workflow (brainstorm → plan → TDD → review).

context7 – 248 k installs; an MCP plugin that fetches up‑to‑date docs for 50+ frameworks.

claude-mem – 52 k Stars; uses ChromaDB + SQLite + RAG to retain cross‑session memory.

code-review – 232 k installs; automated security, performance, and style review.

playwright – 164 k installs; Claude writes, runs, and fixes E2E tests autonomously.

github – 185 k installs; deep GitHub integration (PR, Issue, code search, CI status).

caveman – 25 k Stars; compresses Claude’s output to a “caveman language” and saves ~65 % token usage.

claude-hud – 18 k Stars; visual dashboard showing context usage, active tools, and agent progress.

skill-creator – 153 k installs; generates new Skills from natural‑language prompts.

Notice that the top three are methodology‑oriented rather than pure tools, confirming the community’s desire for AI that “understands” the workflow.

Recommended MCP Servers (Typical Development Scenarios)

GitHub – PR, Issue, code search (install via claude mcp add github --transport http).

Context7 – real‑time framework docs (install as a plugin).

Playwright – browser E2E testing ( npx @playwright/mcp@latest).

PostgreSQL – natural‑language DB queries ( npx @anthropic/pg-mcp <conn‑string>).

Figma – design‑to‑code ( https://mcp.figma.com/mcp).

Supabase – full‑stack backend ( https://mcp.supabase.com/mcp).

Sentry – error tracking (OAuth).

Slack – team communication (OAuth).

Security note (Invariant Labs audit): 66 % of community‑published MCP servers have vulnerabilities. Prefer official or well‑maintained servers for sensitive data.

Four Configuration Best Practices

Layered config : Global ( ~/.claude.json) → Project shared ( .mcp.json) → Local secrets ( .claude/settings.local.json).

Limit MCP servers : Keep to three; more than five degrades latency.

Prefer HTTP transport : Remote servers avoid local dependency installation.

Security first : Use official or large‑vendor servers; avoid obscure community servers for confidential workloads.

Three Ready‑to‑Use Configuration Tiers

Lightweight (Entry‑Level)

Plugin: context7 MCP: GitHub (HTTP)

No Hooks

Goal: Enable Claude to access live docs and interact with GitHub without hallucinating APIs.

/plugin install context7
claude mcp add github --transport http

Standard (Daily Development)

Plugins: superpowers, context7, code-review MCP: GitHub + Playwright

Hook: auto‑lint (PostToolUse)

Goal: Structured workflow, up‑to‑date docs, automated code review, and autonomous E2E testing.

This is the author’s personal daily setup.

Geek (Power‑User)

Plugins: superpowers, context7, claude-mem, claude-hud, playwright MCP: GitHub, PostgreSQL, Figma

Hooks: auto‑lint, safety‑guard, inject‑context

Agents: security-reviewer, performance-analyzer Goal: Full‑stack coverage—from memory persistence to security auditing and real‑time monitoring.

Note: Geek‑level setups consume more context. Users on a pay‑per‑token plan should watch the HUD for usage; Max‑plan users can ignore the cost.

Final Takeaways

The Claude Code plugin market is experiencing its "iPhone App Store moment"—rapid growth, diverse tools, and a vibrant community. However, the most effective workflow often relies on a well‑crafted CLAUDE.md plus a handful of carefully chosen plugins rather than a chaotic install of dozens.

"Most people only need a good CLAUDE.md, not the whole ecosystem."

Identify your bottlenecks, pick 2‑3 plugins that directly address them, and keep the rest of the ecosystem as optional extensions.