by CloudAI-X
Universal Claude Code workflow plugin with agents, skills, hooks, and commands
# Add to your Claude Code skills
git clone https://github.com/CloudAI-X/claude-workflow-v2Guides for using ai agents skills like claude-workflow-v2.
Last scanned: 4/28/2026
{
"issues": [],
"status": "PASSED",
"scannedAt": "2026-04-28T06:30:22.865Z",
"semgrepRan": false,
"npmAuditRan": true,
"pipAuditRan": true
}claude-workflow-v2 is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by CloudAI-X. Universal Claude Code workflow plugin with agents, skills, hooks, and commands. It has 1,383 GitHub stars.
Yes. claude-workflow-v2 passed SkillsLLM's automated security scan — a dependency vulnerability audit plus prompt-injection heuristics — with no high-severity issues. You can read the full report in the Security Report section on this page.
Clone the repository with "git clone https://github.com/CloudAI-X/claude-workflow-v2" and add it to your Claude Code skills directory (see the Installation section above).
claude-workflow-v2 is primarily written in Python. It is open-source under CloudAI-X on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh claude-workflow-v2 against similar tools.
No comments yet. Be the first to share your thoughts!
A universal Claude Code workflow plugin with specialized agents, skills, hooks, and output styles for any software project. Compatible with skills.sh — works with Claude Code, Cursor, Codex, and 35+ AI agents.
npx skills add CloudAI-X/claude-workflow-v2
Installs skills to Claude Code, Cursor, Codex, Windsurf, Cline, and 35+ other AI agents automatically.
npx install-claude-workflow-v2@latest
Installs the complete plugin: agents, commands, skills, and hooks.
# Clone the plugin
git clone https://github.com/CloudAI-X/claude-workflow-v2.git
# Run Claude Code with the plugin
claude --plugin-dir ./claude-workflow-v2
import { query } from "@anthropic-ai/claude-agent-sdk";
for await (const message of query({
prompt: "Hello",
options: {
plugins: [{ type: "local", path: "./claude-workflow-v2" }],
},
})) {
// Plugin commands, agents, and skills are now available
}
# Install from marketplace (when available)
claude plugin install project-starter
# Or install from local directory
claude plugin install ./claude-workflow-v2
After loading the plugin, verify it's working:
> /plugin
Tab to Installed - you should see project-starter listed.
Tab to Errors - should be empty (no errors).
These commands become available:
/project-starter:architect # Architecture-first mode
/project-starter:rapid # Ship fast mode
/project-starter:commit # Auto-generate commit message
/project-starter:verify-changes # Multi-agent verification
| Component | Count | Description |
|---|---|---|
| Agents | 7 | Specialized subagents for code review, debugging, security, etc. |
| Commands | 26 | Slash commands for workflows, output styles, planning, and onboarding |
| Skills | 14 | Knowledge domains with on-demand context loading |
| Hooks | 14 | Automation scripts for formatting, security, metrics, and notifications |
Auto-commit your changes:
> /project-starter:commit
Looking at staged changes...
✓ Created commit: feat(auth): add JWT refresh token endpoint
Full git workflow:
> /project-starter:commit-push-pr
✓ Committed: feat: add user dashboard
✓ Pushed to origin/feature/dashboard
✓ Created PR #42: https://github.com/you/repo/pull/42
Verify before shipping:
> /project-starter:verify-changes
Spawning verification agents...
├─ build-validator: ✓ Build passes
├─ test-runner: ✓ 42 tests pass
├─ lint-checker: ⚠ 2 warnings (non-blocking)
└─ security-scanner: ✓ No vulnerabilities
Ready to ship!
Agents spawn automatically based on your request:
You say: "The login is broken, users get 401 errors"
[debugger agent activated]
→ Checking auth middleware... found issue
→ Token validation uses wrong secret in production
→ Fix: Update AUTH_SECRET in .env.production
You say: "Review my changes"
[code-reviewer agent activated]
→ Analyzing 3 files changed...
✓ Logic is correct
⚠ Missing null check on line 42
⚠ Consider adding rate limiting to this endpoint
You say: "Add authentication to the API"
[orchestrator agent activated]
→ Breaking down into subtasks:
1. Design auth schema (spawning architect)
2. Implement JWT middleware
3. Add login/register endpoints
4. Write tests (spawning test-architect)
5. Update API docs (spawning docs-writer)
Skills provide domain knowledge automatically:
You ask: "How should I structure the payment service?"
[designing-architecture skill applied]
→ Recommending hexagonal architecture
→ Payment providers as adapters
→ Core domain isolated from infrastructure
You ask: "Make this endpoint faster"
[optimizing-performance skill applied]
→ Adding database indexes
→ Implementing response caching
→ Using pagination for large results
Hooks run automatically on events:
Security block (pre-edit):
⛔ BLOCKED: Potential secret detected
File: src/config.ts, Line 5
Pattern: API key (sk-...)
Remove the secret and use environment variables.
Auto-format (post-edit):
✓ Formatted with prettier: src/components/Button.tsx
✓ Formatted with black: scripts/deploy.py
Desktop notifications:
🔔 "Claude needs input" - when waiting for your response
🔔 "Task complete" - when finished
All commands use the format /project-starter:<command>.
| Command | Mode |
|---|---|
/project-starter:architect |
System design mode - architecture before code |
/project-starter:rapid |
Fast development - ship quickly, iterate |
/project-starter:mentor |
Teaching mode - explain the "why" |
/project-starter:review |
Code review mode - strict quality |
| Command | Purpose |
|---|---|
/project-starter:commit |
Auto-generate conventional commit message |
/project-starter:commit-push-pr |
Commit → Push → Create PR (full workflow) |
/project-starter:quick-fix |
Fast fix for lint/type errors |
/project-starter:add-tests |
Generate tests for recent changes |
/project-starter:lint-fix |
Auto-fix all linting issues |
/project-starter:sync-branch |
Sync with main (rebase or merge) |
/project-starter:summarize-changes |
Generate standup/PR summaries |
| Command | Purpose |
|---|---|
/project-starter:verify-changes |
Multi-subagent adversarial verification |
/project-starter:validate-build |
Build process validation |
/project-starter:run-tests |
Tiered test execution |
/project-starter:lint-check |
Code quality checks |
/project-starter:security-scan |
Security vulnerability detection |
/project-starter:code-simplifier |
Post-implementation cleanup |
| Command | Purpose |
|---|---|
/project-starter:parallel-review |
Review multiple files/dirs via subagents |
/project-starter:parallel-analyze |
Multi-perspective analysis via subagents |
| Command | Purpose |
|---|---|
/project-starter:plan |
Persistent PLAN.md with phase tracking |
/project-starter:refactor-guided |
4-phase systematic refactoring with safety |
/project-starter:dependency-upgrade |
Safe dependency upgrades with rollback |
| Command | Purpose |
|---|---|
/project-starter:tutorial |
Interactive guided tutorial for new users |
/project-starter:bootstrap-repo |
10-agent parallel repo exploration |
/project-starter:save-session-learnings |
Persist session discoveries to docs |
/project-starter:metrics |
View agent performance metrics |
Agents are specialized subagents that Claude spawns automatically based on your task.
| Agent | Purpose | Auto-Triggers |
|---|---|---|
orchestrator |
Coordinate multi-step tasks | "improve", "enhance", "build", "architecture", complex tasks |
code-reviewer |
Review code quality | "review", "PR review", "lint", code changes |
debugger |
Systematic bug investigation | Errors, crashes, memory leaks, timeouts, race conditions |
docs-writer |
Technical documentation | README, changelogs, migration guides, release notes |
security-auditor |
Security vulnerability detection | Auth, encryption, secrets, OAuth, JWT, CORS |
refactorer |
Code structure improvements | Tech debt, code smells, complexity reduction |
test-architect |
Design test strategies | Test plans, mocking, flaky tests, integration/E2E |
Skills are knowledge domains that Claude uses autonomously when