README.md

July 8, 2026 · View on GitHub

Claude Forge

English · 한국어 · 中文

oh-my-zsh for Claude Code — one install, full professional kit

MIT License Claude Code Stars Forks Contributors Last Commit

What is it?Why bother?InstallWhat's insideHow to useArchitectureFAQ한국어

v3.1.0 released (June 2026) — Adds loop-forge (turn a repetitive task into a reusable, self-guarding slash command) and a full beginner-friendly rewrite of this README with diagrams. Built on v3.0.2 (LLM-readable install) and v3.0.1 (Anthropic 2026 standard alignment: Hooks 21+ events, Subagent frontmatter v2, Skills/Commands hybrid policy, 4-server MCP minimum). See MIGRATION.md.


What is Claude Forge?

Plain English version: Claude Code is an AI coding assistant that lives in your terminal. Out of the box it is capable but bare — like a new employee who knows how to code but has no company procedures, no safety checklists, no templates, and no specialist colleagues to call on.

Claude Forge is the equipment pack for that assistant. One install gives it:

  • 11 specialist "colleagues" (agents) it can delegate to — planner, security reviewer, TDD guide, and more
  • 34 one-word shortcuts (commands like /plan, /tdd, /code-review) that trigger full workflows
  • 26 saved procedures (skills) it follows automatically
  • 15 safety checks (hooks) that run silently in the background every time it touches your code
  • 10 rule files that define how it should behave
  • 4 external tool connections (browser automation, live docs search, and more)

The oh-my-zsh analogy: oh-my-zsh is a free add-on that turns a plain terminal into a colorful, plugin-packed power tool — without changing what the terminal fundamentally does. Claude Forge does the same thing for Claude Code.


✨ Why bother?

Without Claude ForgeWith Claude Forge
Claude Code writes code, but you have to remind it about tests, security, and docs every timeAutomated pipeline: plan → test → review → verify → ship, all connected
No safety net — Claude can run dangerous commands or leak secrets by accident6-layer hook system blocks risky actions before they happen
One AI doing everything alone11 specialist agents working in parallel (planner, architect, security reviewer…)
Hours assembling your own config5-minute install, everything pre-wired
Updates require manual copy-pastegit pull — done

📥 Install in Minutes

Install in 3 steps

Option A — Claude Code Plugin (quick start, partial features)

Open a Claude Code session and run two commands:

/plugin marketplace add sangrokjung/claude-forge
/plugin install claude-forge

This gets you commands and most skills right away. Agents, hooks, rules, and MCP connections need Option B.

Update later: /plugin update claude-forge

One line in your terminal:

curl -fsSL https://raw.githubusercontent.com/sangrokjung/claude-forge/main/install.sh | bash

Or if you prefer to clone first:

git clone --recurse-submodules https://github.com/sangrokjung/claude-forge.git
cd claude-forge
./install.sh        # fresh install
# or
./install.sh --upgrade   # safe migration from v2.1

Windows users: Run .\install.ps1 in PowerShell as Administrator.

Which option should I pick?

What you getOption A (/plugin install)Option B (./install.sh)
Commands (34 shortcuts)
Skills (26 saved procedures)⚠️ partial
Agents (11 specialists)
Hooks (15 safety checks)
Rules (10 behavior guidelines)
MCP connections (4 tools)

Recommendation: Use Option B unless you only need a taste of commands and skills.

If Claude Forge helps you, a star on GitHub helps others find it.


📦 What's Inside

What's inside

Here is everything bundled in Claude Forge, explained in plain language:

WhatCountPlain English
Agents (specialist colleagues)11Each one is an AI focused on a single job — planner, architect, security checker, test guide, database expert, and more. Claude calls the right one automatically.
Commands (shortcut buttons)34Type /plan and Claude creates a full implementation plan. Type /tdd and it writes tests first, then code. All 34 are pre-built shortcuts for common developer tasks.
Skills (saved procedures)26Step-by-step playbooks Claude follows automatically — like a recipe it has memorized. loop-forge turns any repetitive task into a reusable slash command in seconds.
Hooks (silent safety checks)15 built-in + 9 opt-in examplesThese run before and after every action Claude takes. They block leaked passwords, dangerous database commands, and unsafe remote scripts — without you having to think about it. Covers 21 lifecycle events.
Rules (behavior guidelines)10Written instructions Claude reads at the start of every session — coding style, security principles, git workflow conventions, and more.
MCP connections (external tools)4Browser automation (Playwright), live library docs (context7), web page reader (jina-reader), and Chrome DevTools for performance audits.
Full list: 11 Agents

Deep Analysis Agents (use the most capable model)

AgentWhat it does
plannerCreates detailed implementation plans for complex features. Waits for your sign-off before any code is written.
architectDesigns system structure, makes scalability decisions, reviews technical architecture.
code-reviewerChecks code quality, security, and maintainability after you write it.
security-reviewerScans for OWASP Top 10 vulnerabilities, leaked secrets, injection risks.
tdd-guideEnforces test-first development: RED (failing test) → GREEN (passing) → IMPROVE (refactor).
database-reviewerOptimizes PostgreSQL/Supabase queries, reviews schema design.

Fast Execution Agents (use a quicker model)

AgentWhat it does
build-error-resolverFixes TypeScript and build errors with minimal changes to surrounding code.
e2e-runnerGenerates and runs Playwright end-to-end browser tests.
refactor-cleanerFinds and removes dead code using knip, depcheck, ts-prune.
doc-updaterKeeps documentation and code maps in sync after changes.
verify-agentOpens a fresh context to verify build, lint, and tests all pass — like a second pair of eyes.
Full list: 34 Commands

Core Workflow

CommandWhat it does
/planAI creates an implementation plan. Waits for your confirmation before coding.
/tddWrite tests first, then code. One unit of work at a time.
/code-reviewSecurity + quality check on the code you just wrote.
/handoff-verifyAuto-verify build/test/lint all at once.
/commit-push-prCommit, push, create PR, and optionally merge — all in one.
/quick-commitFast commit for simple, well-tested changes.
/verify-loopAuto-retry build/lint/test up to 3x with auto-fix.
/autoOne-button automation: plan to PR without stopping.
/guideInteractive 3-minute tour for first-time users.
/loop-forgeTurn a repetitive task into a reusable, self-guarding slash command.

Exploration & Analysis

CommandWhat it does
/exploreNavigate and analyze codebase structure.
/build-fixIncrementally fix TypeScript and build errors.
/next-taskRecommend next task based on project state.
/suggest-automationAnalyze repetitive patterns and suggest automation.

Security

CommandWhat it does
/security-reviewCWE Top 25 + STRIDE threat modeling.
/stride-analysis-patternsSystematic STRIDE methodology for threat identification.
/security-complianceSOC2, ISO27001, GDPR, HIPAA compliance checks.

Testing & Evaluation

CommandWhat it does
/e2eGenerate and run Playwright end-to-end tests.
/test-coverageAnalyze coverage gaps and generate missing tests.
/evalEval-driven development workflow management.
/evaluating-code-modelsBenchmark code generation models (HumanEval, MBPP).
/evaluating-llms-harnessBenchmark LLMs across 60+ academic benchmarks.

Documentation & Sync

CommandWhat it does
/update-codemapsAnalyze codebase and update architecture docs.
/update-docsSync documentation from source-of-truth.
/sync-docsSync prompt_plan.md, spec.md, CLAUDE.md + rules.
/syncPull latest changes and sync all project docs. Use after any workflow or at session start.
/pullQuick git pull origin main.

Project Management

CommandWhat it does
/init-projectScaffold new project with standard structure.
/orchestrateAgent Teams parallel orchestration.
/checkpointSave/restore work state.
/learnRecord lessons learned + suggest automation.
/web-checklistPost-merge web testing checklist.

Refactoring & Debugging

CommandWhat it does
/refactor-cleanIdentify and remove dead code with test verification.
/debugging-strategiesSystematic debugging techniques and profiling.
/dependency-upgradeMajor dependency upgrades with compatibility analysis.
/extract-errorsExtract and catalog error messages.

Git Worktree

CommandWhat it does
/worktree-startCreate git worktree for parallel development.
/worktree-cleanupClean up worktrees after PR completion.

Utilities

CommandWhat it does
/summarizeSummarize URLs, podcasts, transcripts, local files.
Full list: 26 Skills
SkillWhat it does
blind-spot-passBefore starting work in an unfamiliar domain, surface what you don't know you don't know (unknown unknowns) and teach just enough to prompt well. Shift-left discovery.
build-systemAuto-detect and run project build systems.
cache-componentsNext.js Cache Components and Partial Prerendering (PPR) guidance.
cc-dev-agentClaude Code development workflow optimization (context engineering, sub-agents, TDD).
continuous-learning-v2Instinct-based learning: observe sessions via hooks, create atomic instincts with confidence scoring.
debugging-strategiesSystematic debugging techniques and profiling.
dependency-upgradeMajor dependency upgrades with compatibility analysis.
eval-harnessFormal evaluation framework for eval-driven development (EDD).
evaluating-code-modelsBenchmark code generation models (HumanEval, MBPP).
evaluating-llms-harnessBenchmark LLMs across 60+ academic benchmarks.
extract-errorsExtract and catalog error messages.
frontend-code-reviewFrontend file review (.tsx, .ts, .js) with checklist rules.
loop-forgeTurn a one-line repetitive task into a reusable, self-guarding slash command (5 loop shapes + auto verifier & hardstop).
manage-skillsAnalyze session changes, detect missing verification skills, create/update skills.
prompts-chatSkill/prompt exploration, search, and improvement.
security-complianceSOC2, ISO27001, GDPR, HIPAA compliance checks.
security-pipelineCWE Top 25 + STRIDE automated security verification pipeline.
session-wrapEnd-of-session cleanup: 4 parallel subagents detect docs, patterns, learnings, follow-ups.
skill-factoryConvert reusable session patterns into Claude Code skills automatically.
strategic-compactSuggest manual context compaction at logical intervals to preserve context.
stride-analysis-patternsSystematic STRIDE methodology for threat identification.
summarizeSummarize URLs, podcasts, transcripts, local files.
team-orchestratorAgent Teams engine: team composition, task distribution, dependency management.
using-superpowersDiscover and invoke installed skills before responding to any request.
verification-engineIntegrated verification engine: fresh-context subagent verification loop.
verify-implementationRun all project verify skills and generate unified pattern verification report.
Full list: 15 Hooks (safety checks)

Security Hooks — block dangerous actions automatically

6-Layer Security Defense

HookWhen it runsWhat it blocks
output-secret-filter.shAfter every tool useLeaked API keys, tokens, passwords in output
remote-command-guard.shBefore Bash commandsUnsafe remote commands (curl pipe, wget pipe)
db-guard.shBefore database commandsDestructive SQL (DROP, TRUNCATE, DELETE without WHERE)
security-auto-trigger.shAfter file editsVulnerabilities in code changes
rate-limiter.shBefore MCP tool useMCP server abuse / excessive calls
mcp-usage-tracker.shBefore MCP tool useTracks MCP usage for monitoring

Utility Hooks — helpful nudges in the background

HookWhen it runsWhat it does
code-quality-reminder.shAfter file editsReminds about immutability, small files, error handling
context-sync-suggest.shSession startSuggests syncing docs at session start
session-wrap-suggest.shBefore session endSuggests session wrap-up before ending
work-tracker-prompt.shWhen you submit a promptTracks work for analytics
work-tracker-tool.shAfter tool useTracks tool usage for analytics
work-tracker-stop.shOn stopFinalizes work tracking data
task-completed.shWhen subagent finishesNotifies on subagent task completion
expensive-mcp-warning.shBefore costly operationsWarns about expensive MCP calls

Opt-in Examples (9 extra, v3.0+)

9 additional .example files covering newer lifecycle events (SessionEnd, PreCompact, SubagentStart/Stop, MessageStart/End, UserPromptReceived, and more) live in hooks/examples/. Full 21-event catalog: hooks/README.md. To activate: rename *.example*.sh and register in settings.json.


🔄 How to Use It

Development workflow

The main development pipeline

Claude Forge's commands are designed to chain together. Here is the recommended flow for building any new feature:

/plan → /tdd → /code-review → /handoff-verify → /commit-push-pr

Feature Development Workflow

StepWhat Claude doesWhy
/planWrites an implementation plan and waits for your go-aheadNo code is written until you approve the approach
/tddWrites the tests first, then writes the code to pass themCatches mistakes before they become bugs
/code-reviewChecks the finished code for security holes and quality issuesA second pair of eyes, automatically
/handoff-verifyRuns build, tests, and lint in a fresh session to confirm everything passesCatches "works on my machine" problems
/commit-push-prCommits the code, pushes to GitHub, creates a pull request, and optionally merges itOne command to ship

Other common workflows

Fixing a bug:

/explore → /tdd → /verify-loop → /quick-commit → /sync

Security audit:

/security-review → /stride-analysis-patterns → /security-compliance

Parallel team work (multiple agents at once):

/orchestrate → Agent Teams (working in parallel) → /commit-push-pr

Agent Teams Hub-and-Spoke

Not sure where to start?

After installing, type /guide for an interactive 3-minute tour. Or just type:

/auto login page

Claude Forge will handle the entire plan-to-PR pipeline for you automatically.


🏗 Architecture

Symlink Architecture

The installer creates symbolic links (shortcuts) from the claude-forge folder to ~/.claude/ — the folder Claude Code reads. This means git pull in the repo updates everything instantly, with no reinstall needed.

graph LR
    REPO["claude-forge repo<br>(git pull to update)"]
    INSTALL["./install.sh<br>(one-time setup)"]
    HOME["~/.claude/<br>(Claude reads this)"]
    CLAUDE["Claude Code"]

    REPO --> INSTALL
    INSTALL -->|"creates symlinks"| HOME
    HOME --> CLAUDE

Skills vs Commands: skills/ are knowledge and procedures Claude discovers and follows automatically. commands/ are explicit actions you trigger by typing /name. See docs/SKILLS-VS-COMMANDS.md.

Full Directory Tree
claude-forge/
  ├── agents/                    Agent definitions (11 .md files, frontmatter v2)
  ├── cc-chips/                  Status bar submodule
  ├── cc-chips-custom/           Custom status bar overlay
  ├── commands/                  Slash commands (34 .md, 8 dirs moved to skills/)
  ├── docs/                      Screenshots, diagrams, policy docs (v3.0 guides)
  ├── hooks/                     Event-driven shell scripts (15)
  │   └── examples/              Opt-in .example samples for 21 lifecycle events (9)
  ├── knowledge/                 Knowledge base entries
  ├── reference/                 Reference docs (+ agent-schema.json)
  ├── rules/                     Auto-loaded rule files (10)
  ├── scripts/                   Utility scripts
  ├── setup/                     Installation guides + CLAUDE.md template
  ├── skills/                    Multi-step skill workflows (26, hybrid policy)
  ├── install.sh                 macOS/Linux installer (--upgrade supported)
  ├── install.ps1                Windows installer (--upgrade supported)
  ├── mcp-servers.json           MCP server defaults (4 minimal)
  ├── mcp-servers.optional.json  Optional MCP servers (memory/exa/github/fetch/time/...)
  ├── .claude-plugin/plugin.json Plugin manifest (3.1.0)
  ├── .claude-plugin/marketplace.json  Marketplace entry (3.1.0)
  ├── settings.json              Claude Code settings (2026 fields)
  ├── MIGRATION.md               v2.1 → v3.0 migration guide (EN)
  ├── MIGRATION.ko.md            v2.1 → v3.0 migration guide (KO)
  ├── CONTRIBUTING.md            Contribution guide
  ├── SECURITY.md                Security policy
  └── LICENSE                    MIT License

🔧 What's New in v3.0

v3.0 → v3.1.0 changes (click to expand)

v3.1.0 (feature, June 2026)

  • loop-forge skill + command — turn a one-line repetitive task into a reusable, self-guarding slash command (5 loop shapes + auto verifier & hardstop). Skills 24 → 25, commands 33 → 34.
  • Beginner-friendly README — full rewrite for non-developers (plain-language analogies, terms explained in parentheses) + 3 diagrams (what's inside / install in 3 steps / development workflow), in English & Korean.

v3.0.2 (docs patch, May 2026)

LLM-readable install paths (root INSTALL.md + above-the-fold one-liner) and multi-channel distribution. See Release v3.0.2.

v3.0.1 (patch)

ChangeDescription
Plugin Manifest shipped/plugin marketplace add sangrokjung/claude-forge + /plugin install claude-forge now work for Commands + Skills.
Chrome DevTools promotedLighthouse / Core Web Vitals / memory snapshots now in the default 4-server set. Pinned at chrome-devtools-mcp@0.23.0.
hooks/_lib/timing.shRecords SessionEnd hook timing into ~/.claude/logs/hook-timing.jsonl.
CI expandedRuns on every PR and on main/feat/**/fix/**/chore/**/docs/**/ci/** pushes. 6 jobs total.
Tier 0 spec correctionsHook types, timeout units, Auto Memory path all corrected.
New governance docsADR-001, SETTINGS-COMPATIBILITY, MARKETPLACE-SUBMISSION.

v3.0 (major)

ChangeDescription
Hooks 21 EventsLifecycle hooks expanded from 5 to 21 events. Opt-in samples in hooks/examples/.
Subagent Frontmatter v210 optional fields: isolation, background, memory, maxTurns, skills, mcpServers, effort, hooks, permissionMode, disallowedTools. Schema: reference/agent-schema.json.
Skills/Commands Hybrid PolicyClear boundary documented at docs/SKILLS-VS-COMMANDS.md.
MCP Minimal (4 servers)Default set: playwright · context7 · jina-reader · chrome-devtools-mcp@0.23.0. Legacy full set in mcp-servers.optional.json.
CLAUDE.md TemplateNew setup/CLAUDE.md.template with @import pattern.
Upgrade in One Command./install.sh --upgrade safely migrates v2.1 installs with backup and diff preview.

Breaking Changes in v3.0

  • MCP defaults cutmemory, exa, github, and fetch removed from mcp-servers.json. Restore from mcp-servers.optional.json if needed.
  • 8 commands moved to skills/ — Symlink compatibility maintained until 2027-04-01. Affected: debugging-strategies, dependency-upgrade, evaluating-code-models, evaluating-llms-harness, extract-errors, security-compliance, stride-analysis-patterns, summarize.
  • settings.json allowlist — Removed mcp__memory, mcp__exa, mcp__github, mcp__fetch. Added mcp__playwright.

🛠 MCP Servers (External Tool Connections)

ServerWhat it doesRequired setup
playwrightControls a real browser for end-to-end testsNone — auto-installed
context7Fetches live library documentation while codingNone — auto-installed
jina-readerReads web pages and converts them to clean textNone — auto-installed
chrome-devtoolsRuns Lighthouse audits and Core Web Vitals checksNone — auto-installed

Additional servers (memory, exa search, GitHub, fetch) are available opt-in via mcp-servers.optional.json. Full recipes: docs/MCP-MIGRATION.md.


⚙️ Customization

Override any setting without modifying tracked files:

cp setup/settings.local.template.json ~/.claude/settings.local.json
# Edit ~/.claude/settings.local.json with your preferences

settings.local.json merges on top of settings.json automatically — your changes survive git pull.


🆚 Claude Forge vs. Starting From Scratch

FeatureClaude ForgeBasic .claude/ setupIndividual plugins
Specialist agents11 readyManual setupVaries
Slash commands34 readyNonePer-plugin
Skill workflows26 readyNonePer-plugin
Safety hooks15 + 9 examplesNone by defaultPer-plugin
External tool connections4 default (8+ optional)NonePer-plugin
Setup time~5 minutesHoursPer-plugin install
Updatesgit pullManual per-filePer-plugin update
End-to-end pipelinePlan → Test → Review → ShipDisconnected toolsNot integrated

❓ FAQ

Do I need to know how to code to use Claude Forge?

Claude Forge is built for developers working with Claude Code, so some familiarity with the terminal is needed. That said, you do not need to understand all the internals — most workflows start with a simple one-word command like /plan or /auto, and Claude Forge handles the rest.

If you are new, start with /guide after installing. It gives you an interactive 3-minute tour.

What is Claude Code?

Claude Code is Anthropic's official AI coding assistant that runs in your terminal. It reads your codebase, writes code, runs tests, and more — all through a conversation. Claude Forge is the add-on kit that gives it specialist helpers, shortcuts, and safety checks.

How is Claude Forge different from other Claude Code plugins?

Most Claude Code plugins solve one problem at a time. Claude Forge is a complete development environment — 11 agents, 34 commands, 26 skills, 15 hooks, and 10 rules that work together as a cohesive system. Instead of assembling individual plugins, you get a pre-wired pipeline: /plan feeds into /tdd, which feeds into /code-review, which feeds into /handoff-verify, which feeds into /commit-push-pr. The 6-layer security hook system also runs automatically without extra configuration.

Is Claude Forge compatible with the official Claude Code plugin system?

Yes. Claude Forge installs via symlinks to ~/.claude/ and works alongside official Claude Code plugins. Your existing settings.local.json overrides are preserved, and you can add or remove individual components without affecting the rest of the system.

How do I update Claude Forge?

Run git pull in the claude-forge directory. Because the installer uses symlinks (on macOS/Linux), updates take effect immediately — no re-install needed. On Windows, re-run install.ps1 after pulling to copy the updated files.

Does Claude Forge work on Windows?

Yes. Run install.ps1 in PowerShell as Administrator. Windows uses file copies instead of symlinks, so re-run install.ps1 after each git pull to apply updates. All agents, commands, skills, and hooks work the same on Windows, macOS, and Linux.

What does /sync do?

/sync pulls the latest changes from your remote repository and then synchronizes all project documentation — prompt_plan.md, spec.md, CLAUDE.md, and rule files. Run it after completing any workflow (feature, bug fix, refactor) or at the start of a new session to make sure Claude has the latest context about your project.

How does Claude Forge handle memory across sessions?

Claude Forge uses a 4-layer memory system:

  1. Project docs (CLAUDE.md, prompt_plan.md, spec.md) — Project-level instructions and plans that persist in the repository. /sync keeps these up to date.
  2. Rule files (rules/) — Coding style, security, and workflow conventions loaded automatically each session.
  3. MCP memory server — A persistent knowledge graph that stores entities and relations across sessions (opt-in).
  4. Agent memory (~/.claude/agent-memory/) — Core agents record learnings after each task, improving their recommendations over time.

Running /sync at session start ensures layers 1 and 2 are current.


🤝 Contributing

See CONTRIBUTING.md for guidelines on adding agents, commands, skills, and hooks.


Use Claude Forge? Show it!

[![Built with Claude Forge](https://img.shields.io/badge/Built_with-Claude_Forge-orange?style=flat-square)](https://github.com/sangrokjung/claude-forge)

Add this badge to your project's README to let others know you use Claude Forge.


Contributors


📄 License

MIT — use it, fork it, build on it.

If Claude Forge improved your workflow, a star helps others find it too.


Made with ❤️ by QJC (Quantum Jump Club)