Quick Links: Get Started · Commands · MCP Setup · Settings · SDK · Changelog
🔄 Live Guide: Auto-updated every 2 days from official docs, GitHub releases, and Anthropic changelog. See update-log.md.
🤖 For AI Agents: Optimized for both humans and AI.
[OFFICIAL]= from docs.claude.com.[COMMUNITY]= observed patterns.[EXPERIMENTAL]= unverified.
Claude Code is an agentic AI coding assistant that lives in your terminal. It understands your codebase, edits files directly, runs commands, and helps you code faster through natural language conversation.
Key Capabilities:
- 💬 Natural language interface in your terminal
- 📝 Direct file editing and command execution
- 🔍 Full project context awareness
- 🔗 External integrations via MCP (Model Context Protocol)
- 🤖 Extensible via Skills, Hooks, and Plugins
- 🛡️ Sandboxed execution for security
Installation:
npm install -g @anthropic-ai/claude-code
claude --version # Verify installationOfficial Documentation: https://docs.claude.com/en/docs/claude-code/overview
| Getting Started | Core Features | Practical Usage | Reference |
|---|---|---|---|
| What is Claude Code? | Skills System | Development Workflows | Security |
| Core Concepts | Slash Commands | Tool Synergies | SDK Integration |
| Quick Start Guide | Hooks System | Examples Library | Troubleshooting |
| Quick Reference | MCP Integration | Best Practices | Changelog |
| Sub-Agents | Auto-Update Pipeline | ||
| Plugins |
# Starting Claude Code
claude # Start interactive session
claude -p "task" # Print mode (non-interactive)
claude --continue # Continue last session
claude --resume <id> # Resume specific session
# Session Management
/help # Show available commands
/exit # End session
/compact # Reduce context size
/microcompact # Smart context cleanup (NEW)
# Background Tasks
/bashes # List background processes
/kill <id> # Stop background process
# Discovery
/commands # List slash commands
/hooks # Show configured hooks
/skills # List available Skills (NEW)
/plugin # Manage pluginsSource: CLI Reference
# Output Control
claude -p, --print "task" # Print mode: non-interactive, prints result and exits
claude --output-format json # Output format: json, markdown, or text
claude --no-color # Disable colored output
# Session Management
claude --continue # Continue from last session
claude --resume <session-id> # Resume specific session by ID
claude --list-sessions # List all available sessions
# Debugging & Logging
claude --debug # Enable debug mode with verbose logging
claude --log-level <level> # Set log level: error, warn, info, debug, trace
# Model & Configuration
claude --model <model-name> # Specify model to use
claude --config <path> # Use custom config file
# Sandboxing (macOS/Linux)
claude --sandbox # Enable sandbox mode for security
claude --no-sandbox # Disable sandbox modeCommon Flag Combinations:
# One-off task with JSON output
claude --print "analyze this code" --output-format json
# Debug session with custom config
claude --debug --config .claude/custom-settings.json
# Resume session with specific model
claude --resume abc123 --model claude-opus-4
# Non-interactive with no color (CI/CD)
claude --print "run tests" --no-color --output-format jsonSource: CLI Reference
| Tool | Purpose | Permission Required |
|---|---|---|
| Read | Read files, images, PDFs | No |
| Write | Create new files | Yes |
| Edit | Modify existing files | Yes |
| Bash | Execute shell commands | Yes |
| Grep | Search content with regex | No |
| Glob | Find files by pattern | No |
| TodoWrite | Task management | No |
| Task | Launch sub-agents | No |
| WebFetch | Fetch web content | Yes |
| WebSearch | Search the web | Yes |
| NotebookEdit | Edit Jupyter notebooks | Yes |
| NotebookRead | Read Jupyter notebooks | No |
Source: Settings Reference
Claude Code operates through a conversational interface in your terminal:
# You describe what you want
$ claude
> "Add user authentication to the API"
# Claude Code:
1. Analyzes your codebase structure
2. Plans the implementation
3. Requests permission for file edits (first time)
4. Writes code directly to your files
5. Can run tests and verify changes
6. Creates git commits if requestedKey Principles:
- Natural Language: Just describe what you need - no special syntax
- Direct Action: Edits files and runs commands with your permission
- Context Aware: Understands your entire project structure
- Incremental Trust: Asks permission as needed for new operations
- Scriptable: Can be automated via SDK
Source: Overview
Claude Code uses an incremental permission system for safety:
# Permission Modes
"ask" # Prompt for each use (default for new operations)
"allow" # Permit without asking
"deny" # Block completely
# Tools Requiring Permission
- Bash (command execution)
- Write/Edit/NotebookEdit (file modifications)
- WebFetch/WebSearch (network access)
- SlashCommand (custom commands)
# Tools Not Requiring Permission (Safe Operations)
- Read/NotebookRead (reading files)
- Grep/Glob (searching)
- TodoWrite (task tracking)
- Task (sub-agents)Configuring Permissions:
Create .claude/settings.json in your project or ~/.claude/settings.json globally:
{
"permissions": {
"defaultMode": "ask",
"allow": {
"Bash": ["git status", "git diff", "git log", "npm test", "npm run*"],
"Read": {},
"Edit": {}
},
"deny": {
"Write": ["*.env", ".env.*", ".git/*"],
"Edit": ["*.env", ".env.*"]
},
"additionalDirectories": [
"/path/to/other/project"
]
}
}Source: Settings
A CLAUDE.md file in your project root provides persistent context across sessions:
Example CLAUDE.md file (click to expand)
# Project: My Application
## Critical Context (Read First)
- Language: TypeScript + Node.js
- Framework: Express + React
- Database: PostgreSQL with Prisma ORM
- Testing: Jest + React Testing Library
## Commands That Work
npm run dev # Start dev server (port 3000)
npm test # Run all tests
npm run lint # ESLint check
npm run typecheck # TypeScript validation
npm run db:migrate # Run Prisma migrations
## Important Patterns
- All API routes in /src/routes - RESTful structure
- Database queries use Prisma Client
- Auth uses JWT tokens (implementation in /src/auth)
- Frontend components in /src/components
- API responses: {success: boolean, data: any, error?: string}
## Gotchas & What NOT to Do
- DON'T modify /generated folder (auto-generated by Prisma)
- DON'T commit .env files (use .env.example instead)
- ALWAYS run npm run db:migrate after pulling schema changes
- DON'T use `any` type in TypeScript - use proper typing
## File Structure
/src
/routes # Express API routes
/services # Business logic
/models # Type definitions
/middleware # Express middleware
/utils # Shared utilities
/auth # Authentication logic
## Recent Learnings
- [2026-01-15] Payment webhook needs raw body parser for Stripe
- [2026-01-10] Redis pool: {maxRetriesPerRequest: 3}
Why CLAUDE.md Helps:
- ✅ Provides context immediately at session start
- ✅ Reduces need to re-explain project structure
- ✅ Stores project-specific patterns and conventions
- ✅ Documents what works (and what doesn't)
- ✅ Shared with team via git
- ✅ AI-optimized format for Claude to understand quickly
Note: While CLAUDE.md is not an official feature, it's a widely-adopted community pattern. Claude Code will automatically read it if present at project root.
Purpose: Read and analyze files
# Examples
Read file_path="/src/app.ts"
Read file_path="/docs/screenshot.png" # Can read images!
Read file_path="/docs/guide.pdf" # Can read PDFs!Capabilities:
- Reads any text file (code, configs, logs, etc.)
- Handles images (screenshots, diagrams, charts)
- Processes PDFs - extracts text and visual content
- Parses Jupyter notebooks (.ipynb files)
- Returns content with line numbers (
cat -nformat) - Can read large files with offset/limit parameters
Special Features:
- Images: Claude can read screenshots of errors, UI designs, architecture diagrams
- PDFs [NEW]: Extract and analyze PDF content, useful for documentation and requirements
- Notebooks: Full access to code cells, markdown, and outputs
Purpose: Create new files
Write file_path="/src/newFile.ts"
content="export const config = {...}"Behavior:
- Creates new file with specified content
- Will OVERWRITE if file already exists (use Edit for existing files)
- Requires permission on first use per session
- Creates parent directories if needed
Best Practice: Use Edit tool for modifying existing files, Write tool only for new files.
Purpose: Modify existing files with precise string replacement
Edit file_path="/src/app.ts"
old_string="const port = 3000"
new_string="const port = process.env.PORT || 3000"Important:
- Requires exact string match including whitespace and indentation
- Fails if
old_stringis not unique in file (use larger context orreplace_all) - Use
replace_all=trueto replace all occurrences (useful for renaming) - Must read file first before editing
Common Pattern:
# 1. Read file to see exact content
Read file_path="/src/app.ts"
# 2. Edit with exact string match
Edit file_path="/src/app.ts"
old_string="function login() {
return 'TODO';
}"
new_string="function login() {
return authenticateUser();
}"Purpose: Execute shell commands
Bash command="npm test"
Bash command="git status"
Bash command="find . -name '*.test.ts'"Features:
- Can run any shell command
- Supports background execution (
run_in_background=true) - Configurable timeout (default 2 minutes, max 10 minutes)
- Git operations are common (status, diff, log, commit, push)
Security:
- Requires permission
- Can be restricted by pattern in settings
- Sandboxing available on macOS/Linux
Common Git Patterns:
# Check status
Bash command="git status"
# View changes
Bash command="git diff"
# Create commit
Bash command='git add . && git commit -m "feat: add authentication"'
# View history
Bash command="git log --oneline -10"Purpose: Search file contents with regex patterns
# Find functions
Grep pattern="function.*auth" path="src/" output_mode="content"
# Find TODOs with context
Grep pattern="TODO" output_mode="content" -C=3
# Count occurrences
Grep pattern="import.*from" output_mode="count"
# Case insensitive
Grep pattern="error" -i=true output_mode="files_with_matches"Parameters:
pattern: Regex pattern (ripgrep syntax)path: Directory or file to search (default: current directory)output_mode:"files_with_matches"(default) - Just file paths"content"- Show matching lines"count"- Show match counts per file
-A,-B,-C: Context lines (after, before, both)-i: Case insensitive-n: Show line numberstype: Filter by file type (e.g., "js", "py", "rust")glob: Filter by glob pattern (e.g., "*.test.ts")
Fast and Powerful: Uses ripgrep under the hood, much faster than bash grep on large codebases.
Purpose: Find files by pattern
# Find test files
Glob pattern="**/*.test.ts"
# Find specific extensions
Glob pattern="src/**/*.{ts,tsx}"
# Find config files
Glob pattern="**/config.{json,yaml,yml}"Features:
- Fast pattern matching (works with any codebase size)
- Returns files sorted by modification time (recent first)
- Supports complex glob patterns (
**for recursive,{}for alternatives)
Purpose: Manage task lists during work
TodoWrite todos=[
{
"content": "Add authentication endpoint",
"status": "in_progress",
"activeForm": "Adding authentication endpoint"
},
{
"content": "Write integration tests",
"status": "pending",
"activeForm": "Writing integration tests"
},
{
"content": "Update API documentation",
"status": "pending",
"activeForm": "Updating API documentation"
}
]Task States:
"pending"- Not started yet"in_progress"- Currently working on (should be only ONE at a time)"completed"- Finished successfully
Best Practices:
- Use for multi-step tasks (3+ steps)
- Keep ONE task
in_progressat a time - Mark completed IMMEDIATELY after finishing
- Use descriptive
content(what to do) andactiveForm(what you're doing)
When to Use:
- ✅ Complex multi-step features
- ✅ User provides multiple tasks
- ✅ Non-trivial work requiring planning
- ❌ Single straightforward tasks
- ❌ Trivial operations
Purpose: Launch specialized AI agents for specific tasks
# Explore codebase
Task subagent_type="Explore"
prompt="Find all API endpoints and their authentication requirements"
# General purpose agent for complex tasks
Task subagent_type="general-purpose"
prompt="Research best practices for rate limiting APIs and implement a solution"Available Sub-Agent Types:
"general-purpose"- Complex multi-step tasks, research, implementation"Explore"- Fast codebase exploration (Glob, Grep, Read, Bash)
When to Use:
- Research tasks requiring web search + analysis
- Codebase exploration (finding patterns, understanding architecture)
- Complex multi-step operations that can run independently
- Background work while you continue other tasks
Purpose: Fetch and analyze web page content
WebFetch url="https://docs.example.com/api"
prompt="Extract all endpoint documentation"Features:
- Converts HTML to markdown for analysis
- Can extract specific information with prompt
- Useful for researching docs, articles, references
Purpose: Search the web for current information
WebSearch query="React 19 new features 2024"Use Cases:
- Research current best practices
- Find up-to-date library documentation
- Check for known issues or solutions
- Verify latest framework features
Source: CLI Reference, Settings
Purpose: Get code intelligence features like go-to-definition, find references, and hover documentation.
LSP operation="goToDefinition"
filePath="src/utils/auth.ts"
line=42
character=15Available Operations:
| Operation | Description |
|---|---|
goToDefinition |
Find where a symbol is defined |
findReferences |
Find all references to a symbol |
hover |
Get documentation and type info for a symbol |
documentSymbol |
Get all symbols in a document (functions, classes, variables) |
workspaceSymbol |
Search for symbols across the entire workspace |
goToImplementation |
Find implementations of an interface or abstract method |
prepareCallHierarchy |
Get call hierarchy item at a position |
incomingCalls |
Find all functions/methods that call the function at a position |
outgoingCalls |
Find all functions/methods called by the function at a position |
Parameters:
operation(required): The LSP operation to performfilePath(required): Absolute or relative path to the fileline(required): Line number (1-based, as shown in editors)character(required): Character offset (1-based, as shown in editors)
Use Cases:
# Find where a function is defined
> "Go to the definition of getUserById"
# Find all usages of a function
> "Find all references to the authenticate function"
# Get documentation for a symbol
> "What does the validateToken function do?"
# Explore code structure
> "List all symbols in the auth.ts file"Note: LSP servers must be configured for the file type. If no server is available for a language, an error will be returned.
Source: CLI Reference
Claude Code maintains conversation context with smart management:
/compact # Reduce context by removing old information
/microcompact # Smart cleanup (NEW - keeps CLAUDE.md, current work)Use /compact when:
- Long sessions with many file reads
- "Context too large" errors
- You've completed a major task and want to start fresh
Use /microcompact when:
- Context is getting large but you want to preserve recent work
- Switching between related tasks
- You want intelligent cleanup without losing important context
Preserved:
- CLAUDE.md content (your project context)
- Recent interactions and decisions
- Current task information and todos
- Recent file reads still relevant
Cleared:
- Old file reads no longer needed
- Completed operations
- Stale search results
- Old context no longer relevant
Claude Code may automatically compact when:
- Token limit is approaching
- Many old file reads are present
- Session has been very long
Source: Settings
Claude Code can work with multiple directories simultaneously:
# Add another directory to current session
/add-dir /path/to/other/project
# Work across multiple projects
> "Update the User type in backend and propagate to frontend"
# Claude can now access both directoriesUse Cases:
- Monorepo development (frontend + backend + shared libs)
- Cross-project refactoring
- Dependency updates across multiple projects
- Coordinating changes between related repositories
Configuration:
You can also pre-configure additional directories in .claude/settings.json:
{
"permissions": {
"additionalDirectories": [
"/path/to/frontend",
"/path/to/backend",
"/path/to/shared-libs"
]
}
}Customize what information appears in your status line:
# Configure status line
/statusline
# Options typically include:
# - Current model
# - Token usage
# - Session duration
# - Active tools
# - Background processesBenefits:
- Monitor token usage in real-time
- Track session duration
- See active background processes
- Understand which tools are being used
Source: CLI Reference
# 1. Navigate to your project
cd /path/to/your/project
# 2. Start Claude Code
claude
# 3. Ask Claude to understand your project
> "Read the codebase and explain the project structure"
# Claude will:
- Look for README, package.json, or similar entry points
- Read relevant files (asks permission first time)
- Analyze the code structure
- Provide a summary
# 4. Request an analysis
> "Review the authentication system for security issues"
# Claude will:
- Find authentication-related files
- Analyze the implementation
- Identify potential vulnerabilities
- Suggest improvements
# 5. Make changes
> "Add rate limiting to the login endpoint"
# Claude will:
- Plan the implementation
- Show you what changes will be made
- Request permission to edit files
- Implement the changes
- Can run tests to verify
# 6. Create a commit
> "Create a git commit for these changes"
# Claude will:
- Run git status to see changes
- Review git diff
- Create a descriptive commit message
- Commit the changesThis provides context that persists across all sessions:
# Ask Claude to help create it
> "Create a CLAUDE.md file documenting this project's structure, commands, and conventions"
# Or create manually with:
- Languages and frameworks used
- Important commands (dev, test, build, lint)
- Project structure overview
- Coding conventions
- Known gotchas or issuesCreate .claude/settings.json in your project:
{
"permissions": {
"defaultMode": "ask",
"allow": {
"Bash": [
"npm test",
"npm run*",
"git status",
"git diff",
"git log*"
],
"Read": {},
"Grep": {},
"Glob": {}
},
"deny": {
"Write": ["*.env", ".env.*"],
"Edit": ["*.env", ".env.*", ".git/*"]
}
}
}This configuration:
- Allows common safe commands without asking
- Blocks editing sensitive files
- Still asks permission for file modifications
> "Run the tests"
# Should execute without permission prompt (if configured)
> "What commands are available?"
# Claude will read package.json and list scripts
> "What's in CLAUDE.md?"
# Claude will read and summarize your project contextSource: Quickstart, Settings
Claude Code supports extended thinking for complex reasoning tasks. Opus 4.5 has thinking mode enabled by default.
Activation Methods:
# Toggle with keyboard shortcut
Alt+T (or Option+T on macOS) # Toggle thinking on/off
# Or use natural language
> "think about this problem"
> "think harder about the architecture"
> "ultrathink about this security issue"
# Tab key (sticky toggle)
Press Tab to toggle thinking mode on/off for subsequent promptsThinking Levels:
| Trigger | Thinking Budget | Use Case |
|---|---|---|
think |
Standard | General reasoning, code analysis |
think harder |
Extended | Complex problems, multiple approaches |
ultrathink |
Maximum | Critical decisions, deep architecture analysis |
Best Practices:
- Use
think harderfor debugging complex issues - Use
ultrathinkfor architectural decisions or security reviews - Thinking content is visible in
Ctrl+Otranscript mode - Thinking mode is sticky - stays on until toggled off
Source: Thinking Mode
Plan Mode provides structured planning with model selection for complex tasks.
# Enter plan mode
/plan
# Or Claude may suggest plan mode for complex tasks
> "Implement a complete authentication system"
# Claude: "This is a complex task. Would you like me to create a plan first?"Plan Mode Features:
- Opus planning, Sonnet execution - Uses stronger model for planning, faster model for implementation
- SonnetPlan Mode - Sonnet planning, Haiku execution (cost-effective)
- Shift+Tab - Auto-accept edits in plan mode
- Plan persistence - Plans persist across
/clear
Plan Mode Workflow:
- Claude analyzes the task and creates a structured plan
- You review and approve or modify the plan
- Claude executes the plan step by step
- Progress is tracked with TodoWrite
Source: Plan Mode
Run commands and agents in the background while continuing to work.
Keyboard Shortcut:
Ctrl+B # Background current command or agent (unified shortcut)Background Commands:
# Start command in background
> "Run the dev server in background"
> "Start tests in watch mode in background"
# Or prefix with &
> "& npm run dev"
# View background tasks
/tasks
/bashes
# Kill a background task
/kill <task-id>Background Agents:
# Launch agent in background
> "Have an Explore agent analyze the codebase architecture in background"
# Agents run asynchronously and notify you when complete
# You receive wake-up messages when background agents finishFeatures:
- Real-time output streaming to status line
- Wake-up notifications when tasks complete
- Multiple concurrent background processes
- Output persisted to files for large outputs
Source: Background Tasks
Navigation & Editing:
| Shortcut | Action |
|---|---|
Ctrl+R |
Search command history |
Ctrl+O |
View transcript (shows thinking blocks) |
Ctrl+G |
Edit prompt in system text editor |
Ctrl+Y |
Readline-style paste (yank) |
Alt+Y |
Yank-pop (cycle through kill ring) |
Ctrl+B |
Background current command/agent |
Ctrl+Z |
Suspend/Undo |
Model & Mode Switching:
| Shortcut | Action |
|---|---|
Alt+P (Win/Linux) / Option+P (macOS) |
Switch models while typing |
Alt+T (Win/Linux) / Option+T (macOS) |
Toggle thinking mode |
Tab |
Toggle thinking (sticky) / Accept suggestions |
Shift+Tab |
Auto-accept edits (plan mode) / Switch modes (Windows) |
Input & Submission:
| Shortcut | Action |
|---|---|
Enter |
Submit prompt / Accept suggestion immediately |
Shift+Enter |
New line (works in iTerm2, WezTerm, Ghostty, Kitty) |
Tab |
Edit/accept prompt suggestion |
Ctrl+T |
Toggle syntax highlighting in /theme |
Image & File Handling:
| Shortcut | Action |
|---|---|
Cmd+V (macOS) / Alt+V (Windows) |
Paste image from clipboard |
Cmd+N / Ctrl+N |
New conversation (VSCode) |
Vim Bindings (if enabled):
| Shortcut | Action |
|---|---|
; and , |
Repeat last motion |
y |
Yank operator |
p / P |
Paste |
Alt+B / Alt+F |
Word navigation |
Claude Code suggests prompts based on context (enabled by default).
# Claude suggests contextual prompts
> _ # Cursor blinking
# Suggestion appears: "Review the changes we made"
# Tab to edit the suggestion
Tab → Edit the suggestion text
# Enter to submit immediately
Enter → Submit the suggestion as-isConfiguration:
# Toggle in /config
/config
# Search for "prompt suggestions"
# Toggle enable/disableCore Configuration:
| Variable | Description |
|---|---|
ANTHROPIC_API_KEY |
Your API key |
CLAUDE_CODE_SHELL |
Override shell detection |
CLAUDE_CODE_TMPDIR |
Custom temp directory |
CLAUDE_CODE_DISABLE_BACKGROUND_TASKS |
Disable background task system |
Display & UI:
| Variable | Description |
|---|---|
CLAUDE_CODE_HIDE_ACCOUNT_INFO |
Hide account info in UI |
Bash & Commands:
| Variable | Description |
|---|---|
BASH_DEFAULT_TIMEOUT_MS |
Default bash command timeout |
BASH_MAX_TIMEOUT_MS |
Maximum allowed timeout |
CLAUDE_BASH_NO_LOGIN |
Don't use login shell |
CLAUDE_BASH_MAINTAIN_PROJECT_WORKING_DIR |
Keep working directory |
CLAUDE_CODE_SHELL_PREFIX |
Prefix for shell commands |
Model Configuration:
| Variable | Description |
|---|---|
ANTHROPIC_DEFAULT_SONNET_MODEL |
Override default Sonnet model |
ANTHROPIC_DEFAULT_OPUS_MODEL |
Override default Opus model |
ANTHROPIC_DEFAULT_HAIKU_MODEL |
Override default Haiku model |
ANTHROPIC_LOG |
Enable debug logging |
MCP Configuration:
| Variable | Description |
|---|---|
MCP_TIMEOUT |
MCP connection timeout |
MCP_TOOL_TIMEOUT |
Individual tool timeout |
File & Context:
| Variable | Description |
|---|---|
CLAUDE_CODE_FILE_READ_MAX_OUTPUT_TOKENS |
Max tokens for file reads |
CLAUDE_PROJECT_DIR |
Override project directory |
CLAUDE_PLUGIN_ROOT |
Plugin root substitution |
CLAUDE_CONFIG_DIR |
Custom config directory |
XDG_CONFIG_HOME |
XDG config base path |
Network & Proxy:
| Variable | Description |
|---|---|
NODE_EXTRA_CA_CERTS |
Custom CA certificates |
NO_PROXY |
Proxy bypass list |
CLAUDE_CODE_PROXY_RESOLVES_HOSTS |
Proxy DNS resolution |
Auto-Update & Plugins:
| Variable | Description |
|---|---|
DISABLE_AUTOUPDATER |
Disable auto-updates |
FORCE_AUTOUPDATE_PLUGINS |
Force plugin updates |
CLAUDE_CODE_EXIT_AFTER_STOP_DELAY |
Exit delay after stop |
Advanced:
| Variable | Description |
|---|---|
DISABLE_INTERLEAVED_THINKING |
Disable interleaved thinking |
USE_BUILTIN_RIPGREP |
Use built-in ripgrep |
CLOUD_ML_REGION |
Cloud ML region for Vertex |
AWS_BEARER_TOKEN_BEDROCK |
AWS bearer token |
Recent settings additions (configure in /config or settings.json):
{
// Response language
"language": "en", // Claude's response language
// Git integration
"attribution": true, // Add model name to commit bylines
"respectGitignore": true, // Respect .gitignore in searches
// UI preferences
"showTurnDuration": true, // Show turn duration messages
"fileSuggestion": "custom-cmd", // Custom @ file search command
// Session behavior
"companyAnnouncements": true // Show startup announcements
}Project Rules:
# New: .claude/rules/ directory for project-specific rules
.claude/rules/
├── coding-style.md # Coding conventions
├── testing.md # Testing requirements
└── security.md # Security guidelinesWildcard Permissions:
{
"permissions": {
"allow": {
"Bash": ["npm *", "git *"], // Wildcard patterns
"mcp__myserver__*": {} // MCP tool wildcards
}
}
}Skills are modular capabilities that Claude Code autonomously activates based on your request.
Skills are model-invoked - Claude decides when to use them automatically:
You: "Generate a PDF report of the test results"
Claude: [Sees pdf-generator Skill, activates it automatically]
You: "Review this code for security issues"
Claude: [Activates security-reviewer Skill]
Key Difference:
- Skills: Claude activates them (autonomous) - "What should I use?"
- Slash Commands: You invoke them (manual) - "/command-name"
# 1. Personal Skills
~/.claude/skills/my-skill/
# Available across all your projects
# Private to you
# 2. Project Skills
.claude/skills/team-skill/
# Shared with team via git
# Available to all team members
# 3. Plugin Skills
# Bundled with installed plugins
# Installed via plugin systemDirectory Structure:
my-skill/
├── SKILL.md # Required: Instructions for Claude
├── reference.md # Optional: Additional docs
├── scripts/ # Optional: Helper scripts
└── templates/ # Optional: File templates
Example: Code Review Skill
.claude/skills/code-reviewer/SKILL.md:
---
name: code-reviewer
description: Reviews code for security vulnerabilities, bugs, performance issues, and style problems. Use when user asks to review, audit, or check code quality.
allowed-tools: [Read, Grep, Glob]
---
# Code Review Skill
## When to Activate
Use this Skill when the user asks to:
- Review code for issues
- Audit security or find vulnerabilities
- Check code quality or best practices
- Analyze code for bugs or problems
- Perform code inspection or assessment
## Review Process
### 1. Scope Detection
- Use Glob to identify files to review
- Prioritize recently modified files
- Focus on user-specified areas if mentioned
### 2. Analysis Layers
- **Security**: SQL injection, XSS, auth issues, exposed secrets
- **Bugs**: Logic errors, null checks, error handling
- **Performance**: N+1 queries, unnecessary loops, memory leaks
- **Style**: Naming conventions, code organization, readability
- **Best Practices**: Framework patterns, SOLID principles
### 3. Reporting
Provide structured feedback organized by severity:
- **Security Issues** (Critical/High): SQL injection, exposed keys, auth issues
- **Performance Issues** (Medium): N+1 queries, memory leaks
- **Style & Best Practices** (Low): Naming conventions, code organization
Each issue should include: File path, Issue description, and Fix suggestion.
### 4. Verification
- Suggest fixes with code examples
- Prioritize by severity
- Reference specific file:line locations
## Notes
- Focus on actionable feedback
- Provide code examples for fixes
- Consider project context from CLAUDE.md
- Explain WHY something is an issueExample: Test Generator Skill
.claude/skills/test-generator/SKILL.md:
---
name: test-generator
description: Generates comprehensive unit and integration tests for code. Use when user asks to write tests, add test coverage, or create test cases.
allowed-tools: [Read, Write, Grep, Glob, Bash]
---
# Test Generator Skill
## When to Activate
Use this Skill when user requests:
- "Write tests for..."
- "Add test coverage"
- "Generate test cases"
- "Create unit/integration tests"
## Test Generation Process
### 1. Analyze Target Code
- Read the file/function to test
- Identify inputs, outputs, side effects
- Find dependencies and mocks needed
- Check existing test patterns (Grep for test files)
### 2. Determine Test Type
- **Unit Tests**: Individual functions, pure logic
- **Integration Tests**: API endpoints, database operations
- **Component Tests**: React/Vue components (if frontend)
### 3. Generate Comprehensive Tests
Cover all scenarios:
- ✅ Happy path (expected usage)
- ❌ Error cases (invalid inputs, failures)
- 🔀 Edge cases (empty, null, boundary values)
- 🔁 Side effects (database changes, API calls)
### 4. Follow Project Patterns
- Check CLAUDE.md for testing conventions
- Match existing test file structure
- Use project's test framework (Jest, Mocha, etc.)
- Follow naming conventions
## Test Template
```typescript
describe('FunctionName', () => {
// Setup
beforeEach(() => {
// Initialize mocks, test data
});
// Happy path
it('should return expected result with valid input', () => {
// Arrange
// Act
// Assert
});
// Error cases
it('should throw error when input is invalid', () => {
// Test error handling
});
// Edge cases
it('should handle empty input gracefully', () => {
// Test boundaries
});
// Side effects
it('should call external service with correct params', () => {
// Test mocks and spies
});
});- Run tests with Bash tool
- Ensure all pass
- Check coverage if available
### Skill Best Practices [OFFICIAL]
#### 1. Write Clear, Specific Descriptions
The `description` field is critical - it helps Claude decide when to activate:
**Good:**
```yaml
description: "Generates API documentation from code comments. Use when user asks to document APIs, create API docs, update endpoint documentation, or generate OpenAPI specs."
Bad:
description: "Documentation generator" # Too vagueInclude terms users would naturally say:
# For security review Skill
description: "Reviews code for security. Use when asked to: review security, audit code, find vulnerabilities, check for exploits, analyze risks."
# For performance optimization Skill
description: "Optimizes code performance. Use when asked to: improve performance, optimize speed, reduce memory usage, make faster, profile code."# Analysis only (can't modify code)
allowed-tools: [Read, Grep, Glob]
# Can create/modify code
allowed-tools: [Read, Write, Edit, Bash]
# Research and implementation
allowed-tools: [Read, Write, Edit, WebFetch, WebSearch]Good (focused):
sql-optimizer- Optimizes SQL queries onlyapi-docs-generator- Generates API documentationsecurity-scanner- Finds security issues
Bad (too broad):
database-everything- Database tasks (too vague)code-helper- Helps with code (what kind?)
Structure your SKILL.md:
- When to Activate - Clear triggers
- Process - Step-by-step what to do
- Output Format - How to present results
- Examples - Show expected behavior
# List all available Skills
> "What Skills are available?"
# Claude will show all Skills with descriptions
# Skills activate automatically when relevant
# Explicitly request a Skill
> "Use the code-reviewer Skill on src/auth.ts"
# Skills work in background
> "Review security and generate tests"
# May activate multiple Skills automatically| Feature | Skills | Slash Commands |
|---|---|---|
| Invocation | Automatic (Claude decides) | Manual (you type /command) |
| Purpose | Modular capabilities | Workflow templates |
| When to Use | Claude should decide when needed | You want explicit control |
| Example | Security review when analyzing code | /deploy to run deployment steps |
Use Skills when: You want Claude to intelligently apply capabilities based on context
Use Slash Commands when: You have specific workflows you invoke repeatedly
Source: Agent Skills
Slash commands are user-invoked workflow templates stored as Markdown files.
# Session Management
/help # Show all available commands
/exit # End current session
/clear # Clear conversation history
/compact # Reduce context size
/microcompact # Smart context cleanup (keeps CLAUDE.md, current work)
/rewind # Undo code changes in conversation (NEW)
# Session & History
/rename <name> # Give current session a name (NEW)
/resume [name|id] # Resume a previous session by name or ID (NEW)
/export # Export conversation to file
# Usage & Stats
/usage # View plan limits and usage (NEW)
/stats # Usage stats, engagement metrics (supports 7/30/all-time) (NEW)
# Background Process Management
/bashes # List all background processes
/tasks # List all background tasks (agents, shells, etc.)
/kill <id> # Stop a background process
# Discovery & Debugging
/commands # List all slash commands
/hooks # Show configured hooks
/skills # List available Skills
/plugin # Plugin management interface
/context # View current context usage and visualization (NEW)
/doctor # Run diagnostics and validation (NEW)
# Configuration
/config # General settings (with search) (NEW)
/settings # Alias for /config (NEW)
/permissions # Manage tool permissions (with search) (NEW)
/status # Show session status
/statusline # Configure status line display
/model # Switch between models
/theme # Theme picker (Ctrl+T toggles syntax highlighting)
/terminal-setup # Configure terminal (Kitty, Alacritty, Zed, Warp) (NEW)
# Workspace Management
/add-dir <path> # Add additional directory to workspace
/memory # Manage CLAUDE.md project context
# MCP Server Management
/mcp # MCP server management interface
/mcp enable <srv> # Enable an MCP server (NEW)
/mcp disable <srv> # Disable an MCP server (NEW)
# Remote Sessions (claude.ai subscribers)
/teleport # Connect to remote session (NEW)
/remote-env # Configure remote environment (NEW)
# Plan Mode
/plan # Enter plan mode for structured planningCommand Locations:
.claude/commands/ # Project commands (shared via git)
~/.claude/commands/ # Personal commands (just for you)Example: Security Review Command
.claude/commands/security-review.md:
---
name: security-review
description: Comprehensive security audit of codebase
---
# Security Review: $ARGUMENTS
Perform a thorough security audit focusing on: $ARGUMENTS
## Review Checklist
### 1. Authentication & Authorization
- Check for weak password policies
- Verify JWT token validation
- Review session management
- Check for broken access control
### 2. Input Validation
- SQL injection vulnerabilities
- XSS (Cross-Site Scripting) risks
- Command injection possibilities
- Path traversal vulnerabilities
### 3. Data Protection
- Sensitive data exposure
- Encryption at rest and in transit
- API keys and secrets in code
- Database credential security
### 4. Dependencies
- Known vulnerabilities in packages
- Outdated dependencies
- License compliance issues
### 5. Configuration
- Security headers (CSP, HSTS, etc.)
- CORS configuration
- Error messages leaking information
- Debug mode in production
**Output Format** - Provide a detailed report with sections:
- Critical Issues (Fix Immediately)
- High Priority
- Medium Priority
- Low Priority / Recommendations
- Security Strengths
- Action Plan (prioritized list of fixes)
**Testing** - After suggesting fixes, offer to create test cases, set up security hooks, and add security documentation.Usage:
/security-review "authentication and API endpoints"Example: API Documentation Generator
.claude/commands/api-docs.md:
---
name: api-docs
description: Generate comprehensive API documentation
---
# Generate API Documentation
Analyze the codebase and create comprehensive API documentation for: $ARGUMENTS
## Process
### 1. Discovery
- Find all API routes/endpoints
- Identify request/response types
- Note authentication requirements
- Document query parameters
### 2. Documentation Structure
For each endpoint, document:
```markdown
### POST /api/users/login
**Description**: Authenticates a user and returns a JWT token
**Authentication**: None (public endpoint)
**Request Body**:
```json
{
"email": "string (required, format: email)",
"password": "string (required, min: 8 chars)"
}Response 200 (Success):
{
"success": true,
"data": {
"token": "string (JWT)",
"user": {
"id": "string",
"email": "string",
"name": "string"
}
}
}Response 401 (Unauthorized):
{
"success": false,
"error": "Invalid credentials"
}Example Request:
curl -X POST https://api.example.com/api/users/login \
-H "Content-Type: application/json" \
-d '{"email":"user@example.com","password":"secretpass"}'
### 3. Generate OpenAPI/Swagger Spec
Create an OpenAPI 3.0 specification file.
### 4. Create Examples
Provide curl examples and code snippets for common use cases.
## Output
- Create `/docs/API.md` with full documentation
- Create `/openapi.yaml` with OpenAPI spec
- Update README.md with API documentation link
Usage:
/api-docs "all endpoints"
/api-docs "authentication routes"Commands can accept arguments via $ARGUMENTS placeholder:
---
name: analyze-file
description: Deep analysis of a specific file
---
# Analyze: $ARGUMENTS
Perform a comprehensive analysis of: $ARGUMENTS
Include:
- Code structure and patterns
- Potential issues
- Improvement suggestions
- Test coverageUsage:
/analyze-file "src/services/payment.ts"Reference files with @ prefix for quick file inclusion:
# Reference single file
/review-code @src/auth.ts
# Reference multiple files
/review-code @src/auth.ts @src/api.ts @tests/auth.test.ts
# Works in regular prompts too
> "Review @src/services/payment.ts for security issues"
# Reference files in commands with arguments
/analyze-file @src/components/UserProfile.tsxHow @ References Work:
@filenameautomatically expands to include file content- Works with both absolute and relative paths
- Can reference multiple files in one command
- Files are read and included in context automatically
- Reduces need to explicitly say "read file X first"
Use Cases:
# Code review with context
> "Compare @src/api/v1.ts and @src/api/v2.ts and list differences"
# Refactoring across files
> "Make @src/models/User.ts consistent with @src/types/user.d.ts"
# Bug investigation
> "This error occurs in @src/services/auth.ts, check @logs/error.log for clues"
# Test generation
> "Generate tests for @src/utils/validator.ts"Best Practices:
- Use @ references when you know exact file paths
- Combine with slash commands for reusable workflows
- Great for focused analysis of specific files
- Reduces token usage vs. reading entire directories
Organize commands in subdirectories:
.claude/commands/
├── api/
│ ├── generate-docs.md
│ └── test-endpoints.md
├── testing/
│ ├── run-e2e.md
│ └── coverage-report.md
└── deploy/
├── staging.md
└── production.mdUsage:
/api/generate-docs
/testing/run-e2e
/deploy/stagingCommands can trigger extended reasoning for complex tasks:
---
name: architecture-review
description: Deep architectural analysis
extended-thinking: true
---
# Architecture Review
[Claude will use extended thinking to analyze architecture deeply]MCP servers can expose prompts as slash commands automatically:
{
"prompts": [
{
"name": "search-docs",
"description": "Search internal documentation",
"arguments": [{"name": "query", "description": "Search query"}]
}
]
}This becomes available as /search-docs in Claude Code.
Source: CLI Reference
Hooks are automated scripts that execute at specific points in Claude Code's workflow.
Hooks let you intercept and control Claude's actions:
# Examples of what hooks can do:
- Block editing of sensitive files (.env)
- Inject context at session start
- Run linting before file edits
- Validate git commits
- Audit all commands executed
- Add custom security checksTwo Types:
- Bash Command Hooks (
type: "command") - Run shell scripts - Prompt-Based Hooks (
type: "prompt") - Use LLM for context-aware decisions
Hooks are configured in .claude/settings.json or ~/.claude/settings.json:
{
"hooks": {
"EventName": [
{
"matcher": "ToolPattern",
"hooks": [
{"type": "command", "command": "script"}
]
}
]
}
}| Event | When It Fires | Can Block |
|---|---|---|
| SessionStart | Session begins | No |
| SessionEnd | Session ends | No |
| UserPromptSubmit | User sends message | Yes |
| PreToolUse | Before tool execution | Yes |
| PostToolUse | After tool completes | No |
| Stop | Claude considers stopping | Yes |
| SubagentStop | Sub-agent considers stopping | Yes |
| Notification | Claude sends notification | No |
| PreCompact | Before context compaction | No |
.claude/settings.json:
{
"hooks": {
"PreToolUse": [
{
"matcher": "Edit|Write",
"hooks": [
{
"type": "command",
"command": "bash -c 'FILE=$(echo \"$HOOK_INPUT\" | jq -r \".tool_input.file_path // empty\"); if [[ \"$FILE\" == *\".env\"* ]] || [[ \"$FILE\" == \".git/\"* ]]; then echo \"Cannot modify sensitive files\" >&2; exit 2; fi'"
}
]
}
]
}
}How it works:
- Runs before any Edit or Write tool
- Checks if file path contains ".env" or ".git/"
- Exits with code 2 to block the operation
- Claude receives error and doesn't edit the file
{
"hooks": {
"SessionStart": [
{
"hooks": [
{
"type": "command",
"command": "cat .claude/session-context.txt"
}
]
}
]
}
}Creates: .claude/session-context.txt
Today's Focus: Working on authentication refactor
Recent Context: Migrated from sessions to JWT
Current Branch: feature/jwt-auth
Important: Don't modify legacy auth code in /old-auth
This context is injected at every session start.
{
"hooks": {
"Stop": [
{
"hooks": [
{
"type": "prompt",
"prompt": "Evaluate if the current task is complete. Arguments: $ARGUMENTS. Check if all subtasks are done, tests pass, and documentation updated. Respond with {\"decision\": \"stop\" or \"continue\", \"reason\": \"explanation\"}"
}
]
}
]
}
}Uses an LLM (Haiku) to intelligently decide if Claude should stop working.
Input (via stdin as JSON):
{
"sessionId": "abc123",
"tool_name": "Edit",
"tool_input": {
"file_path": "/src/app.ts",
"old_string": "...",
"new_string": "..."
},
"project_dir": "/home/user/project"
}Output (exit codes):
0- Success, continue2- Block the action- Other - Non-blocking error (logged)
JSON Output (optional):
{
"decision": "stop",
"reason": "All tasks complete",
"continue": false
}Best Practices:
# 1. Always quote variables
FILE="$HOOK_INPUT" # Good
FILE=$HOOK_INPUT # Bad - can break with spaces
# 2. Validate paths
if [[ "$FILE" == ../* ]]; then
echo "Path traversal attempt" >&2
exit 2
fi
# 3. Use absolute paths
cd "$CLAUDE_PROJECT_DIR" || exit 1
# 4. Sanitize inputs
jq -r '.tool_input.file_path' <<< "$HOOK_INPUT" # Good
eval "$SOME_VAR" # Bad - code injection risk
# 5. Block sensitive operations
case "$FILE" in
*.env|.git/*|.ssh/*)
echo "Blocked: sensitive file" >&2
exit 2
;;
esac# Run Claude with debug mode
claude --debug
# Check hook configuration
> /hooks
# Test hook command manually
echo '{"tool_name":"Edit","tool_input":{"file_path":".env"}}' | bash your-hook-script.sh
# View logs
tail -f ~/.claude/logs/claude.logComprehensive collection of production-ready hook patterns for common automation needs.
Automatically formats code after Claude edits files using language-appropriate formatters.
Configuration (.claude/settings.json):
{
"hooks": {
"PostToolUse": [
{
"matcher": "Edit|MultiEdit|Write",
"hooks": [
{
"type": "command",
"command": "bash ~/.claude/hooks/format-code.sh"
}
]
}
]
}
}Script (~/.claude/hooks/format-code.sh):
#!/bin/bash
# Extract file path from JSON input
FILE=$(echo "$HOOK_INPUT" | jq -r '.tool_input.file_path // empty')
[[ -z "$FILE" ]] && exit 0
# Format based on extension
case "$FILE" in
*.ts|*.tsx|*.js|*.jsx)
# Try Biome first, fall back to Prettier
if command -v biome &> /dev/null; then
biome format --write "$FILE" &> /dev/null || true
elif command -v prettier &> /dev/null; then
prettier --write "$FILE" &> /dev/null || true
fi
;;
*.py)
# Python: Ruff
if command -v ruff &> /dev/null; then
ruff format "$FILE" &> /dev/null || true
fi
;;
*.go)
# Go: goimports + gofmt
if command -v goimports &> /dev/null; then
goimports -w "$FILE" &> /dev/null || true
fi
go fmt "$FILE" &> /dev/null || true
;;
*.md)
# Markdown: Prettier
if command -v prettier &> /dev/null; then
prettier --write "$FILE" &> /dev/null || true
fi
;;
esacMake executable: chmod +x ~/.claude/hooks/format-code.sh
Automatically runs ESLint with --fix on JavaScript/TypeScript files.
Configuration:
{
"hooks": {
"PostToolUse": [
{
"matcher": "Edit|MultiEdit|Write",
"hooks": [
{
"type": "command",
"command": "bash -c 'FILE=$(echo \"$HOOK_INPUT\" | jq -r \".tool_input.file_path // empty\"); if [[ \"$FILE\" =~ \\.(ts|tsx|js|jsx)$ ]] && command -v eslint &>/dev/null; then eslint --fix \"$FILE\" &>/dev/null || true; fi'"
}
]
}
]
}
}Prevents Claude from reading files matching .claudeignore patterns.
Configuration:
{
"hooks": {
"PreToolUse": [
{
"matcher": "Read",
"hooks": [
{
"type": "command",
"command": "claude-ignore"
}
]
}
]
}
}Installation: npm install -g claude-ignore && claude-ignore init
Validates that tests pass before allowing git commits.
Configuration:
{
"hooks": {
"PreToolUse": [
{
"matcher": "Bash",
"hooks": [
{
"type": "command",
"command": "bash ~/.claude/hooks/pre-commit-test.sh"
}
]
}
]
}
}Script (~/.claude/hooks/pre-commit-test.sh):
#!/bin/bash
COMMAND=$(echo "$HOOK_INPUT" | jq -r '.tool_input.command // empty')
# Only intercept git commit commands
if [[ "$COMMAND" == git*commit* ]]; then
echo "Running tests before commit..." >&2
# Run tests
if npm test &>/dev/null; then
echo "✅ Tests passed" >&2
exit 0
else
echo "❌ Tests failed - blocking commit" >&2
exit 2
fi
fi
exit 0Logs all tool usage for security auditing.
Configuration:
{
"hooks": {
"PostToolUse": [
{
"hooks": [
{
"type": "command",
"command": "bash -c 'echo \"$(date -Iseconds) $TOOL_NAME: $(echo \\\"$HOOK_INPUT\\\" | jq -c .)\" >> ~/.claude/audit.log'"
}
]
}
]
}
}Monitors and logs token usage per session.
Configuration:
{
"hooks": {
"SessionEnd": [
{
"hooks": [
{
"type": "command",
"command": "bash ~/.claude/hooks/log-session.sh"
}
]
}
]
}
}Script:
#!/bin/bash
SESSION_ID=$(echo "$HOOK_INPUT" | jq -r '.session_id // "unknown"')
TRANSCRIPT=$(echo "$HOOK_INPUT" | jq -r '.transcript_path // empty')
if [[ -f "$TRANSCRIPT" ]]; then
TOKENS=$(jq '[.[] | select(.role=="assistant") | .usage.total_tokens] | add' "$TRANSCRIPT" 2>/dev/null || echo 0)
echo "$(date -Iseconds) Session $SESSION_ID: $TOKENS tokens" >> ~/.claude/token-usage.log
fiEnforces conventional commit message format.
Configuration:
{
"hooks": {
"PreToolUse": [
{
"matcher": "Bash",
"hooks": [
{
"type": "command",
"command": "bash ~/.claude/hooks/validate-commit.sh"
}
]
}
]
}
}Script:
#!/bin/bash
COMMAND=$(echo "$HOOK_INPUT" | jq -r '.tool_input.command // empty')
if [[ "$COMMAND" == git*commit*-m* ]]; then
MSG=$(echo "$COMMAND" | sed -n 's/.*-m[[:space:]]*["'"'"']\([^"'"'"']*\)["'"'"'].*/\1/p')
# Check conventional commit format: type(scope): message
if [[ ! "$MSG" =~ ^(feat|fix|docs|style|refactor|test|chore)(\(.+\))?: ]]; then
echo "❌ Commit message must follow format: type(scope): message" >&2
echo "Valid types: feat, fix, docs, style, refactor, test, chore" >&2
exit 2
fi
fi
exit 0Prevents committing files containing potential secrets.
Configuration:
{
"hooks": {
"PreToolUse": [
{
"matcher": "Edit|Write",
"hooks": [
{
"type": "command",
"command": "bash ~/.claude/hooks/detect-secrets.sh"
}
]
}
]
}
}Script:
#!/bin/bash
FILE=$(echo "$HOOK_INPUT" | jq -r '.tool_input.file_path // empty')
NEW_CONTENT=$(echo "$HOOK_INPUT" | jq -r '.tool_input.new_string // .tool_input.content // empty')
# Check for common secret patterns
if echo "$NEW_CONTENT" | grep -iE '(api[_-]?key|password|secret|token|auth)["\s:=]+\S{16,}' &>/dev/null; then
echo "⚠️ Potential secret detected in $FILE" >&2
echo "Please review and use environment variables instead" >&2
exit 2
fi
exit 0Updates README when code changes are made.
Configuration:
{
"hooks": {
"PostToolUse": [
{
"matcher": "Edit|MultiEdit|Write",
"hooks": [
{
"type": "command",
"command": "bash -c 'echo \"📝 Consider updating documentation for recent changes\" >&2'"
}
]
}
]
}
}Tracks execution time of tool operations.
Configuration:
{
"hooks": {
"PreToolUse": [
{
"hooks": [
{
"type": "command",
"command": "bash -c 'echo \"$HOOK_INPUT\" > /tmp/claude-pre-$$.json; date +%s%N > /tmp/claude-time-$$.txt'"
}
]
}
],
"PostToolUse": [
{
"hooks": [
{
"type": "command",
"command": "bash ~/.claude/hooks/profile-tool.sh"
}
]
}
]
}
}Script:
#!/bin/bash
START=$(cat /tmp/claude-time-$$.txt 2>/dev/null || echo 0)
END=$(date +%s%N)
DURATION=$(( (END - START) / 1000000 )) # milliseconds
TOOL=$(echo "$HOOK_INPUT" | jq -r '.tool_name // "unknown"')
echo "$(date -Iseconds) $TOOL: ${DURATION}ms" >> ~/.claude/performance.log
rm -f /tmp/claude-pre-$$.json /tmp/claude-time-$$.txtSource: Hooks Reference, Hooks Guide, Community GitHub repositories
Model Context Protocol (MCP) connects Claude Code to external data sources and tools.
MCP allows Claude Code to:
- Access external data (Google Drive, Slack, Jira, Notion, etc.)
- Use specialized tools (databases, APIs, services)
- Integrate with enterprise systems
- Extend capabilities beyond local filesystem
Common Use Cases:
- Read/write Google Drive documents
- Search Slack conversations
- Query databases directly
- Fetch from internal APIs
- Access design files (Figma)
- Manage project tasks (Jira, Linear)
MCP servers are configured in .claude/agents/ directory:
Structure:
.claude/agents/
├── mcp.json # Server definitions
└── server-name/ # Optional: custom server codeExample: .claude/agents/mcp.json
{
"mcpServers": {
"google-drive": {
"command": "npx",
"args": [
"-y",
"@modelcontextprotocol/server-google-drive"
],
"env": {
"GOOGLE_DRIVE_CLIENT_ID": "${GOOGLE_DRIVE_CLIENT_ID}",
"GOOGLE_DRIVE_CLIENT_SECRET": "${GOOGLE_DRIVE_CLIENT_SECRET}"
}
},
"postgres": {
"command": "npx",
"args": [
"-y",
"@modelcontextprotocol/server-postgres",
"postgresql://user:pass@localhost/db"
]
},
"slack": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-slack"],
"env": {
"SLACK_BOT_TOKEN": "${SLACK_BOT_TOKEN}",
"SLACK_TEAM_ID": "${SLACK_TEAM_ID}"
}
}
}
}MCP servers can use OAuth for secure authentication:
{
"mcpServers": {
"github": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-github"],
"oauth": {
"provider": "github",
"scopes": ["repo", "read:user"]
}
}
}
}Claude Code will guide you through OAuth flow on first use.
Once configured, MCP tools appear with the pattern mcp__<server>__<tool>:
# Example: Google Drive search
> "Search our Google Drive for Q4 planning documents"
# Claude uses: mcp__google-drive__search_files
# Example: Database query
> "Show all users created in the last week"
# Claude uses: mcp__postgres__query with SQL
# Example: Slack search
> "Find conversations about the API redesign"
# Claude uses: mcp__slack__search_messagesYou can reference MCP tools in hooks:
{
"hooks": {
"PreToolUse": [
{
"matcher": "mcp__postgres__query",
"hooks": [
{
"type": "command",
"command": "echo 'Database query requires review' && read -p 'Approve? (y/n) ' -n 1 -r && [[ $REPLY =~ ^[Yy]$ ]]"
}
]
}
]
}
}# Official Servers
@modelcontextprotocol/server-google-drive # Google Drive access
@modelcontextprotocol/server-slack # Slack integration
@modelcontextprotocol/server-github # GitHub API
@modelcontextprotocol/server-postgres # PostgreSQL database
@modelcontextprotocol/server-sqlite # SQLite database
@modelcontextprotocol/server-filesystem # Extended file access
# Community Servers
# Check GitHub for community-built MCP servers# Enable all project MCP servers automatically
{
"enableAllProjectMcpServers": true
}
# Whitelist specific servers
{
"enabledMcpjsonServers": ["google-drive", "postgres"]
}
# Blacklist servers
{
"disabledMcpjsonServers": ["risky-server"]
}
# Enterprise: Restrict to managed servers only
{
"useEnterpriseMcpConfigOnly": true,
"allowedMcpServers": ["approved-server-1", "approved-server-2"]
}Source: MCP Documentation, Settings
Quick-start configurations for popular MCP servers.
# Installation
claude mcp add --transport stdio github -- npx -y @modelcontextprotocol/server-github
# Or via .mcp.json
{
"mcpServers": {
"github": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-github"],
"env": {
"GITHUB_PERSONAL_ACCESS_TOKEN": "${GITHUB_TOKEN}"
}
}
}
}Common operations: Create issues, manage PRs, search code, review repositories.
# Installation
claude mcp add --transport stdio slack -- npx -y @modelcontextprotocol/server-slack
# Configuration
{
"mcpServers": {
"slack": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-slack"],
"env": {
"SLACK_BOT_TOKEN": "${SLACK_BOT_TOKEN}",
"SLACK_TEAM_ID": "T01234567"
}
}
}
}Usage: > "Search Slack for conversations about API redesign"
# Installation with OAuth
claude mcp add --transport http gdrive https://mcp.google.com/drive
# Or stdio with credentials
{
"mcpServers": {
"gdrive": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-gdrive"],
"env": {
"GDRIVE_CREDENTIALS_PATH": "${HOME}/.gdrive-credentials.json"
}
}
}
}Authenticate: Run /mcp in Claude Code and follow OAuth flow.
# Installation
claude mcp add --transport stdio postgres -- npx -y @modelcontextprotocol/server-postgres postgresql://user:pass@localhost/db
# Configuration
{
"mcpServers": {
"postgres": {
"command": "npx",
"args": [
"-y",
"@modelcontextprotocol/server-postgres",
"${DATABASE_URL}"
]
}
}
}Usage: > "Show all users created in the last week from the database"
# Installation
claude mcp add --transport http notion https://mcp.notion.com/mcp
# Requires Notion OAuth - authenticate via /mcp commandCommon operations: Query databases, create pages, search workspace.
# Configuration
{
"mcpServers": {
"stripe": {
"command": "npx",
"args": ["-y", "@stripe/mcp-server"],
"env": {
"STRIPE_API_KEY": "${STRIPE_API_KEY}"
}
}
}
}Usage: > "List recent Stripe transactions and summarize revenue"
Common issues and solutions from GitHub issues and production usage.
# Problem
claude mcp list
# Output: "No MCP servers configured"
# Solutions
1. Check file location:
- User scope: ~/.claude/settings.json
- Project scope: .mcp.json (in project root)
2. Verify JSON syntax:
cat .mcp.json | jq .
3. Check scope setting:
claude mcp add --scope project <name> ...
4. Restart Claude Code after config changes# Problem
/mcp shows "✓ Connected" but tools don't appear
# Solutions
1. Check tool output size (max 25,000 tokens):
export MAX_MCP_OUTPUT_TOKENS=50000
2. Verify server actually started:
ps aux | grep mcp
3. Check debug logs:
claude --debug
tail -f ~/.claude/logs/claude.log
4. Reset project approvals:
claude mcp reset-project-choices# Problem
Browser opens but OAuth fails or doesn't complete
# Solutions
1. Use /mcp command (not direct URL)
2. Check network/proxy settings:
# Try without VPN/Cloudflare Warp
3. Clear OAuth cache:
rm -rf ~/.claude/oauth-cache
4. Verify redirect URI in provider settings# Problem
MCP server immediately closes on Windows
# Solution - Use cmd /c wrapper:
claude mcp add --transport stdio myserver -- cmd /c npx -y package-name
# In .mcp.json:
{
"mcpServers": {
"myserver": {
"command": "cmd",
"args": ["/c", "npx", "-y", "package-name"]
}
}
}# Problem
${VAR} shows literally instead of expanding
# Solutions
1. Check .env file exists and is loaded
2. Use default syntax:
"${API_KEY:-default_value}"
3. Set in shell before running:
export API_KEY=xxx && claude
4. Use settings.local.json for sensitive values# Debug steps:
1. Test server directly:
npx @modelcontextprotocol/server-github
2. Check stdout/stderr:
claude --debug | grep mcp
3. Verify dependencies installed:
npm list -g | grep mcp
4. Check memory/resource limits:
ulimit -aSub-agents are specialized AI assistants configured for specific tasks.
Sub-agents are instances of Claude optimized for particular workflows:
# Built-in Sub-Agents
- general-purpose: Complex multi-step tasks
- Explore: Fast codebase exploration
# Custom Sub-Agents
- You can create your own with custom prompts and toolsLaunch with the Task tool:
# Explore codebase
> "Find all database queries in the codebase"
# Claude uses:
Task subagent_type="Explore"
prompt="Find all database queries and list files containing SQL, Prisma, or ORM code"
# General purpose research
> "Research best practices for API rate limiting and suggest implementation"
# Claude uses:
Task subagent_type="general-purpose"
prompt="Research API rate limiting approaches, compare options, and recommend implementation for Express.js"Sub-agents are defined as Markdown files in .claude/agents/ or ~/.claude/agents/:
Example: Debug Assistant
.claude/agents/debugger.md:
---
name: debugger
description: Specialized debugging agent for production issues
model: claude-sonnet-4
allowedTools: [Read, Grep, Glob, Bash]
---
# Debug Assistant
You are a specialized debugging agent. Your role is to systematically investigate and identify the root cause of issues.
## Debugging Process
### 1. Gather Context
- Read error messages and stack traces
- Check recent code changes (git log)
- Review related log files
- Understand expected vs actual behavior
### 2. Hypothesis Generation
- List possible causes
- Prioritize by likelihood
- Consider recent changes first
### 3. Systematic Investigation
- Test each hypothesis methodically
- Use Grep to find related code
- Read implementation details
- Check for similar patterns elsewhere
### 4. Root Cause Analysis
- Identify the precise cause
- Explain why it happens
- Trace the execution path
### 5. Solution Proposal
- Suggest specific fixes
- Explain tradeoffs
- Provide code examples
- Recommend tests to prevent recurrence
## Constraints
- DO NOT modify code (read-only analysis)
- DO provide detailed explanations
- DO reference specific file:line locations
- DO consider edge casesExample: Code Review Agent
.claude/agents/reviewer.md:
---
name: reviewer
description: Code review specialist focusing on quality and best practices
model: claude-sonnet-4
allowedTools: [Read, Grep, Glob]
---
# Code Reviewer
You are a senior code reviewer. Provide constructive, actionable feedback.
## Review Criteria
### Code Quality
- Readability and maintainability
- Naming conventions
- Code organization
- DRY principle adherence
### Correctness
- Logic errors
- Edge cases handling
- Error handling
- Null/undefined checks
### Performance
- Algorithm efficiency
- Unnecessary computations
- Memory usage
- Database query optimization
### Security
- Input validation
- SQL injection risks
- XSS vulnerabilities
- Authentication/authorization
### Testing
- Test coverage
- Test quality
- Edge cases tested
## Output Format
Provide structured feedback:
- **Strengths**: What's done well
- **Issues**: Problems found (with severity)
- **Suggestions**: Improvements
- **Examples**: Code snippets for fixesChoose different models per agent:
---
name: fast-explorer
model: claude-haiku-4 # Fast, cost-effective
------
name: deep-analyzer
model: claude-opus-4 # Most capable
---Limit tools for focused operation:
---
name: readonly-analyzer
allowedTools: [Read, Grep, Glob] # Analysis only
------
name: implementation-agent
allowedTools: [Read, Write, Edit, Bash] # Can modify code
---> "Have multiple agents analyze different aspects"
# Launches multiple agents in parallel:
- Security review agent
- Performance analysis agent
- Code style agent
- Test coverage agent
# Aggregates results> "Research → Design → Implement authentication"
# Sequential sub-agents:
1. Research agent: Find best practices
2. Design agent: Create architecture
3. Implementation agent: Write code
4. Review agent: Verify implementation{
"frontend-agent": "React/UI specialist",
"backend-agent": "API/database specialist",
"devops-agent": "Deployment/infrastructure specialist"
}Source: Sub-Agents
Plugins bundle Skills, Commands, Hooks, and MCP servers for easy sharing.
Plugins are packages that extend Claude Code:
# A plugin can contain:
- Skills (auto-activated capabilities)
- Slash Commands (workflow templates)
- Hooks (automation)
- MCP Servers (external integrations)
- Sub-Agent definitions# Interactive plugin management
> /plugin
# Options:
- Browse marketplace
- Install plugins
- Enable/disable plugins
- Remove plugins
- Add custom marketplacesmy-plugin/
├── .claude-plugin/
│ └── plugin.json # Metadata
├── commands/ # Slash commands
│ └── my-command.md
├── skills/ # Skills
│ └── my-skill/
│ └── SKILL.md
├── hooks.json # Hook definitions
└── agents/ # MCP servers & sub-agents
└── mcp.json
plugin.json:
{
"name": "my-plugin",
"version": "1.0.0",
"description": "My awesome plugin",
"author": "Your Name",
"homepage": "https://github.com/user/plugin",
"keywords": ["productivity", "testing"]
}# From marketplace
> /plugin
# Select "Browse marketplace"
# Choose and install
# Team Configuration
# .claude/settings.json
{
"plugins": {
"enabledPlugins": {
"security-toolkit@official": true,
"custom-workflows@team": true
}
}
}{
"extraKnownMarketplaces": [
{
"name": "company-internal",
"type": "github",
"url": "https://github.com/company/claude-plugins"
},
{
"name": "local-dev",
"type": "directory",
"path": "/path/to/plugins"
}
]
}Configure in .claude/settings.json (committed to git):
{
"plugins": {
"enabledPlugins": {
"team-workflows@company": true
}
},
"extraKnownMarketplaces": [
{
"name": "company",
"type": "github",
"url": "https://github.com/company/claude-plugins"
}
]
}When team members trust the repository, plugins install automatically.
Source: Plugins
Phase 1: Understand
# Start by understanding the codebase
> "Read the project structure and explain the architecture"
> "What testing framework is used?"
> "Show me the authentication flow"
# Claude will:
- Read README, package.json, etc.
- Analyze project structure
- Identify key patternsPhase 2: Plan
# For complex features, plan first
> "I need to add user roles and permissions. Create a plan"
# Claude will:
- Break down the feature
- Identify affected files
- Consider edge cases
- Create TodoWrite tasksPhase 3: Implement
# Implement incrementally
> "Implement step 1: Add roles to user model"
# Then verify
> "Run the tests"
# Continue
> "Implement step 2: Add permission checks to API"Phase 4: Verify
# Always verify changes
> "Run all tests"
> "Check for TypeScript errors"
> "Review the changes we made"
# Create commit
> "Create a git commit for these changes"For complex multi-step work:
> "Add user authentication system"
# Claude creates todos:
TodoWrite todos=[
{"content": "Create User model with password hashing", "status": "in_progress", ...},
{"content": "Implement JWT token generation", "status": "pending", ...},
{"content": "Add login/register endpoints", "status": "pending", ...},
{"content": "Add authentication middleware", "status": "pending", ...},
{"content": "Write integration tests", "status": "pending", ...}
]
# As work progresses, todos update:
# ✅ "Create User model..." - completed
# ⏳ "Implement JWT tokens..." - in_progress
# ⏸️ "Add login/register..." - pendingParallel (Independent Tasks):
> "Create these three independent components"
# Claude can work on all simultaneously:
- Component A (no dependencies)
- Component B (no dependencies)
- Component C (no dependencies)Sequential (Dependencies):
> "Set up database, then add user model, then create API"
# Must be done in order:
1. Database setup (others depend on this)
2. User model (API depends on this)
3. API endpoints (depends on model)Automated Validation:
# After changes, verify automatically
> "Run the following checks:
- TypeScript compilation
- Linting
- All tests
- Build process"
# Or create a slash command:
/verify-changesMulti-Perspective Review:
# Use sub-agents for thorough review
> "Review these changes from multiple perspectives:
- Security issues
- Performance implications
- Code quality
- Test coverage"
# Launches specialized review agentsClaude Code's features form a layered automation stack. Understanding how they combine unlocks powerful workflows.
| # | Synergy | Use Case |
|---|---|---|
| 1 | Explore → Plan → Code → Commit | Standard development workflow |
| 2 | Test-Driven Development | Quality-first coding |
| 3 | MCP + Slash Commands | External tool integrations |
| 4 | Skills + Hooks | Auto-apply expertise + enforce rules |
| 5 | Sub-agents + Background | Parallel isolated work |
| 6 | Multi-Claude Workflows | Git worktrees for parallelism |
| 7 | Context Preservation | Session continuity |
| 8 | Quality Pipeline | Automated quality enforcement |
| 9 | Visual-Driven Development | Screenshots/mockups → code |
| 10 | Log Analysis Pipeline | Unix pipes + Claude |
| 11 | Schema-Driven Development | DB schema → types/API/tests |
| 12 | Dependency Management | Update + test + fix cycle |
| 13 | Documentation Generation | Codebase → living docs |
| 14 | Refactoring with Safety | Large changes without breaking |
| 15 | Incident Response | Production debugging workflow |
Each feature serves a distinct purpose and they build on each other:
| Layer | Feature | Purpose | Invocation |
|---|---|---|---|
| Connection | MCP | External tools (GitHub, Jira, DBs) | Automatic when configured |
| Capability | Skills | Domain expertise (testing, security) | Auto-activated by context |
| Entry Point | Slash Commands | Repeatable workflows | Manual via /command |
| Enforcement | Hooks | Quality gates, auto-actions | Lifecycle events |
| Isolation | Sub-agents | Parallel specialized work | Task delegation |
| Bundling | Plugins | Package all of the above | Install once |
Key insight: MCP connects external systems. Skills provide automatic expertise. Slash commands give explicit control. Hooks enforce standards. Sub-agents isolate heavy work.
The recommended workflow from Anthropic's best practices:
# Step 1: Explore - understand what exists
"Read src/auth/ and explain the current authentication flow.
List all files involved and their responsibilities."
# Step 2: Plan - use extended thinking
"Think hard about how to add OAuth2 support. Create a detailed plan
covering: files to modify, new files needed, dependencies, and test strategy."
# Step 3: Code - implement with explicit files
"Implement the OAuth2 changes following the plan. Start with
src/auth/oauth.ts, then update src/auth/index.ts to export it."
# Step 4: Commit - structured message
"Create a commit with message: 'feat(auth): add OAuth2 provider support'"Why it works: Each step builds context. Exploring first prevents wrong assumptions. Planning with "think hard" engages extended reasoning. Explicit file names reduce ambiguity.
Write tests first, then implement:
# 1. Write failing tests first
"Write tests for a new validateEmail function in src/utils/validation.ts.
Cover: valid emails, invalid formats, empty input, null input.
Use Jest. The function doesn't exist yet - tests should fail."
# 2. Confirm tests fail
"Run npm test -- --testPathPattern=validation"
# 3. Commit the failing tests
"Commit with message: 'test(validation): add email validation tests (red)'"
# 4. Implement to pass
"Now implement validateEmail in src/utils/validation.ts to pass all tests.
Use a standard regex pattern. No external dependencies."
# 5. Verify and commit
"Run the tests again. If passing, commit: 'feat(validation): implement email validation (green)'"Why it works: Tests define the contract before implementation. Claude iterates against concrete targets. Git history shows the TDD discipline.
MCP servers expose prompts that become slash commands:
# Add MCP server
claude mcp add github -- gh-mcp
# Now available as commands:
/github-pr-review # Review current PR
/github-issues # List open issues
/github-create-pr # Create PR from current branch
# Example workflow - complete ticket
/github-issues # "Show me issue #42"
# Claude fetches issue details via MCP
"Implement the feature described in issue #42.
Follow our patterns in src/features/."
/github-create-pr # Creates PR linked to issueReal MCP integrations: GitHub, Jira, Linear, Notion, PostgreSQL, Slack, Figma, Google Drive. Each adds domain-specific commands.
Skills activate automatically; hooks enforce at lifecycle events:
.claude/
├── skills/
│ └── security-review/
│ └── SKILL.md # Auto-activates on security-related tasks
└── settings.json # Hook: block commits if security issues found
Skill definition (.claude/skills/security-review/SKILL.md):
---
name: security-review
description: Analyzes code for security vulnerabilities. Activates when
reviewing auth code, API endpoints, or user input handling.
allowed-tools: [Read, Grep, Glob]
---
When activated, check for:
- SQL injection (string concatenation in queries)
- XSS (unescaped user input in HTML)
- Exposed secrets (API keys, passwords in code)
- Broken auth (missing token validation)
Report findings with file:line references and severity.Hook definition (in settings.json):
{
"hooks": {
"PreToolUse": [{
"tool": "Bash",
"command": "git commit",
"script": ".claude/hooks/security-check.sh"
}]
}
}Workflow:
"Review the authentication code in src/auth/ for security issues"
# Skill auto-activates, finds issues
"Fix the SQL injection vulnerability in src/auth/login.ts:45"
# You fix it
"Commit the security fix"
# Hook runs security-check.sh before allowing commit
# Blocks if issues remain, allows if cleanIsolate work and run in parallel:
# Start services in background (Ctrl+B or explicit)
"Run npm run dev in background"
"Run npm test -- --watch in background"
# Check running tasks
/tasks
# Main session: Use explorer agent for research
"Use the explorer agent to find all API endpoints and their handlers"
# Parallel work happening:
# - Background: Dev server on port 3000
# - Background: Test watcher re-running on changes
# - Sub-agent: Scanning codebase for endpoints
# - Main session: Available for next task
# Later, retrieve agent results
"What did the explorer agent find?"Sub-agent types: Explore (codebase search), Plan (architecture), custom agents defined in .claude/agents/.
Run multiple Claude instances for independent work:
# Terminal 1: Feature development
cd feature-branch-worktree
claude
"Implement the user dashboard feature"
# Terminal 2: Code review (same repo, different worktree)
cd review-worktree
claude
"Review the changes in the user-dashboard branch for security and performance"
# Terminal 3: Documentation
cd docs-worktree
claude
"Update API documentation based on recent changes"Advanced: Claude reviewing Claude:
# Claude 1 writes code
"Implement rate limiting for the API endpoints in src/api/"
# Claude 2 reviews (different session)
"Review the rate limiting implementation. Check for:
- Edge cases (what happens at exactly the limit?)
- Race conditions (concurrent requests)
- Configuration flexibility (can limits be changed without deploy?)"Combine CLAUDE.md + slash commands for continuity:
Project CLAUDE.md:
# Project: E-commerce API
## Current Sprint
- [ ] Implement payment webhooks
- [ ] Add inventory tracking
- [x] User authentication (completed Jan 10)
## Key Decisions
- Using Stripe for payments (see docs/adr/001-payment-provider.md)
- PostgreSQL for inventory (see src/db/schema.sql)
## Commands
npm run dev # Start on port 3000
npm test # Run Jest tests
npm run db:seed # Seed test dataSlash command for context loading (.claude/commands/resume.md):
---
name: resume
description: Resume work on current sprint
---
Read CLAUDE.md and the current sprint tasks.
Check git log for recent commits.
Summarize: what's done, what's in progress, what's next.
Ask what I want to work on.Usage:
claude
/resume
# Claude reads context, summarizes state, ready to continueAutomated quality enforcement:
Hook configuration:
{
"hooks": {
"PostToolUse": [{
"tool": "Write",
"script": "npm run lint:fix -- $FILE"
}, {
"tool": "Edit",
"script": "npm run lint:fix -- $FILE"
}],
"PreToolUse": [{
"tool": "Bash",
"command": "git commit",
"script": ".claude/hooks/pre-commit.sh"
}]
}
}Pre-commit hook script:
#!/bin/bash
npm run lint || exit 1
npm test || exit 1
echo "All checks passed"Result: Every file edit auto-lints. Every commit requires passing tests. Quality enforced without manual intervention.
Use screenshots and mockups as implementation targets:
# Share a design mockup
"Here's the Figma mockup for the new dashboard @mockups/dashboard.png
Implement this in src/components/Dashboard.tsx using our existing
Button, Card, and Chart components. Match the layout exactly."
# Iterate on visual feedback
"Here's a screenshot of the current result @screenshots/current.png
Compare to the mockup. Fix: the spacing between cards is wrong,
and the chart colors don't match."
# Debug visual issues
"This screenshot shows a layout bug on mobile @bugs/mobile-layout.png
The sidebar overlaps the content. Fix the responsive styles in
src/styles/layout.css"Why it works: Claude can see images. Concrete visual targets reduce ambiguity. Iteration is fast.
Unix pipes + Claude for real-time analysis:
# Monitor logs for anomalies
tail -f /var/log/app.log | claude -p "Alert me if you see errors or unusual patterns"
# Analyze crash dumps
cat crash.log | claude -p "Analyze this crash. Identify root cause and suggest fix."
# Parse and summarize
grep "ERROR" app.log | claude -p "Categorize these errors by type and frequency. Which is most critical?"
# CI/CD integration
npm test 2>&1 | claude -p "If tests failed, explain why and suggest fixes"Why it works: Claude integrates with Unix pipelines. Composable with existing tools.
Database schema as source of truth:
# Generate types from schema
"Read prisma/schema.prisma and generate TypeScript interfaces
in src/types/database.ts. Include JSDoc comments explaining each field."
# Create API endpoints from schema
"Based on the User model in schema.prisma, create CRUD endpoints
in src/api/users.ts. Include validation using zod."
# Generate test fixtures
"Read the schema and create realistic test fixtures in
tests/fixtures/users.ts. Cover edge cases: empty strings,
max lengths, special characters."
# Migration safety check
"Compare prisma/schema.prisma with the current database.
Identify breaking changes. Suggest migration strategy."Why it works: Schema is the contract. Generate everything from it. Single source of truth.
Update, test, and fix in one flow:
# Check for updates
"Run npm outdated. For each major update, explain breaking changes
and effort to upgrade."
# Upgrade with safety net
"Upgrade lodash to v5. Run tests. If anything breaks, fix it.
Commit only when tests pass."
# Security audit flow
"Run npm audit. For each vulnerability:
1. Check if we actually use the affected code path
2. If yes, upgrade or find alternative
3. If no, document why it's acceptable"
# License compliance
"Check licenses of all dependencies. Flag any GPL or unknown
licenses. We need MIT/Apache/BSD only."Why it works: Dependency management is tedious. Claude handles the research and fixes.
Codebase exploration → living documentation:
# API documentation
"Explore src/api/ and generate OpenAPI spec in docs/api.yaml.
Include request/response examples from actual code."
# Architecture documentation
"Analyze the codebase structure. Create docs/ARCHITECTURE.md
explaining: folder structure, data flow, key patterns used."
# Onboarding guide
"Create docs/ONBOARDING.md for new developers. Include:
setup steps, key files to understand first, common tasks,
gotchas you found in the code."
# Changelog from commits
"Read git log for the last month. Generate CHANGELOG.md
grouped by: Features, Fixes, Breaking Changes."Why it works: Documentation stays in sync with code. Generated from source, not memory.
Large refactors without breaking things:
# Rename with confidence
"Rename the User class to Account across the entire codebase.
Update all imports, types, and documentation. Run tests after."
# Extract component
"The Dashboard component is 500 lines. Extract the chart logic
into src/components/DashboardChart.tsx. Keep all behavior identical.
Tests must still pass."
# Change data structure
"Migrate from storing user.fullName to user.firstName + user.lastName.
Update: database schema, API responses, frontend display, tests.
Create migration script for existing data."
# Upgrade patterns
"Replace all callback-style async code in src/services/ with
async/await. One file at a time. Test after each file."Why it works: TodoWrite tracks progress. Tests verify correctness. Safe incremental changes.
Debug production issues systematically:
# Initial triage
"Production is returning 500 errors. Here's the error log:
[paste log]
Identify the most likely cause. List files to investigate."
# Root cause analysis
"Read the files identified. Trace the code path from
API endpoint to error. Explain exactly where and why it fails."
# Fix with minimal blast radius
"Implement the smallest possible fix. Don't refactor.
Just stop the bleeding. Add a TODO for proper fix later."
# Post-mortem documentation
"Create docs/incidents/2024-01-15-500-errors.md documenting:
what happened, root cause, fix applied, prevention measures."Why it works: Structured approach prevents panic. Documentation prevents recurrence.
Based on Anthropic's guidance:
| Instead of... | Write... |
|---|---|
| "Add tests" | "Write Jest tests for src/utils/date.ts covering: formatDate with valid dates, invalid inputs, and timezone handling" |
| "Fix the bug" | "The login fails when email contains '+'. Fix src/auth/validate.ts:23 to handle plus signs in email addresses" |
| "Review this" | "Review src/api/users.ts for: N+1 queries, missing error handling, and SQL injection risks" |
| "Make it faster" | "Profile the /api/products endpoint. Identify the slowest operation and optimize it. Target: <100ms response" |
Thinking modes (escalating reasoning depth):
"think"- Standard extended thinking"think hard"- More thorough analysis"think harder"- Deep exploration of options"ultrathink"- Maximum reasoning budget
File references:
# Use tab-completion or explicit paths
"Read @src/auth/login.ts and explain the authentication flow"
# Multiple files
"Compare @src/api/v1/users.ts and @src/api/v2/users.ts - what changed?"1. Understand the "when" of each feature:
| Feature | Activates When... |
|---|---|
| MCP | External data/action needed |
| Skills | Context matches description (automatic) |
| Commands | User types /command (manual) |
| Hooks | Lifecycle event fires (PreToolUse, PostToolUse, etc.) |
| Sub-agents | Task delegated for isolated work |
2. Combinations multiply value:
MCP alone = 1x (fetch data)
MCP + Skill = 3x (fetch + auto-expertise)
MCP + Skill + Hook = 9x (fetch + expertise + enforce)
Each layer multiplies the previous. Invest in setup.
3. Prompting is the foundation: All synergies fail with vague prompts. Master specificity first:
- Name exact files
- State exact requirements
- Define exact success criteria
4. We showed 15 synergies. There are many more. These patterns are starting points. Combine them, adapt them, discover your own. The best workflows are the ones tailored to your project.
5. Setup cost amortizes:
One hour configuring .claude/ saves hundreds of hours across future sessions. Treat it as infrastructure.
# Understanding current system
> "Analyze the current user management system"
# Planning
> "Create a plan to add JWT-based authentication"
# Implementation
> "Implement the authentication system following the plan"
# (Claude creates TodoWrite tasks and works through them)
# Testing
> "Create comprehensive tests for authentication"
# Security review
> "Review the authentication implementation for security issues"
# Documentation
> "Update the API documentation with authentication endpoints"
# Commit
> "Create a git commit for the authentication feature"# Identify issues
> "Analyze the codebase for performance bottlenecks"
# Create optimization plan
> "Create a plan to optimize the most critical issues found"
# Implement optimizations
> "Implement the database query optimizations"
# Benchmark
> "Create benchmarks to measure the improvements"
# Verify
> "Run the benchmarks and compare before/after"# Provide context
> "Users report login fails intermittently. Here's the error log: [paste log]"
# Investigation with Debug agent
> "Use the debugger agent to investigate this issue"
# Root cause analysis
> "Explain what's causing this and why it's intermittent"
# Fix
> "Implement a fix for this issue"
# Prevention
> "Add tests and logging to prevent this in the future"
# Documentation
> "Update CLAUDE.md with what we learned about this issue"# Analyze current API
> "Document all endpoints in the v1 API"
# Plan migration
> "Create a migration plan from v1 to v2 with these changes: [list changes]"
# Implement new version
> "Implement the v2 API alongside v1"
# Ensure backward compatibility
> "Create a compatibility layer so v1 clients still work"
# Testing
> "Create tests ensuring both v1 and v2 work correctly"
# Documentation
> "Generate migration guide for API consumers"# Research
> "Research GitHub Actions best practices for Node.js projects"
# Create workflow
> "Create a GitHub Actions workflow that:
- Runs on pull requests
- Checks TypeScript compilation
- Runs linting
- Runs all tests
- Reports coverage"
# Security scanning
> "Add security scanning to the workflow"
# Deployment
> "Add automatic deployment to staging on merge to main"
# Documentation
> "Document the CI/CD setup in README.md"# Add directories
> "Add the frontend and backend directories to the workspace"
# Synchronized changes
> "Update the User type definition in backend and propagate to frontend"
# Cross-project validation
> "Ensure the frontend API calls match the backend endpoints"
# Parallel testing
> "Run backend tests and frontend tests in parallel in background"
# Monitor both
> "Start both dev servers and monitor for errors"# Start all development services in background
> "Start the frontend dev server in background"
> "Start the backend API server in background"
> "Run tests in watch mode in background"
# Configure status line to track all services
/statusline
# Monitor all services simultaneously
> "Monitor all background processes for errors"
# Claude watches logs from all background tasks
# Identifies issues across services
# Suggests fixes without stopping services
# Fix issues dynamically
> "I see an API timeout error"
# Claude checks backend logs, identifies cause, suggests solution
# Check all background tasks
/bashes
# Stop specific service if needed
/kill <id># Start major feature development
> "Build a complete user authentication system with JWT, refresh tokens, and password reset"
# Work progresses, context accumulates...
# After reading many files and multiple operations
# Context is getting large
# Use microcompact for intelligent cleanup
/microcompact
# Keeps: Current auth work, recent changes, patterns learned
# Removes: Old file reads, completed searches, stale context
# Continue seamlessly with clean context
> "Add two-factor authentication to the system"
# Full context available for current authentication work
# Major context switch to new feature
/compact
# Complete reset for fresh start
> "Implement Stripe payment integration"
# Clean slate for payment feature# Plan with security considerations
> "Design a user input handling system for our forms. Focus on security best practices"
# Implement with immediate security review
> "Implement the form validation system"
> "Review the form validation code for security vulnerabilities"
# Fix identified issues
> "Fix the XSS vulnerability in the email field validation"
> "Verify the fix addresses all injection vectors"
# Document security patterns
> "Update CLAUDE.md with our input validation security patterns"
# Set up continuous security monitoring
> "Create a GitHub Action that runs security scans on every PR"# Initialize multi-repo workspace
/add-dir ~/projects/backend
/add-dir ~/projects/frontend
/add-dir ~/projects/shared-types
# Synchronize type definitions across projects
> "Update the User type in shared-types and ensure backend and frontend are consistent"
# Parallel type checking
> "Run TypeScript type checking in all three projects simultaneously in background"
# Monitor and fix type errors
> "Check background tasks for any type errors"
> "Fix type mismatches found in frontend"
# Cross-repo validation
> "Verify that all API types in backend match the frontend client expectations"
# Start all dev servers
> "Start backend server, frontend server, and type watching in background"
# Unified development experience
> "Build the checkout flow, coordinating changes across backend API and frontend UI"
# Claude makes coordinated changes across all repos1. Set Up CLAUDE.md First
- Document your project structure
- List important commands
- Note conventions and patterns
- Add known gotchas
- Update it as you learn2. Use Descriptive Requests
# Good
> "Add input validation to the login endpoint, checking email format and password length"
# Less effective
> "Fix login"3. Verify Changes
# Always review before committing
> "Show me all the changes made"
> "Run tests to verify the changes"4. Incremental Development
# Break large features into steps
> "First, let's add the database model"
> "Now add the API endpoint"
> "Finally, add the frontend form"5. Leverage Tools Intelligently
# Use Grep for finding patterns
> "Find all database queries using raw SQL"
# Use Glob for file discovery
> "Find all test files"
# Use sub-agents for exploration
> "Have an Explore agent map out the authentication flow"Quick decision trees for common scenarios:
Something's not working:
→ Can you reproduce it?
→ Yes: Debug systematically
→ No: Gather more info first
→ Did it work before?
→ Yes: Check recent changes (git diff)
→ No: Check assumptions
→ Is error message clear?
→ Yes: Address directly
→ No: Trace execution with logging
Adding a new feature:
→ Similar feature exists?
→ Yes: Follow that pattern
→ No: Research best practices
→ Touches existing code?
→ Yes: Understand it first (read, analyze)
→ No: Design in isolation
→ Has complex logic?
→ Yes: Break down first (use TodoWrite)
→ No: Implement directly
Code seems slow:
→ Measured it? → No: Profile first
→ Know the bottleneck? → No: Find it (use ultrathink)
→ Have solution? → No: Research, then implement and measure again
Recovery When Things Go Wrong:
# Establish facts
> "What's the current state of the codebase?"
# Find smallest step forward
> "What's the simplest fix that would work?"
# Question assumptions
> "Let me re-read the relevant code"
# Find solid ground
> "Let's revert to the last working state with /rewind"Complexity-Driven Approach:
| Task Type | Approach |
|---|---|
| Trivial (typo fix) | Just fix it |
| Simple (add button) | Quick implementation |
| Medium (new feature) | Plan → Implement → Test |
| Complex (architecture) | Research → Design → Prototype → Implement → Migrate |
| Unknown | Explore to assess, then choose approach |
1. Share Configuration
# Commit to git:
.claude/
├── settings.json # Shared permissions and config
├── commands/ # Team workflows
├── skills/ # Team Skills
└── agents/ # MCP servers & sub-agents
# Git-ignore:
.claude/settings.local.json # Personal overrides2. Document Patterns in CLAUDE.md
## Team Conventions
- All API routes follow RESTful patterns
- Database migrations use Prisma
- Tests use the AAA pattern (Arrange, Act, Assert)
- Never commit directly to main3. Create Workflow Commands
# .claude/commands/team/
├── code-review.md
├── deploy-staging.md
├── run-checks.md
└── security-audit.md4. Use Hooks for Standards
{
"hooks": {
"PreToolUse": [
{
"matcher": "Edit|Write",
"hooks": [
{"type": "command", "command": "eslint-check.sh"}
]
}
]
}
}1. Protect Sensitive Files
{
"permissions": {
"deny": {
"Write": ["*.env", ".env.*", "*.key", "*.pem"],
"Edit": ["*.env", ".env.*", "*.key", "*.pem", ".git/*"]
}
}
}2. Review Before Execution
{
"permissions": {
"defaultMode": "ask"
}
}3. Use Hooks for Auditing
{
"hooks": {
"PostToolUse": [
{
"hooks": [
{
"type": "command",
"command": "echo \"$(date): $TOOL_NAME\" >> .claude/audit.log"
}
]
}
]
}
}4. Regular Security Reviews
# Use security review Skill or command
> "Perform a security audit of the authentication system"Issue: "Context too large" error
# Solution 1: Compact context
> /compact
# Solution 2: Smart cleanup
> /microcompact
# Prevention: Regular compaction in long sessionsIssue: Edit tool fails with "string not found"
# Solution: Read the file first to see exact content
> Read the file to see the exact string
# Ensure exact match including:
- Whitespace and indentation
- Line breaks
- Special characters
# Use larger context if string appears multiple timesIssue: Permission denied
# Solution 1: Grant permission when asked
# Solution 2: Pre-configure in settings.json
{
"permissions": {
"allow": {
"Bash": ["npm test"],
"Edit": {}
}
}
}
# Check current permissions
> /hooks # Shows hook configurationIssue: Claude doesn't see recent file changes
# Solution: Explicitly ask to re-read
> "Read the app.ts file again"
# Or provide the changes
> "I just updated the config, here's what changed: [paste]"Issue: Background task not responding
# Check status
> /bashes
# Kill if stuck
> /kill <id>
# Restart
> "Start the dev server again in background"Issue: Git operations fail
# Check git status
> "Run git status"
# Common fixes:
- Unstaged changes: "git add the files first"
- Merge conflicts: "Show me the conflicts and help resolve"
- Branch issues: "Switch to the correct branch"Issue: MCP server not working
# Check configuration
> "Show me the MCP configuration"
# Verify server is running
> "Check if the MCP server started correctly"
# Check logs
~/.claude/logs/mcp-<server-name>.log
# Reinstall
> "Reinstall the MCP server package"Systematic approaches to common error scenarios.
# If session disconnects mid-task:
1. Check recent history:
> "What was I working on?"
2. Review file changes:
git diff
3. Reconstruct state:
> "Based on recent changes, continue where we left off"# If hook blocks unexpectedly:
1. Check hook output:
claude --debug
2. Test hook manually:
echo '{"tool_name":"Edit","tool_input":{...}}' | ~/.claude/hooks/script.sh
3. Temporarily disable:
mv ~/.claude/settings.json ~/.claude/settings.json.bak
4. Fix and restore:
# Fix the hook script, then restore settings# When "context too large" appears during complex work:
# Quick recovery:
> /microcompact
> "Continue with [brief task summary]"
# Full reset if needed:
> /compact
> "Let me brief you: [key context]"
# Prevention:
- Use /microcompact every ~50 operations
- Start fresh sessions for new features# When permissions repeatedly requested:
# Grant permanently:
{
"permissions": {
"allow": {
"Bash": {}, # Allow all bash
"Edit": {}, # Allow all edits
"Write": {} # Allow all writes
}
}
}
# Or specific patterns:
{
"permissions": {
"allow": {
"Bash": ["npm test", "npm run build"]
}
}
}# If operations timeout:
# Retry with backoff:
1st attempt → fails
Wait 2s → retry
Wait 4s → retry
Wait 8s → retry
# Switch model if persistent:
> "Use a different model to try this"
# Check network:
ping anthropic.com
curl -v https://api.anthropic.com# If changes weren't saved:
1. Check git:
git status
git diff
2. Check file backups:
ls -la ~/.claude/backups/
3. Review session transcript:
# Transcripts saved in ~/.claude/transcripts/
4. Reconstruct from memory:
> "Based on our conversation, recreate the [feature]"# Enable comprehensive debugging:
claude --debug --log-level trace
# Follow logs in real-time:
tail -f ~/.claude/logs/claude.log
# Filter for specific issues:
grep -i error ~/.claude/logs/claude.log
grep -i "mcp" ~/.claude/logs/claude.logClaude Code operates with:
1. Permission System
- Tools require explicit permission
- Permissions are session-specific
- Can be pre-configured in settings
2. Sandboxing (macOS/Linux)
{
"sandbox": {
"enabled": true,
"allowUnsandboxedCommands": false
}
}3. File Access Control
{
"permissions": {
"additionalDirectories": ["/allowed/path"],
"deny": {
"Read": ["*.key", "*.pem"],
"Write": ["*.env"],
"Edit": [".git/*"]
}
}
}1. Never Commit Secrets
# Block in settings
{
"permissions": {
"deny": {
"Write": ["*.env", "*.key", "*.pem", "*secret*"],
"Edit": ["*.env", "*.key", "*.pem", "*secret*"]
}
}
}
# Use hooks to scan for secrets
{
"hooks": {
"PreToolUse": [
{
"matcher": "Write|Edit",
"hooks": [
{"type": "command", "command": "detect-secrets-hook.sh"}
]
}
]
}
}2. Review AI-Generated Code
# Always review before deploying
> "Explain the security implications of this code"
> "Review this for potential vulnerabilities"3. Limit Tool Access
// For sub-agents doing analysis
{
"allowedTools": ["Read", "Grep", "Glob"] // No modifications
}
// For implementation agents
{
"allowedTools": ["Read", "Write", "Edit", "Bash"] // Can modify
}4. Audit Trails
{
"hooks": {
"PostToolUse": [
{
"hooks": [
{
"type": "command",
"command": "logger.sh" // Log all operations
}
]
}
]
}
}5. Network Restrictions
{
"sandbox": {
"network": {
"allowUnixSockets": ["/var/run/docker.sock"],
"allowLocalBinding": true,
"httpProxyPort": 8080
}
}
}Source: Settings, Sandboxing
Claude Code can be used programmatically via TypeScript/Python SDKs.
- Automate workflows in CI/CD
- Build custom tools on top of Claude Code
- Create automated code review systems
- Integrate into existing development tools
- Batch process multiple projects
import { ClaudeCodeSDK } from '@anthropic-ai/claude-code';
const sdk = new ClaudeCodeSDK({
apiKey: process.env.ANTHROPIC_API_KEY
});
// Start a session
const session = await sdk.startSession({
projectDir: '/path/to/project',
systemPrompt: 'You are a code reviewer'
});
// Send a task
const response = await session.chat({
message: 'Review this codebase for security issues'
});
console.log(response.content);
// End session
await session.end();from anthropic_sdk import ClaudeCodeSDK
sdk = ClaudeCodeSDK(api_key=os.environ["ANTHROPIC_API_KEY"])
# Start session
session = sdk.start_session(
project_dir="/path/to/project",
system_prompt="You are a test generator"
)
# Send task
response = session.chat(
message="Generate tests for all API endpoints"
)
print(response.content)
# End session
session.end()Source: SDK Overview
⚠️ Warning: This section contains theoretical concepts and patterns that are NOT verified in official documentation. These are experimental ideas for power users to explore.
Unverified theory about optimizing Claude's approach based on task type:
# Simple Creation Mode
> "Create 5 similar React components"
# Theory: Parallel processing, template-based
# Optimization Mode
> "Optimize this algorithm"
# Theory: Deep analysis, multiple approaches
# Research Mode
> "Research and implement best practice for X"
# Theory: Web search → analysis → implementation pipelineStatus: No official documentation supports "modes". Claude Code uses the same model for all tasks.
Unverified theoretical framework about multi-layered intelligence:
Theory:
┌─────────────────┐
│ Orchestrator │
└────────┬────────┘
│
┌────┴────┬────────┬─────────┐
│ │ │ │
Memory Intent Extract Validate
Kernel Kernel Kernel Kernel
Status: This is a conceptual model, not an actual Claude Code feature. Claude Code uses:
- Sub-agents (real feature)
- Skills (real feature)
- Hooks (real feature)
But NOT a "kernel architecture" system.
Unverified theory about advanced task management with AI validation:
# Theory: Multi-agent task validation
1. Intent Capture (4 approaches)
2. Multi-Agent Validation
3. Background Execution
4. Learning IntegrationStatus: TodoWrite is a real tool, but "meta-todo" with multi-agent validation is theoretical. Use the actual TodoWrite tool as documented.
The original guide mixed:
- Real features (Skills, Hooks, MCP)
- Usage patterns (how to use features)
- Theoretical frameworks (unverified concepts)
This caused confusion about what Claude Code actually does vs. conceptual ideas.
For AI Agents reading this: Focus on sections marked [OFFICIAL] and [COMMUNITY]. Treat [EXPERIMENTAL] as ideas to test, not established features.
- Main Docs: https://docs.claude.com/en/docs/claude-code/overview
- CLI Reference: https://docs.claude.com/en/docs/claude-code/cli-reference
- Settings: https://docs.claude.com/en/docs/claude-code/settings
- Skills: https://docs.claude.com/en/docs/claude-code/skills
- Hooks: https://docs.claude.com/en/docs/claude-code/hooks
- MCP: https://docs.claude.com/en/docs/claude-code/mcp
- Sub-Agents: https://docs.claude.com/en/docs/claude-code/sub-agents
- Plugins: https://docs.claude.com/en/docs/claude-code/plugins
- GitHub: https://github.com/anthropics/claude-code
- Awesome Claude Code: https://github.com/hesreallyhim/awesome-claude-code
- Awesome Claude Skills: https://github.com/travisvn/awesome-claude-skills
- GitHub Issues: https://github.com/anthropics/claude-code/issues
- Discord: Check Anthropic's community channels
- Documentation: https://docs.claude.com
For complete details, see the official CHANGELOG.md.
Version 2.1.7 (January 14, 2026) - Latest
- ⚙️
showTurnDurationsetting to hide turn duration messages - 💬 Feedback ability for permission prompts
- 📱 Inline agent response display in task notifications
- 🔒 Security fix: wildcard permission rules vulnerability
- 🪟 Windows file sync compatibility improvements
- 🔧 MCP tool search auto mode enabled by default
- 🔗 OAuth/API Console URL migration to
platform.claude.com
Version 2.1.6 (January 13, 2026)
- 🔍 Search functionality in
/configcommand - 📊 Date range filtering in
/stats(7/30 days, all-time) - 🔄 Updates section in
/doctorcommand - 📁 Nested
.claude/skillsdirectory discovery - 📈
context_window.used_percentageandremaining_percentagestatus fields - 🔒 Permission bypass security fix (shell line continuation)
Version 2.1.5 (January 12, 2026)
- 📁
CLAUDE_CODE_TMPDIRenvironment variable for temp directory override
Version 2.1.3 (January 9, 2026)
- 🔀 Merged slash commands and skills (simplified mental model)
- 📻 Release channel toggle (
stable/latest) in/config ⚠️ Permission rules unreachability detection and warnings- 📝 Fixed plan file persistence across
/clear - ⏱️ 10-minute tool hook execution timeout
Version 2.1.2 (January 9, 2026)
- 🖼️ Source path metadata for dragged images
- 🔗 OSC 8 hyperlinks for file paths (iTerm support)
- 🪟 Windows Package Manager (winget) support
- ⌨️ Shift+Tab in plan mode for "auto-accept edits"
- 🔒 Command injection vulnerability fix in bash processing
- 🧹 Memory leak fix in tree-sitter parse trees
- 💾 Large output persistence to disk instead of truncation
Version 2.1.0 (December 23, 2025)
- 🔄 Automatic skill hot-reload
- 🔀
context: forksupport for skill sub-agents - 🌐
languagesetting for Claude's response language - ⌨️ Shift+Enter works out-of-box in iTerm2, WezTerm, Ghostty, Kitty
- 📁
respectGitignoresetting for per-project control - 🎯 Wildcard pattern matching for Bash tool permissions (
*syntax) - ⌨️ Unified
Ctrl+Bbackgrounding for bash commands and agents - 🌐
/teleportand/remote-envcommands for claude.ai subscribers - ⚡ Agents can define hooks in frontmatter
- ✂️ New Vim motions:
;and,repeat,yoperator,p/Ppaste - 🔧
--toolsflag for restricting tool use - 📄
CLAUDE_CODE_FILE_READ_MAX_OUTPUT_TOKENSenvironment variable - 🖼️ Cmd+V image paste support in iTerm2
Version 2.0.74 (December 19, 2025)
- 🔍 LSP Tool: Language Server Protocol for code intelligence
- 📍 Go-to-definition, find references, hover documentation
- 🖥️
/terminal-setupsupport for Kitty, Alacritty, Zed, Warp - 🎨
Ctrl+Tshortcut in/themefor syntax highlighting toggle
Version 2.0.72 (December 18, 2025)
- 🌐 Claude in Chrome (Beta) with Chrome extension control
- ⚡ ~3x faster
@file suggestions in git repositories - ⌨️ Changed thinking toggle from Tab to Alt+T
Version 2.0.70 (December 16, 2025)
- ⌨️ Enter key submits prompt suggestions immediately (Tab edits)
- 🎯 Wildcard syntax
mcp__server__*for MCP tool permissions - 🧠 Improved memory usage (3x reduction for large conversations)
Version 2.0.67 (December 12, 2025)
- 💡 Claude now suggests prompts (Tab accepts or Enter submits)
- 🧠 Thinking mode enabled by default for Opus 4.5
- 🔍 Search functionality in
/permissionscommand
Version 2.0.65 (December 11, 2025)
- ⌨️ Alt+P (Linux/Windows) or Option+P (macOS) to switch models while typing
- 📊 Context window information in status line
- 🔧
CLAUDE_CODE_SHELLenvironment variable for shell detection
Version 2.0.64 (December 10, 2025)
- ⚡ Instant auto-compacting
- 🔄 Asynchronous agents and bash commands with wake-up messages
- 📊
/statsprovides usage stats and engagement metrics - 📝 Named session support:
/renameand/resume <name> - 📁
.claude/rules/directory support
Version 2.0.60 (December 6, 2025)
- 🔄 Background agent support (agents run while working)
- 🔧
--disable-slash-commandsCLI flag - 📝 Model name in "Co-Authored-By" commit messages
- 🔀
/mcp enable|disable [server-name]quick toggles
Version 2.0.51 (November 24, 2025)
- 🧠 Opus 4.5 released
- 🖥️ Claude Code for Desktop introduced
- 📝 Plan Mode builds more precise plans
Version 2.0.45 (November 19, 2025)
- ☁️ Azure AI Foundry support
- 🔐
PermissionRequesthook for auto-approve/deny logic
Version 2.0.24 (October 21, 2025)
- 🛡️ Sandbox mode for BashTool on Linux/Mac
- 🌐 Claude Code Web → CLI teleport support
Version 2.0.20 (October 17, 2025)
- ⭐ Claude Skills for reusable prompt templates
Version 2.0.12 (October 9, 2025)
- 🔌 Plugin System Released
/plugin install,/plugin enable/disable,/plugin marketplace
Version 2.0.10 (October 8, 2025)
- ✨ Rewrote terminal renderer (buttery smooth UI)
- 🔀
@mentionto enable/disable MCP servers - ⌨️ Tab completion for shell commands in bash mode
- ✏️ PreToolUse hooks can modify tool inputs
- ⌨️ Press
Ctrl-Gto edit prompt in system text editor
Version 2.0.0 (September 29, 2025)
- 🆕 New native VS Code extension
- ✨ Fresh UI throughout app
- ⏪
/rewindto undo code changes - 📊
/usagefor plan limits viewing - ⌨️ Tab toggles thinking (sticky)
- 🔍 Ctrl-R searches history
- 🤖 SDK became Claude Agent SDK
- 🔧
--agentsflag for dynamic subagents
Version 2026.1 (January 2026)
- Major update covering v2.0.34 through v2.1.7
- Added LSP Tool documentation (go-to-definition, find references, hover)
- Added Thinking Mode section (Tab toggle, ultrathink, Alt+T)
- Added Plan Mode documentation
- Added Background Tasks & Agents section (Ctrl+B)
- Added comprehensive Keyboard Shortcuts reference
- Added Environment Variables comprehensive list
- Added Prompt Suggestions documentation
- Added 20+ new slash commands (/rewind, /stats, /usage, /config, /doctor, /terminal-setup, /rename, /resume, /teleport, /remote-env, etc.)
- Added new settings documentation (language, attribution, respectGitignore, etc.)
- Added
.claude/rules/directory documentation - Added wildcard permissions syntax
- Updated changelog to v2.1.7
Version 2025.0 (January 2025)
- Complete rewrite focused on verified features
- Clear separation of official vs. experimental content
- Added Skills System documentation
- Added Plugins documentation
- Added
/statuslineand/add-dircommands - Added CLI flags reference section
- Enhanced
@filenamereference syntax documentation - Comprehensive examples and patterns
- All claims verified against official docs
Previous versions mixed Claude.ai web features (REPL, Artifacts) with Claude Code CLI features, causing confusion. This version focuses exclusively on Claude Code CLI.
This guide is a living document that automatically stays current with Claude Code's development.
A bi-daily pipeline (every 2 days at 3am UTC) runs Claude Code to:
-
Check official sources:
- Anthropic Docs - Official documentation
- GitHub Releases - Version changelog
- Anthropic News - Announcements
- Anthropic Changelog - Product updates
-
Compare against current guide content
-
Update with verified changes:
- New features and capabilities
- Changed CLI flags or commands
- New tools or integrations
- Bug fixes or deprecations
-
Auto-commit changes with detailed commit messages
See update-log.md for the history of automated updates.
The update can also be run manually:
./scripts/update-guide.shThis guide is community-maintained and not officially affiliated with Anthropic. Information is gathered from official documentation (docs.claude.com) and community experience.
For official information, always refer to: https://docs.claude.com/en/docs/claude-code/overview
End of Guide
For AI Agents: You've reached the end of the verified Claude Code guide. All features marked
[OFFICIAL]are documented at docs.claude.com. Features marked[COMMUNITY]are widely-used patterns. Content in the[EXPERIMENTAL]section is theoretical and should be tested before relying on it.
