DiscordSign up
SKILLS.SH

plankton-code-quality

Write-time code quality enforcement with auto-formatting, linting, and Claude-powered subprocess fixes on every file edit. Three-phase architecture: silent auto-formatting, violation collection, and tiered model routing (Haiku for style, Sonnet for complexity, Opus for types) to fix unfixable issues Supports Python, TypeScript, Shell, YAML, JSON, TOML, Markdown, and Dockerfile with 20+ linters including ruff, biome, shellcheck, and hadolint Config protection via PreToolUse and Stop hooks prevents agents from disabling rules instead of fixing code; blocks legacy package managers (pip, npm, yarn) Main agent only sees violations the subprocess couldn't fix; most quality problems resolve transparently with exit code 0

INSTALLATION
npx skills add https://github.com/affaan-m/everything-claude-code --skill plankton-code-quality
Run in your project or agent environment. Adjust flags if your CLI version differs.

SKILL.md

Plankton Code Quality Skill

Integration reference for Plankton (credit: @alxfazio), a write-time code quality enforcement system for Claude Code. Plankton runs formatters and linters on every file edit via PostToolUse hooks, then spawns Claude subprocesses to fix violations the agent didn't catch.

When to Use

  • You want automatic formatting and linting on every file edit (not just at commit time)
  • You need defense against agents modifying linter configs to pass instead of fixing code
  • You want tiered model routing for fixes (Haiku for simple style, Sonnet for logic, Opus for types)
  • You work with multiple languages (Python, TypeScript, Shell, YAML, JSON, TOML, Markdown, Dockerfile)

How It Works

Three-Phase Architecture

Every time Claude Code edits or writes a file, Plankton's multi_linter.sh PostToolUse hook runs:

Phase 1: Auto-Format (Silent)

├─ Runs formatters (ruff format, biome, shfmt, taplo, markdownlint)

├─ Fixes 40-50% of issues silently

└─ No output to main agent

Phase 2: Collect Violations (JSON)

├─ Runs linters and collects unfixable violations

├─ Returns structured JSON: {line, column, code, message, linter}

└─ Still no output to main agent

Phase 3: Delegate + Verify

├─ Spawns claude -p subprocess with violations JSON

├─ Routes to model tier based on violation complexity:

│   ├─ Haiku: formatting, imports, style (E/W/F codes) — 120s timeout

│   ├─ Sonnet: complexity, refactoring (C901, PLR codes) — 300s timeout

│   └─ Opus: type system, deep reasoning (unresolved-attribute) — 600s timeout

├─ Re-runs Phase 1+2 to verify fixes

└─ Exit 0 if clean, Exit 2 if violations remain (reported to main agent)

What the Main Agent Sees

Scenario

Agent sees

Hook exit

No violations

Nothing

0

All fixed by subprocess

Nothing

0

Violations remain after subprocess

[hook] N violation(s) remain

2

Advisory (duplicates, old tooling)

[hook:advisory] ...

0

The main agent only sees issues the subprocess couldn't fix. Most quality problems are resolved transparently.

Config Protection (Defense Against Rule-Gaming)

LLMs will modify .ruff.toml or biome.json to disable rules rather than fix code. Plankton blocks this with three layers:

  • PreToolUse hookprotect_linter_configs.sh blocks edits to all linter configs before they happen
  • Stop hookstop_config_guardian.sh detects config changes via git diff at session end
  • Protected files list.ruff.toml, biome.json, .shellcheckrc, .yamllint, .hadolint.yaml, and more

Package Manager Enforcement

A PreToolUse hook on Bash blocks legacy package managers:

  • pip, pip3, poetry, pipenv → Blocked (use uv)
  • npm, yarn, pnpm → Blocked (use bun)
  • Allowed exceptions: npm audit, npm view, npm publish

Setup

Quick Start

Note: Plankton requires manual installation from its repository. Review the code before installing.

# Install core dependencies

brew install jaq ruff uv

# Install Python linters

uv sync --all-extras

# Start Claude Code — hooks activate automatically

claude

No install command, no plugin config. The hooks in .claude/settings.json are picked up automatically when you run Claude Code in the Plankton directory.

Per-Project Integration

To use Plankton hooks in your own project:

  • Copy .claude/hooks/ directory to your project
  • Copy .claude/settings.json hook configuration
  • Copy linter config files (.ruff.toml, biome.json, etc.)
  • Install the linters for your languages

Language-Specific Dependencies

Language

Required

Optional

Python

ruff, uv

ty (types), vulture (dead code), bandit (security)

TypeScript/JS

biome

oxlint, semgrep, knip (dead exports)

Shell

shellcheck, shfmt

YAML

yamllint

Markdown

markdownlint-cli2

Dockerfile

hadolint (>= 2.12.0)

TOML

taplo

JSON

jaq

Pairing with ECC

Complementary, Not Overlapping

Concern

ECC

Plankton

Code quality enforcement

PostToolUse hooks (Prettier, tsc)

PostToolUse hooks (20+ linters + subprocess fixes)

Security scanning

AgentShield, security-reviewer agent

Bandit (Python), Semgrep (TypeScript)

Config protection

PreToolUse blocks + Stop hook detection

Package manager

Detection + setup

Enforcement (blocks legacy PMs)

CI integration

Pre-commit hooks for git

Model routing

Manual (/model opus)

Automatic (violation complexity → tier)

Recommended Combination

  • Install ECC as your plugin (agents, skills, commands, rules)
  • Add Plankton hooks for write-time quality enforcement
  • Use AgentShield for security audits
  • Use ECC's verification-loop as a final gate before PRs

Avoiding Hook Conflicts

If running both ECC and Plankton hooks:

  • ECC's Prettier hook and Plankton's biome formatter may conflict on JS/TS files
  • Resolution: disable ECC's Prettier PostToolUse hook when using Plankton (Plankton's biome is more comprehensive)
  • Both can coexist on different file types (ECC handles what Plankton doesn't cover)

Configuration Reference

Plankton's .claude/hooks/config.json controls all behavior:

{

  "languages": {

    "python": true,

    "shell": true,

    "yaml": true,

    "json": true,

    "toml": true,

    "dockerfile": true,

    "markdown": true,

    "typescript": {

      "enabled": true,

      "js_runtime": "auto",

      "biome_nursery": "warn",

      "semgrep": true

    }

  },

  "phases": {

    "auto_format": true,

    "subprocess_delegation": true

  },

  "subprocess": {

    "tiers": {

      "haiku":  { "timeout": 120, "max_turns": 10 },

      "sonnet": { "timeout": 300, "max_turns": 10 },

      "opus":   { "timeout": 600, "max_turns": 15 }

    },

    "volume_threshold": 5

  }

}

Key settings:

  • Disable languages you don't use to speed up hooks
  • volume_threshold — violations > this count auto-escalate to a higher model tier
  • subprocess_delegation: false — skip Phase 3 entirely (just report violations)

Environment Overrides

Variable

Purpose

HOOK_SKIP_SUBPROCESS=1

Skip Phase 3, report violations directly

HOOK_SUBPROCESS_TIMEOUT=N

Override tier timeout

HOOK_DEBUG_MODEL=1

Log model selection decisions

HOOK_SKIP_PM=1

Bypass package manager enforcement

References

  • Plankton (credit: @alxfazio)
  • Plankton REFERENCE.md — Full architecture documentation (credit: @alxfazio)
  • Plankton SETUP.md — Detailed installation guide (credit: @alxfazio)

ECC v1.8 Additions

Copyable Hook Profile

Set strict quality behavior:

export ECC_HOOK_PROFILE=strict

export ECC_QUALITY_GATE_FIX=true

export ECC_QUALITY_GATE_STRICT=true

Language Gate Table

  • TypeScript/JavaScript: Biome preferred, Prettier fallback
  • Python: Ruff format/check
  • Go: gofmt

Config Tamper Guard

During quality enforcement, flag changes to config files in same iteration:

  • biome.json, .eslintrc*, prettier.config*, tsconfig.json, pyproject.toml

If config is changed to suppress violations, require explicit review before merge.

CI Integration Pattern

Use the same commands in CI as local hooks:

  • run formatter checks
  • run lint/type checks
  • fail fast on strict mode
  • publish remediation summary

Health Metrics

Track:

  • edits flagged by gates
  • average remediation time
  • repeat violations by category
  • merge blocks due to gate failures
BrowserAct

Let your agent run on any real-world website

Bypass CAPTCHA & anti-bot for free. Start local, scale to cloud.

Explore BrowserAct Skills →

Related skills

find-skills
2/3

Discover and install specialized agent skills from the open ecosystem when users need extended capabilities. Helps identify relevant skills by domain and task when users ask "how do I do X" or "find a skill for X" Integrates with the Skills CLI ( npx skills find , npx skills add ) to search, verify, and install packages from the skills.sh directory Recommends skills based on install count, source reputation, and GitHub stars to ensure quality before suggesting installation Presents skill options with install commands and links to skills.sh for user review and one-click installation

Verified authorvercel-labs
SKILLS.SH
1.5M19.6K
2026-05-22
vercel-react-best-practices
3/3

React and Next.js performance optimization guide with 64 prioritized rules across 8 categories. Organized by impact level, from critical waterfalls and bundle optimization down to advanced patterns, each rule includes incorrect/correct code examples and explanations Covers eight domains: async patterns, bundle size, server-side caching, client-side data fetching, re-render optimization, rendering performance, JavaScript efficiency, and advanced patterns Designed for use during component writing, code review, refactoring, and performance audits on React and Next.js applications Each rule has a prefix code (e.g., async-parallel , bundle-barrel-imports ) for easy reference in automated tooling and documentation

Verified authorvercel-labs
SKILLS.SH
389K26.9K
2026-05-22
azure-validate
2/3

Pre-deployment validation for Azure infrastructure, configuration, and permissions before deployment. Requires .azure/plan.md from a prior azure-prepare run; stops immediately if the plan is missing Executes recipe-specific validation commands (azd provision, bicep build, terraform validate) and records proof in the plan document Performs build verification, configuration checks, and permission validation; blocks deployment if any check fails Only authorized method to set plan status to Validated ; must be followed by azure-deploy skill to execute the actual deployment

Verified authormicrosoft
SKILLS.SH
324K1.1K
2026-05-22
appinsights-instrumentation
3/3

Guidance and reference material for instrumenting webapps with Azure Application Insights. Covers SDK setup, telemetry patterns, and configuration for ASP.NET Core and Node.js applications hosted in Azure Distinguishes between this skill (reference and guidance) and azure-prepare (actual implementation); invoke azure-prepare when the user wants to add instrumentation to their project Provides auto-instrumentation guidance for C# ASP.NET Core apps in Azure App Service, plus manual instrumentation paths for creating App Insights resources via Bicep templates or Azure CLI Includes language-specific code modification guides for ASP.NET Core, Node.js, and Python, plus quick references for OpenTelemetry SDKs and exporters

Verified authormicrosoft
SKILLS.SH
324K1.1K
2026-05-22

Stop writing automation&scrapers

Install the CLI. Run your first Skill in 30 seconds. Scale when you're ready.

Start free
free · no credit card