onflow · 0xLisanAlGaib · Apr 9, 2026 · Apr 8, 2026 · Apr 8, 2026 · Apr 8, 2026
@@ -0,0 +1,40 @@
+{
+	"name": "flow-claude-code-plugins",
+	"owner": {
+		"name": "Flow Foundation"
+	},
+	"metadata": {
+		"description": "Claude Code plugins for the Flow blockchain ecosystem",
+		"version": "1.0.0",
+		"pluginRoot": "./plugins"
+	},
+	"plugins": [
+		{
+			"name": "cadence",
+			"source": "./plugins/cadence",
+			"description": "Skills for writing secure, correct, and idiomatic Cadence smart contracts on the Flow blockchain — covering language fundamentals, token standards, DeFi actions, and project setup",
+			"version": "1.0.0",
+			"author": {
+				"name": "Flow Foundation"
+			},
+			"homepage": "https://github.com/onflow/flow-ai-tools",
+			"repository": "https://github.com/onflow/flow-ai-tools",
+			"keywords": [
+				"cadence",
+				"flow",
+				"blockchain",
+				"smart-contracts",
+				"nft",
+				"fungible-token",
+				"defi",
+				"security",
+				"entitlements",
+				"resources",
+				"capabilities",
+				"transactions",
+				"fcl"
+			],
+			"category": "blockchain"
+		}
+	]
+}
@@ -0,0 +1,2 @@
+.claude
+docs/plans/
@@ -0,0 +1,90 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code when working in this repository.
+
+## Project Overview
+
+This repository is a **Claude Code plugin marketplace** for the [Flow blockchain](https://github.com/onflow) ecosystem. It hosts the `cadence` plugin, which provides domain-specific skills that help Claude Code write better, more secure Cadence smart contract code on Flow.
+
+**Target users**: Cadence/Flow developers who install this marketplace into Claude Code to get specialized assistance with smart contract development, auditing, querying, and deployment.
+
+## How Skills Work
+
+Skills use a three-level progressive disclosure system:
+
+1. **Metadata** (~100 words) — The `name` and `description` in YAML frontmatter. Always loaded into Claude's context. This is how Claude decides whether to activate a skill.
+2. **SKILL.md body** (~200 words) — Loaded when the skill triggers. Contains overview, quick start, and a navigation map pointing to reference files.
+3. **Reference files** (200-300 lines each) — Loaded on demand when Claude needs detailed information on a specific topic.
+
+This design keeps Claude's context efficient: metadata is always present, the skill body loads only when relevant, and references load only when needed for the specific task.
+
+## Repository Structure
+
+```
+.claude-plugin/
+    marketplace.json            # Marketplace catalog (registers all plugins)
+plugins/
+    cadence/
+        .claude-plugin/
+            plugin.json         # Plugin metadata (name, version, author, keywords)
+        skills/
+            cadence-lang/       # Cadence language fundamentals (14 references)
+            cadence-tokens/     # NFT/FT token development (2 references)
+            cadence-defi-actions/ # DeFi Actions framework (5 references)
+            cadence-audit/      # Security audit & review (2 references)
+            cadence-scaffold/   # Code generation templates (3 references)
+            flow-project-setup/ # Project config & deployment (2 references)
+README.md                       # Installation instructions and plugin catalog
+```
+
+## Skill Routing Guide
+
+When a developer asks for help, use this table to determine which skill(s) to activate:
+
+| Developer need | Primary skill | May also need |
+|---|---|---|
+| Write/understand Cadence code (syntax, types, patterns) | `cadence-lang` | |
+| Build an NFT or FT token contract | `cadence-tokens` | `cadence-lang` |
+| Compose DeFi transactions (restaking, swaps, AutoBalancer) | `cadence-defi-actions` | `cadence-lang` |
+| Review or audit existing Cadence code | `cadence-audit` | `cadence-lang` |
+| Generate a new contract, transaction, or DeFi tx from scratch | `cadence-scaffold` | `cadence-lang`, `cadence-tokens` |
+| Build React frontend on Flow | `flow-react-sdk` | |
+| Set up a Flow project, configure flow.json, deploy | `flow-project-setup` | |
+
+## Key Conventions
+
+### File naming
+- Plugin names: kebab-case
+- Skill names: kebab-case, unique within a plugin
+- Reference files: kebab-case `.md` files in a `references/` subdirectory
+
+### SKILL.md format
+Every skill requires YAML frontmatter with:
+- `name` — Skill identifier (kebab-case)
+- `description` — ~100 words covering: what the skill does, when it should trigger (specific phrases/contexts), and when it should NOT trigger (with redirects to the correct skill)
+
+### Reference files
+- 200-300 lines each, focused on a single topic
+- If content exceeds 300 lines, split into multiple files rather than truncating
+- Include code examples with ✅/❌ patterns where applicable
+- All Cadence code examples must follow Cadence 1.0 syntax
+
+### Adding a new skill
+1. Create `plugins/cadence/skills/<skill-name>/SKILL.md` with frontmatter
+2. Create `references/` subdirectory with topic-focused reference files
+3. Update this routing table and the README.md plugin catalog
+4. Ensure the description includes trigger phrases AND non-trigger redirects
+
+### Adding a new plugin
+1. Create `plugins/<name>/.claude-plugin/plugin.json`
+2. Create skills under `plugins/<name>/skills/`
+3. Register in `.claude-plugin/marketplace.json`
+4. Update README.md
+
+## Content Sources
+
+The skills in this marketplace were derived from:
+- [onflow/cadence-rules](https://github.com/onflow/cadence-rules) — Cadence language rules, security patterns, DeFi Actions framework
+- [onflow/flow-cli](https://github.com/onflow/flow-cli) — Flow CLI query patterns and FindLabs API
+- Flow official documentation — cadence-lang.org, developers.flow.com
+- Security audit best practices for Cadence smart contracts
@@ -1,2 +1,100 @@
-# flow-ai-tools
-Tools useful for developing on Flow with AI
+# Flow Claude Code Plugins
+
+A [Claude Code](https://claude.ai/code) plugin marketplace for the [Flow blockchain](https://github.com/onflow) ecosystem. These plugins provide domain-specific skills that help Claude Code write better Cadence and Flow code.
+
+## Installation
+
+Add this marketplace to Claude Code:
+
+```bash
+/plugin marketplace add onflow/flow-claude-code-plugins
+```
+
+Then install individual plugins:
+
+```bash
+/plugin install cadence@flow-claude-code-plugins
+```
+
+## Available Plugins
+
+| Plugin | Description | Skills | Category |
+|--------|-------------|--------|----------|
+| **cadence** | Cadence smart contract development on Flow | `cadence-lang`, `cadence-tokens`, `cadence-defi-actions`, `cadence-audit`, `cadence-scaffold`, `flow-react-sdk`, `flow-project-setup` | blockchain |
+
+### cadence
+
+Skills for writing secure, correct, and idiomatic Cadence code on the Flow blockchain:
+
+| Skill | Description |
+|-------|-------------|
+| `cadence-lang` | Cadence language fundamentals: access control, entitlements, resources, contracts, transactions, interfaces, accounts, references, capabilities, pre/post conditions, security best practices, anti-patterns, and design patterns |
+| `cadence-tokens` | NFT and FT token development: NonFungibleToken/FungibleToken interface conformance, MetadataViews integration, collection patterns, modular NFT architectures |
+| `cadence-defi-actions` | DeFi transaction composition using the DeFiActions framework: Source/Sink/Swapper interfaces, IncrementFi connectors, restaking workflows, AutoBalancer |
+| `cadence-audit` | Smart contract audit and review: security vulnerabilities, severity-rated findings, structured review format, project-wide audit workflow |
+| `cadence-scaffold` | Interactive code generation: scaffold production-ready contracts, transactions, and DeFi transactions with proper security patterns |
+| `flow-react-sdk` | React frontend development: FlowProvider setup, Cadence hooks (query, mutate, auth, events), Cross-VM hooks (EVM bridging, batch transactions), UI components (Connect, TransactionButton, NftCard) |
+| `flow-project-setup` | Flow project configuration: flow.json setup, FCL frontend integration, CLI workflow, deployment, debugging, gas optimization, testnet validation |
+
+## Repository Structure
+
+```
+.claude-plugin/
+    marketplace.json        # Marketplace catalog
+plugins/
+    cadence/
+        .claude-plugin/
+            plugin.json     # Plugin metadata
+        skills/
+            cadence-lang/
+                SKILL.md    # Cadence language guide
+                references/ # 14 reference files
+            cadence-tokens/
+                SKILL.md    # Token development guide
+                references/ # 2 reference files
+            cadence-defi-actions/
+                SKILL.md    # DeFi Actions guide
+                references/ # 5 reference files
+            cadence-audit/
+                SKILL.md    # Audit guide
+                references/ # 2 reference files
+            cadence-scaffold/
+                SKILL.md    # Code generation guide
+                references/ # 3 reference files
+            flow-react-sdk/
+                SKILL.md    # React SDK guide
+                references/ # 4 reference files
+            flow-project-setup/
+                SKILL.md    # Project setup guide
+                references/ # 2 reference files
+```
+
+## Contributing
+
+### Adding a new plugin
+
+1. Create a directory under `plugins/<plugin-name>/`
+2. Add `.claude-plugin/plugin.json` with plugin metadata:
+   ```json
+   {
+     "name": "your-plugin",
+     "description": "What your plugin does",
+     "version": "1.0.0",
+     "author": { "name": "Your Name" }
+   }
+   ```
+3. Add skills under `skills/<skill-name>/SKILL.md` with YAML frontmatter:
+   ```yaml
+   ---
+   name: your-skill-name
+   description: When this skill should be activated
+   ---
+   ```
+4. Register the plugin in `.claude-plugin/marketplace.json` by adding an entry to the `plugins` array
+5. Validate with `claude plugin validate .`
+
+### Adding a skill to an existing plugin
+
+1. Create `plugins/<plugin-name>/skills/<skill-name>/SKILL.md`
+2. Add YAML frontmatter with `name` and `description`
+3. Write the skill body with patterns, code examples, and common mistakes
@@ -0,0 +1,36 @@
+{
+	"name": "cadence",
+	"description": "Skills for writing secure, correct, and idiomatic Cadence smart contracts on the Flow blockchain — covering language fundamentals, token standards, DeFi actions, security auditing, and project setup",
+	"version": "1.0.0",
+	"author": {
+		"name": "Flow Foundation",
+		"url": "https://github.com/onflow"
+	},
+	"homepage": "https://github.com/onflow/flow-ai-tools",
+	"repository": "https://github.com/onflow/flow-ai-tools",
+	"keywords": [
+		"cadence",
+		"flow",
+		"blockchain",
+		"smart-contracts",
+		"nft",
+		"fungible-token",
+		"defi",
+		"security",
+		"entitlements",
+		"resources",
+		"capabilities",
+		"transactions",
+		"fcl",
+		"audit",
+		"code-review",
+		"vulnerabilities",
+		"scaffold",
+		"generate",
+		"react",
+		"frontend",
+		"hooks",
+		"cross-vm",
+		"evm"
+	]
+}
@@ -0,0 +1,52 @@
+---
+name: cadence-audit
+description: |
+  Comprehensive audit and review skill for Cadence smart contracts on the Flow blockchain. Identifies security vulnerabilities, bugs, code quality issues, and optimization opportunities. Produces severity-rated findings (Critical/High/Medium/Low) with actionable fixes.
+  TRIGGER when: auditing, reviewing, or improving Cadence code, checking for security issues, performing code review on .cdc files, looking for anti-patterns or vulnerabilities, optimizing smart contract code, "review cadence", "audit cadence", "check cadence security", "validate cadence contract", "review my .cdc file", "security review", "code review", "find vulnerabilities", "check this contract", "is this code secure", "audit my project".
+  DO NOT TRIGGER when: writing new contracts from scratch (use cadence-scaffold), asking about Cadence syntax or patterns (use cadence-lang), building token contracts (use cadence-tokens), composing DeFi transactions (use cadence-defi-actions).
+---
+
+# Cadence Smart Contract Audit
+
+Conduct comprehensive security, quality, and performance reviews of Cadence smart contracts.
+
+## Audit Modes
+
+### Single File Review
+When reviewing a specific file or code snippet, analyze it across four dimensions and produce a structured report.
+
+### Project-Wide Audit
+When auditing a full project:
+1. Discover all `.cdc` files: `cadence/contracts/*.cdc`, `cadence/transactions/*.cdc`, `cadence/scripts/*.cdc`
+2. If none found, search recursively from project root for `*.cdc`
+3. Systematically audit each file using the checklist
+4. Produce a project-level summary with file-by-file findings
+
+## Review Dimensions
+
+1. **Security** — Vulnerabilities, access control, resource safety, capability management
+2. **Bugs** — Nil dereferences, resource loss, type confusion, infinite loops
+3. **Code Quality** — Readability, naming, documentation, patterns compliance
+4. **Optimization** — Unnecessary copies, storage inefficiencies, gas usage
+
+## Quick Per-Function Checklist
+
+- Can the field be `let` instead of `var`?
+- Can the function be `view`?
+- Can access be more restrictive (`access(self)`, entitled)?
+- Are inputs validated with pre-conditions?
+- Are results verified with post-conditions?
+- Are error messages descriptive with interpolated values?
+
+## Navigation
+
+| Reference | Content |
+|-----------|---------|
+| [audit-checklist.md](references/audit-checklist.md) | Full security, bugs, quality, DeFi, optimization checklists |
+| [review-format.md](references/review-format.md) | Structured output format, severity levels, verdict criteria |
+
+## Companion Skills
+
+- **`cadence-lang`** — Essential during audits. Consult for access control rules, entitlement patterns, resource safety, anti-patterns, and design patterns. Every audit finding should reference the specific Cadence rule being violated.
+- **`cadence-tokens`** — Consult when auditing NFT/FT contracts for standard compliance (NonFungibleToken interface, MetadataViews requirements).
+- **`cadence-defi-actions`** — Consult when auditing DeFi transactions for connector safety rules, vault handling, and type validation.