Skip to main content

Command Development

Facilitates the creation and management of slash commands for Claude Code, enhancing user interaction and workflow efficiency.

Install this skill

or
20/100

Security score

The Command Development skill was audited on Mar 1, 2026 and we found 14 security issues across 2 threat categories, including 1 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

high line 531

Template literal with variable interpolation in command context

SourceSKILL.md
531Plugin commands have access to `${CLAUDE_PLUGIN_ROOT}`, an environment variable that resolves to the plugin's absolute path.
medium line 547

Template literal with variable interpolation in command context

SourceSKILL.md
547Run analysis: !`node ${CLAUDE_PLUGIN_ROOT}/scripts/analyze.js $1`
medium line 556

Template literal with variable interpolation in command context

SourceSKILL.md
556!`bash ${CLAUDE_PLUGIN_ROOT}/scripts/script.sh`
medium line 604

Template literal with variable interpolation in command context

SourceSKILL.md
604```markdown
medium line 619

Template literal with variable interpolation in command context

SourceSKILL.md
619```markdown
medium line 638

Template literal with variable interpolation in command context

SourceSKILL.md
638Build: !`bash ${CLAUDE_PLUGIN_ROOT}/scripts/build.sh`
medium line 639

Template literal with variable interpolation in command context

SourceSKILL.md
639Test: !`bash ${CLAUDE_PLUGIN_ROOT}/scripts/test.sh`
medium line 640

Template literal with variable interpolation in command context

SourceSKILL.md
640Package: !`bash ${CLAUDE_PLUGIN_ROOT}/scripts/package.sh`
medium line 655

Template literal with variable interpolation in command context

SourceSKILL.md
655```markdown
medium line 731

Template literal with variable interpolation in command context

SourceSKILL.md
731!`node ${CLAUDE_PLUGIN_ROOT}/scripts/lint.js $1`
medium line 799

Template literal with variable interpolation in command context

SourceSKILL.md
799- Script: !`test -x ${CLAUDE_PLUGIN_ROOT}/bin/analyze && echo "✓" || echo "✗"`
medium line 800

Template literal with variable interpolation in command context

SourceSKILL.md
800- Config: !`test -f ${CLAUDE_PLUGIN_ROOT}/config.json && echo "✓" || echo "✗"`
medium line 814

Template literal with variable interpolation in command context

SourceSKILL.md
814Execute build: !`bash ${CLAUDE_PLUGIN_ROOT}/scripts/build.sh 2>&1 || echo "BUILD_FAILED"`
medium line 63

Access to hidden dotfiles in home directory

SourceSKILL.md
63- Location: `~/.claude/commands/`
Scanned on Mar 1, 2026
View Security Dashboard

Install this skill with one command

/learn @wenjunduan/command-development
GitHub Stars 127
Rate this skill
Categorydevelopment
UpdatedMarch 29, 2026
claude-codeapiml-ai-engineertechnical-writerproduct-managerdevelopmentcontent mediaproduct
WenJunDuan/Rlues