marketing-shibata50/claude-code-ultimate-guide
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(seo): GEO optimization — llms.txt v3.32.2, llms-full.txt, FAQ

Browse source 
Phase 1 (repo): update machine-readable/llms.txt (v3.8.0→3.32.2,
87→238 templates, 9.6K→22.7K lines), create root llms.txt per
llmstxt.org convention, create llms-full.txt (~20KB: cheatsheet,
template list, FAQ), sync mcp-server/content/llms.txt.

Phase 4 (README): replace invisible HTML keyword comment with visible
mini-FAQ (5 Q&A) for GEO crawlers.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Florian BRUNIAUX 2026-03-09 14:15:35 +01:00
parent 8c06d47a80
commit 0d70fd88f0
5 changed files with 847 additions and 1061 deletions
Download patch file Download diff file Expand all files Collapse all files

853
README.md
View file

@ -7,9 +7,9 @@
<p align="center">
<a href="https://github.com/FlorianBruniaux/claude-code-ultimate-guide/stargazers"><img src="https://img.shields.io/github/stars/FlorianBruniaux/claude-code-ultimate-guide?style=for-the-badge" alt="Stars"/></a>
<a href="./CHANGELOG.md"><img src="https://img.shields.io/badge/Updated-Mar_9,_2026_·_v3.32.2-brightgreen?style=for-the-badge" alt="Last Update"/></a>
<a href="./quiz/"><img src="https://img.shields.io/badge/Quiz-274_questions-orange?style=for-the-badge" alt="Quiz"/></a>
<a href="./examples/"><img src="https://img.shields.io/badge/Templates-176-green?style=for-the-badge" alt="Templates"/></a>
<a href="./guide/security-hardening.md"><img src="https://img.shields.io/badge/🛡_Threat_DB-24_CVEs_·_655_malicious_skills-red?style=for-the-badge" alt="Threat Database"/></a>
<a href="./quiz/"><img src="https://img.shields.io/badge/Quiz-271_questions-orange?style=for-the-badge" alt="Quiz"/></a>
<a href="./examples/"><img src="https://img.shields.io/badge/Templates-222-green?style=for-the-badge" alt="Templates"/></a>
<a href="./guide/security-hardening.md"><img src="https://img.shields.io/badge/🛡_Threat_DB-15_vulnerabilities_·_655_malicious_skills-red?style=for-the-badge" alt="Threat Database"/></a>
<a href="./mcp-server/"><img src="https://img.shields.io/badge/MCP_Server-npx_ready-blueviolet?style=for-the-badge" alt="MCP Server"/></a>
</p>
@ -17,7 +17,6 @@
<a href="https://github.com/hesreallyhim/awesome-claude-code"><img src="https://awesome.re/mentioned-badge-flat.svg" alt="Mentioned in Awesome Claude Code"/></a>
<a href="https://creativecommons.org/licenses/by-sa/4.0/"><img src="https://img.shields.io/badge/License-CC%20BY--SA%204.0-blue.svg" alt="License: CC BY-SA 4.0"/></a>
<a href="https://skills.palebluedot.live/owner/FlorianBruniaux"><img src="https://img.shields.io/badge/SkillHub-9_skills-8b5cf6.svg" alt="SkillHub Skills"/></a>
<a href="https://zread.ai/FlorianBruniaux/claude-code-ultimate-guide"><img src="https://img.shields.io/badge/Ask_Zread-_.svg?style=flat&color=00b0aa&labelColor=000000&logo=data%3Aimage%2Fsvg%2Bxml%3Bbase64%2CPHN2ZyB3aWR0aD0iMTYiIGhlaWdodD0iMTYiIHZpZXdCb3g9IjAgMCAxNiAxNiIgZmlsbD0ibm9uZSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KPHBhdGggZD0iTTQuOTYxNTYgMS42MDAxSDIuMjQxNTZDMS44ODgxIDEuNjAwMSAxLjYwMTU2IDEuODg2NjQgMS42MDE1NiAyLjI0MDFWNC45NjAxQzEuNjAxNTYgNS4zMTM1NiAxLjg4ODEgNS42MDAxIDIuMjQxNTYgNS42MDAxSDQuOTYxNTZDNS4zMTUwMiA1LjYwMDEgNS42MDE1NiA1LjMxMzU2IDUuNjAxNTYgNC45NjAxVjIuMjQwMUM1LjYwMTU2IDEuODg2NjQgNS4zMTUwMiAxLjYwMDEgNC45NjE1NiAxLjYwMDFaIiBmaWxsPSIjZmZmIi8%2BCjxwYXRoIGQ9Ik00Ljk2MTU2IDEwLjM5OTlIMi4yNDE1NkMxLjg4ODEgMTAuMzk5OSAxLjYwMTU2IDEwLjY4NjQgMS42MDE1NiAxMS4wMzk5VjEzLjc1OTlDMS42MDE1NiAxNC4xMTM0IDEuODg4MSAxNC4zOTk5IDIuMjQxNTYgMTQuMzk5OUg0Ljk2MTU2QzUuMzE1MDIgMTQuMzk5OSA1LjYwMTU2IDE0LjExMzQgNS42MDE1NiAxMy43NTk5VjExLjAzOTlDNS42MDE1NiAxMC42ODY0IDUuMzE1MDIgMTAuMzk5OSA0Ljk2MTU2IDEwLjM5OTlaIiBmaWxsPSIjZmZmIi8%2BCjxwYXRoIGQ9Ik0xMy43NTg0IDEuNjAwMUgxMS4wMzg0QzEwLjY4NSAxLjYwMDEgMTAuMzk4NCAxLjg4NjY0IDEwLjM5ODQgMi4yNDAxVjQuOTYwMUMxMC4zOTg0IDUuMzEzNTYgMTAuNjg1IDUuNjAwMSAxMS4wMzg0IDUuNjAwMUgxMy43NTg0QzE0LjExMTkgNS42MDAxIDE0LjM5ODQgNS4zMTM1NiAxNC4zOTg0IDQuOTYwMVYyLjI0MDFDMTQuMzk4NCAxLjg4NjY0IDE0LjExMTkgMS42MDAxIDEzLjc1ODQgMS42MDAxWiIgZmlsbD0iI2ZmZiIvPgo8cGF0aCBkPSJNNCAxMkwxMiA0TDQgMTJaIiBmaWxsPSIjZmZmIi8%2BCjxwYXRoIGQ9Ik00IDEyTDEyIDQiIHN0cm9rZT0iI2ZmZiIgc3Ryb2tlLXdpZHRoPSIxLjUiIHN0cm9rZS1saW5lY2FwPSJyb3VuZCIvPgo8L3N2Zz4K&logoColor=ffffff" alt="Ask Zread"/></a>
</p>
> **6 months of daily practice** distilled into a guide that teaches you the WHY, not just the what. From core concepts to production security, you learn to design your own agentic workflows instead of copy-pasting configs.
@ -26,7 +25,7 @@
---
**Not a developer?** Find your entry point:
## Choose Your Path
| Who you are | Your guide |
|---|---|
@ -35,90 +34,39 @@
| 💼 **CIO / CEO** | [Budget, risk, what to ask your tech team (3 min) →](docs/for-cio-ceo.md) |
| 🎨 **Product Manager / Designer** | [Vibe coding, working with AI-assisted dev teams →](docs/for-product-managers.md) |
| ✍️ **Writer / Ops / Manager** | [Claude Cowork Guide (separate repo) →](https://github.com/FlorianBruniaux/claude-cowork-guide) |
| 👨‍💻 **Developer (all levels)** | You're in the right place — read on ↓ |
| 🧭 **Career pivot / new AI role** | [AI Roles & Career Paths →](guide/ai-roles.md) |
---
## 🎯 What You'll Learn
## The Golden Rules
**This guide teaches you to think differently about AI-assisted development:**
- ✅ **Understand trade-offs** — When to use agents vs skills vs commands (not just how to configure them)
- ✅ **Build mental models** — How Claude Code works internally (architecture, context flow, tool orchestration)
- ✅ **Visualize concepts** — 41 Mermaid diagrams covering model selection, master loop, memory hierarchy, multi-agent patterns, security threats, AI fluency paths
- ✅ **Master methodologies** — TDD, SDD, BDD with AI collaboration (not just templates)
- ✅ **Security mindset** — Threat modeling for AI systems (only guide with 24 CVEs + 655 malicious skills database)
- ✅ **Test your knowledge** — 274-question quiz to validate understanding (no other resource offers this)
1. **Verify trust** — Claude Code can generate 1.75× more logic errors than human-written code ([ACM 2025](https://dl.acm.org/doi/10.1145/3716848)). Test everything. Use `/insights` and peer review for production paths.
2. **Vet your MCPs** — 15 vulnerabilities tracked, 655 malicious skills in supply chain. Run the 5-min audit checklist before trusting any MCP server.
3. **Manage context pressure** — At 70% context, precision drops. At 90%+, responses become erratic. Run `/compact` at 70%, `/clear` at 90%.
4. **Start simple, scale when proven** — Basic CLAUDE.md first. Add agents and skills only after 2 weeks of proven need in production.
5. **Methodologies matter more with AI** — TDD/SDD/BDD are not optional. AI accelerates bad code as fast as good code.
**Outcome**: Go from copy-pasting configs to designing your own agentic workflows with confidence.
> Full reference: [Cheat Sheet](./guide/cheatsheet.md) · [Security Guide](./guide/security-hardening.md)
---
## 📊 When to Use This Guide vs Everything-CC
## Quick Start
Both guides serve different needs. Choose based on your priority.
| Your Goal | This Guide | everything-claude-code |
|-----------|------------|------------------------|
| **Understand why** patterns work | Deep explanations + architecture | Config-focused |
| **Quick setup** for projects | Available but not the priority | Battle-tested production configs |
| **Learn trade-offs** (agents vs skills) | Decision frameworks + comparisons | Lists patterns, no trade-off analysis |
| **Security hardening** | Only threat database (24 CVEs) | Basic patterns only |
| **Test understanding** | 274-question quiz | Not available |
| **Methodologies** (TDD/SDD/BDD) | Full workflow guides | Not covered |
| **Copy-paste ready** templates | 176 templates | 200+ templates |
### Ecosystem Positioning
```
EDUCATIONAL DEPTH
│ ★ This Guide
│ Security + Methodologies + 20K lines
│ [Everything-You-Need-to-Know]
│ SDLC/BMAD beginner
─────────────────────────┼─────────────────────────► READY-TO-USE
[awesome-claude-code] │ [everything-claude-code]
(discovery, curation) │ (plugin, 1-cmd install)
│ [claude-code-studio]
│ Context management
SPECIALIZED
```bash
npm install -g @anthropic-ai/claude-code
cd your-project
claude
```
**4 unique gaps no competitor covers:**
1. **Security-First** — 24 CVEs + 655 malicious skills tracked (no competitor has this depth)
2. **Methodology Workflows** — TDD/SDD/BDD comparison + step-by-step guides
3. **Comprehensive Reference** — 20K lines across 16 specialized guides (24× more reference material than everything-cc)
4. **Educational Progression** — 274-question quiz, beginner → expert path
Three commands that matter on day one: `/help` (discover features), `/init` (create CLAUDE.md), `/compact` (free context space).
**Recommended workflow:**
1. Learn concepts here (mental models, trade-offs, security)
2. Use battle-tested configs there (quick project setup)
3. Return here for deep dives (when something doesn't work or to design custom workflows)
**Both resources are complementary, not competitive.** Use what fits your current need.
---
## ⚡ Quick Start
**Quickest path**: [Cheat Sheet](./guide/cheatsheet.md) — 1 printable page with daily essentials
**Interactive onboarding** (no setup needed):
**Personalized onboarding** (no setup needed):
```bash
claude "Fetch and follow the onboarding instructions from: https://raw.githubusercontent.com/FlorianBruniaux/claude-code-ultimate-guide/main/tools/onboarding-prompt.md"
```
**Browse directly**: [Full Guide](./guide/ultimate-guide.md) | [Visual Diagrams](./guide/diagrams/) | [Examples](./examples/) | [Quiz](./quiz/)
---
## 🔌 MCP Server — Use the guide from any Claude Code session
No cloning needed. Add to `~/.claude.json` and ask questions directly from any session:
**MCP Server** — use this guide from any Claude Code session without cloning:
```json
{
"mcpServers": {
@ -131,749 +79,76 @@ No cloning needed. Add to `~/.claude.json` and ask questions directly from any s
}
```
12 tools: `search_guide`, `read_section`, `get_cheatsheet`, `get_digest`, `get_example`, `list_examples`, `get_release`, `get_changelog`, `list_topics`, `compare_versions`, `get_threat`, `list_threats`, `search_examples` — plus 8 slash commands `/ccguide:*` and a Haiku agent.
**Onboarding one-liner** (once MCP is configured):
```bash
claude "Use the claude-code-guide MCP server. Activate the claude-code-expert prompt, then run a personalized onboarding: ask me 3 questions about my goal, experience level, and preferred tone — then build a custom learning path using search_guide and read_section to navigate the guide with live source links."
```
→ [MCP Server README](./mcp-server/README.md)
→ [MCP Server README](./mcp-server/README.md) — 12 tools, 8 slash commands `/ccguide:*`, Haiku agent
---
## 📁 Repository Structure
## What's Inside
```mermaid
graph LR
root[📦 Repository<br/>Root]
root --> guide[📖 guide/<br/>20K lines]
root --> examples[📋 examples/<br/>176 templates]
root --> quiz[🧠 quiz/<br/>274 questions]
root --> tools[🔧 tools/<br/>utils]
root --> machine[🤖 machine-readable/<br/>AI index]
root --> docs[📚 docs/<br/>84 evaluations]
style root fill:#d35400,stroke:#e67e22,stroke-width:3px,color:#fff
style guide fill:#2980b9,stroke:#3498db,stroke-width:2px,color:#fff
style examples fill:#8e44ad,stroke:#9b59b6,stroke-width:2px,color:#fff
style quiz fill:#d68910,stroke:#f39c12,stroke-width:2px,color:#fff
style tools fill:#5d6d7e,stroke:#7f8c8d,stroke-width:2px,color:#fff
style machine fill:#138d75,stroke:#16a085,stroke-width:2px,color:#fff
style docs fill:#c0392b,stroke:#e74c3c,stroke-width:2px,color:#fff
```
<details>
<summary><strong>Detailed Structure (Text View)</strong></summary>
```
📦 claude-code-ultimate-guide/
├─ 📖 guide/ Core Documentation (20K+ lines)
│ ├─ ultimate-guide.md Complete reference, 10 sections
│ ├─ cheatsheet.md 1-page printable
│ ├─ architecture.md How Claude Code works internally
│ ├─ methodologies.md TDD, SDD, BDD workflows
│ ├─ diagrams/ 41 Mermaid diagrams (10 thematic files)
│ ├─ third-party-tools.md Community tools (RTK, ccusage, Entire CLI)
│ ├─ mcp-servers-ecosystem.md Official & community MCP servers
│ └─ workflows/ Step-by-step guides
├─ 📋 examples/ 176 Production Templates
│ ├─ agents/ 9 custom AI personas
│ ├─ commands/ 26 slash commands
│ ├─ hooks/ 31 hooks (bash + PowerShell)
│ ├─ skills/ 14 skills (9 on SkillHub)
│ └─ scripts/ Utility scripts (audit, search)
├─ 🧠 quiz/ 274 Questions
│ ├─ 9 categories Setup, Agents, MCP, Trust, Advanced...
│ ├─ 4 profiles Junior, Senior, Power User, PM
│ └─ Instant feedback Doc links + score tracking
├─ 🔧 tools/ Interactive Utilities
│ ├─ onboarding-prompt Personalized guided tour
│ └─ audit-prompt Setup audit & recommendations
├─ 🤖 machine-readable/ AI-Optimized Index
│ ├─ reference.yaml Structured index (~2K tokens) — powers landing site CMD+K search
│ ├─ claude-code-releases.yaml Structured releases changelog
│ └─ llms.txt Standard LLM context file
└─ 📚 docs/ 84 Resource Evaluations
└─ resource-evaluations/ 5-point scoring, source attribution
```
</details>
| Section | What you get |
|---------|-------------|
| [Ultimate Guide](./guide/ultimate-guide.md) | 22,000+ lines — the complete reference across 10 sections |
| [Cheat Sheet](./guide/cheatsheet.md) | 1-page printable daily reference |
| [Templates](./examples/) | 222 production-ready templates — agents, commands, hooks, skills |
| [Whitepapers](./whitepapers/) | 11 focused whitepapers (FR + EN) — architecture, security, privacy, teams |
| [Quiz](./quiz/) | 271 questions, 4 profiles, instant feedback with doc links |
| [Visual Diagrams](./guide/diagrams/) | 41 Mermaid diagrams — master loop, multi-agent topologies, security threats |
| [Security DB](./examples/commands/resources/threat-db.yaml) | 15 vulnerabilities + 655 malicious skills tracked |
| [Methodologies](./guide/methodologies.md) | TDD, SDD, BDD, GSD — full workflow guides with rationale |
| [Architecture](./guide/architecture.md) | How Claude Code works internally (context flow, tool orchestration) |
| [Claude Code Releases](./guide/claude-code-releases.md) | Condensed official changelog with highlights |
| [Resource Evaluations](./docs/resource-evaluations/) | 84 evidence-based assessments (5-point scoring) |
| [AI Roles & Career Paths](./guide/ai-roles.md) | 13 roles mapped — from Prompt Engineer to Harness Engineer, with career matrix and salary benchmarks |
---
## 🎯 What Makes This Guide Unique
## Whitepapers
### 🎓 Deep Understanding Over Configuration
**Outcome**: Design your own workflows instead of copy-pasting blindly.
**We teach how Claude Code works and why patterns matter**:
- [Architecture](./guide/architecture.md) — Internal mechanics (context flow, tool orchestration, memory management)
- [Trade-offs](./guide/ultimate-guide.md#when-to-use-what) — Decision frameworks for agents vs skills vs commands
- [Configuration Decision Guide](./guide/ultimate-guide.md#27-configuration-decision-guide) — Unified "which mechanism for what?" map across all 7 config layers
- [Pitfalls](./guide/ultimate-guide.md#common-mistakes) — Common failure modes + prevention strategies
**What this means for you**: Troubleshoot issues independently, optimize for your specific use case, know when to deviate from patterns.
---
### 🖼️ Visual Diagrams Series (41 Mermaid Diagrams)
**Outcome**: Grasp complex concepts instantly through visual mental models.
**41 interactive diagrams** across 10 thematic files — GitHub-native Mermaid rendering + ASCII fallback for every diagram:
- [Foundations](./guide/diagrams/01-foundations.md) — 4-layer context model, 9-step pipeline, permission modes
- [Architecture](./guide/diagrams/04-architecture-internals.md) — Master loop, tool categories, system prompt assembly
- [Multi-Agent](./guide/diagrams/07-multi-agent-patterns.md) — 3 topologies, worktrees, dual-instance, horizontal scaling
- [Security](./guide/diagrams/08-security-and-production.md) — 3-layer defense, MCP rug pull attack chain, verification paradox
- [Cost & Models](./guide/diagrams/09-cost-and-optimization.md) — Model selection tree, token reduction pipeline
[Browse all 41 diagrams →](./guide/diagrams/)
**What this means for you**: Understand the master loop before reading 20K lines, see multi-agent topologies at a glance, share visual security threat models with your team.
---
### 🛡️ Security Threat Intelligence (Only Comprehensive Database)
**Outcome**: Protect production systems from AI-specific attacks.
**Only guide with systematic threat tracking**:
- **24 CVE-mapped vulnerabilities** — Prompt injection, data exfiltration, code injection
- **655 malicious skills catalogued** — Unicode injection, hidden instructions, auto-execute patterns
- **Production hardening workflows** — MCP vetting, injection defense, audit automation
[Threat Database →](./machine-readable/threat-db.yaml) | [Security Guide →](./guide/security-hardening.md)
**What this means for you**: Vet MCP servers before trusting them, detect attack patterns in configs, comply with security audits.
---
### 📝 274-Question Knowledge Validation (Unique in Ecosystem)
**Outcome**: Verify your understanding + identify knowledge gaps.
**Only comprehensive assessment available** — test across 9 categories:
- Setup & Configuration, Agents & Sub-Agents, MCP Servers, Trust & Verification, Advanced Patterns
**Features**: 4 skill profiles (Junior/Senior/Power User/PM), instant feedback with doc links, weak area identification
[Try Quiz Online →](https://florianbruniaux.github.io/claude-code-ultimate-guide-landing/quiz/) | [Run Locally](./quiz/)
**What this means for you**: Know what you don't know, track learning progress, prepare for team adoption discussions.
---
### 🤖 Agent Teams Coverage (v2.1.32+ Experimental)
**Outcome**: Parallelize work on large codebases (Fountain: 50% faster, CRED: 2x speed).
**Only comprehensive guide to Anthropic's multi-agent coordination**:
- Production metrics from real companies (autonomous C compiler, 500K hours saved)
- 5 validated workflows (multi-layer review, parallel debugging, large-scale refactoring)
- Decision framework: Teams vs Multi-Instance vs Dual-Instance vs Beads
[Agent Teams Workflow →](./guide/workflows/agent-teams.md) | [Section 9.20 →](./guide/ultimate-guide.md#920-agent-teams-multi-agent-coordination)
**What this means for you**: Break monolithic tasks into parallelizable work, coordinate multi-file refactors, review your own AI-generated code.
---
### 🔬 Methodologies (Structured Development Workflows)
**Outcome**: Maintain code quality while working with AI.
Complete guides with rationale and examples:
- [TDD](./guide/methodologies.md#1-tdd-test-driven-development-with-claude) — Test-Driven Development (Red-Green-Refactor with AI)
- [SDD](./guide/methodologies.md#2-sdd-specification-driven-development) — Specification-Driven Development (Design before code)
- [BDD](./guide/methodologies.md#3-bdd-behavior-driven-development) — Behavior-Driven Development (User stories → tests)
- [GSD](./guide/methodologies.md#gsd-get-shit-done) — Get Shit Done (Pragmatic delivery)
**What this means for you**: Choose the right workflow for your team culture, integrate AI into existing processes, avoid technical debt from AI over-reliance.
---
### 📚 176 Annotated Templates
**Outcome**: Learn patterns, not just configs.
Educational templates with explanations:
- Agents (6), Commands (26), Hooks (31), Skills
- Comments explaining **why** each pattern works (not just what it does)
- Gradual complexity progression (simple → advanced)
[Browse Catalog →](./examples/)
**What this means for you**: Understand the reasoning behind patterns, adapt templates to your context, create your own custom patterns.
---
### 🔍 84 Resource Evaluations
**Outcome**: Trust our recommendations are evidence-based.
Systematic assessment of external resources (5-point scoring):
- Articles, videos, tools, frameworks
- Honest assessments with source attribution (no marketing fluff)
- Integration recommendations with trade-offs
[See Evaluations →](./docs/resource-evaluations/)
**What this means for you**: Save time vetting resources, understand limitations before adopting tools, make informed decisions.
---
## 🎯 Learning Paths
<details>
<summary><strong>Junior Developer</strong> — Foundation path (7 steps)</summary>
1. [Quick Start](./guide/ultimate-guide.md#1-quick-start-day-1) — Install & first workflow
2. [Essential Commands](./guide/ultimate-guide.md#13-essential-commands) — The 7 commands
3. [Context Management](./guide/ultimate-guide.md#22-context-management) — Critical concept
4. [Memory Files](./guide/ultimate-guide.md#31-memory-files-claudemd) — Your first CLAUDE.md
5. [Learning with AI](./guide/learning-with-ai.md) — Use AI without becoming dependent ⭐
6. [TDD Workflow](./guide/workflows/tdd-with-claude.md) — Test-first development
7. [Cheat Sheet](./guide/cheatsheet.md) — Print this
</details>
<details>
<summary><strong>Senior Developer</strong> — Intermediate path (6 steps)</summary>
1. [Core Concepts](./guide/ultimate-guide.md#2-core-concepts) — Mental model
2. [Plan Mode](./guide/ultimate-guide.md#23-plan-mode) — Safe exploration
3. [Methodologies](./guide/methodologies.md) — TDD, SDD, BDD reference
4. [Agents](./guide/ultimate-guide.md#4-agents) — Custom AI personas
5. [Hooks](./guide/ultimate-guide.md#7-hooks) — Event automation
6. [CI/CD Integration](./guide/ultimate-guide.md#93-cicd-integration) — Pipelines
</details>
<details>
<summary><strong>Power User</strong> — Comprehensive path (8 steps)</summary>
1. [Complete Guide](./guide/ultimate-guide.md) — End-to-end
2. [Architecture](./guide/architecture.md) — How Claude Code works
3. [Security Hardening](./guide/security-hardening.md) — MCP vetting, injection defense
4. [MCP Servers](./guide/ultimate-guide.md#8-mcp-servers) — Extended capabilities
5. [Trinity Pattern](./guide/ultimate-guide.md#91-the-trinity) — Advanced workflows
6. [Observability](./guide/observability.md) — Monitor costs & sessions
7. [Agent Teams](./guide/workflows/agent-teams.md) — Multi-agent coordination (Opus 4.6 experimental)
8. [Examples](./examples/) — Production templates
</details>
<details>
<summary><strong>Product Manager / DevOps / Designer</strong></summary>
**Product Manager** (5 steps):
1. [What's Inside](#-whats-inside) — Scope overview
2. [Golden Rules](#-golden-rules) — Key principles
3. [Data Privacy](./guide/data-privacy.md) — Retention & compliance
4. [Adoption Approaches](./guide/adoption-approaches.md) — Team strategies
5. [PM FAQ](./guide/ultimate-guide.md#can-product-managers-use-claude-code) — Code-adjacent vs non-coding PMs
**Note**: Non-coding PMs should consider [Claude Cowork Guide](https://github.com/FlorianBruniaux/claude-cowork-guide) instead.
**DevOps / SRE** (5 steps):
1. [DevOps & SRE Guide](./guide/devops-sre.md) — FIRE framework
2. [K8s Troubleshooting](./guide/devops-sre.md#kubernetes-troubleshooting) — Symptom-based prompts
3. [Incident Response](./guide/devops-sre.md#pattern-incident-response) — Workflows
4. [IaC Patterns](./guide/devops-sre.md#pattern-infrastructure-as-code) — Terraform, Ansible
5. [Guardrails](./guide/devops-sre.md#guardrails--adoption) — Security boundaries
**Product Designer** (5 steps):
1. [Working with Images](./guide/ultimate-guide.md#24-working-with-images) — Image analysis
2. [Wireframing Tools](./guide/ultimate-guide.md#wireframing-tools) — ASCII/Excalidraw
3. [Figma MCP](./guide/ultimate-guide.md#figma-mcp) — Design file access
4. [Design-to-Code Workflow](./guide/workflows/design-to-code.md) — Figma → Claude
5. [Cheat Sheet](./guide/cheatsheet.md) — Print this
</details>
### Progressive Journey
- **Week 1**: Foundations (install, CLAUDE.md, first agent)
- **Week 2**: Core Features (skills, hooks, trust calibration)
- **Week 3**: Advanced (MCP servers, methodologies)
- **Month 2+**: Production mastery (CI/CD, observability)
---
## 🔧 Rate Limits & Cost Savings
**cc-copilot-bridge** routes Claude Code through GitHub Copilot Pro+ for flat-rate access ($10/month instead of per-token billing).
```bash
# Install
git clone https://github.com/FlorianBruniaux/cc-copilot-bridge.git && cd cc-copilot-bridge && ./install.sh
# Use
ccc # Copilot mode (flat $10/month)
ccd # Direct Anthropic mode (per-token)
cco # Offline mode (Ollama, 100% local)
```
**Benefits**: Multi-provider switching, rate limit bypass, 99%+ cost savings on heavy usage.
**[cc-copilot-bridge](https://github.com/FlorianBruniaux/cc-copilot-bridge)**
---
## 🔑 Golden Rules
### 1. Verify Trust Before Use
Claude Code can generate 1.75x more logic errors than human-written code ([ACM 2025](https://dl.acm.org/doi/10.1145/3716848)). Every output must be verified. Use `/insights` commands and verify patterns through tests.
**Strategy:** Solo dev (verify logic + edge cases). Team (systematic peer review). Production (mandatory gating tests).
---
### 2. Never Approve MCPs from Unknown Sources
24 CVEs identified in Claude Code ecosystem. 655 malicious skills in supply chain. MCP servers can read/write your codebase.
**Strategy:** Systematic audit (5-min checklist). Community-vetted MCP Safe List. Vetting workflow documented in guide.
---
### 3. Context Pressure Changes Behavior
At 70% context, Claude starts losing precision. At 85%, hallucinations increase. At 90%+, responses become erratic.
**Strategy:** 0-50% (work freely). 50-70% (attention). 70-90% (`/compact`). 90%+ (`/clear` mandatory).
---
### 4. Start Simple, Scale Smart
Start with basic CLAUDE.md + a few commands. Test in production for 2 weeks. Add agents/skills only if need is proven.
**Strategy:** Phase 1 (basic). Phase 2 (commands + hooks if needed). Phase 3 (agents if multi-context). Phase 4 (MCP servers if truly required).
---
### 5. Methodologies Matter More with AI
TDD/SDD/BDD are not optional with Claude Code. AI accelerates bad code as much as good code.
**Strategy:** TDD (critical logic). SDD (architecture upfront). BDD (PM/dev collaboration). GSD (throwaway prototypes).
---
### Quick Reference
| # | Rule | Key Metric | Action |
|---|------|------------|--------|
| 1 | Verify Trust | 1.75x more logic errors | Test everything, peer review |
| 2 | Vet MCPs | 24 CVEs, 655 malicious skills | 5-min audit checklist |
| 3 | Manage Context | 70% = precision loss | `/compact` at 70%, `/clear` at 90% |
| 4 | Start Simple | 2-week test period | Phase 1→4 progressive adoption |
| 5 | Use Methodologies | AI amplifies good AND bad | TDD/SDD/BDD by context |
> Context management is critical. See the [Cheat Sheet](./guide/cheatsheet.md#context-management-critical) for thresholds and actions.
---
## 🤖 For AI Assistants
| Resource | Purpose | Tokens |
|----------|---------|--------|
| **[llms.txt](./machine-readable/llms.txt)** | Standard context file | ~1K |
| **[reference.yaml](./machine-readable/reference.yaml)** | Structured index with line numbers | ~2K |
**Quick load**: `curl -sL https://raw.githubusercontent.com/FlorianBruniaux/claude-code-ultimate-guide/main/machine-readable/reference.yaml`
### reference.yaml — Structure & Landing Site Search
`reference.yaml` is organized into several top-level sections:
| Section | Content |
|---------|---------|
| `lines` | Line number references for key sections in `ultimate-guide.md` |
| `deep_dive` | Key → file path mappings for all guides, examples, hooks, agents, commands |
| `decide` | Decision tree (when to use what) |
| `stats` | Counters (templates, questions, CVEs…) |
**The `deep_dive` section powers the [landing site](https://cc.bruniaux.com) CMD+K search.** The build script (`scripts/build-guide-index.mjs`) parses it to generate 160 search entries.
#### How the search index works
The CMD+K search on the landing site is an **explicit index** — not a full-text search. Only entries listed in `deep_dive` are indexed. Keywords are derived mechanically from the key name and file path, not from the file content.
**Consequence**: adding a new guide section requires explicitly adding an entry to `deep_dive`, then running `pnpm build:search` in the landing repo.
#### Maintaining reference.yaml
**Adding a new entry** to `deep_dive`:
```yaml
deep_dive:
# existing entries...
my_new_section: "guide/my-new-file.md" # local guide file
my_hook_example: "examples/hooks/bash/foo.sh" # example file
my_section_ref: "guide/ultimate-guide.md:1234" # with line number anchor
```
**Critical: avoid duplicate keys.** If a key appears twice in `deep_dive`, the YAML parser fails and the landing site search index becomes empty (0 entries). The build exits with a warning but no hard error:
```
[build-guide-index] ERROR: Failed to parse YAML: duplicated mapping key
[build-guide-index] Generating empty guide-search-entries.ts
```
Use distinct names — e.g. if you need both a line-number reference and a file path for the same concept, suffix the line-number key with `_line`:
```yaml
security_gate_hook_line: 6907 # line number ref
security_gate_hook: "examples/hooks/bash/security-gate.sh" # file path ref
```
---
## 📄 Whitepapers (FR + EN)
A series of 11 focused whitepapers covering Claude Code in depth. Each covers a specific topic and is available in both **French and English**.
11 whitepapers in French and English, covering: foundations, prompting, customization, security in production, architecture, team deployment, privacy & compliance, reference guide, agent teams, learning with AI, and budget optimization.
> **Coming soon** — currently in private access. Public release planned.
- **00***De Zéro à Productif / From Zero to Productive* — Foundations, first steps
- **01***Prompts qui Marchent / Prompts That Work* — Prompting method, context, hooks
- **02***Personnaliser Claude / Customizing Claude* — CLAUDE.md, custom agents, skills
- **03***Sécurité en Production / Security in Production* — 17 security hooks, threat DB, permissions
- **04***L'Architecture Démystifiée / Architecture Demystified* — Agent loop, context, token pricing
- **05***Déployer en Équipe / Team Deployment* — CI/CD, observability, 50+ devs adoption
- **06***Privacy & Compliance* — Anthropic data, ZDR, retention policies
- **07***Guide de Référence / Reference Guide* — Complete synthesis + advanced workflows
- **08***Agent Teams* — Multi-agent orchestration and coordination
- **09***Apprendre avec l'IA / Learning with AI* — UVAL protocol, comprehension debt, 30-day plan
- **10***Budget IA / AI Budget* — Token costs, model selection, cost optimization
## 🗂️ Recap Cards (FR)
57 single-page A4 reference cards — printable, one concept per card. Organized in 3 series:
> **Coming soon** — currently in private access. Public release planned alongside the whitepapers.
- **Technique (22 cards)** — Commands, permissions, configuration, MCP, models, context window
- **Méthodologie (22 cards)** — Daily workflow, agents, hooks, CI/CD, multi-agent, debug
- **Conception (13 cards)** — Mental models, prompting, security by design, cost patterns
→ [Browse whitepapers/](./whitepapers/) · [Recap Cards (57 A4 reference cards)](./whitepapers/recap-cards/)
---
## 🌍 Ecosystem
## Ecosystem
### Claude Cowork (Non-Developers)
**cc-copilot-bridge** routes Claude Code through GitHub Copilot Pro+ for flat-rate access — [GitHub](https://github.com/FlorianBruniaux/cc-copilot-bridge)
**Claude Cowork** is the companion guide for non-technical users (knowledge workers, assistants, managers).
Same agentic capabilities as Claude Code, but through a visual interface with no coding required.
**[Claude Cowork Guide](https://github.com/FlorianBruniaux/claude-cowork-guide)** — File organization, document generation, automated workflows
**Status**: Research preview (Pro $20/mo or Max $100-200/mo, macOS only, **VPN incompatible**)
### Claude Code Plugins (Marketplace)
Production-ready plugins from this guide, installable in one command:
```bash
claude plugin marketplace add FlorianBruniaux/claude-code-plugins
claude plugin install session-summary@florian-claude-tools
```
> **[FlorianBruniaux/claude-code-plugins](https://github.com/FlorianBruniaux/claude-code-plugins)** — Session analytics, more plugins coming
### Complementary Resources
| Project | Focus | Best For |
|---------|-------|----------|
| [everything-claude-code](https://github.com/affaan-m/everything-claude-code) | Production configs (45k+ stars) | Quick setup, battle-tested patterns |
| [claude-code-templates](https://github.com/davila7/claude-code-templates) | Distribution (200+ templates) | CLI installation (17k stars) |
| [anthropics/skills](https://github.com/anthropics/skills) | Official Anthropic skills (60K+ stars) | Documents, design, dev templates |
| [anthropics/claude-plugins-official](https://skills.sh/anthropics/claude-plugins-official) | Plugin dev tools (3.1K installs) | CLAUDE.md audit, automation discovery |
| [skills.sh](https://skills.sh/) | Skills marketplace | One-command install (Vercel Labs) |
| [awesome-claude-code](https://github.com/hesreallyhim/awesome-claude-code) | Curation | Resource discovery |
| [awesome-claude-skills](https://github.com/BehiSecc/awesome-claude-skills) | Skills taxonomy | 62 skills across 12 categories |
| [awesome-claude-md](https://github.com/josix/awesome-claude-md) | CLAUDE.md examples | Annotated configs with scoring |
| [AI Coding Agents Matrix](https://coding-agents-matrix.dev) | Technical comparison | Comparing 23+ alternatives |
**Complementary tools**: [everything-claude-code](https://github.com/affaan-m/everything-claude-code) (production configs) · [awesome-claude-code](https://github.com/hesreallyhim/awesome-claude-code) (curation) · [skills.sh](https://skills.sh/) (marketplace)
**Community**: 🇫🇷 [Dev With AI](https://www.devw.ai/) — 1500+ devs on Slack, meetups in Paris, Bordeaux, Lyon
**[AI Ecosystem Guide](./guide/ai-ecosystem.md)** — Complete integration patterns with complementary AI tools
---
## Contributing & License
**Contributing** — Corrections, quiz questions, methodologies, resource evaluations all welcome. See [CONTRIBUTING.md](./CONTRIBUTING.md) · [GitHub Issues](https://github.com/FlorianBruniaux/claude-code-ultimate-guide/issues) · [Discussions](../../discussions)
**Guide License**: [CC BY-SA 4.0](https://creativecommons.org/licenses/by-sa/4.0/) · **Templates**: [CC0 1.0](https://creativecommons.org/publicdomain/zero/1.0/) (copy-paste freely, no attribution needed)
**Author**: [Florian Bruniaux](https://florian.bruniaux.com) — Founding Engineer @ [Méthode Aristote](https://methode-aristote.fr) · [GitHub](https://github.com/FlorianBruniaux) · [LinkedIn](https://www.linkedin.com/in/florian-bruniaux-43408b83/)
---
## 🛡️ Security
**Comprehensive MCP security coverage** — the only guide with a threat intelligence database and production hardening workflows.
### Official Security Tools
| Tool | Purpose | Maintained By |
|------|---------|---------------|
| [claude-code-security-review](https://github.com/anthropics/claude-code-security-review) | GitHub Action for automated security scanning | Anthropic (official) |
| This Guide's Threat DB | Intelligence layer (24 CVEs, 655 malicious skills) | Community |
**Workflow**: Use GitHub Action for automation → Consult Threat DB for threat intelligence.
### Threat Database
**24 CVE-mapped vulnerabilities** and **655 malicious skills** tracked in [`machine-readable/threat-db.yaml`](./machine-readable/threat-db.yaml):
| Threat Category | Count | Examples |
|----------------|-------|----------|
| **Code/Command Injection** | 5 CVEs | CLI bypass (CVE-2025-66032), child_process exec |
| **Path Traversal & Access** | 4 CVEs | Symlink escape (CVE-2025-53109), prefix bypass |
| **RCE & Prompt Hijacking** | 4 CVEs | MCP Inspector RCE (CVE-2025-49596), session hijack |
| **SSRF & DNS Rebinding** | 4 CVEs | WebFetch SSRF (CVE-2026-24052), DNS rebinding |
| **Data Leakage** | 1 CVE | Cross-client response leak (CVE-2026-25536) |
| **Malicious Skills** | 341 patterns | Unicode injection, hidden instructions, auto-execute |
**Taxonomies**: 10 attack surfaces × 11 threat types × 8 impact levels
### Hardening Resources
| Resource | Purpose | Time |
|----------|---------|------|
| **[Security Hardening Guide](./guide/security-hardening.md)** | MCP vetting, injection defense, audit workflow | 25 min |
| **[Data Privacy Guide](./guide/data-privacy.md)** | Retention policies (5yr → 30d → 0), GDPR compliance | 10 min |
| **[Sandbox Isolation](./guide/sandbox-isolation.md)** | Docker sandboxes for untrusted MCP servers | 10 min |
| **[Production Safety](./guide/production-safety.md)** | Infrastructure locks, port stability, DB safety | 20 min |
### Security Commands
```bash
/security-check # Quick scan config vs known threats (~30s)
/security-audit # Full 6-phase audit with score /100 (2-5min)
/update-threat-db # Research & update threat intelligence
/audit-agents-skills # Quality audit with security checks
```
### Security Hooks
**30 production hooks** (bash + PowerShell) in [`examples/hooks/`](./examples/hooks/):
| Hook | Purpose |
|------|---------|
| [dangerous-actions-blocker](./examples/hooks/bash/dangerous-actions-blocker.sh) | Block `rm -rf`, force-push, production ops |
| [prompt-injection-detector](./examples/hooks/bash/prompt-injection-detector.sh) | Detect injection patterns in CLAUDE.md/prompts |
| [unicode-injection-scanner](./examples/hooks/bash/unicode-injection-scanner.sh) | Detect hidden Unicode (zero-width, RTL override) |
| [output-secrets-scanner](./examples/hooks/bash/output-secrets-scanner.sh) | Prevent API keys/tokens in Claude responses |
**[Browse All Security Hooks →](./examples/hooks/)**
### MCP Vetting Workflow
**Systematic evaluation before trusting MCP servers:**
1. **Provenance**: GitHub verified, 100+ stars, active maintenance
2. **Code Review**: Minimal privileges, no obfuscation, open-source
3. **Permissions**: Whitelist-only filesystem access, network restrictions
4. **Testing**: Isolated Docker sandbox first, monitor tool calls
5. **Monitoring**: Session logs, error tracking, regular re-audits
**[Full MCP Security Workflow →](./guide/security-hardening.md#vetting-mcp-servers)**
*Version 3.32.2 | Updated daily · Mar 9, 2026 | [cc.bruniaux.com](https://cc.bruniaux.com)*
---
## 📖 About
## FAQ
This guide is the result of **6 months of daily practice** with Claude Code. The goal isn't to be exhaustive (the tool evolves too fast), but to share what works in production.
**What is the Claude Code Ultimate Guide?**
The most comprehensive community guide for Claude Code (Anthropic's CLI for AI-assisted development). 22,760+ lines of documentation, 238 production-ready templates for agents, hooks, skills, and commands. Free and open-source (CC BY-SA 4.0).
**What you'll find:**
- Patterns verified in production (not theory)
- Trade-off explanations (not just "here's how to do it")
- Security first (24 CVEs tracked)
- Transparency on limitations (Claude Code isn't magic)
**How many templates are included?**
238 production-ready templates across: agents (backend-architect, security-auditor, code-reviewer), commands (/pr, /commit, /generate-tests), hooks (bash + PowerShell: secrets-scanner, dangerous-actions-blocker), and skills (pdf-generator, tdd-workflow, landing-page-generator).
**What you won't find:**
- Definitive answers (tool is too new)
- Universal configs (every project is different)
- Marketing promises (zero bullshit)
**Is this guide free?**
Yes. The guide is CC BY-SA 4.0 (share with attribution). Templates are CC0 (copy-paste freely, no attribution). No paywall, no login.
Use this guide critically. Experiment. Share what works for you.
**How is this different from the official Anthropic docs?**
The official docs explain what Claude Code does. This guide teaches you how to use it effectively in production: security hardening, custom agents, event hooks, CI/CD integration, multi-agent workflows, and real-world patterns built from 6+ months of daily practice.
**Feedback welcome:** [GitHub Issues](https://github.com/FlorianBruniaux/claude-code-ultimate-guide/issues)
### About the Author
**Florian Bruniaux** — Founding Engineer @ [Méthode Aristote](https://methode-aristote.fr) (EdTech + AI). 12 years in tech (Dev → Lead → EM → VP Eng → CTO). Current focus: Rust CLI tools, MCP servers, AI developer tooling.
| Project | Description | Links |
|---------|-------------|-------|
| **RTK** | CLI proxy — 60-90% LLM token reduction | [GitHub](https://github.com/rtk-ai/rtk) · [Site](https://www.rtk-ai.app/) |
| **ccboard** | Real-time TUI/Web dashboard for Claude Code | [GitHub](https://github.com/FlorianBruniaux/ccboard) · [Demo](https://ccboard.bruniaux.com/) |
| **Claude Cowork Guide** | 26 business workflows for non-coders | [GitHub](https://github.com/FlorianBruniaux/claude-cowork-guide) · [Site](https://cowork.bruniaux.com/) |
| **cc-copilot-bridge** | Bridge between Claude Code & GitHub Copilot | [GitHub](https://github.com/FlorianBruniaux/cc-copilot-bridge) · [Site](https://ccbridge.bruniaux.com/) |
| **Agent Academy** | MCP server for AI agent learning | [GitHub](https://github.com/FlorianBruniaux/agent-academy) |
| **techmapper** | Tech stack mapping & visualization | [GitHub](https://github.com/FlorianBruniaux/techmapper) |
[GitHub](https://github.com/FlorianBruniaux) · [LinkedIn](https://www.linkedin.com/in/florian-bruniaux-43408b83/) · [Portfolio](https://florian.bruniaux.com/)
---
## 📚 What's Inside
### Core Documentation
| File | Purpose | Time |
|------|---------|------|
| **[Ultimate Guide](./guide/ultimate-guide.md)** | Complete reference (20K+ lines), 10 sections | 30-40h (full) • Most consult sections |
| **[Cheat Sheet](./guide/cheatsheet.md)** | 1-page printable reference | 5 min |
| **[Visual Reference](./guide/visual-reference.md)** | 20 ASCII diagrams for key concepts | 5 min |
| **[Architecture](./guide/architecture.md)** | How Claude Code works internally | 25 min |
| **[Methodologies](./guide/methodologies.md)** | TDD, SDD, BDD reference | 20 min |
| **[Workflows](./guide/workflows/)** | Practical guides (TDD, Plan-Driven, Task Management) | 30 min |
| **[Data Privacy](./guide/data-privacy.md)** | Retention & compliance | 10 min |
| **[Security Hardening](./guide/security-hardening.md)** | MCP vetting, injection defense | 25 min |
| **[Sandbox Isolation](./guide/sandbox-isolation.md)** | Docker Sandboxes, cloud alternatives, safe autonomy | 10 min |
| **[Production Safety](./guide/production-safety.md)** | Port stability, DB safety, infrastructure lock | 20 min |
| **[DevOps & SRE](./guide/devops-sre.md)** | FIRE framework, K8s troubleshooting, incident response | 30 min |
| **[AI Ecosystem](./guide/ai-ecosystem.md)** | Complementary AI tools & integration patterns | 20 min |
| **[AI Traceability](./guide/ai-traceability.md)** | Code attribution & provenance tracking | 15 min |
| **[Search Tools Cheatsheet](./guide/search-tools-cheatsheet.md)** | Grep, Serena, ast-grep, grepai comparison | 5 min |
| **[Learning with AI](./guide/learning-with-ai.md)** | Use AI without becoming dependent | 15 min |
| **[Claude Code Releases](./guide/claude-code-releases.md)** | Official release history | 10 min |
<details>
<summary><strong>Examples Library</strong> (176 templates)</summary>
**Agents** (6): [code-reviewer](./examples/agents/code-reviewer.md), [test-writer](./examples/agents/test-writer.md), [security-auditor](./examples/agents/security-auditor.md), [refactoring-specialist](./examples/agents/refactoring-specialist.md), [output-evaluator](./examples/agents/output-evaluator.md), [devops-sre](./examples/agents/devops-sre.md) ⭐
**Slash Commands** (26): [/pr](./examples/commands/pr.md), [/commit](./examples/commands/commit.md), [/release-notes](./examples/commands/release-notes.md), [/diagnose](./examples/commands/diagnose.md), [/security](./examples/commands/security.md), [/security-check](./examples/commands/security-check.md) **, [/security-audit](./examples/commands/security-audit.md) **, [/update-threat-db](./examples/commands/update-threat-db.md) **, [/refactor](./examples/commands/refactor.md), [/explain](./examples/commands/explain.md), [/optimize](./examples/commands/optimize.md), [/ship](./examples/commands/ship.md)...
**Security Hooks** (31): [dangerous-actions-blocker](./examples/hooks/bash/dangerous-actions-blocker.sh), [prompt-injection-detector](./examples/hooks/bash/prompt-injection-detector.sh), [unicode-injection-scanner](./examples/hooks/bash/unicode-injection-scanner.sh), [output-secrets-scanner](./examples/hooks/bash/output-secrets-scanner.sh)...
**Skills** (1): [Claudeception](https://github.com/blader/Claudeception) — Meta-skill that auto-generates skills from session discoveries ⭐
**Plugins** (1): [SE-CoVe](./examples/plugins/se-cove.md) — Chain-of-Verification for independent code review (Meta AI, ACL 2024)
**Utility Scripts**: [session-search.sh](./examples/scripts/session-search.sh), [audit-scan.sh](./examples/scripts/audit-scan.sh)
**GitHub Actions**: [claude-pr-auto-review.yml](./examples/github-actions/claude-pr-auto-review.yml), [claude-security-review.yml](./examples/github-actions/claude-security-review.yml), [claude-issue-triage.yml](./examples/github-actions/claude-issue-triage.yml)
**Integrations** (1): [Agent Vibes TTS](./examples/integrations/agent-vibes/) - Text-to-speech narration for Claude Code responses
**[Browse Complete Catalog](./examples/README.md)** | **[Interactive Catalog](./examples/index.html)**
</details>
<details>
<summary><strong>Knowledge Quiz</strong> (274 questions)</summary>
Test your Claude Code knowledge with an interactive CLI quiz covering all guide sections.
```bash
cd quiz && npm install && npm start
```
**Features**: 4 profiles (Junior/Senior/Power User/PM), 10 topic categories, immediate feedback with doc links, score tracking with weak area identification.
**[Quiz Documentation](./quiz/README.md)** | **[Contribute Questions](./quiz/templates/question-template.yaml)**
</details>
<details>
<summary><strong>Resource Evaluations</strong> (84 assessments)</summary>
Systematic evaluation of external resources (tools, methodologies, articles) before integration into the guide.
**Methodology**: 5-point scoring system (Critical → Low) with technical review and challenge phase for objectivity.
**Evaluations**: GSD methodology, Worktrunk, Boris Cowork video, AST-grep, ClawdBot analysis, and more.
**[Browse Evaluations](./docs/resource-evaluations/)** | **[Evaluation Methodology](./docs/resource-evaluations/README.md)**
</details>
---
## 🤝 Contributing
We welcome:
- ✅ Corrections and clarifications
- ✅ New quiz questions
- ✅ Methodologies and workflows
- ✅ Resource evaluations (see [process](./docs/resource-evaluations/README.md))
- ✅ Educational content improvements
See [CONTRIBUTING.md](./CONTRIBUTING.md) for guidelines.
**Ways to Help**: Star the repo • Report issues • Submit PRs • Share workflows in [Discussions](../../discussions)
---
## 📄 License & Support
**Guide**: [CC BY-SA 4.0](https://creativecommons.org/licenses/by-sa/4.0/) — Educational content is open for reuse with attribution.
**Templates**: [CC0 1.0](https://creativecommons.org/publicdomain/zero/1.0/) — Copy-paste freely, no attribution needed.
**Author**: [Florian BRUNIAUX](https://github.com/FlorianBruniaux) | Founding Engineer [@Méthode Aristote](https://methode-aristote.fr)
**Stay Updated**: [Watch releases](../../releases) | [Discussions](../../discussions) | [Connect on LinkedIn](https://www.linkedin.com/in/florian-bruniaux-43408b83/)
---
## 📚 Further Reading
### This Guide
- **[CHANGELOG](./CHANGELOG.md)** — Guide version history (what's new in each release)
- [Claude Code Releases](./guide/claude-code-releases.md) — Official Claude Code release tracking
### Official Resources
- [Claude Code CLI](https://code.claude.com) — Official website
- [Documentation](https://code.claude.com/docs) — Official docs
- [Anthropic CHANGELOG](https://github.com/anthropics/claude-code/blob/main/CHANGELOG.md) — Official Claude Code changelog
- [GitHub Issues](https://github.com/anthropics/claude-code/issues) — Bug reports & feature requests
### Research & Industry Reports
- **[2026 Agentic Coding Trends Report](https://resources.anthropic.com/hubfs/2026%20Agentic%20Coding%20Trends%20Report.pdf)** (Anthropic, Feb 2026)
- 8 trends prospectifs (foundation/capability/impact)
- Case studies: Fountain (50% faster), Rakuten (7h autonomous), CRED (2x speed), TELUS (500K hours saved)
- Research data: 60% AI usage, 0-20% full delegation, 67% more PRs merged/day
- **Evaluation**: [`docs/resource-evaluations/anthropic-2026-agentic-coding-trends.md`](docs/resource-evaluations/anthropic-2026-agentic-coding-trends.md) (score 4/5)
- **Integration**: Diffused across sections 9.17 (Multi-Instance ROI), 9.20 (Agent Teams adoption), 9.11 (Enterprise Anti-Patterns), Section 9 intro
- **[AI Fluency Index](https://www.anthropic.com/research/AI-fluency-index)** (Anthropic, Feb 23, 2026)
- Research on 9,830 Claude.ai conversations: iteration multiplies fluency behaviors 2× (2.67 vs 1.33)
- **Artifact Paradox**: polished outputs (code, files) reduce critical evaluation — 5.2pp missing context, 3.7pp fact-checking, 3.1pp reasoning challenge
- Only 30% of users set collaboration terms explicitly — CLAUDE.md addresses this structurally
- **Evaluation**: [`docs/resource-evaluations/2026-02-23-anthropic-ai-fluency-index.md`](docs/resource-evaluations/2026-02-23-anthropic-ai-fluency-index.md) (score 4/5)
- **Integration**: 3 callouts in §2.3 (plan review), §3.1 (CLAUDE.md), §9.11 (Artifact Paradox) + [diagram](./guide/diagrams/06-development-workflows.md#ai-fluency--high-vs-low-fluency-paths)
- **[Outcome Engineering — o16g Manifesto](https://o16g.com/)** (Cory Ondrejka, Feb 2026)
- 16 principles for shifting from "software engineering" to "outcome engineering"
- Author: CTO Onebrief, co-creator Second Life, ex-VP Google/Meta
- Cultural positioning: numeronym naming (o16g like i18n, k8s), Honeycomb endorsement
- **Status**: Emerging — on [watch list](./docs/resource-evaluations/watch-list.md) for community adoption tracking
### Community Resources
- [everything-claude-code](https://github.com/affaan-m/everything-claude-code) — Production configs (45k+⭐)
- [awesome-claude-code](https://github.com/hesreallyhim/awesome-claude-code) — Curated links
- [SuperClaude Framework](https://github.com/SuperClaude-Org/SuperClaude_Framework) — Behavioral modes
### Tools
- [Ask Zread](https://zread.ai/FlorianBruniaux/claude-code-ultimate-guide) — Ask questions about this guide
- [Interactive Quiz](./quiz/) — 274 questions
- [Landing Site](https://florianbruniaux.github.io/claude-code-ultimate-guide-landing/) — Visual navigation
---
*Version 3.32.2 | Updated daily · Mar 9, 2026 | Crafted with Claude*
<!-- SEO Keywords -->
<!-- claude code, claude code tutorial, anthropic cli, ai coding assistant, claude code mcp,
claude code agents, claude code hooks, claude code skills, agentic coding, ai pair programming,
tdd ai, test driven development ai, sdd spec driven development, bdd claude, development methodologies,
claude code architecture, data privacy anthropic, claude code workflows, ai coding workflows -->
**What topics does it cover?**
Claude Code tutorial, anthropic CLI, AI coding assistant, claude code MCP servers, custom agents, claude code hooks, reusable skills, agentic coding workflows, AI pair programming, TDD/SDD/BDD with AI, context window management, data privacy with Anthropic, claude code architecture, team adoption, security hardening.

507
llms-full.txt Normal file
View file

@ -0,0 +1,507 @@
# Claude Code Ultimate Guide — Full Content for AI Indexing
> This file is optimized for AI/LLM consumption. It contains the condensed guide overview,
> full cheatsheet, complete template list, and FAQ for Claude Code.
>
> Standard llms.txt: https://github.com/FlorianBruniaux/claude-code-ultimate-guide/blob/main/llms.txt
> Machine-readable index: https://github.com/FlorianBruniaux/claude-code-ultimate-guide/blob/main/machine-readable/reference.yaml
## Metadata
- Title: Claude Code Ultimate Guide
- Author: Florian Bruniaux (Founding Engineer @ Méthode Aristote)
- Version: 3.32.2
- Last Updated: March 9, 2026
- License: CC BY-SA 4.0
- Repository: https://github.com/FlorianBruniaux/claude-code-ultimate-guide
- Landing: https://cc.bruniaux.com
- Lines of Documentation: 22,760+
- Production Templates: 238
- Quiz Questions: 274
- Whitepapers: 9 titles (FR + EN)
---
## What Is Claude Code
Claude Code is Anthropic's official CLI for AI-assisted development. It lets developers interact with Claude directly from the terminal to write, edit, debug, and review code. Unlike IDE plugins, it has full filesystem access, can run shell commands, and works autonomously on multi-step tasks.
This guide is the most comprehensive community resource for Claude Code. It covers everything from installation to production security, with 238 ready-to-use templates for agents, hooks, commands, and skills.
## Who This Guide Is For
- **Beginners**: Install Claude Code, complete first task in 15 minutes
- **Intermediate**: Configure CLAUDE.md memory files, custom agents, hooks
- **Power users**: MCP servers, Trinity pattern, CI/CD integration, multi-agent workflows
- **Tech leads**: Team adoption, security hardening, governance patterns
- **CTOs/CIOs**: ROI, risk, security posture
## Guide Structure (10 Sections + Architecture)
**Architecture Deep Dive** (`guide/architecture.md`):
- Master Loop: `while(tool_call)` — no DAGs, no classifiers, no RAG
- 8 Core Tools: Bash, Read, Edit, Write, Grep, Glob, Task, TodoWrite
- Context: ~200K tokens, auto-compact at 75-92%
- Sub-agents: isolated context, max depth=1
- Philosophy: "less scaffolding, more model"
**Main Guide Sections** (`guide/ultimate-guide.md`, 22,760+ lines):
1. Quick Start — Installation, first workflow, essential commands
2. Core Concepts — Context management, Plan Mode, Rewind, Mental Model
3. Memory & Settings — CLAUDE.md files, .claude/ folder, precedence rules
4. Agents — Custom AI personas, Tool SEO, orchestration patterns
5. Skills — Reusable knowledge modules (Skills 2.0: Capability Uplift + Encoded Preference, Evals)
6. Commands — Custom slash commands, variable interpolation
7. Hooks — Event-driven automation (PreToolUse, PostToolUse, UserPromptSubmit)
8. MCP Servers — Serena, Context7, Sequential, Playwright, Postgres, grepai
9. Advanced Patterns — Trinity, CI/CD, Tasks API, multi-agent teams, feedback loops
10. Reference — Commands, shortcuts, troubleshooting, checklists
---
## Full Cheatsheet
**Version**: 3.32.2 | **Last Updated**: March 2026
---
### Essential Commands
| Command | Action |
|---------|--------|
| `/help` | Contextual help |
| `/clear` | Reset conversation |
| `/compact` | Free up context |
| `/status` | Session state + context usage |
| `/context` | Detailed token breakdown |
| `/plan` | Enter Plan Mode (no changes) |
| `/execute` | Exit Plan Mode (apply changes) |
| `/model` | Switch model (sonnet/opus/opusplan) |
| `/insights` | Usage analytics + optimization report |
| `/simplify` | Detect over-engineering in changed code + auto-fix |
| `/batch` | Large-scale refactors via 530 parallel worktree agents |
| `/teleport` | Teleport session from web |
| `/tasks` | Monitor background tasks |
| `/remote-env` | Configure cloud environment |
| `/remote-control` | Start remote control session (Research Preview, Pro/Max) |
| `/rc` | Alias for /remote-control |
| `/mobile` | Get Claude mobile app download links |
| `/fast` | Toggle fast mode (2.5x speed, 6x cost) |
| `/voice` | Toggle voice input (hold Space to speak, release to send) |
| `/loop [interval] [prompt]` | Run a prompt on repeat (ex: `/loop 5m check the deploy`, default 10m) |
| `/stats` | Usage graph, favorite model, streak |
| `/rename [name]` | Name or rename the current session |
| `/copy` | Interactive picker to copy a code block or full response |
| `/debug` | Systematic troubleshooting |
| `/exit` | Quit (or Ctrl+D) |
---
### Keyboard Shortcuts
| Shortcut | Action |
|----------|--------|
| `Shift+Tab` | Cycle permission modes |
| `Esc` × 2 | Rewind (undo) |
| `Ctrl+C` | Interrupt |
| `Ctrl+R` | Search command history |
| `Ctrl+L` | Clear screen (keeps context) |
| `Tab` | Autocomplete |
| `Shift+Enter` | New line |
| `Ctrl+B` | Background tasks |
| `Ctrl+F` | Kill all background agents (double press) |
| `Alt+T` | Toggle thinking |
| `Space` (hold) | Voice input (requires `/voice` enabled) |
| `Ctrl+D` | Exit |
---
### File References
```
@path/to/file.ts → Reference a file
@agent-name → Call an agent
!shell-command → Run shell command
```
---
### Permission Modes
| Mode | Editing | Execution |
|------|---------|-----------|
| Default | Asks | Asks |
| acceptEdits | Auto | Asks |
| Plan Mode | None | None |
| dontAsk | Only if in allow rules | Only if in allow rules |
| bypassPermissions | Auto | Auto (CI/CD only) |
**Shift+Tab** to cycle modes
---
### Memory & Settings
| Level | macOS/Linux | Scope |
|-------|-------------|-------|
| **Project** | `.claude/` | Team (committed) |
| **Personal** | `~/.claude/` | You (all projects) |
**.claude/ Folder Structure:**
```
.claude/
├── CLAUDE.md # Team memory (instructions)
├── settings.json # Hooks (committed)
├── settings.local.json # Permissions (not committed)
├── agents/ # Custom agents
├── commands/ # Slash commands
├── hooks/ # Event scripts
├── rules/ # Auto-loaded rules
└── skills/ # Knowledge modules
```
---
### Context Management (CRITICAL)
| Context % | Status | Action |
|-----------|--------|--------|
| 0-50% | Green | Work freely |
| 50-70% | Yellow | Be selective |
| 70-90% | Orange | `/compact` now |
| 90%+ | Red | `/clear` required |
**Actions by Symptom:**
| Sign | Action |
|------|--------|
| Short responses | `/compact` |
| Frequent forgetting | `/clear` |
| >70% context | `/compact` |
| Task complete | `/clear` |
---
### Plan Mode & Thinking
| Feature | Activation | Usage |
|---------|------------|-------|
| **Plan Mode** | `Shift+Tab × 2` or `/plan` | Explore without modifying |
| **OpusPlan** | `/model opusplan` | Opus for planning, Sonnet for execution |
| Task | Model | Effort |
|------|-------|--------|
| Rename, boilerplate, test gen | Haiku | low |
| Feature dev, debug, refactor | Sonnet | mediumhigh |
| Architecture, security audit | Opus | highmax |
---
### MCP Servers
| Server | Purpose |
|--------|---------|
| **Serena** | Indexation + session memory + symbol search |
| **grepai** | Semantic search + call graph analysis |
| **Context7** | Library documentation |
| **Sequential** | Structured reasoning |
| **Playwright** | Browser automation |
| **Postgres** | Database queries |
---
### Creating Custom Components
**Agent** (`.claude/agents/my-agent.md`):
```yaml
---
name: my-agent
description: Use when [trigger]
model: sonnet
tools: Read, Write, Edit, Bash
---
# Instructions here
```
**Command** (`.claude/commands/my-command.md`):
```markdown
# Command Name
Instructions for what to do...
$ARGUMENTS[0] $ARGUMENTS[1] — user args
```
**Hook** (`.claude/hooks/` bash or PowerShell):
```bash
#!/bin/bash
INPUT=$(cat)
# Process JSON input
exit 0 # 0=continue, 2=block
```
---
### Quick Prompting Formula
```
WHAT: [Concrete deliverable]
WHERE: [File paths]
HOW: [Constraints, approach]
VERIFY: [Success criteria]
```
**Example:**
```
Add input validation to the login form.
WHERE: src/components/LoginForm.tsx
HOW: Use Zod schema, show inline errors
VERIFY: Empty email shows error, invalid format shows error
```
---
### CLI Flags Quick Reference
| Flag | Usage |
|------|-------|
| `-p "query"` | Non-interactive mode (CI/CD) |
| `-c` / `--continue` | Continue last session |
| `-r` / `--resume <id>` | Resume specific session |
| `--model sonnet` | Change model |
| `--add-dir ../lib` | Allow access outside CWD |
| `--permission-mode plan` | Plan mode |
| `--tools "Tool1,Tool2"` | Enable specific tools for session |
| `--max-budget-usd 5.00` | Max API spend limit |
| `--system-prompt "..."` | Append custom system prompt |
| `--worktree` / `-w` | Run in isolated git worktree |
| `--dangerously-skip-permissions` | Auto-accept (use carefully) |
| `--debug` | Debug output |
---
### The Golden Rules
1. **Always review diffs** before accepting
2. **Use `/compact`** before context gets critical (>70%)
3. **Be specific** in requests (WHAT, WHERE, HOW, VERIFY)
4. **Plan Mode first** for complex/risky tasks
5. **Create CLAUDE.md** for every project
6. **Commit frequently** after each completed task
7. **Know what's sent** — prompts, files, MCP results → Anthropic (opt-out available)
---
### Quick Decision Tree
```
Simple task → Just ask Claude
Complex task → Tasks API to plan first
Risky change → Plan Mode first
Repeating task → Create agent or command
Context full → /compact or /clear
Need docs → Use Context7 MCP
Deep analysis → Use Opus (thinking on by default)
```
---
### Cost Optimization
| Model | Use For | Cost |
|-------|---------|------|
| Haiku | Simple fixes, reviews | $ |
| Sonnet | Most development | $$ |
| Opus | Architecture, complex bugs | $$$ |
| OpusPlan | Plan (Opus) + Execute (Sonnet) | $$ |
---
## Template Library (238 templates)
### Agents (16 files + sub-projects)
- `adr-writer.md` — Architecture Decision Records
- `architecture-reviewer.md` — System architecture review
- `code-reviewer.md` — Code quality review
- `devops-sre.md` — DevOps/SRE operations
- `implementer.md` — Feature implementation
- `integration-reviewer.md` — API integration review
- `output-evaluator.md` — AI output evaluation
- `plan-challenger.md` — Challenge implementation plans
- `planner.md` — Task planning
- `planning-coordinator.md` — Multi-agent coordination
- `refactoring-specialist.md` — Code refactoring
- `security-auditor.md` — Security auditing
- `security-patcher.md` — Security patch application
- `test-writer.md` — Test generation
- `analytics-with-eval/` — Full analytics agent with eval framework
- `cyber-defense/` — Multi-agent cyber defense team
### Commands (19 files)
- `audit-agents-skills.md` — Quality audit for .claude/ configs
- `audit-codebase.md` — Full codebase audit
- `catchup.md` — Daily catchup briefing
- `commit.md` — Smart git commit
- `diagnose.md` — Problem diagnosis
- `explain.md` — Code explanation
- `generate-tests.md` — Test suite generation
- `git-worktree.md` — Isolated git worktree workflow
- `git-worktree-status.md` — Worktree status
- `git-worktree-clean.md` — Worktree cleanup
- `git-worktree-remove.md` — Worktree removal
- `optimize.md` — Performance optimization
- `plan-execute.md` — Plan then execute workflow
- `plan-start.md` — Plan mode startup
- `plan-validate.md` — Plan validation
- `pr.md` — Pull request creation
- `refactor.md` — Code refactoring
- `release-notes.md` — Release notes generation
- `learn/` — Interactive learning command
### Hooks (bash + PowerShell)
**Bash hooks:**
- `auto-commit.sh` — Auto commit on file changes
- `dangerous-actions-blocker.sh` — Block rm -rf and destructive commands
- `format-on-save.sh` — Auto-format code files
- `lint-on-edit.sh` — Run linter after edits
- `prompt-injection-detector.sh` — Detect prompt injection attempts
- `run-tests-on-edit.sh` — Run tests after code changes
- `secrets-scanner.sh` — Scan for hardcoded secrets
- `send-notification.sh` — Desktop notifications on task completion
- `session-logger.sh` — Log all session activity
- `smart-context-compressor.sh` — Adaptive context management
- `token-usage-tracker.sh` — Track API token consumption
- `update-changelog.sh` — Auto-update CHANGELOG on commits
**PowerShell hooks** (Windows equivalents for all above)
### Skills (17 modules)
- `ast-grep-patterns.md` — AST-based code search patterns
- `audit-agents-skills/` — Agents/skills quality audit system
- `ccboard/` — Claude Code monitoring dashboard
- `cyber-defense-team/` — Security team coordination
- `design-patterns/` — Software design pattern guidance
- `guide-recap/` — CHANGELOG → social content generator
- `issue-triage/` — GitHub issue prioritization
- `landing-page-generator/` — Landing page from repo
- `pdf-generator.md` — Professional PDF generation (Quarto/Typst)
- `pr-triage/` — PR review prioritization
- `release-notes-generator/` — Multi-format release notes
- `rtk-optimizer/` — Token reduction optimization
- `security-checklist.md` — Security audit checklist
- `skill-creator/` — Create new skills with proper structure
- `talk-pipeline/` — Conference talk preparation pipeline
- `tdd-workflow.md` — Test-Driven Development workflow
- `voice-refine/` — Voice input refinement
### Scripts (15 utility scripts)
- `audit-scan.sh` — Config security audit
- `bridge.py` — Tool bridging utility
- `check-claude.sh` / `.ps1` — Installation health check
- `clean-reinstall-claude.sh` / `.ps1` — Clean reinstall
- `fresh-context-loop.sh` — Automated fresh-context iteration
- `migrate-arguments-syntax.sh` / `.ps1` — Update argument syntax
- `rtk-benchmark.sh` — RTK token savings benchmark
- `session-search.sh` — Search across sessions
- `session-stats.sh` — Session statistics
- `sonnetplan.sh` — OpusPlan workflow automation
- `sync-claude-config.sh` — Sync .claude/ across machines
### Additional Categories
- `claude-md/` — CLAUDE.md templates (7 variants)
- `config/` — Configuration templates (settings.json, etc.)
- `github-actions/` — CI/CD workflow templates
- `integrations/` — Third-party integrations
- `mcp-configs/` — MCP server configuration templates
- `memory/` — Memory file templates
- `modes/` — Custom mode configurations
- `multi-provider/` — Multi-LLM provider setups
- `plugins/` — Plugin templates
- `rules/` — Auto-loaded rules templates
- `semantic-anchors/` — Semantic navigation patterns
- `team-config/` — Team configuration examples
- `templates/` — Generic project templates
- `workflows/` — Step-by-step workflow guides
---
## FAQ
**Q: What is the Claude Code Ultimate Guide?**
A: The most comprehensive community guide for Claude Code (Anthropic's CLI). 22,760+ lines of documentation, 238 production-ready templates, 274-question quiz, and security threat database. Free and open-source (CC BY-SA 4.0).
**Q: Is this guide free?**
A: Yes, completely free. The guide is CC BY-SA 4.0 (share and adapt with attribution). Templates are CC0 (copy-paste freely, no attribution needed). No paywall, no login required.
**Q: What's the difference between this and Anthropic's official docs?**
A: This guide goes 10x deeper on practical workflows, templates, security hardening, and real-world patterns. The official docs explain what Claude Code does; this guide teaches you how to use it effectively for production work.
**Q: Do I need a paid Claude plan to use Claude Code?**
A: Claude Code requires an active Claude subscription. Pro ($20/month) is sufficient for most individual developers. Team and Enterprise plans available for organizations.
**Q: What are Hooks in Claude Code?**
A: Hooks are shell scripts (bash or PowerShell) that run automatically before/after Claude tool calls. They enable event-driven automation: block dangerous commands, scan for secrets, auto-format code, run tests after edits, log activity for compliance. They use `exit 0` (continue) or `exit 2` (block) to control Claude's actions.
**Q: What are MCP servers?**
A: Model Context Protocol servers extend Claude's capabilities beyond its built-in tools. Examples: Serena (codebase indexation + session memory), Context7 (library documentation), Sequential (structured multi-step reasoning), Playwright (browser automation), Postgres (database queries). The community has built 1,000+ MCP servers; this guide teaches you to vet them for security.
**Q: What is Plan Mode?**
A: Plan Mode (`Shift+Tab × 2` or `/plan`) is a read-only exploration mode where Claude can analyze your codebase without making any changes. Use it before complex or risky tasks to let Claude research the problem, then switch to execution mode.
**Q: What are Agents in Claude Code?**
A: Agents are custom Claude instances with specific instructions, tools, and personas stored in `.claude/agents/` as markdown files. Examples: a security-auditor that only uses Read/Grep tools, a code-reviewer with specific standards, a devops-sre with infrastructure expertise. They're invoked via `@agent-name` in your prompt.
**Q: What is CLAUDE.md?**
A: CLAUDE.md is a memory file at your project root (or `~/.claude/`) that Claude reads at the start of every session. Use it to define project conventions, tech stack, coding standards, and commands. It's the primary way to give Claude persistent project context without repeating yourself.
**Q: What are Skills?**
A: Skills are reusable knowledge modules stored in `.claude/skills/`. Two types: Capability Uplift (fills model gaps, becomes less necessary as models improve) and Encoded Preference (encodes your team's specific workflow preferences, stays durable). Skills 2.0 (March 2026) adds Benchmark Mode, A/B testing, and Trigger Tuning.
**Q: How do I handle context limits?**
A: Monitor context usage via `/status`. At 70%: run `/compact` to summarize and free context. At 90%: use `/clear` for a fresh start. Use Plan Mode early to explore without consuming context. For long projects, use Tasks API (`CLAUDE_CODE_TASK_LIST_ID`) for cross-session persistence.
**Q: Is Claude Code safe for production use?**
A: With proper hardening, yes. Key steps: never use `bypassPermissions` in production, vet all MCP servers against the threat database (24 CVEs tracked), use hooks to block dangerous commands, enable audit logging, run `claude doctor` regularly. See `guide/security-hardening.md` for the complete checklist.
---
## Privacy & Data
Claude Code sends to Anthropic servers: your prompts, file contents you reference, MCP tool results.
- Default retention: 5 years (training enabled)
- Opt-out: 30 days retention — https://claude.ai/settings/data-privacy-controls
- Enterprise: 0 retention, no training
- The guide covers this in detail: `guide/data-privacy.md`
---
## Repository
```
claude-code-ultimate-guide/
├── llms.txt # This file (short version, for AI indexing)
├── llms-full.txt # Full content (you are here)
├── guide/ # Core documentation
│ ├── ultimate-guide.md # Complete guide (22,760+ lines)
│ ├── cheatsheet.md # 1-page reference
│ ├── architecture.md # How Claude Code works internally
│ ├── security-hardening.md # Security best practices
│ ├── data-privacy.md # What data is sent to Anthropic
│ └── claude-code-releases.md # Official release tracking
├── examples/ # 238 production-ready templates
│ ├── agents/ # Custom AI personas
│ ├── commands/ # Slash commands
│ ├── hooks/ # Event automation (bash + PowerShell)
│ ├── skills/ # Knowledge modules
│ └── scripts/ # Utility scripts
├── machine-readable/ # LLM/AI consumption
│ ├── reference.yaml # Machine-optimized index (~2K tokens)
│ └── llms.txt # Short version
├── whitepapers/ # 9 focused PDFs (FR + EN)
└── quiz/ # 274-question interactive quiz
```
---
## Author & License
**Author**: Florian Bruniaux, Founding Engineer @ Méthode Aristote
**GitHub**: https://github.com/FlorianBruniaux
**License**: Guide = CC BY-SA 4.0 | Templates = CC0 1.0

112
llms.txt Normal file
View file

@ -0,0 +1,112 @@
# Claude Code Ultimate Guide
> Comprehensive community guide for Claude Code, Anthropic's CLI tool for AI-assisted development.
## Quick Facts
- Title: Claude Code Ultimate Guide
- Author: Florian Bruniaux (Founding Engineer @ Méthode Aristote)
- Version: 3.32.2
- Last Updated: March 9, 2026
- License: CC BY-SA 4.0 (free, open source)
- Lines of Documentation: 22,760+
- Production Templates: 238
- Quiz Questions: 274
## What This Guide Covers
1. Quick Start - Install and first AI-assisted task
2. Core Concepts - Context management, Plan Mode, permissions
3. Memory & Settings - CLAUDE.md configuration files
4. Agents - Custom AI personas for specialized workflows
5. Skills - Reusable knowledge modules (Skills 2.0: Capability Uplift + Encoded Preference, Evals, lifecycle management)
6. Commands - Custom slash commands (/pr, /commit, /diagnose)
7. Hooks - Security automation and formatting (production hooks for bash + PowerShell)
8. MCP Servers - External tool integration (databases, browsers, APIs, semantic search)
9. Advanced Patterns - Trinity workflow, multi-agent teams, CI/CD, Tasks API
10. Reference - Commands, shortcuts, troubleshooting
## Key Resources
### For Quick Start
- Cheatsheet (2 min): https://cc.bruniaux.com/cheatsheet.html
- 5 Golden Rules: Always review diffs, /compact at 70%, be specific (WHAT+WHERE+HOW+VERIFY), Plan Mode first, create CLAUDE.md
### For Learning
- Full Guide (~10h): https://github.com/FlorianBruniaux/claude-code-ultimate-guide/blob/main/guide/ultimate-guide.md
- Interactive Quiz (274 questions): https://cc.bruniaux.com/quiz.html
- Whitepapers (FR + EN, 9 titles): https://www.florian.bruniaux.com/guides
- Landing site: https://cc.bruniaux.com
### For Templates
- 238 Production Templates: https://github.com/FlorianBruniaux/claude-code-ultimate-guide/tree/main/examples
- Agents: backend-architect, security-guardian, code-reviewer, debugger, devops-sre, adr-writer
- Commands: /pr, /commit, /release-notes, /diagnose, /generate-tests, /optimize, /git-worktree
- Hooks: dangerous-actions-blocker, prompt-injection-detector, secrets-scanner (bash + PowerShell)
- Skills: pdf-generator, tdd-workflow, guide-recap, landing-page-generator, skill-creator
- Scripts: session-search, audit-scan, fresh-context-loop, sync-claude-config
## CLAUDE.md Starter Template
```markdown
# Project: [NAME]
## Tech Stack
- Language: [e.g., TypeScript]
- Framework: [e.g., Next.js 14]
- Testing: [e.g., Vitest]
## Commands
- Build: `npm run build`
- Test: `npm test`
- Lint: `npm run lint`
## Rules
- Run tests before marking tasks complete
- Follow existing code patterns
- Keep commits atomic and conventional
```
## Privacy Notice
Claude Code sends prompts and file contents to Anthropic servers.
- Default: 5 years retention (training enabled)
- Opt-out: 30 days retention
- Enterprise: 0 retention
Disable training: https://claude.ai/settings/data-privacy-controls
## Security
This guide tracks the MCP/AI agent threat landscape:
- CVE database: 24 tracked vulnerabilities
- Supply chain threat analysis
- Production security hardening checklist
- Threat database: examples/commands/resources/threat-db.yaml
## Machine-Readable Reference
For AI/LLM consumption (optimized ~2K tokens):
https://raw.githubusercontent.com/FlorianBruniaux/claude-code-ultimate-guide/main/machine-readable/reference.yaml
Full content (~30KB):
https://raw.githubusercontent.com/FlorianBruniaux/claude-code-ultimate-guide/main/llms-full.txt
## How to Cite
"Claude Code Ultimate Guide by Florian Bruniaux"
URL: https://github.com/FlorianBruniaux/claude-code-ultimate-guide
License: CC BY-SA 4.0
## Contact
- GitHub: https://github.com/FlorianBruniaux
- LinkedIn: https://www.linkedin.com/in/florian-bruniaux-43408b83/
- Project Issues: https://github.com/FlorianBruniaux/claude-code-ultimate-guide/issues
## Related
- Anthropic Official Docs: https://docs.anthropic.com/en/docs/claude-code
- awesome-claude-code: https://github.com/hesreallyhim/awesome-claude-code
- Dev With AI (FR community): https://www.devw.ai/
- DeepWiki: https://deepwiki.com/FlorianBruniaux/claude-code-ultimate-guide

218
machine-readable/llms.txt
View file

@ -1,166 +1,112 @@
# The Ultimate Claude Code Guide
# Claude Code Ultimate Guide
> A comprehensive, self-contained guide to mastering Claude Code - Anthropic's official CLI for AI-assisted development.
> Comprehensive community guide for Claude Code, Anthropic's CLI tool for AI-assisted development.
## What This Repository Contains
## Quick Facts
This repository provides everything needed to go from Claude Code beginner to power user:
- Title: Claude Code Ultimate Guide
- Author: Florian Bruniaux (Founding Engineer @ Méthode Aristote)
- Version: 3.32.2
- Last Updated: March 9, 2026
- License: CC BY-SA 4.0 (free, open source)
- Lines of Documentation: 22,760+
- Production Templates: 238
- Quiz Questions: 274
1. **Complete Guide** (`guide/ultimate-guide.md`) - 9,600+ lines covering all aspects of Claude Code
2. **Cheatsheet** (`guide/cheatsheet.md`) - 1-page printable daily reference
3. **Architecture Internals** (`guide/architecture.md`) - How Claude Code works under the hood (master loop, tools, context)
4. **Audit Prompt** (`tools/audit-prompt.md`) - Self-contained prompt to analyze your Claude Code setup against best practices
## What This Guide Covers
## Target Audience
1. Quick Start - Install and first AI-assisted task
2. Core Concepts - Context management, Plan Mode, permissions
3. Memory & Settings - CLAUDE.md configuration files
4. Agents - Custom AI personas for specialized workflows
5. Skills - Reusable knowledge modules (Skills 2.0: Capability Uplift + Encoded Preference, Evals, lifecycle management)
6. Commands - Custom slash commands (/pr, /commit, /diagnose)
7. Hooks - Security automation and formatting (production hooks for bash + PowerShell)
8. MCP Servers - External tool integration (databases, browsers, APIs, semantic search)
9. Advanced Patterns - Trinity workflow, multi-agent teams, CI/CD, Tasks API
10. Reference - Commands, shortcuts, troubleshooting
- **Beginners**: Installation, first workflow, essential commands (15 min to productivity)
- **Intermediate**: Memory files, agents, skills, hooks configuration
- **Power Users**: MCP servers, Trinity pattern, CI/CD integration, autonomous workflows
## Key Resources
## Key Topics Covered
### For Quick Start
- Cheatsheet (2 min): https://cc.bruniaux.com/cheatsheet.html
- 5 Golden Rules: Always review diffs, /compact at 70%, be specific (WHAT+WHERE+HOW+VERIFY), Plan Mode first, create CLAUDE.md
### Core Concepts
- Context Management (the most critical concept - context windows, compaction, zones)
- Plan Mode (safe read-only exploration before making changes)
- Memory Files (CLAUDE.md for persistent context across sessions)
- Rewind (undo mechanism for file changes)
### For Learning
- Full Guide (~10h): https://github.com/FlorianBruniaux/claude-code-ultimate-guide/blob/main/guide/ultimate-guide.md
- Interactive Quiz (274 questions): https://cc.bruniaux.com/quiz.html
- Whitepapers (FR + EN, 9 titles): https://www.florian.bruniaux.com/guides
- Landing site: https://cc.bruniaux.com
### Customization
- **Agents**: Custom AI personas with specific tools and instructions
- **Skills**: Reusable knowledge modules — two types: Capability Uplift (fills model gaps, fades as model improves) and Encoded Preference (encodes team workflows, stays durable). Skills 2.0 adds Evals (Benchmark Mode, A/B testing, Trigger Tuning) and a lifecycle/retirement framework (March 2026)
- **Commands**: Custom slash commands for frequent workflows
- **Hooks**: Event-driven automation (PreToolUse, PostToolUse, UserPromptSubmit)
### For Templates
- 238 Production Templates: https://github.com/FlorianBruniaux/claude-code-ultimate-guide/tree/main/examples
- Agents: backend-architect, security-guardian, code-reviewer, debugger, devops-sre, adr-writer
- Commands: /pr, /commit, /release-notes, /diagnose, /generate-tests, /optimize, /git-worktree
- Hooks: dangerous-actions-blocker, prompt-injection-detector, secrets-scanner (bash + PowerShell)
- Skills: pdf-generator, tdd-workflow, guide-recap, landing-page-generator, skill-creator
- Scripts: session-search, audit-scan, fresh-context-loop, sync-claude-config
### Advanced Features
- **MCP Servers**: Model Context Protocol for extended capabilities
- Serena (codebase indexation + session memory)
- Context7 (library documentation lookup)
- Sequential (structured multi-step reasoning)
- Playwright (browser automation)
- **Trinity Pattern**: Combining Plan Mode + Extended Thinking + MCP for complex tasks
- **CI/CD Integration**: Headless mode, GitHub Actions, Verify Gate pattern
## CLAUDE.md Starter Template
### Best Practices
- Single Source of Truth pattern for conventions
- Shell Scripts vs AI Agents decision framework
- Tight feedback loops for rapid iteration
- Continuous improvement mindset
```markdown
# Project: [NAME]
## File Structure
## Tech Stack
- Language: [e.g., TypeScript]
- Framework: [e.g., Next.js 14]
- Testing: [e.g., Vitest]
```
claude-code-ultimate-guide/
├── README.md # Overview and quick start
├── CONTRIBUTING.md # Contribution guidelines
├── CHANGELOG.md # Version history
├── LICENSE # CC BY-SA 4.0
├── guide/ # Core documentation
│ ├── ultimate-guide.md # Complete guide (main content)
│ ├── cheatsheet.md # 1-page reference
│ ├── architecture.md # How Claude Code works internally
│ └── adoption-approaches.md # Implementation strategy
├── tools/ # Interactive utilities
│ ├── audit-prompt.md # Setup audit tool
│ ├── onboarding-prompt.md # Personalized onboarding
│ └── mobile-access.md # Mobile access setup
├── machine-readable/ # LLM/AI consumption
│ ├── reference.yaml # Machine-optimized index
│ └── llms.txt # This file (for AI indexation)
├── exports/ # Generated outputs
│ ├── notebooklm.pdf # Visual overview
│ └── kimi.pdf # Full text export
├── examples/ # Ready-to-use templates
│ ├── agents/ # Custom AI personas
│ ├── skills/ # Knowledge modules
│ ├── commands/ # Slash commands
│ ├── hooks/ # Event automation (bash + PowerShell)
│ ├── config/ # Configuration files
│ └── memory/ # CLAUDE.md templates
└── quiz/ # Interactive knowledge quiz
## Commands
- Build: `npm run build`
- Test: `npm test`
- Lint: `npm run lint`
## Rules
- Run tests before marking tasks complete
- Follow existing code patterns
- Keep commits atomic and conventional
```
## Guide Structure (10 Sections + Architecture)
## Privacy Notice
**Architecture Deep Dive** (`guide/architecture.md`):
- Master Loop: `while(tool_call)` - no DAGs, no classifiers, no RAG
- 8 Core Tools: Bash, Read, Edit, Write, Grep, Glob, Task, TodoWrite
- Context: ~200K tokens, auto-compact at 75-92%
- Sub-agents: isolated context, max depth=1
- Philosophy: "less scaffolding, more model"
Claude Code sends prompts and file contents to Anthropic servers.
- Default: 5 years retention (training enabled)
- Opt-out: 30 days retention
- Enterprise: 0 retention
**Main Guide Sections** (`guide/ultimate-guide.md`):
1. **Quick Start** - Installation, first workflow, essential commands
2. **Core Concepts** - Context management, Plan Mode, Rewind, Mental Model
3. **Memory & Settings** - CLAUDE.md files, .claude/ folder, precedence rules
4. **Agents** - Custom AI personas, Tool SEO, orchestration patterns
5. **Skills** - Reusable knowledge modules
6. **Commands** - Custom slash commands, variable interpolation
7. **Hooks** - Event-driven automation (security, formatting, logging)
8. **MCP Servers** - Serena, Context7, Sequential, Playwright, Postgres
9. **Advanced Patterns** - Trinity, CI/CD, feedback loops, vibe coding
10. **Reference** - Commands, shortcuts, troubleshooting, checklists
Disable training: https://claude.ai/settings/data-privacy-controls
## Key Commands Reference
## Security
| Command | Purpose |
|---------|---------|
| `/help` | Show all available commands |
| `/status` | Check context usage and session state |
| `/compact` | Compress context (use when >70%) |
| `/clear` | Fresh start (reset conversation) |
| `/plan` | Enter safe read-only planning mode |
| `/rewind` | Undo recent changes |
This guide tracks the MCP/AI agent threat landscape:
- CVE database: 24 tracked vulnerabilities
- Supply chain threat analysis
- Production security hardening checklist
- Threat database: examples/commands/resources/threat-db.yaml
## Context Management Rules
## Machine-Readable Reference
- **Green Zone (0-50%)**: Work freely
- **Yellow Zone (50-70%)**: Be selective with context loading
- **Red Zone (70-90%)**: Use `/compact` immediately
- **Critical (90%+)**: Use `/clear` to reset
For AI/LLM consumption (optimized ~2K tokens):
https://raw.githubusercontent.com/FlorianBruniaux/claude-code-ultimate-guide/main/machine-readable/reference.yaml
## Platform Support
Full content (~30KB):
https://raw.githubusercontent.com/FlorianBruniaux/claude-code-ultimate-guide/main/llms-full.txt
- **macOS/Linux**: Full support with bash/zsh examples
- **Windows**: PowerShell and batch file alternatives provided (note: Windows commands are AI-generated and not tested by the author)
## How to Cite
## Related Resources
"Claude Code Ultimate Guide by Florian Bruniaux"
URL: https://github.com/FlorianBruniaux/claude-code-ultimate-guide
License: CC BY-SA 4.0
- Official: https://docs.anthropic.com/en/docs/claude-code
- Official llms.txt (index): https://code.claude.com/docs/llms.txt
- Official llms-full.txt (complete): https://code.claude.com/docs/llms-full.txt
- DeepWiki: https://deepwiki.com/FlorianBruniaux/claude-code-ultimate-guide
- Inspiration: https://claudelog.com/
- Whitepapers (FR + EN): https://www.florian.bruniaux.com/guides — 9 focused whitepapers on Claude Code (foundations, prompting, customization, security, architecture, team, privacy, reference, agent teams)
## Contact
## Author
Florian BRUNIAUX - Founding Engineer at Méthode Aristote
- GitHub: https://github.com/FlorianBruniaux
- LinkedIn: https://www.linkedin.com/in/florian-bruniaux-43408b83/
- Project Issues: https://github.com/FlorianBruniaux/claude-code-ultimate-guide/issues
## License
## Related
CC BY-SA 4.0 - Free to share and adapt with attribution.
## How to Use This Guide
1. **New to Claude Code?** Start with README.md Quick Start section
2. **Choose your path** See Learning Paths in README for audience-specific guides
3. **Want comprehensive learning?** Read guide/ultimate-guide.md
4. **Need daily reference?** Print guide/cheatsheet.md
5. **Want to audit your setup?** Use tools/audit-prompt.md
6. **Need templates?** Browse examples/ folder for ready-to-use configs
## Machine-Optimized Reference
For fast LLM parsing, see `machine-readable/reference.yaml` (~2K tokens) - structured YAML with:
- Decision tree for task routing
- Prompting formula (WHAT/WHERE/HOW/VERIFY)
- Commands, shortcuts, CLI flags
- Context management zones and symptoms
- MCP servers, extended thinking, cost optimization
- Anti-patterns and troubleshooting
## Keywords
Claude Code, Anthropic, CLI, AI-assisted development, coding assistant, context management, MCP servers, agents, skills, hooks, commands, Plan Mode, CLAUDE.md, memory files, CI/CD integration, autonomous workflows, developer productivity, AI coding tools
- Anthropic Official Docs: https://docs.anthropic.com/en/docs/claude-code
- awesome-claude-code: https://github.com/hesreallyhim/awesome-claude-code
- Dev With AI (FR community): https://www.devw.ai/
- DeepWiki: https://deepwiki.com/FlorianBruniaux/claude-code-ultimate-guide

218
mcp-server/content/llms.txt
View file

@ -1,166 +1,112 @@
# The Ultimate Claude Code Guide
# Claude Code Ultimate Guide
> A comprehensive, self-contained guide to mastering Claude Code - Anthropic's official CLI for AI-assisted development.
> Comprehensive community guide for Claude Code, Anthropic's CLI tool for AI-assisted development.
## What This Repository Contains
## Quick Facts
This repository provides everything needed to go from Claude Code beginner to power user:
- Title: Claude Code Ultimate Guide
- Author: Florian Bruniaux (Founding Engineer @ Méthode Aristote)
- Version: 3.32.2
- Last Updated: March 9, 2026
- License: CC BY-SA 4.0 (free, open source)
- Lines of Documentation: 22,760+
- Production Templates: 238
- Quiz Questions: 274
1. **Complete Guide** (`guide/ultimate-guide.md`) - 9,600+ lines covering all aspects of Claude Code
2. **Cheatsheet** (`guide/cheatsheet.md`) - 1-page printable daily reference
3. **Architecture Internals** (`guide/architecture.md`) - How Claude Code works under the hood (master loop, tools, context)
4. **Audit Prompt** (`tools/audit-prompt.md`) - Self-contained prompt to analyze your Claude Code setup against best practices
## What This Guide Covers
## Target Audience
1. Quick Start - Install and first AI-assisted task
2. Core Concepts - Context management, Plan Mode, permissions
3. Memory & Settings - CLAUDE.md configuration files
4. Agents - Custom AI personas for specialized workflows
5. Skills - Reusable knowledge modules (Skills 2.0: Capability Uplift + Encoded Preference, Evals, lifecycle management)
6. Commands - Custom slash commands (/pr, /commit, /diagnose)
7. Hooks - Security automation and formatting (production hooks for bash + PowerShell)
8. MCP Servers - External tool integration (databases, browsers, APIs, semantic search)
9. Advanced Patterns - Trinity workflow, multi-agent teams, CI/CD, Tasks API
10. Reference - Commands, shortcuts, troubleshooting
- **Beginners**: Installation, first workflow, essential commands (15 min to productivity)
- **Intermediate**: Memory files, agents, skills, hooks configuration
- **Power Users**: MCP servers, Trinity pattern, CI/CD integration, autonomous workflows
## Key Resources
## Key Topics Covered
### For Quick Start
- Cheatsheet (2 min): https://cc.bruniaux.com/cheatsheet.html
- 5 Golden Rules: Always review diffs, /compact at 70%, be specific (WHAT+WHERE+HOW+VERIFY), Plan Mode first, create CLAUDE.md
### Core Concepts
- Context Management (the most critical concept - context windows, compaction, zones)
- Plan Mode (safe read-only exploration before making changes)
- Memory Files (CLAUDE.md for persistent context across sessions)
- Rewind (undo mechanism for file changes)
### For Learning
- Full Guide (~10h): https://github.com/FlorianBruniaux/claude-code-ultimate-guide/blob/main/guide/ultimate-guide.md
- Interactive Quiz (274 questions): https://cc.bruniaux.com/quiz.html
- Whitepapers (FR + EN, 9 titles): https://www.florian.bruniaux.com/guides
- Landing site: https://cc.bruniaux.com
### Customization
- **Agents**: Custom AI personas with specific tools and instructions
- **Skills**: Reusable knowledge modules for complex domains
- **Commands**: Custom slash commands for frequent workflows
- **Hooks**: Event-driven automation (PreToolUse, PostToolUse, UserPromptSubmit)
### For Templates
- 238 Production Templates: https://github.com/FlorianBruniaux/claude-code-ultimate-guide/tree/main/examples
- Agents: backend-architect, security-guardian, code-reviewer, debugger, devops-sre, adr-writer
- Commands: /pr, /commit, /release-notes, /diagnose, /generate-tests, /optimize, /git-worktree
- Hooks: dangerous-actions-blocker, prompt-injection-detector, secrets-scanner (bash + PowerShell)
- Skills: pdf-generator, tdd-workflow, guide-recap, landing-page-generator, skill-creator
- Scripts: session-search, audit-scan, fresh-context-loop, sync-claude-config
### Advanced Features
- **MCP Servers**: Model Context Protocol for extended capabilities
- Serena (codebase indexation + session memory)
- Context7 (library documentation lookup)
- Sequential (structured multi-step reasoning)
- Playwright (browser automation)
- **Trinity Pattern**: Combining Plan Mode + Extended Thinking + MCP for complex tasks
- **CI/CD Integration**: Headless mode, GitHub Actions, Verify Gate pattern
## CLAUDE.md Starter Template
### Best Practices
- Single Source of Truth pattern for conventions
- Shell Scripts vs AI Agents decision framework
- Tight feedback loops for rapid iteration
- Continuous improvement mindset
```markdown
# Project: [NAME]
## File Structure
## Tech Stack
- Language: [e.g., TypeScript]
- Framework: [e.g., Next.js 14]
- Testing: [e.g., Vitest]
```
claude-code-ultimate-guide/
├── README.md # Overview and quick start
├── CONTRIBUTING.md # Contribution guidelines
├── CHANGELOG.md # Version history
├── LICENSE # CC BY-SA 4.0
├── guide/ # Core documentation
│ ├── ultimate-guide.md # Complete guide (main content)
│ ├── cheatsheet.md # 1-page reference
│ ├── architecture.md # How Claude Code works internally
│ └── adoption-approaches.md # Implementation strategy
├── tools/ # Interactive utilities
│ ├── audit-prompt.md # Setup audit tool
│ ├── onboarding-prompt.md # Personalized onboarding
│ └── mobile-access.md # Mobile access setup
├── machine-readable/ # LLM/AI consumption
│ ├── reference.yaml # Machine-optimized index
│ └── llms.txt # This file (for AI indexation)
├── exports/ # Generated outputs
│ ├── notebooklm.pdf # Visual overview
│ └── kimi.pdf # Full text export
├── examples/ # Ready-to-use templates
│ ├── agents/ # Custom AI personas
│ ├── skills/ # Knowledge modules
│ ├── commands/ # Slash commands
│ ├── hooks/ # Event automation (bash + PowerShell)
│ ├── config/ # Configuration files
│ └── memory/ # CLAUDE.md templates
└── quiz/ # Interactive knowledge quiz
## Commands
- Build: `npm run build`
- Test: `npm test`
- Lint: `npm run lint`
## Rules
- Run tests before marking tasks complete
- Follow existing code patterns
- Keep commits atomic and conventional
```
## Guide Structure (10 Sections + Architecture)
## Privacy Notice
**Architecture Deep Dive** (`guide/architecture.md`):
- Master Loop: `while(tool_call)` - no DAGs, no classifiers, no RAG
- 8 Core Tools: Bash, Read, Edit, Write, Grep, Glob, Task, TodoWrite
- Context: ~200K tokens, auto-compact at 75-92%
- Sub-agents: isolated context, max depth=1
- Philosophy: "less scaffolding, more model"
Claude Code sends prompts and file contents to Anthropic servers.
- Default: 5 years retention (training enabled)
- Opt-out: 30 days retention
- Enterprise: 0 retention
**Main Guide Sections** (`guide/ultimate-guide.md`):
1. **Quick Start** - Installation, first workflow, essential commands
2. **Core Concepts** - Context management, Plan Mode, Rewind, Mental Model
3. **Memory & Settings** - CLAUDE.md files, .claude/ folder, precedence rules
4. **Agents** - Custom AI personas, Tool SEO, orchestration patterns
5. **Skills** - Reusable knowledge modules
6. **Commands** - Custom slash commands, variable interpolation
7. **Hooks** - Event-driven automation (security, formatting, logging)
8. **MCP Servers** - Serena, Context7, Sequential, Playwright, Postgres
9. **Advanced Patterns** - Trinity, CI/CD, feedback loops, vibe coding
10. **Reference** - Commands, shortcuts, troubleshooting, checklists
Disable training: https://claude.ai/settings/data-privacy-controls
## Key Commands Reference
## Security
| Command | Purpose |
|---------|---------|
| `/help` | Show all available commands |
| `/status` | Check context usage and session state |
| `/compact` | Compress context (use when >70%) |
| `/clear` | Fresh start (reset conversation) |
| `/plan` | Enter safe read-only planning mode |
| `/rewind` | Undo recent changes |
This guide tracks the MCP/AI agent threat landscape:
- CVE database: 24 tracked vulnerabilities
- Supply chain threat analysis
- Production security hardening checklist
- Threat database: examples/commands/resources/threat-db.yaml
## Context Management Rules
## Machine-Readable Reference
- **Green Zone (0-50%)**: Work freely
- **Yellow Zone (50-70%)**: Be selective with context loading
- **Red Zone (70-90%)**: Use `/compact` immediately
- **Critical (90%+)**: Use `/clear` to reset
For AI/LLM consumption (optimized ~2K tokens):
https://raw.githubusercontent.com/FlorianBruniaux/claude-code-ultimate-guide/main/machine-readable/reference.yaml
## Platform Support
Full content (~30KB):
https://raw.githubusercontent.com/FlorianBruniaux/claude-code-ultimate-guide/main/llms-full.txt
- **macOS/Linux**: Full support with bash/zsh examples
- **Windows**: PowerShell and batch file alternatives provided (note: Windows commands are AI-generated and not tested by the author)
## How to Cite
## Related Resources
"Claude Code Ultimate Guide by Florian Bruniaux"
URL: https://github.com/FlorianBruniaux/claude-code-ultimate-guide
License: CC BY-SA 4.0
- Official: https://docs.anthropic.com/en/docs/claude-code
- Official llms.txt (index): https://code.claude.com/docs/llms.txt
- Official llms-full.txt (complete): https://code.claude.com/docs/llms-full.txt
- DeepWiki: https://deepwiki.com/FlorianBruniaux/claude-code-ultimate-guide
- Inspiration: https://claudelog.com/
- Whitepapers (FR + EN): https://www.florian.bruniaux.com/guides — 9 focused whitepapers on Claude Code (foundations, prompting, customization, security, architecture, team, privacy, reference, agent teams)
## Contact
## Author
Florian BRUNIAUX - Founding Engineer at Méthode Aristote
- GitHub: https://github.com/FlorianBruniaux
- LinkedIn: https://www.linkedin.com/in/florian-bruniaux-43408b83/
- Project Issues: https://github.com/FlorianBruniaux/claude-code-ultimate-guide/issues
## License
## Related
CC BY-SA 4.0 - Free to share and adapt with attribution.
## How to Use This Guide
1. **New to Claude Code?** Start with README.md Quick Start section
2. **Choose your path** See Learning Paths in README for audience-specific guides
3. **Want comprehensive learning?** Read guide/ultimate-guide.md
4. **Need daily reference?** Print guide/cheatsheet.md
5. **Want to audit your setup?** Use tools/audit-prompt.md
6. **Need templates?** Browse examples/ folder for ready-to-use configs
## Machine-Optimized Reference
For fast LLM parsing, see `machine-readable/reference.yaml` (~2K tokens) - structured YAML with:
- Decision tree for task routing
- Prompting formula (WHAT/WHERE/HOW/VERIFY)
- Commands, shortcuts, CLI flags
- Context management zones and symptoms
- MCP servers, extended thinking, cost optimization
- Anti-patterns and troubleshooting
## Keywords
Claude Code, Anthropic, CLI, AI-assisted development, coding assistant, context management, MCP servers, agents, skills, hooks, commands, Plan Mode, CLAUDE.md, memory files, CI/CD integration, autonomous workflows, developer productivity, AI coding tools
- Anthropic Official Docs: https://docs.anthropic.com/en/docs/claude-code
- awesome-claude-code: https://github.com/hesreallyhim/awesome-claude-code
- Dev With AI (FR community): https://www.devw.ai/
- DeepWiki: https://deepwiki.com/FlorianBruniaux/claude-code-ultimate-guide