release: v3.29.2 - /simplify + /batch commands documentation

Added dedicated sections for the two bundled slash commands introduced in Claude Code v2.1.63: /simplify (over-engineering detection) and /batch (batch processing). Built-in Commands table updated in §1.3 and §6.1. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-02 17:30:58 +01:00 · 2026-03-02 17:30:58 +01:00 · 2195622b50
commit 2195622b50
parent 252148fe75
6 changed files with 102 additions and 17 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -6,6 +6,15 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).

 ## [Unreleased]

+- **skills.sh security audits** (`guide/ultimate-guide.md` §Skills Marketplace) — nouvelle sous-section "Security Audits (February 2026)" : 3 partenaires indépendants (Socket analyse statique 97% F1, Snyk mcp-scan 0% faux positifs, Gen Agent Trust Hub monitoring continu), 4 niveaux de risque (Safe/Low/High/Critical), monitoring post-install, mental model "skill = dépendance exécutable". Trade-offs mis à jour : suppression warning "Early stage", ajout ✅ audits automatisés + monitoring continu. 3 références sources ajoutées (Vercel changelog, Snyk blog, Gen/PRNewswire). Source : [Vercel, 17 fév 2026](https://vercel.com/changelog/automated-security-audits-now-available-for-skills-sh).
+
+## [3.29.2] - 2026-03-02
+
+### Added
+- **`/simplify` command documentation** (`guide/ultimate-guide.md` §6.1) — section dédiée pour la commande bundlée v2.1.63 : description officielle (over-engineering, redundant abstractions), 3 dimensions analysées (reuse/quality/efficiency), exemples d'usage ciblé (`/simplify focus on error handling`), table de positionnement vs linters/formatters.
+- **`/batch` command documentation** (`guide/ultimate-guide.md` §6.1) — section dédiée pour la commande bundlée v2.1.63 : traitement de plusieurs éléments en une invocation.
+- **Table Built-in Commands mise à jour** — `/simplify` et `/batch` ajoutés §6.1 et §1.3. Sources : release notes GitHub officiel + Perplexity.
+
 ## [3.29.1] - 2026-03-02

 ### Added
--- a/README.md
+++ b/README.md
@ -6,7 +6,7 @@

 <p align="center">
  <a href="https://github.com/FlorianBruniaux/claude-code-ultimate-guide/stargazers"><img src="https://img.shields.io/github/stars/FlorianBruniaux/claude-code-ultimate-guide?style=for-the-badge" alt="Stars"/></a>
-  <a href="./CHANGELOG.md"><img src="https://img.shields.io/badge/Updated-Mar_2,_2026_·_v3.29.1-brightgreen?style=for-the-badge" alt="Last Update"/></a>
+  <a href="./CHANGELOG.md"><img src="https://img.shields.io/badge/Updated-Mar_2,_2026_·_v3.29.2-brightgreen?style=for-the-badge" alt="Last Update"/></a>
  <a href="./quiz/"><img src="https://img.shields.io/badge/Quiz-274_questions-orange?style=for-the-badge" alt="Quiz"/></a>
  <a href="./examples/"><img src="https://img.shields.io/badge/Templates-175-green?style=for-the-badge" alt="Templates"/></a>
  <a href="./guide/security-hardening.md"><img src="https://img.shields.io/badge/🛡️_Threat_DB-24_CVEs_·_655_malicious_skills-red?style=for-the-badge" alt="Threat Database"/></a>
@ -846,7 +846,7 @@ See [CONTRIBUTING.md](./CONTRIBUTING.md) for guidelines.

 ---

-*Version 3.29.1 | Updated daily · Mar 2, 2026 | Crafted with Claude*
+*Version 3.29.2 | Updated daily · Mar 2, 2026 | Crafted with Claude*

 <!-- SEO Keywords -->
 <!-- claude code, claude code tutorial, anthropic cli, ai coding assistant, claude code mcp,
--- a/2
+++ b/2
@ -1 +1 @@
-3.29.1
+3.29.2
--- a/guide/cheatsheet.md
+++ b/guide/cheatsheet.md
@ -12,7 +12,7 @@ tags: [cheatsheet, reference]

 **Written with**: Claude (Anthropic)

-**Version**: 3.29.1 | **Last Updated**: February 2026
+**Version**: 3.29.2 | **Last Updated**: February 2026

 ---

@ -606,4 +606,4 @@ where.exe claude; claude doctor; claude mcp list

 **Author**: Florian BRUNIAUX | [@Méthode Aristote](https://methode-aristote.fr) | Written with Claude

-*Last updated: February 2026 | Version 3.29.1*
+*Last updated: February 2026 | Version 3.29.2*
--- a/guide/ultimate-guide.md
+++ b/guide/ultimate-guide.md
@ -16,7 +16,7 @@ tags: [guide, reference, workflows, agents, hooks, mcp, security]

 **Last updated**: January 2026

-**Version**: 3.29.1
+**Version**: 3.29.2

 ---

@ -4667,7 +4667,7 @@ The `.claude/` folder is your project's Claude Code directory for memory, settin
 | Personal preferences | `CLAUDE.md` | ❌ Gitignore |
 | Personal permissions | `settings.local.json` | ❌ Gitignore |

-### 3.29.1 Version Control & Backup
+### 3.29.2 Version Control & Backup

 **Problem**: Without version control, losing your Claude Code configuration means hours of manual reconfiguration across agents, skills, hooks, and MCP servers.

@ -7369,9 +7369,32 @@ npx add-skill anthropics/claude-plugins-official  # CLAUDE.md auditor + automati

 Full catalog: [skills.sh leaderboard](https://skills.sh/)

+#### Security Audits (February 2026)
+
+Vercel launched automated security scanning on every skills.sh skill ([announcement, Feb 17, 2026](https://vercel.com/changelog/automated-security-audits-now-available-for-skills-sh)), partnering with three independent security firms covering 60,000+ skills:
+
+| Partner | Method | Performance |
+|---------|--------|-------------|
+| **Socket** | Cross-ecosystem static analysis + LLM-based noise reduction (curl\|sh, obfuscation, exfiltration, suspicious deps) | 95% precision, 97% F1 |
+| **Snyk** | `mcp-scan` engine: LLM judges + deterministic rules, detects "toxic flows" between natural language and executable code | 90-100% recall, 0% false positives on legit skills |
+| **Gen (Agent Trust Hub)** | Real-time monitoring of connections in/out of agents to prevent data exfiltration and prompt injection | Continuous |
+
+**Risk levels** displayed on every skill page and shown before installation via `skills@1.4.0+`:
+
+| Rating | Meaning |
+|--------|---------|
+| ✅ Safe | Verified against security best practices |
+| 🟡 Low Risk | Minor risk indicators detected |
+| 🔴 High Risk | Significant security concerns |
+| ☠️ Critical | Severe or malicious behavior — hidden from search |
+
+**Continuous monitoring**: skills are re-evaluated as detection improves. If a repository becomes malicious after install, its rating updates automatically.
+
+> **Mental model**: treat a skill like a Docker image — it's an executable dependency, not a prompt. Verify the rating before installing in production.
+
 #### Status & Trade-offs

-**Status**: Very recent (launched Jan 21, 2026), rapid adoption but early stage
+**Status**: Launched Jan 21, 2026, security-audited since Feb 17, 2026 (Socket + Snyk + Gen)

 **Governance**: Community project by Vercel Labs (not official Anthropic). Skills contributed by Vercel, Anthropic, Supabase, and community members.

@ -7379,8 +7402,9 @@ Full catalog: [skills.sh leaderboard](https://skills.sh/)
 - ✅ Centralized discovery + leaderboard (200+ skills)
 - ✅ One-command install (vs manual GitHub clone)
 - ✅ Format 100% compatible with this guide
+- ✅ Automated 3-layer security audit before installation
+- ✅ Continuous monitoring post-install
 - ⚠️ Multi-agent focus (not Claude Code specific)
- ⚠️ Early stage (maturity to prove over time)
 - ⚠️ Skills require explicit invocation; agents only auto-invoke them ~56% of the time ([Gao, 2026](https://vercel.com/blog/agents-md-outperforms-skills-in-our-agent-evals)). For critical instructions, prefer always-loaded CLAUDE.md

 #### When to Use
@ -7421,6 +7445,9 @@ cp -r /tmp/agent-skills/react-best-practices .claude/skills/
 #### References

 - [Vercel Changelog: Introducing Agent Skills](https://vercel.com/changelog/introducing-skills-the-open-agent-skills-ecosystem)
+- [Vercel Changelog: Automated security audits for skills.sh](https://vercel.com/changelog/automated-security-audits-now-available-for-skills-sh)
+- [Snyk Blog: Securing the Agent Skill Ecosystem](https://snyk.io/blog/snyk-vercel-securing-agent-skill-ecosystem/)
+- [Gen + Vercel: Agent Trust Hub partnership](https://www.prnewswire.com/news-releases/gen-and-vercel-partner-to-bring-independent-safety-verification-to-the-ai-skills-ecosystem-302691006.html)
 - [GitHub: vercel-labs/agent-skills](https://github.com/vercel-labs/agent-skills)
 - [Platform Claude Docs: Skill Best Practices](https://platform.claude.com/docs/en/agents-and-tools/agent-skills/best-practices)
 - See also: [AI Ecosystem Guide](./ai-ecosystem.md) for complementary tools
@ -7455,6 +7482,8 @@ Slash commands are shortcuts for common workflows.
 | `/status` | Show session info |
 | `/plan` | Enter Plan Mode |
 | `/rewind` | Undo changes |
+| `/simplify` | Review changed code and fix over-engineering |
+| `/batch` | Process multiple items efficiently |
 | `/insights` | Generate usage analytics report |
 | `/exit` | Exit Claude Code |

@ -7706,6 +7735,53 @@ EOF

 > **Tip**: Run `/insights` monthly, `/status` per session, and `ccboard` weekly for comprehensive visibility.

+### The /simplify Command
+
+Added in v2.1.63, `/simplify` is a bundled slash command that reviews your recently changed code for over-engineering and redundant abstractions, then fixes the problems it finds.
+
+#### When to Use It
+
+Run it after finishing a feature, before opening a pull request:
+
+```bash
+# Review everything changed since last commit
+/simplify
+
+# Focus on a specific concern
+/simplify focus on error handling
+/simplify check for unnecessary dependencies
+/simplify look at the database query patterns
+```
+
+#### What It Does
+
+`/simplify` analyzes changed code for:
+- **Reuse** — duplicated logic that could be extracted
+- **Quality** — patterns that reduce readability or maintainability
+- **Efficiency** — algorithmic and structural improvements
+
+It operates at the architecture and structure level, not at the formatter or linter level. `/simplify` complements tools like ESLint or Prettier rather than replacing them.
+
+#### Positioning
+
+| Tool | Level | Fixes |
+|------|-------|-------|
+| Prettier | Formatting | Style, whitespace |
+| ESLint | Syntax rules | Simple patterns, unused vars |
+| `/simplify` | Architecture | Over-abstraction, duplication, design |
+
+> **Note**: `/simplify` is a bundled slash command (ships with Claude Code), not a custom skill you need to create. Available from v2.1.63+.
+
+### The /batch Command
+
+Also added in v2.1.63, `/batch` is a bundled slash command for processing multiple items efficiently in a single invocation.
+
+```bash
+/batch
+```
+
+> **Note**: Both `/simplify` and `/batch` are bundled slash commands that ship with Claude Code v2.1.63+. No configuration required.
+
 ### Custom Commands

 You can create your own commands in `.claude/commands/`:
@ -21820,4 +21896,4 @@ We'll evaluate and add it to this section if it meets quality criteria.

 **Contributions**: Issues and PRs welcome.

-**Last updated**: January 2026 | **Version**: 3.29.1
+**Last updated**: January 2026 | **Version**: 3.29.2
--- a/machine-readable/reference.yaml
+++ b/machine-readable/reference.yaml
@ -3,7 +3,7 @@
 # Source: guide/ultimate-guide.md
 # Purpose: Condensed index for LLMs to quickly answer user questions about Claude Code

-version: "3.29.1"
+version: "3.29.2"
 updated: "2026-02-26"

 # ════════════════════════════════════════════════════════════════
@ -1415,7 +1415,7 @@ ecosystem:
      - "Cross-links modified → Update all 4 repos"
    history:
      - date: "2026-01-20"
-        event: "Code Landing sync v3.29.1, 66 templates, cross-links"
+        event: "Code Landing sync v3.29.2, 66 templates, cross-links"
        commit: "5b5ce62"
      - date: "2026-01-20"
        event: "Cowork Landing fix (paths, README, UI badges)"
@ -1427,7 +1427,7 @@ ecosystem:
 onboarding_matrix_meta:
  version: "2.0.0"
  last_updated: "2026-02-05"
-  aligned_with_guide: "3.29.1"
+  aligned_with_guide: "3.29.2"
  changelog:
    - version: "2.0.0"
      date: "2026-02-05"
@ -1455,7 +1455,7 @@ onboarding_matrix:
      core: [rules, sandbox_native_guide, commands]
      time_budget: "5 min"
      topics_max: 3
-      note: "SECURITY FIRST - sandbox before commands (v3.29.1 critical fix)"
+      note: "SECURITY FIRST - sandbox before commands (v3.29.2 critical fix)"

    beginner_15min:
      core: [rules, sandbox_native_guide, workflow, essential_commands]
@ -1540,7 +1540,7 @@ onboarding_matrix:
        - default: agent_validation_checklist
      time_budget: "60 min"
      topics_max: 6
-      note: "Dual-instance pattern for quality workflows (v3.29.1)"
+      note: "Dual-instance pattern for quality workflows (v3.29.2)"

  learn_security:
    intermediate_30min:
@ -1551,7 +1551,7 @@ onboarding_matrix:
        - default: permission_modes
      time_budget: "30 min"
      topics_max: 4
-      note: "NEW goal (v3.29.1) - Security-focused learning path"
+      note: "NEW goal (v3.29.2) - Security-focused learning path"

    power_60min:
      core: [sandbox_native_guide, mcp_secrets_management, security_hardening]
@ -1576,7 +1576,7 @@ onboarding_matrix:
      core: [rules, sandbox_native_guide, workflow, essential_commands, context_management, plan_mode]
      time_budget: "60 min"
      topics_max: 6
-      note: "Security foundation + core workflow (v3.29.1 sandbox added)"
+      note: "Security foundation + core workflow (v3.29.2 sandbox added)"

    intermediate_120min:
      core: [plan_mode, agents, skills, config_hierarchy, git_mcp_guide, hooks, mcp_servers]
 @ -1 +1 @@
 .29.1
 .29.2