Design extensible systems with runtime plugin discovery, registries, and validation.
The material appears to be an open-source prompt/design-pattern skill with no required secrets and no declared remote endpoints, so overall risk is low. The only notable consideration is that it describes runtime plugin discovery and config-driven plugin installation patterns, which would warrant normal caution if implemented in a real tool.
The material explicitly states that no keys or environment variables are required; there is no request for API tokens, account credentials, or other sensitive secrets.
No remote endpoints are declared, and the system flags it as prompt-only; based on the provided material, it does not send user data to external services.
As a Skill document, it does not itself execute local code. While it discusses Python entry points and function-call evaluation as patterns, that is design guidance rather than evidence that this skill directly gains execution privileges.
The current material does not declare actual read/write access to user files or other resources; it only mentions paths such as `~/.config/my-tool/plugins` in examples, which is descriptive pattern content rather than evidence of real local data access.
The source is an open-source GitHub repository, which improves auditability and lowers risk; however, the repo has 0 stars, no declared license, unknown maintenance status, and the content discusses plugin installation/discovery patterns, so normal supply-chain caution is still warranted.
Copy the install command and let the AI configure it · recommended for beginners
Please install the "plugin-discovery-patterns" skill from askskill: 1. Download https://raw.githubusercontent.com/microsoft/amplifier-bundle-skills/main/skills/plugin-discovery-patterns/SKILL.md 2. Save it as ~/.claude/skills/plugin-discovery-patterns/SKILL.md 3. Reload skills and tell me it's ready
Design a plugin architecture for a Python application that supports runtime auto-discovery via entry points. Include the folder structure, registration flow, load order, error handling, and example code.
A Python entry-points-based plugin discovery design with architecture guidance and implementable code examples.
I want to maintain a plugin registry with JSON or YAML. Help me design the file format, plugin metadata fields, loading logic, version compatibility strategy, and startup validation and activation flow.
A structured design for a file-based plugin registry, including validation rules and startup loading flow.
Design a unified abstraction layer for a system that supports multiple backend providers, such as storage, model services, or message queues. Include interface definitions, adapter patterns, input schema validation, steps for adding new backends, and testing recommendations.
A plugin-style multi-backend abstraction that enables consistent calls, extensibility, and input validation.
Problem: You have a tool that needs to support multiple backends (e.g., GitHub vs a self-hosted git server), load user-installed plugins (custom implementations), and validate dynamically-generated forms against schemas that change based on user actions.
Approach: Two-tier plugin discovery (entry points + file-based registry), a frozen dataclass provider abstraction with auto-derived URLs, and schema-driven validation with function-call evaluation.
Pattern proven in production across multiple Python CLI tools and web services.
Plugins are discovered at runtime via importlib.metadata.entry_points():
def load_plugin(name: str) -> object | None:
"""Load a plugin by name via entry_points."""
try:
eps = entry_points(group="my_tool.plugins")
for ep in eps:
if ep.name == name:
plugin_class = ep.load()
return plugin_class()
except Exception:
logger.debug("Failed to discover plugin %r", name, exc_info=True)
return None
But there's a second tier: the file-based registry at ~/.config/my-tool/plugins. This file stores the PEP 508 specs that were used to install each plugin:
def _read_plugins() -> list[str]:
"""Read plugin specs from the config file."""
path = _get_plugins_config_path()
if not path.exists():
return []
lines = path.read_text().splitlines()
return [line.strip() for line in lines if line.strip() and not line.strip().startswith("#")]
Why two tiers? Entry points tell you what's active (installed and importable). The config file tells you what should be installed. Discrepancies (configured but not active) indicate a reinstall is needed.
The plugin list command compares both tiers:
def plugin_list():
configured = _read_plugins()
active_eps = list(entry_points(group="my_tool.plugins"))
active_ep_names = [ep.name for ep in active_eps]
for spec in configured:
pkg_name = _extract_package_name(spec)
is_active = any(pkg_name in ep_name or ep_name in pkg_name
for ep_name in active_ep_names)
if is_active:
print(f" {ok_mark} {spec}")
else:
print(f" {warn_mark} {spec}")
print(f" (configured but not active — run: my-tool upgrade --force)")
Adding a plugin writes to the config file AND reinstalls:
def plugin_add(spec: str):
name = _extract_package_name(spec)
specs = _read_plugins()
# Dedup: replace existing entry with same package name
existing_names = [_extract_package_name(s) for s in specs]
if name in existing_names:
idx = existing_names.index(name)
specs[idx] = spec # allows upgrading a pinned spec
else:
specs.append(spec)
_write_plugins(specs)
_reinstall_with_plugins(specs) # uv tool install --with ...
The _extract_package_name function handles PEP 508 specs:
def _extract_package_name(spec: str) -> str:
"""Extract the bare package name from a PEP 508 spec string.
'my-plugin @ git+https://...' -> 'my-plugin'
'my-pkg>=1.0' -> 'my-pkg'
"""
return re.split(r"\s*[@>=<!~]", spec)[0].strip()
Encapsulate all provider-specific logic behind a single abstraction:
@dataclass(frozen=True)
class ServiceProvider:
"""Provider-agnostic service configuration. Instances are immutable."""
kind: str = "default"
host: str = "api.example.com"
token_env: str = "API_TOKEN"
api_base: str = "" # auto-derived when empty
scheme: str = "https"
…
Research, plan, and execute large code changes with parallel PR-producing agents.
Analyze images, extract text, and answer visual questions with LLM vision models.
Design robust config and state file handling with safe defaults and crash recovery.
Get skeptical, practical guidance on architecture, legacy refactors, and tooling decisions.
Design auth and TLS patterns for smooth local use and secure remote access.
Design CLI tools with simple installs, command routing, and layered config.
Design and evaluate CLI tools and developer SDK architecture and usability.
Find and evaluate Laravel packages, including health and compatibility checks.
Design and evaluate event-driven, message-based, and asynchronous system architectures.
Build, update, test, and release Claude Code plugins efficiently end to end.
Design or evaluate web services, APIs, scalability, and reliability tradeoffs.
Guide users to build a plugin from scratch and deliver a .plugin file.