By the end of this page you will have: a working terminal, Git installed and configured, Node.js 20+ installed, and a test project folder ready. Every step has a verification command — run it before moving on.

Press Cmd+Space, type Terminal, press Enter. Or install iTerm2 for a better experience.

Install Windows Terminal from the Microsoft Store. Use PowerShell or WSL2 (Ubuntu). Claude Code works best in WSL2 on Windows.

You already have a terminal. Open it with Ctrl+Alt+T on most distros.

Run git --version. If not installed, macOS will prompt you to install Xcode Command Line Tools. Accept it. Takes ~5 minutes.

sudo apt update && sudo apt install git -y

sudo apt install git -y (Ubuntu/Debian) or sudo dnf install git -y (Fedora)

Install nvm (Node Version Manager), then install Node 20:
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash
Close and reopen your terminal, then:
nvm install 20 && nvm use 20

Download the LTS installer from nodejs.org. Choose "LTS" (20.x or higher).

Explain in one sentence what makes Claude Code fundamentally different from autocomplete, chat, and traditional coding tools.

Predicts the next few tokens based on what you've typed. GitHub Copilot, TabNine. You write code; the tool fills in. You are the driver; the AI is a fast typist.

You describe what you want in a conversation window. ChatGPT, Claude.ai chat. You copy-paste the output somewhere useful. You are the operator; the AI is your advisor.

You describe an outcome. The agent reads your codebase, makes a plan, shows it to you, and executes every step autonomously — editing files, running tests, fixing errors, and committing. You are the director; the AI is the executor. This is Claude Code.

Claude Code explores your codebase — files, directory structure, git history, dependencies, error messages — before proposing any change. It builds a mental model of what exists.

In plan mode, Claude shows you its reasoning and proposed approach before touching any file. You approve the plan, then it executes.

Claude can run tests, check linting, and verify its own changes — then iterate if something fails. The loop continues until the goal is met.

Every file edit produces a diff you review. You accept, reject, or modify. Claude commits nothing without sign-off by default.

Explain the agent loop, the spectrum from prompt to multi-agent, and map every Claude Code/Cowork feature to a specific step in the loop.

Every AI agent follows the same cycle, whether it's Claude Code editing TypeScript, Cowork building a board deck, or a self-driving car navigating traffic:

Claude reads your codebase — file contents, directory structure, git history, package dependencies, error messages, diagnostics, even screenshots you paste. It builds a mental model of what exists before doing anything. In Cowork: reads your files, connected tools (Slack, Drive, Notion), and context files.

It analyzes the problem, considers codebase conventions (from CLAUDE.md), and formulates an approach. In plan mode, this step is made visible — you see the thinking before any action. In Cowork: the "show me your plan before executing" instruction surfaces this step.

It edits files, creates new ones, runs shell commands, calls external tools via MCP. Each action produces a diff or output you can review. Skills structure this step — pre-defined action sequences replace improvisation. In Cowork: creates documents, spreadsheets, presentations, pulls data from connectors.

It checks results — did tests pass? Did the build succeed? Did the linter flag anything? Hooks make this step deterministic: auto-run prettier after every edit, auto-run tests after every write. In Cowork: safety defaults enforce observation rules ("flag all assumptions").

If the goal isn't met, it loops back. If it needs clarification, it asks. If done, it presents the result for approval. Subagents run their own nested loops in isolation, returning only a summary — your main context stays clean. Nothing lands without your sign-off.

It makes the reasoning step explicit and reviewable. You approve the plan before Act begins. Without understanding the loop, plan mode seems like a UI toggle. With the loop, you see it as the agent making its thinking visible.

A single agent loop has finite context. Subagents run their own loops in isolation — perceive, reason, act, observe — and return a summary. Your main loop stays clean. Without the loop, subagents seem like a performance trick. With the loop, you see them as context management.

Skills are pre-defined action sequences. Instead of the agent improvising a code review every time, a skill gives it a structured procedure. Without the loop, skills seem like macros. With the loop, you see them as reliable Act-step templates.

Hooks add deterministic observations — auto-run prettier, auto-run tests, block dangerous commands. Unlike the LLM's probabilistic behavior, hooks always fire. Without the loop, hooks seem like automation. With the loop, you see them as guaranteed quality gates.

The agent loop runs until you approve. Diff review, plan approval, permission modes — these are all mechanisms for human-in-the-loop control at different points in the cycle. You are the most important part of the loop.

Map every Claude Code concept to its Cowork equivalent and explain why the mental model transfers completely.

Claude reads and writes to a folder on your computer. Not uploads and downloads — direct read/write. It can reference last month's report to match formatting, pull data from old spreadsheets, and apply brand guidelines mid-task without you mentioning them.

Text a task from your phone → Cowork runs the full workflow on your desktop → you return to finished files. Requires the desktop app running and computer awake. Your phone becomes a remote trigger for complex desktop workflows.

Scheduled Tasks run on a timer while your desktop is open. If your machine is off, the task is skipped but shows in task history and auto-runs when you reopen. Routines (research preview) are cloud-hosted — they run even when your laptop is closed.

Claude can interact directly with your screen — open apps, navigate browsers, run tools. It reaches for connectors first (structured data), falls back to browser (web actions), and only uses screen control as a last resort (when no other path exists).

Isolated workstreams without context bleeding. Run 5 different projects simultaneously — each with its own files, connectors, and context. The Cowork equivalent of Claude Code's git worktrees.

"Help me make a content calendar for March." — Vague goal, no definition of done, Claude will guess at everything.

"I need a complete 30-day content pipeline. Read every file in this folder. Extract my brand voice patterns and top-performing formats. Generate 30 content ideas ranked by audience value. Write full drafts for the top 5. Build a publishing calendar in Excel with dates, platforms, and repurposing plans. Save everything as finished files." — Clear definition of done, specific deliverables, verifiable.

Who you are, your role, responsibilities, industry context, what success looks like. Include 1–2 examples of output you're proud of. Equivalent to the project description in CLAUDE.md.

How you communicate: tone, phrases you use naturally, phrases that sound wrong, and 2–3 actual writing samples. Samples are more useful than abstract descriptions. Equivalent to code style rules in CLAUDE.md.

How you want Claude to behave: questions before execution? Short or long outputs? File formats? Naming conventions? What should Claude never do without asking? Equivalent to .claude/settings.json and hooks.

Task management, calendars, daily workflows. /productivity:start reviews your priorities and organizes your day. Connects to Slack, Notion, Asana, Linear, Jira, Monday, ClickUp, Microsoft 365.

Drop a CSV, run /data:explore. Claude reads the full dataset, summarizes every column, flags anomalies, and suggests analyses before you've said what you're looking for. Connects to Snowflake, BigQuery, Databricks, Amplitude.

Install the one matching your function. Each loads domain methodology, structured workflows, and connector integrations. Plus partner plugins from Slack, LSEG, S&P Global, Apollo, Common Room.

Every session starts fresh. Context files and global instructions are the workaround — same pattern as CLAUDE.md and /resume. Document important decisions in files Claude can read next time.

Cowork runs as an active session inside Claude Desktop. Quit = task stops mid-execution. Sleep mode is fine. Quitting is not. Routines (cloud) solve this for scheduled work.

Multi-step agent workflows consume significantly more allocation than chat. Batch related tasks into single sessions. Max plans ($100–$200/month) exist for a reason.

No mobile Cowork, no browser version. Dispatch lets you trigger from your phone, but execution happens on desktop. Use a cloud-synced folder for file consistency across machines.

Create a dedicated folder: ~/claude-workspace/. This is where Cowork reads and writes. Put existing documents you want Claude to reference here — last month's report, your team template, your brand guidelines PDF.

Create three files in your workspace folder. These are your CLAUDE.md equivalent — they tell Claude who you are and how to work:

Open Claude Desktop → Cowork tab → Customize → Plugins. Install the plugin matching your role: Productivity, Marketing, Sales, Finance, Legal, or Data Analysis. Each comes pre-configured with domain skills and connectors.

In Customize → Connectors, connect the tools you use daily. Start with 2–3: Slack + Google Drive is the most common starting point. Each connector uses OAuth — click, authorize, done. Connectors persist across sessions.

Give Claude an outcome-based task that uses your context files and connectors:

Claude reads your context files (knows your brand voice), pulls Slack data (via connector), writes in your style, and saves a file. Review, edit if needed, send.

Once you have a workflow you repeat, automate it with Plugin Create. In the Cowork tab, say: "I want to create a plugin that generates weekly stakeholder updates from Slack. Use my brand voice. Include a /weekly-update slash command." Claude assembles the skills, connectors, and commands into a plugin package. Customize and save.

Understand the business case for agentic AI, be motivated to install, and know what changes in your daily workflow.

Multi-file refactors, dependency upgrades, boilerplate migration, test coverage expansion. These go from "weekend project" to "20-minute delegation."

Full security audits of a module, generating ADRs from git history, building internal documentation from code comments, exploratory analysis of unfamiliar codebases. Work you'd never have queued because the effort-to-value ratio was wrong — that's where the compounding value is.

Code review shifts from "read every line" to "review the agent's plan, then spot-check the diff." Onboarding shifts from "read the wiki" to "clone the repo, run claude, ask questions." Debugging shifts from "reproduce manually" to "paste the stack trace, ask for a failing test."

Makes the agent's Reason step explicit. You see the approach before any code is touched. Read-only exploration → approved plan → supervised execution. This is what makes delegation feel safe — you're not blindly trusting the agent, you're reviewing its thinking. In Cowork: the equivalent is instructing Claude to show its plan and ask questions before executing.

Delegate independent pieces of a task to isolated agents that each run their own perceive → reason → act → observe cycle. Your main context stays clean. In Code: Explore (read-only, Haiku), Plan (analytical, Sonnet), General-purpose (full tools). In Cowork: sub-agents process 10 documents in 5 minutes instead of 50 minutes sequentially, then synthesize the results.

Turn tribal knowledge into shareable, reproducible workflows. Skills are slash commands. Hooks are guardrails. Plugins bundle everything into one-command installs. In Code: your team's code review process becomes /pr-review. In Cowork: domain plugins turn Claude from a generalist into a specialist for sales, legal, finance, or any function. New hires get the full toolkit on day one.

Claude Code is a sidebar while you code in the main editor. You use it for quick questions and small edits.

You start delegating multi-file tasks. Plan mode becomes your default. You queue messages and check back.

Claude becomes your primary interface. You peek at code only when reviewing diffs. The terminal is where you work; the editor is where you verify.

You build skills, configure hooks, and start sharing workflows with your team. The agent isn't a tool you use — it's a team member you direct.

Install Claude Code, verify with claude doctor, authenticate, start your first session, and run /powerup.

The native binary is now the recommended install. NPM is officially deprecated. Homebrew is available for macOS users.

claude · claude --version · claude doctor · claude auth login · claude auth status · claude auth logout · /powerup

npm install is deprecated. Use the native binary above.

Accept your first AI-generated diff, manage session context with the four everyday commands, understand context rot, and choose the right model for each task.

Wipe the current conversation context and start a new task in the same session. Use between unrelated tasks to prevent context bleeding. Your CLAUDE.md stays loaded — only the conversation resets.

When a session grows long, /compact summarizes earlier conversation to free context space. Claude re-attaches the most recently invoked skills after compaction (up to 25K tokens combined, starting from the most recent). Use proactively before you hit context limits — don't wait for degradation.

Shows token usage and estimated cost for the current session. A typical session consumes 50K–200K input tokens and 10K–50K output tokens. Haiku session: $0.10–$0.45. Sonnet: $0.25–$1.00. Opus: $0.50–$2.25. Check periodically, especially on complex tasks.

Reopen a previous session. The picker shows your last 50. Useful when you closed the terminal mid-task, or when you want to continue yesterday's work with the context intact.

Ask a meta-question without polluting the main conversation. /btw what's the convention for error handling in this project? — Claude answers using the parent prompt cache, and the exchange never enters conversation history. This is one of the most token-efficient features and a primary defense against context rot.

Displays a colored grid showing exactly where your context budget is going — conversation, CLAUDE.md, tool schemas, memory, skills. Run this when costs spike or quality drops. The fastest cost/quality win is usually finding the single biggest offender (often a stale conversation or an oversized MCP result) rather than micro-optimizing everywhere.

/branch [name] forks the conversation — try an approach without losing the main thread. /rewind reverts to a previous checkpoint. Use when you want to explore two approaches and compare results.

Shows a recap of the current session's context — what was discussed, what decisions were made, what files were changed. Useful when resuming after a break.

Claude starts ignoring rules from CLAUDE.md. It repeats patterns you corrected earlier. It "forgets" architectural decisions from the start of the session. Output quality drops noticeably. These are all signs of context rot.

Run /compact at turn 20 before starting a new phase of work. Claude summarizes the conversation history into a dense representation — the console.error rule survives because it was referenced multiple times. Turn 38 now produces the correct diff. Same session, same instruction, completely different outcome.

Five strategies, in order of effectiveness:

Queue your tasks: "Add comments to this module." "Also fix the lint errors." "And update the README." Then go about your day. Claude processes them sequentially when it's ready. Check back later — in many cases, you'll return to a batch of completed work. But check periodically because it might need your input.

/clear · /compact · /cost · /resume · /help · /config · --model · opusplan

It's stuck in an Act → Observe → Act cycle that isn't converging. Press Esc to interrupt. Give explicit direction: "Stop trying that approach. Instead, try X." If that fails, /clear and restate the goal with more constraints.

This is context rot in action. Claude stops following CLAUDE.md rules, repeats mistakes, or produces generic output. Run /compact immediately. If quality doesn't recover, start a fresh session — use /resume on the old one to check what was accomplished, then open a new session for the remaining work.

Check the /agents Running tab. If the agent is looping, Ctrl+F kills all background agents. Re-launch with a more constrained prompt or a lower maxTurns to prevent infinite loops.

Check /cost immediately. Common causes: running Opus on trivial tasks, not compacting long sessions, re-reading the entire codebase repeatedly. Switch to Sonnet or Haiku, compact, and scope your prompts tighter.

A PreToolUse hook that exits non-zero blocks every tool call. If you can't fix it in-session, edit .claude/settings.json directly to remove the broken hook, then restart Claude.

The Explore agent runs on Haiku by default — ~10x cheaper than Opus. Use context: fork + agent: Explore for any read-only investigation before committing to an Opus task.

Opus plans the approach (deep reasoning), Sonnet executes the edits (fast, cheap). You get Opus-quality architecture decisions at Sonnet-level execution costs.

Don't wait for context rot — a bloated context means you're paying for redundant tokens on every turn. Compact early, especially before starting a new phase of work within the same session.

Instead of asking Claude to "read all files in src/", point it at specific files: @src/auth/login.ts. Narrower perception = fewer tokens = lower cost.

One 2-hour session with 500K context costs more per turn than four 30-minute sessions with 100K context each. Split when you cross task boundaries.

The most effective cost control. Set a dollar limit per session: claude --max-budget-usd 5. The session stops when the cap is reached. Essential for headless/CI runs where there's no human watching spend.

Full file reads are expensive. When searching for patterns, use Grep and Glob first to narrow down, then Read only the files that matter. This can reduce Perceive-step tokens by 10x on large codebases.

Skips loading plugins, hooks, and skills on startup. Faster and cheaper for simple headless tasks where you don't need the full harness.

Enables 1-hour prompt cache TTL for API-key users. Subscription users get this automatically. Dramatically reduces cost on repeated turns — the system prompt and conversation prefix are cached instead of re-processed. Avoid switching models mid-conversation, which invalidates the cache.

Install the VS Code extension, fix a real bug using it, and understand when to use the editor vs. the terminal.

Open VS Code → Extensions (Cmd+Shift+X) → search "Claude Code" → Install. The extension shares your terminal authentication — no separate login needed.

Cmd+Esc (Mac) or Ctrl+Esc (Windows/Linux) opens the Claude Code panel inside your editor. Claude immediately sees your currently selected code, open tabs, file diagnostics (errors, warnings), and workspace structure.

Open the claude-code-course-starter folder. Navigate to src/commands/done.ts. This file handles the done <id> command.

Highlight the function from its opening brace to its closing brace. You're telling Claude exactly what to focus on — selected code is weighted more heavily than open tabs.

"What happens if the user passes a non-numeric ID like 'abc'? Is that case handled? If not, propose a fix."

Claude proposes a change rendered as a diff in the editor panel. Read the diff. If the fix is correct, accept it. If you disagree with the approach, type a follow-up: "Add the validation but keep the error message consistent with the existing style."

Open the VS Code terminal panel (Ctrl+`) and run npm test. If the test for done was already covering this case, it will still pass. If not, ask Claude to add a test for the invalid-ID path.

Multi-file refactors, plan mode explorations, subagent delegation, running tests, git operations, large-scope tasks where you want full context control.

Quick fixes on visible code, debugging with selected context, reviewing and editing in-place, when you want to stay in your normal editor flow without switching windows.

The same extension works across IntelliJ IDEA, PyCharm, WebStorm, CLion, and Rider. Install from JetBrains Marketplace → search "Claude Code". Same keyboard shortcut (Cmd+Esc / Ctrl+Esc), same context model — Claude sees your selected code, open files, and IDE diagnostics. If you already did the hands-on task above in VS Code, the JetBrains experience is identical in practice.

Both give you Claude Code without a terminal or IDE. The Desktop App is a standalone window; the web version runs in your browser. Both surfaces have the same session management and slash commands. Neither has direct file system access to your project by default — you paste code or upload files. Use these for quick questions or when you're away from your dev machine, not for multi-file work.

There is no Claude Code mobile client. If you see references to "iOS monitoring" or "Dispatch triggering" from mobile in other resources, those refer to Cowork's Dispatch feature (text a task from your phone → Cowork runs it on your desktop), not Claude Code. Claude Code requires a terminal or IDE and runs on your computer.

Cmd+Esc / Ctrl+Esc (launch from editor)

Use plan mode for multi-file tasks, evaluate AI-generated diffs critically, and know when each of the three modes is appropriate.

Claude reads, reasons, and acts — the full loop. It proposes diffs and waits for your approval. Best for: focused tasks where you trust the scope. Agent loop: Perceive → Reason → Act → you approve.

Claude applies changes automatically without waiting for diff approval. Best for: low-risk tasks like formatting, renaming, or adding comments where you've already reviewed the plan. Agent loop: full loop with auto-accept. Use with caution — pair with hooks for guardrails.

Claude reads and reasons but does not act. It explores the codebase, analyzes the problem, and presents a detailed plan — then stops. You review the plan, give feedback, and only then switch to Default mode for execution. Best for: anything touching 3+ files, unfamiliar codebases, architectural changes, or any task where the wrong approach wastes more time than planning. Agent loop: Perceive → Reason → stop.

Auto mode uses an AI classifier to approve routine, low-risk actions (file reads, grep, listing directories) automatically while still prompting you for high-risk actions (file writes, shell commands, git operations). It's the sweet spot between full manual approval and no approval at all — you get faster flow on safe operations without losing oversight on dangerous ones.

Before looking at code changes, check: does the plan match what you asked for? If the approach is wrong, reject the plan before diffs are generated. Don't waste time reviewing code built on a flawed premise.

Deletions are where bugs hide. AI may remove error handling, logging, edge-case branches, or fallback paths it considers "unnecessary." Always scan deletions carefully — they're easier to miss than additions.

If Claude edited business logic but didn't touch tests, ask: "Did this change break any tests? Are there tests that should be updated?" Better yet, add a hook (Module 15) that auto-runs tests after every edit.

Claude may call functions, methods, or library features that don't exist in your project. Cross-reference any unfamiliar API calls. This is especially common with newer libraries or internal utilities.

You can accept some files and reject others. Claude will iterate on the rejected portions while keeping the accepted changes. This is much faster than rejecting everything and rephrasing.

Shift+Tab (cycle modes) · Esc (interrupt Claude mid-action) · y/n (accept/reject diffs)

Rewrite a vague prompt into a constrained, verifiable, outcome-based delegation. Use XML tags for complex tasks. Know the common anti-patterns.

"First, read the auth module. Then find the login function. Then check if there's validation. Then add email validation using regex. Then add a test."

"Refactor the auth module to use Zod for all input validation. All existing tests must pass. Follow the patterns in @src/validation/schemas.ts. Add tests for edge cases (empty string, malformed email, SQL injection attempt). Run tests before committing."

"This button is overflowing. Fix the CSS." Paste the screenshot — Claude sees the visual problem and the code simultaneously.

Paste a whiteboard photo or Mermaid diagram screenshot. "Implement this architecture. Start with the data flow layer."

Paste a browser console screenshot, a terminal error, or a Sentry alert. Faster than copying text — and Claude sees formatting, colors, and context you'd lose in a paste.

Paste a Figma export or hand-drawn wireframe. "Build this component in React. Match the spacing and colors exactly."

"Make the code better." — Claude doesn't know what "better" means to you. Be specific: "Reduce cyclomatic complexity of processOrder() by extracting validation into a separate function."

"On line 47, change x to userCount, then on line 48..." — You're doing Claude's job. Describe the goal: "Rename variables in processOrder() to be descriptive." Let the agent figure out how.

"Refactor this module." without "Run tests after." — You're trusting the Act step without an Observe step. Always request verification for non-trivial changes.

Rephrasing the entire prompt when the first attempt was 80% right. You just threw away all the context Claude built. Say what's wrong with the 20%, not the 100%.

Bootstrap a project with claude init, write an effective CLAUDE.md, configure .claudeignore for sensitive files, and understand the three memory layers.

CLAUDE.md is the most important file in your project for Claude Code. It's durable policy — semantic memory loaded into every session and re-loaded after compaction. It's what you'd tell a new team member on day one, encoded once and reused forever.

Durable project policy. Loaded every session. Survives compaction. Contains rules, conventions, commands, architecture decisions. Project-level: repo root. Personal-level: ~/.claude/CLAUDE.md. Use it for rules, not procedures (procedures belong in skills).

Claude Code auto-manages a .claude/memory/ directory with a MEMORY.md index and per-topic files. Claude writes here when it learns something about your codebase — patterns it discovered, decisions you made, context it wants to remember. Add memory/ to .gitignore — it's per-user state. This is separate from CLAUDE.md.

Custom subagents can have memory: user in their frontmatter. Each agent maintains its own MEMORY.md in ~/.claude/agent-memory/<agent>/. A security-reviewer agent remembers past findings; a doc-writer agent remembers your style. Covered in depth in Module 17.

Instead of putting everything in CLAUDE.md, you can split rules into separate files in .claude/rules/. Each file is a Markdown fragment loaded alongside CLAUDE.md. Use this for large projects where a single CLAUDE.md would exceed 200 lines, or when different rules apply to different parts of the codebase. Rules can be path-scoped — a rule about TypeScript conventions loads only when working in .ts files.

claude init · @filename (inline file reference) · .claudeignore

Collect 20–30 documents: public APT write-ups, MITRE ATT&CK technique descriptions, sample incident timelines, SOC runbooks. Implement two chunking strategies (fixed-size with overlap, and semantic/parent-child) and compare retrieval quality.

Set up a vector database (Qdrant recommended). Implement both dense retrieval (embeddings) and sparse retrieval (BM25). Combine them using an EnsembleRetriever with tunable weights. Add metadata fields: document type, threat actor, date, classification level.

Raw chunks often contain irrelevant noise. Add a contextual compression layer that extracts only the sentences relevant to the query before passing to the LLM. Compare answer quality with and without compression.

Modify the generation prompt to require source attribution. Each claim in the answer must reference the specific document and chunk it came from. Add confidence notes ("high confidence — 3 sources agree" vs. "low confidence — single source, 2019 data").

Build a test set of 10–15 questions with known answers. Measure retrieval precision (are the right chunks returned?) and answer faithfulness (does the answer stay grounded in the sources?). Identify failure modes.

A working RAG pipeline that accepts natural language security questions and returns answers with: source document name, page/chunk reference, relevant quote (under 15 words), and confidence level. Test query: "What TTPs does APT29 use for lateral movement?" should return a grounded answer citing specific ATT&CK techniques with source attribution.

Build three types of skills: a static skill, a dynamic skill with $ARGUMENTS, and a forked skill that runs in a subagent. Understand frontmatter fields and when to use each pattern.

Skills transform improvised prompts into structured, repeatable procedures. The YAML frontmatter is the specification (what, when, permissions); the body is the execution (how). This maps to the Act step in the agent loop — structured action instead of improvisation.

Custom /skill-name slash commands · $ARGUMENTS for dynamic parameters · context: fork + agent: frontmatter

Delegate work to each built-in subagent type, background a running agent with Ctrl+B, and use the /agents dashboard to monitor parallel tasks.

Subagents are nested agent loops. Each runs its own perceive → reason → act → observe cycle in isolated context, then returns a summary to the parent loop. This is the primary defense against context rot — complex sub-tasks get fresh context instead of polluting your main session.

Read-only, runs on Haiku (fast, cheap). Maps your codebase, finds references, traces call chains, answers structural questions. Cannot edit files. Best for: "Where is X used?", "How does Y work?", codebase mapping before a refactor. Use via skills with context: fork + agent: Explore, or ask Claude to "use the Explore agent."

Gathers context deeply, synthesizes, and returns a recommended approach. Analytical, not executable. Best for: designing a multi-file change, evaluating tradeoffs, creating a migration plan. Claude uses this automatically in plan mode.

Has all tools — read, edit, run commands, write files. Runs a complete agent loop in isolation and reports back. Best for: independent sub-tasks ("add tests for module X while I work on module Y"), documentation generation, multi-perspective analysis.

Open with /agents. Two tabs: Library (available agents — built-in + custom) and Running (active agent tasks with status). Monitor parallel work without leaving your main session.

If a subagent is running and you want to keep typing, Ctrl+B sends it to the background. It continues working and reports back when done. Queue your next task immediately — don't wait for the agent to finish.

Up to 10 subagents can run simultaneously. Ask Claude to "launch three agents in parallel" for tasks like: compare implementations across frameworks, analyze multiple files for the same pattern, or run different test strategies simultaneously.

The task is independent (doesn't need your main conversation's context), exploratory (you're not sure what you'll find), or would pollute your main context with irrelevant detail.

The task depends on earlier conversation context, requires your real-time judgment at each step, or is a quick question the main session can answer faster than spinning up a subagent.

/agents (dashboard) · Ctrl+B (background) · implicit via context: fork skills

Define roles, responsibilities, and tool permissions for each agent. Specify what each agent can and cannot do. Document the data flow between agents — what format does Agent 1's output need to be in for Agent 2 to consume it?

Ingests raw CTI notes, threat reports, blog posts, or log snippets. Handles document parsing, encoding normalization, and format detection. Outputs a clean, structured JSON document. Tools: file reader, URL fetcher, encoding detector. Maps to: Claude Code's Explore agent (Perceive-only).

Extracts structured data: IOCs (hashes, IPs, domains, URLs), TTPs (techniques and procedures), threat actor names, malware families, and targeted sectors. Uses regex for IOCs and LLM reasoning for TTPs. Tools: regex engine, NER model, LLM extraction chain. Maps to: specialized Reason step.

Maps extracted TTPs to the MITRE ATT&CK framework. Assigns technique IDs (e.g., T1059.001), tactics, and confidence scores. Cross-references against the ATT&CK knowledge base. Tools: ATT&CK API or local JSON, similarity search. Maps to: Plan agent (Perceive + Reason).

Synthesizes all upstream output into a structured threat-hunting report formatted for Jira, GitLab issues, or Markdown. Includes executive summary, IOC table, TTP mapping, recommended detection rules, and source references. Tools: template engine, markdown writer. Maps to: General-purpose agent (full Act).

Build each agent. Start with the Collector (simplest I/O) and work forward. Test each agent independently before connecting them. Use a single known threat report as your test document throughout.

Wire the pipeline together. Add a human-in-the-loop gate between the Mapper and Reporter — the human reviews the TTP mappings before the report is generated. Handle edge cases: what happens when the Extractor finds no IOCs? When the Mapper can't match a TTP?

Run 3–5 different threat reports through the pipeline. Evaluate: completeness (did it catch all IOCs?), accuracy (are the ATT&CK mappings correct?), and usefulness (would a SOC analyst act on this report?). Document failure modes.

A working multi-agent workflow that accepts a raw threat document and outputs a structured threat-hunting report with: executive summary, IOC table (type, value, context), TTP-to-ATT&CK mapping with confidence scores, recommended detection rules, and source references. The pipeline must include at least one human-in-the-loop gate.

Use the bundled skills (/debug, /simplify). Install a marketplace plugin. Understand the plugin architecture (skills + agents + hooks + MCP in one package).

Structured debugging workflow. Reads the error, traces the execution path, proposes a fix, and verifies. Use this as your default debugging entry point before manual patterns (Module 16).

Reduces code complexity. Identifies nested conditionals, long functions, and tangled logic, then refactors step by step.

Parallel file operations across your codebase. "Migrate all components from class-based to functional." Uses worktrees under the hood for isolation.

In-session scheduled tasks. "Check PRs every hour." Runs until you stop it or close the session. Covered in depth in Module 18.

Looks up Claude Code's own documentation. When you're not sure how to use a feature, ask Claude Code about itself.

Staged diff → AI-written commit message → commit. One slash command replaces "git add, think of a message, git commit."

OWASP-aware checks on changed files. Catches injection risks, auth bypasses, and hardcoded secrets before they're committed.

Structured PR review. Produces a checklist with severity levels, not prose. Install, run on a PR, get actionable findings.

Spec → plan → implementation pipeline. Describe the feature, Claude writes the spec, plans the approach, and implements.

/debug · /simplify · /batch · /loop · /claude-api · /plugin · /plugin install · /plugin marketplace add · /reload-plugins

Connect an MCP server (Obsidian, database, or API), run a cross-context task, and understand when MCP adds value vs. when it adds noise.

MCP externalizes how the agent interacts with the outside world. Each MCP server exposes tools and resources that Claude can discover and use. This extends the agent's Perceive step (read data from external sources) and Act step (write to external tools) beyond the codebase.

Search the web for current information during tasks. Use cases: looking up error messages, checking library documentation, finding latest API patterns, verifying if a dependency is still maintained. "Search for the correct way to handle CORS preflight in Fastify 4."

Fetch a specific URL and read its contents. Use cases: reading documentation pages, pulling API specs, checking release notes. "Fetch the Prisma 5 migration guide and apply the changes to our schema."

claude mcp add · claude mcp add-json · claude mcp list · claude mcp remove · claude mcp run · /mcp

Add hooks using the /hooks interactive UI. Understand the event lifecycle. Build at least one formatting hook and one safety hook.

Hooks make the Observe step deterministic. Instead of hoping the agent checks formatting or runs tests, hooks guarantee it. They fire at specific points in the agent loop — before a tool runs (PreToolUse), after a tool runs (PostToolUse), when a session starts, when context compacts. This is the harness's enforcement layer.

1. Run /hooks → select PostToolUse
2. Matcher: type Edit|Write (matches either tool)
3. Hook type: command
4. Command: npx prettier --write $CLAUDE_FILE_PATH || true
5. Save → Claude writes the entry to .claude/settings.json

Verify: make any edit → you should see prettier run automatically in the output.

1. Run /hooks → select PreToolUse
2. Matcher: Bash
3. Hook type: command
4. Command: echo "$CLAUDE_TOOL_INPUT" | grep -qE "rm -rf|DROP TABLE|sudo rm" && exit 2 || exit 0
5. Save

Exit code 2 = block + show error to Claude. Exit code 1 = block silently. Exit code 0 = allow. Verify: ask Claude to run rm -rf /tmp/test — it should be blocked.

Run a shell command. The most common type. Output is returned to Claude.

POST the event JSON to a URL. Use for external logging, Slack notifications, or webhook-based workflows.

Call a tool on a connected MCP server. Use when you want a hook to trigger an action in an external system (create a Jira ticket, send a Slack message).

Evaluate the event with the LLM. Use for smart guardrails: "Is this bash command potentially destructive?" — the LLM classifies and the hook blocks based on the answer.

Run an agentic verifier — a full agent loop that checks the proposed action. The most powerful type. Use for complex validation (e.g., "does this code change break the API contract?").

/hooks (interactive UI) · JSON config in .claude/settings.json

Never pipe remote scripts into hooks (curl ... | bash). Use least-privilege connector scopes in MCP. In Lab C, only scan networks you own or have written permission to test.

Use /debug on a real issue. Apply the five manual debugging patterns. Know when to delegate debugging to a subagent.

Paste the full error and stack trace. Ask Claude to trace the execution path and identify root cause. "Here's the stack trace from production. Read the relevant source files and explain what went wrong." This maps to Perceive → Reason — give Claude maximum signal before asking for analysis.

Ask Claude to write a minimal reproduction before fixing. "Write a test that reproduces this bug, then fix it so the test passes." This maps to Act → Observe → Iterate — the test is the verification mechanism built into the fix itself.

Delegate to the Explore subagent to narrow down where the bug lives before committing main context. "Use the Explore agent to find every place we modify the user session object." This is a nested Perceive loop — the subagent maps the territory, returns a summary, and your main session stays clean.

Ask Claude to explain what the code does before asking what it should do. Mismatches between the two are the bug. "Explain what processOrder() does step by step. Then tell me what it should do based on the JSDoc comment."

For UI bugs, paste a screenshot directly into the terminal. Claude can process images as Perceive input. "This button should be aligned right, but it's overflowing. Here's a screenshot. Fix the CSS."

The bug might be in one of many files (use Explore to narrow down), the investigation is exploratory (you don't know where to look), or the debugging would pollute your main context with irrelevant code.

You already know which file has the bug, the fix is straightforward, or you need to maintain conversational context about the broader task the bug interrupted.

"POST /api/orders returns 500 when the cart contains a product with a price of $0.00. Stack trace points to calculateTotal() in src/orders/pricing.ts."

Press Shift+Tab to enter plan mode. Paste the bug report. Claude reads the stack trace, explores src/orders/pricing.ts and its callers, and proposes an approach — without editing anything yet.

Claude's plan: "The issue is a division-by-zero in the discount calculation when basePrice is 0. I'll add a guard clause, update the existing test, and add a new edge-case test."

Before approving, verify the scope. Use the Explore agent to check if the same pattern exists elsewhere.

Explore returns: "Found 3 division operations in pricing.ts, 1 in discount.ts. The discount.ts one has the same vulnerability." You now know the fix needs to cover two files, not one. The plan mode approach caught this before any code was written.

Switch back to default mode (Shift+Tab). Approve the plan with the expanded scope.

Claude writes the failing test (Reproduction First pattern), adds guard clauses to both files, and runs the test suite.

Your PostToolUse hook auto-runs prettier on every edited file. Your test hook auto-runs pnpm test after writes. You don't think about formatting or testing — the hooks handle the Observe step deterministically.

Hook output: "✓ prettier: 2 files formatted. ✓ tests: 47 passed, 0 failed."

Run /diff. Check: are the guard clauses correct? Did Claude remove any existing logic? Are the new tests meaningful (not just asserting the function exists)? Accept the changes you're happy with.

Total time: ~4 minutes. Without Claude Code: reproduce manually, find both files, write fix, write tests, run formatter, run tests, write commit message — probably 30–45 minutes. The agent loop compressed 6 steps into a supervised flow where you made decisions and Claude did the work.

Create a custom subagent with YAML frontmatter, build a multi-phase pipeline (Explore → Plan → Execute), and configure persistent agent memory.

Maps the territory. Reads files, traces call chains, identifies scope. Returns a codebase summary. Fast and cheap.

Takes the Explore summary. Designs the approach, identifies risks, proposes a step-by-step plan. You review and approve.

Takes the approved plan. Implements changes, runs tests, iterates on failures. You review the final diff.

/agents (Library + Running tabs) · agents discoverable via context: fork + agent: <name> in skills

Deploy a local model using Ollama (easiest) or vLLM (most flexible). Verify it runs, serves an API endpoint, and can handle tool-use-style prompts. Compare response quality and latency against the Claude API for a standard task. Document the tradeoffs — when would you choose local over API?

Build the core safety layer: an allowed/denied command system that sits between the LLM's tool calls and actual execution. The LLM proposes commands; your enforcement layer validates them before execution.

All commands execute inside a Docker container with: read-only filesystem (except /tmp), no network access by default (enable per-command), CPU and memory limits, non-root user, and automatic cleanup after timeout. Test prompt injection: can the agent trick the system into running a denied command? It must fail.

Build a complete audit trail: every prompt sent to the LLM, every response received, every command proposed, every validation decision (allowed/denied), every execution result, and timestamps for all. Store as structured JSON. Implement a simple log viewer that can filter by action type and time range.

Wire everything together. Run the full agent loop: user provides a target (e.g., a domain name), the agent proposes a reconnaissance plan, the enforcement layer validates each command, Docker executes the safe ones, and results are logged and returned. Run adversarial tests: prompt injection attempts, command chaining, encoding tricks. Document what your system catches and what it misses.

A sandboxed agent runtime demonstrating: allowed/denied command enforcement (agent proposes, system validates), Docker container isolation with resource limits, full prompt/response audit logging (JSON-lines), timeout controls, and at least 3 documented adversarial test cases (prompt injection attempts) showing the system correctly blocking them.

Never pipe remote scripts into hooks (curl ... | bash). Use least-privilege connector scopes in MCP. In Lab C, only scan networks you own or have written permission to test.

Set up a /loop scheduled task, use /voice for hands-free input, and understand Cowork's Scheduled Tasks, Routines, and Dispatch.

Lives only as long as your terminal is open. Best for: monitoring during active work sessions (watch CI while you code), periodic checks during a long refactor (re-run tests every 30 min), development-time automation (check for new issues while coding). Stops when you close the session.

Survives restarts. Best for: daily standup preparation (generate a summary every morning), periodic security scans, weekly report generation. Runs at the scheduled time if Claude Code is available.

If the task should run whether or not you're at your computer, on every PR, or on every commit — that's a CI job, not a /loop or /schedule. Use claude -p in a GitHub Action (Module 20).

Hold spacebar to dictate. 20 languages supported. Great for complex requirements where typing is slow, pair-programming sessions where your hands are on the keyboard, and accessibility. Particularly powerful for dictating architectural descriptions or debugging narrations.

Background a running task so you can keep typing. The agent continues working and reports back when done.

Emergency stop for all background and scheduled tasks. Use when a /loop is misbehaving or an agent is stuck.

/loop · /voice · Ctrl+B (background) · Ctrl+F (kill all)

Run three Claude sessions in parallel on different branches. Use /batch for parallel operations across many files.

Worktrees are the harness's sandboxing layer. Each Claude session operates in an isolated directory with its own branch. No stashing, no conflicts, no context contamination between parallel work streams.

Tasks are independent features on separate branches. You need full git isolation. You want to merge each piece separately. The work is substantial (hours, not minutes). Example: two features + a bugfix in parallel.

Tasks share the same branch but can run in parallel. You need results synthesized into your main session. The work is exploratory or analytical (minutes, not hours). Example: analyze 5 modules for the same pattern.

Tasks are in different projects entirely. No shared codebase. Example: fix a bug in project A while starting a feature in project B.

claude -w <branch> · /batch

Run Claude Code in headless mode (claude -p), set up a GitHub Action for automated PR review, and understand the Agent SDK for programmatic access.

Missing any secret → that workflow fails silently. See .github/workflows/README.md in the starter repo for setup steps including how to create a Yahoo App Password.

As AI tool usage increases, your PR volume increases. Humans nitpick variable names; Claude finds actual logic errors and security issues. The key is customizing the review prompt in claude-code-review.yml — out of the box it's too verbose and comments on everything. Tune it to your team's priorities: security-only, architecture-only, or whatever matters most.

Installs the Claude Slack app via OAuth. Once connected, team members can interact with Claude directly in Slack channels — ask questions about the codebase, trigger reviews, or run skills from chat.

Spawns multiple review agents in parallel — security, performance, architecture, test coverage — each analyzing the PR from a different angle. Results are synthesized into a single comprehensive review. More thorough than /install-github-app but runs on-demand rather than automatically.

Scans the current branch diff for security vulnerabilities. More focused than the security-guidance plugin — specifically targets the changed code and maps findings to OWASP categories with severity ratings.

claude -p "<prompt>" · Agent SDK (Python/TypeScript) · OTEL tracing

Create a plugin with plugin.json, bundle skills + agents + hooks, publish to a marketplace (private or public), and install it on a teammate's machine.

Marketplaces are GitHub repos (or GitLab, self-hosted) with a marketplace.json that lists available plugins. The official Anthropic marketplace is auto-registered. Add your team's private marketplace with /plugin marketplace add your-org/plugins.

user — personal (your machine only). project — committed to repo (everyone who clones gets it). local — this repo, just for you. Enterprise admins can auto-install approved plugins for new team members.

Plugin subagents cannot use hooks, mcpServers, or permissionMode in their frontmatter — this is a security boundary. Plugins can bundle hooks separately, but agents inside plugins are sandboxed.

1. Open Claude Desktop → Cowork tab → Customize → Plugins → Browse
2. Find your plugin (published to a GitHub repo) → Install
3. Type /weekly-update in any Cowork session — the skill appears in the slash menu
4. Claude reads the SKILL.md body as its instructions, accesses connected tools, and produces the output

Or use Plugin Create: in the Cowork tab, say "Help me create a plugin for weekly stakeholder updates with a /weekly-update slash command." Claude walks you through building it conversationally — no SKILL.md syntax needed.

plugin.json manifest · --scope project|user|local · /plugin marketplace add · /reload-plugins

Synthesize all layers into a repo where any new team member — developer (Code) or non-developer (Cowork) — is productive on day one.

CLAUDE.md (project policy for developers) + Cowork context files (about-me.md, brand-voice.md, working-preferences.md for non-developers) + .claude/memory/ (auto-managed episodic). Everyone on the team starts every session with the same knowledge base.

Custom skills with context:fork and $ARGUMENTS for developers. Cowork plugins with domain-specific slash commands for non-developers. Both turn tribal knowledge into executable procedures.

Hooks (20+ events, configured via /hooks) for Code. Safety defaults in global instructions for Cowork. Both enforce deterministic behavior — formatting, testing, deletion protection, assumption flagging.

MCP servers for Code (claude mcp add). Connectors (60+) for Cowork. Same Model Context Protocol under the hood. Connect once, use everywhere — Jira, Slack, Obsidian, Drive, Snowflake.

Plugins bundle everything into one-command installs. Private marketplaces for enterprise governance. Auto-install for new hires. Same plugin format works for both Code and Cowork.

The tech lead wrote a CLAUDE.md covering their TypeScript/Fastify/Prisma stack, test commands, naming conventions, and architectural constraints (no raw SQL, no direct DB access outside the repository layer). The marketing lead created about-me.md (company positioning), brand-voice.md (with 3 real blog post samples), and working-preferences.md ("always ask before sending emails, never make claims about pricing without checking the pricing page"). Both were iterated over the week as Claude's output revealed gaps.

Engineers built 4 skills: /pr-review (their code review checklist encoded), /deploy $ARGUMENTS (staging/prod with safety checks), /deep-research (context:fork exploration), and /onboard-module $ARGUMENTS (explains any module to a new hire). They added a security-reviewer agent with persistent memory. The PM created a Cowork plugin with /sprint-summary and /stakeholder-update slash commands.

The team added 3 hooks: auto-prettier on edit, auto-test on write, and a PreToolUse block on rm -rf and direct production DB access. They connected GitHub (issues/PRs), Slack (team channel read), and their PostgreSQL staging database via MCP. Marketing connected Google Drive, Slack, and HubSpot via Cowork connectors.

Everything was bundled into two plugins: acme-eng-toolkit (skills + agents + hooks for engineers) and acme-gtm-toolkit (Cowork plugin for marketing/PM). Both published to a private GitHub marketplace. The admin configured auto-install for new team members.

Sarah joined on Monday. She cloned the repo, ran claude, and the plugin auto-installed. CLAUDE.md loaded the conventions. She ran /onboard-module auth and got a narrated walkthrough of the auth module. She asked Claude to add input validation to a form, reviewed the diff, and submitted a PR. The /install-github-app bot reviewed her PR before lunch. By end of day, she'd merged her first feature — without a single "how do we do X here?" Slack message.

Jake opened Cowork and installed acme-gtm-toolkit. His context files loaded the brand voice. He ran /sprint-summary and Cowork pulled the latest sprint data from Jira via connector, cross-referenced with Slack discussions, and produced a stakeholder update matching the team's communication style. He edited two sentences and sent it. His manager said it read like someone who'd been on the team for months.

Produce a working repo that another team could clone and be productive with immediately. This proves you've internalized externalization — your knowledge lives in the harness, not in your head.

A self-contained AI-augmented development workflow. No external accounts, no team required. This is a complete outcome — not a stepping stone.

1. CLAUDE.md with @file references — under 200 lines, stack/commands/conventions/don'ts
2. Three custom skills: one static, one with $ARGUMENTS, one with context:fork
3. One custom subagent with memory: user (persistent memory)
4. Two hooks wired in settings.json — one formatting (PostToolUse), one safety (PreToolUse)
5. One MCP connection (local filesystem MCP is fine — no Obsidian account needed)

Everything in Core Pass, plus automated review that runs on every PR — your standards enforced even when you're not at the keyboard.

6. Plugin package with plugin.json — bundles all skills, agents, hooks, and MCP config
7. CI headless task in GitHub Actions — claude -p for automated PR review or security scan

Everything in Professional Pass, plus your institutional knowledge encoded for teammates and non-developers. A new hire is productive on day one without reading a wiki.

8. Cowork context files — about-me.md, brand-voice.md, working-preferences.md with real content
9. Custom Cowork plugin for a non-developer role (marketing, ops, legal, sales)
10. Teammate (or simulated) validation — someone else installs and uses your setup on day one

The requirement doesn't exist in the repo. Nothing to evaluate.

The component exists and technically works, but uses generic/placeholder content. A CLAUDE.md that says "TypeScript project" without specific conventions. A skill that works but does something trivial. A hook that fires but doesn't catch real issues.

The component is specific to your project, handles edge cases, and a real team member would find it useful on day one. A CLAUDE.md with your actual stack, commands, and architectural constraints. A skill that encodes your team's actual review process. A hook that catches your project's actual risk patterns.

1. Run claude update to get the latest binary.

2. Check the Preview rows in the Feature Version Requirements table above — previews are the most likely to change.

3. Run claude doctor to verify your install is healthy after the update.

4. If a module stops matching your Claude Code behavior, check the course changelog in the Glossary page — a course update may already be available.

Stable — shipped and generally available, behavior unlikely to change
Preview — research preview or early access; behavior may change; plan requirements may shift

"Can I accept a diff, manage context, and use plan mode? Can I explain why the agent loop matters?"

"Do I have a CLAUDE.md, at least one skill, and a hook running automatically? Can I debug with /debug and delegate to subagents?"

"Can I build a custom agent team, publish a plugin, and run Claude in CI? Can a new hire be productive using my setup?"

"Could I teach this to a peer who uses the other surface (Code ↔ Cowork)? Could I explain why the concepts transfer?" If yes, you've internalized the mental model, not just the tool.

Claude Code is included with paid Claude plans (Pro $20/mo, Max $100–200/mo, Team $30/user/mo, Enterprise custom). API-key users pay per-token. Typical session: $0.10–$2.25 depending on model and length. Use /cost to check and --max-budget-usd to cap.

The default setup requires an internet connection to reach Anthropic's API. Your code stays local — only prompts, tool calls, and file contents referenced in conversation are sent. Enterprise users running Claude via AWS Bedrock, Google Vertex AI, or Microsoft Azure Foundry keep traffic inside their VPC. Local model inference (fully air-gapped) is not currently supported.

Yes. Set ANTHROPIC_API_KEY as an environment variable. Also supports AWS Bedrock (CLAUDE_CODE_USE_BEDROCK), Google Vertex (CLAUDE_CODE_USE_VERTEX), and Microsoft Foundry (CLAUDE_CODE_USE_FOUNDRY).

Only the portions Claude needs to see — files it reads, commands it runs, diffs it reviews. Code is not used for training. Enterprise plans offer additional data governance controls. Use .claudeignore to exclude sensitive files.

Copilot is autocomplete (Generation 1). Cursor is chat + edit with context (Generation 2.5). Claude Code is fully agentic (Generation 3) — it reads, plans, acts, verifies, and iterates autonomously. Different tools for different workflows; many developers use Claude Code for complex tasks and Cursor/Copilot for quick inline completions.

CLAUDE.md is a single project policy file at your repo root. .claude/rules/*.md are modular rule fragments that can be path-scoped. Use CLAUDE.md for rules under 200 lines; split into rules/ when the project is large or rules vary by directory.

They serve different audiences. Code is for developers working in codebases. Cowork is for knowledge workers (marketing, legal, finance, ops) working with documents, spreadsheets, and connected tools. Same architecture — learn one, understand both.

Yes. Claude Code reads and writes any text file — Markdown, JSON, YAML, CSV. Many people use it for documentation, data analysis, and content generation. However, Cowork is specifically designed for non-code work and provides a better UX for those use cases.

The course community lives at github.com/douglasmun/claude-code-course-starter/discussions. Ask questions, share what you built, get unstuck, and help other students. Organised into Q&A, Show & Tell, and Ideas categories.

Build Claude Code into your own applications. The Agent SDK (Python/TypeScript) gives programmatic access to the full harness. Start with the official docs.

Build MCP servers for your internal tools — databases, APIs, proprietary systems. The MCP spec is open source. Your tools become first-class citizens in the agent loop.

Private plugin marketplaces, OTEL tracing, admin controls, SSO. If your team is larger than 10 people, the enterprise tier adds governance without sacrificing developer experience.

The plugin ecosystem is community-driven. Build a plugin for your domain. Publish to GitHub. Share with the awesome-claude-code directory.

This course is your learning path. The Claude Code Cheat Sheet v1.0 is your daily reference. The Starter Repo is your project template. Bookmark both.