# Claude Code Plugin

The Opsera DevSecOps plugin brings four AI security and compliance agents directly into Claude Code. Currently available in the **private marketplace only.**

## Installation

There are two ways to install. The Marketplace method is the fastest and handles future updates automatically.

#### Method A — Claude Code Marketplace Recommended

Install directly from inside Claude Code with a single command:

```
/install opsera-devsecops
```

{% hint style="info" %}
If this command works, skip directly to the [Authentication step](https://www.claudeusercontent.com/?domain=claude.ai\&errorReportingMode=parent\&formattedSpreadsheets=true#section-auth). You don't need Method B.
{% endhint %}

#### Method B — Install from GitHub Manual

Use this if your Claude Code version doesn't support `/install`, or to pin a specific versionOpen Claude Code

***

<figure><img src="/files/7nf96v8JpWgbw4m7Od9b" alt=""><figcaption></figcaption></figure>

## Step 1: Open Claude Code

Launch Claude Code in your terminal:

```
claude
```

Then open the plugin manager:

```
/plugin
```

## Step 2: Add the Plugin Repository

Navigate to **Marketplace → Add Marketplace**.

{% hint style="info" %}
If `claude` isn't found, visit [code.claude.com/docs](https://code.claude.com/docs) to install Claude Code and add it to your PATH.2🐙Add the Plugin Repository
{% endhint %}

When prompted for the marketplace source, enter:

```
opsera-agents/opsera-devsecops
```

**Press Enter to confirm. You'll see: `+ Adding marketplace to configuration…`**

## Step 3: Install the Plugins

Select the **Opsera DevSecOps** plugin from the catalog and confirm. This installs all 4 agents in one step:

```
Architecture Analyze   # Risk-focused architecture analysis
Security Scan          # SAST, secrets, CVEs, containers
Compliance Audit       # SOC2, HIPAA, PCI-DSS, ISO 27001
SQL Security           # Injection detection + AI auto-fix
```

## Step 4: Restart Claude Code

Fully exit and reopen Claude Code for the plugin to load:

```
exit   
```

## Step 5: Verify Installation

Run `/plugin` and go to **Installed Plugins**. You should see an **Opsera MCP** entry that requires authentication.

Move your cursor to it and press <kbd>Enter</kbd> to begin the authentication flow.

## Step 6: Authenticate in Browser

A browser window opens automatically for secure OAuth login. Sign in with your Opsera account at [agent.opsera.ai](https://agent.opsera.ai/) — or a free trial account is created automatically if you don't have one.

Once authenticated in the browser, return to your terminal. You're ready to go.

## Using the Agents

Just describe what you need. Claude routes the request to the right agent automatically:

| What you say                                         | Agent            | What you get                                               |
| ---------------------------------------------------- | ---------------- | ---------------------------------------------------------- |
| "Scan this repo for security vulnerabilities"        | Security Scan    | SAST report + CVE list + secret detection results          |
| "Are we SOC2 compliant?"                             | Compliance Audit | Gap analysis against SOC 2 controls with evidence map      |
| "Check my SQL files for injection risks"             | SQL Security     | Flagged queries with safe alternatives and auto-fix        |
| "What are the architectural risks in this codebase?" | Architecture     | Risk-annotated architecture diagram + failure modes        |
| "Do we have any secrets committed to this repo?"     | Security Scan    | Per-file secret detection report with severity ratings     |
| "Generate a HIPAA compliance report"                 | Compliance Audit | HIPAA control checklist with pass/fail + remediation steps |
| "Show PII exposure in our query layer"               | SQL Security     | PII/PHI field inventory with exposure risk ratings         |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.agents.opsera.ai/marketplace/marketplace/claude-code-plugin.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.