Skip to main content
Open source · agents · 20 picks

Open-source Claude workflow resources

Source-backed agents, MCP servers, skills, hooks, commands, and guides that teams can inspect before adopting in Claude workflows.

Curated by @heyclaude-editors Updated 2026-07-18

Source-backed agents, MCP servers, skills, hooks, commands, and guides that teams can inspect before adopting in Claude workflows.

Compared at a glance

The top 5 picks side by side on trust, install, platform support, and disclosed notes — full rationale for each below.

3 trust signals differ across this comparison (Package trust, Source provenance, Submitter).

Next steps differ across picks — use the actions in the table below to copy install commands and source links per resource.

Field

Source-backed agent for cleaning up open-source GitHub issue queues with reproducibility checks, labels, issue types, milestones, assignees, project views, duplicate links, and maintainer-safe response drafts.

Open dossier

Official GitHub MCP server providing comprehensive GitHub API access for repository management, file operations, and search functionality

Open dossier

Master collaborative AI-assisted development with Windsurf IDE's Cascade AI, multi-file context awareness, and Flow patterns for team workflows.

Open dossier

Production codebase auditor specialized in Zod schema validation coverage, security vulnerability detection, and dead code elimination

Open dossier

Use the built-in /hooks menu to inspect Claude Code hooks and configure them in settings.json so shell commands run deterministically at lifecycle events like PreToolUse, PostToolUse, and Stop.

Open dossier
Next stepsDiffers
Trust
Review statusReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewed
Package trustDiffersPackage not verifiedPackage verifiedPackage verified2025-10-16Package not verifiedPackage not verified
Source provenanceDiffersSource-backedNo submission linkNo submission linkSource-backedSource-backed
SubmitterDiffersMkDev11
Install riskReview firstLow riskLow riskReview firstReview first
Notes Safety ✓ Privacy ✓ Safety ✓ Privacy ✓ Safety ✓ Privacy ✓ Safety ✓ Privacy ✓ Safety ✓ Privacy ✓
BrandGitHub logoGitHubGitHub logoGitHubWindsurf logoWindsurf
Categoryagentsmcpskillscommandscommands
SourceSource-backedFirst-partyFirst-partySource-backedSource-backed
AuthorMkDev11GitHubJSONboredJSONboredJSONbored
Added2026-06-052025-09-182025-10-162025-09-262025-10-25
Platforms
Harness
Source repo
Safety notesTreat label changes, assignments, milestone moves, project edits, issue closures, discussion conversions, and maintainer mentions as repository governance actions. Draft them first unless the maintainer explicitly authorizes mutation. Do not close issues only because they are old, vague, unpopular, or difficult to reproduce. Apply the repository's documented stale, support, duplicate, or not-planned policy and preserve appeal paths. Avoid making security, severity, ownership, roadmap, or legal claims from model inference alone. Escalate suspected vulnerabilities or abuse to the repository's private security and moderation process. When recommending automation, keep rate limits, notification volume, contributor trust, and maintainer review capacity in view.Use a least-privilege GitHub token because repository, issue, pull request, and file operations can modify public or private projects.Setup downloads and unzips a package and changes Windsurf IDE configuration; review what it writes and run it in a trusted workspace.Review generated changes and commands before applying them; slash commands can ask the agent to read, write, edit, or run tools in the current project. Limit scope to the intended files and run in a trusted checkout when the command analyzes code, tests, security findings, or generated output.Hooks execute shell commands automatically with your user permissions whenever their event fires. A misconfigured or malicious hook can run destructive commands (file deletion, network calls, credential access) without further confirmation. PreToolUse hooks can allow or deny tool calls and PostToolUse hooks run after tools succeed; review hook commands before committing them to a shared .claude/settings.json so teammates do not inherit unexpected execution. Prefer `.claude/settings.json` for reviewed, team-shared hooks and `.claude/settings.local.json` for personal, gitignored hooks; use `disableAllHooks` to turn off user/project hooks when running untrusted code.
Privacy notesIssue queues can contain private logs, stack traces, screenshots, crash dumps, tokens, email addresses, customer names, hostnames, reproduction links, and unpublished roadmap details. Draft public comments with minimal necessary detail. Ask reporters to move secrets, credentials, vulnerability reports, or private customer data to an approved private channel instead of quoting it back into the issue. Saved replies, duplicate summaries, and project fields can reveal internal routing rules or maintainer availability. Keep internal notes separate from public-facing triage comments. Search queries, exported issue lists, and triage reports should be treated as contributor data and retained only as long as the repository policy allows.Repository contents, issues, pull requests, comments, org metadata, and user details may be sent through model context.Windsurf (Cascade) sends your code and prompts to its AI backend to power multi-file operations; review Windsurf's data-handling settings and keep API keys and secrets out of committed config.Reads the source files it audits, which may include schema definitions and sample data, and sends them to the model as part of the request; it does not transmit them anywhere else.Command and HTTP hooks receive event JSON on stdin including `session_id`, `transcript_path`, `cwd`, and tool input (such as file paths and Bash commands); a hook that forwards this data over the network can expose local file contents, paths, or command arguments to third parties. HTTP hooks can include headers with interpolated environment variables (restricted by `allowedEnvVars`); avoid embedding secrets in hook configuration that is committed to a repository.
Prerequisites
  • GitHub repository issue queue or filtered issue list, with the repository's contribution, support, security, and code-of-conduct policies available.
  • Current label taxonomy, issue types, milestones, project fields, assignee rules, duplicate policy, stale policy, and maintainer ownership map.
  • Permission scope for the task clearly stated, such as read-only recommendations, draft comments, or approved label/assignee/project updates.
  • Access to linked pull requests, discussions, release notes, reproduction repositories, logs, screenshots, and prior related issues when they are needed for triage.
  • GitHub account (sign up at https://github.com if needed)
  • GitHub Personal Access Token with repo scope (generate from GitHub Settings > Developer Settings > Personal Access Tokens)
  • Docker installed and running (verify with: docker --version)
  • Internet connection (remote GitHub API access required)
  • Windsurf IDE installed (download from codeium.com/windsurf)
  • Active project/codebase
  • Git repository (recommended for version control)
  • Codeium account (for Cascade AI features)
— none listed— none listed
Install
claude mcp add github -e GITHUB_PERSONAL_ACCESS_TOKEN=YOUR_TOKEN -- docker run -i --rm -e GITHUB_PERSONAL_ACCESS_TOKEN ghcr.io/github/github-mcp-server && claude mcp list
curl -L https://heyclau.de/downloads/skills/windsurf-collaborative-development.zip -o windsurf-collaborative-development.zip && unzip -o windsurf-collaborative-development.zip -d ./windsurf-collaborative-development
/zod-audit
Config
{
  "mcpServers": {
    "github": {
      "env": {
        "GITHUB_PERSONAL_ACCESS_TOKEN": "${GITHUB_PERSONAL_ACCESS_TOKEN}"
      },
      "args": [
        "run",
        "-i",
        "--rm",
        "-e",
        "GITHUB_PERSONAL_ACCESS_TOKEN",
        "ghcr.io/github/github-mcp-server"
      ],
      "command": "docker",
      "type": "stdio"
    }
  }
}
Citations
ClaimUnclaimedUnclaimedUnclaimedUnclaimedUnclaimed
Open 4 picks in the interactive comparison tool
  1. 01
    Why it made the cut

    GitHub Community Issue Triage Agent is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  2. 02
    Why it made the cut

    GitHub MCP Server for Claude is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.

  3. 03
    Why it made the cut

    Windsurf AI-Native Collaborative Development Skill is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.

  4. 04
    Why it made the cut

    /zod-audit - Zod Auditor Command for Claude Code is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  5. 05
    Why it made the cut

    Configure Claude Code Hooks with /hooks is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  6. 06
    Why it made the cut

    Asana MCP Server for Claude is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.

  7. 07
    Why it made the cut

    Figma MCP Server for Claude is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.

  8. 08
    Why it made the cut

    Monday MCP Server for Claude is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.

  9. 09
    Why it made the cut

    Stytch MCP Server for Claude is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.

  10. 10
    Why it made the cut

    Workato MCP Server for Claude is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.

  11. 11
    Why it made the cut

    Zapier MCP Server for Claude is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.

  12. 12
    Why it made the cut

    AutoGen Multi-Agent Workflow for Claude is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  13. 13
    Why it made the cut

    Claude Code On The Web For Repository Planning is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  14. 14
    Why it made the cut

    Claude Models in GitHub Copilot Advisor is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  15. 15
    Why it made the cut

    TDD Workflow Custom Command for Claude Code is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  16. 16
  17. 17
    Why it made the cut

    Pull Request Triage Capability Pack Skill is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  18. 18
    Why it made the cut

    Securing Agentic Coding Workflows In Open Source Repos is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  19. 19
    Why it made the cut

    GitHub Actions AI-Powered CI/CD Automation Skill is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.

  20. 20
    Why it made the cut

    GitHub Actions Secure CI/CD Capability Pack Skill is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.

Missing a pick? Propose an edit to this list — every change goes through the same review queue as new entries.

Suggest a pick
Weekly · Sundays

Get the weekly brief

One calm read on Claude workflows. Sundays. No tracking pixels.

Unsubscribe any time. No tracking pixels. No partner blasts.