Language: 日本語English

jfrog Plugin

Author
JFrog Ltd.
Category
Security
Topics
Security, Auth & Compliance · Cloud, Deployment & CI/CD · Claude Code Customization & Workflow
First seen
2026-07-09
Last confirmed
2026-07-13
Explanation last updated
2026-07-12

The explanation below is AI-generated. Please verify it against the sources.

The jfrog plugin connects Claude Code to the JFrog Platform, providing Artifactory artifact management, security scanning, package safety checks, and MCP server governance through Agent Guard. Per the README, it consists of a remote JFrog MCP server auto-attached to every session (OAuth, no API keys), a JFrog Platform skill for repositories, builds, permissions, tokens, and release bundles, a package safety/download skill for npm, Maven, PyPI, Go and other ecosystems, and an Agent Guard hook for managing MCP servers approved via the JFrog AI Catalog. Installation is via /plugin install jfrog, and it requires a JFrog host URL, access token, Claude Code CLI, Node.js, plus jf CLI, jq, and curl. Agent Guard and its MCP discovery/install features are optional and require a JFrog AI Catalog entitlement. According to the README, sensitive configuration values are never shown in chat and must be entered via a CLI command.

Overview

According to the JFrog homepage, the JFrog Platform is a software supply chain platform spanning DevOps, DevSecOps, and AI/MLOps, and includes products such as Artifactory, Xray (JFrog Security Essentials), Advanced Security, Distribution, and JFrog AI Catalog.

What you can do with jfrog

  • List Artifactory repositories and upload build artifacts and metadata (per README)
  • Run Xray / Advanced Security audits and look up CVE details
  • Create scoped access tokens and promote release bundles via Lifecycle / Distribution APIs
  • Check whether npm, Maven, PyPI, Go, and other packages are safe or curated, then download them through Artifactory remote caches
  • Discover, install, configure, update, and remove MCP servers approved via the JFrog AI Catalog using Agent Guard
  • Authenticate to remote HTTP MCP servers via OAuth, API key, or bearer token

Sources

Original description (English)

Use the JFrog Platform from Claude Code: Artifactory repos and artifacts, security findings and exposures, Catalog package safety and downloads, workflows across the SDLC, and platform administration.

History of jfrog

Back to list