Semia

Name: Semia
Author: berabuddies

berabuddies/Semia·1 plugin

Audit Claude Code skills for declared capabilities and risky behaviors before you install or publish them.

Overview

Semia is a plugin marketplace for the Ship phase that adds a static security audit toolkit for vetting AI agent skills with evidence-backed capability reports.

What is this marketplace?

Static security audit toolkit aimed at AI agent SKILL.md and plugin manifests
Surfaces every capability a skill may exercise with traceable evidence
Developer Tools category plugin sourced from berabuddies Semia monorepo
Claude Code marketplace bundle with a single focused semia plugin entry
Evidence-backed reporting for trust decisions before adding skills to your stack
Marketplace bundles 1 plugin (semia security audit toolkit)
Publisher: berabuddies on GitHub (Semia repository)

Compatible agents: Claude Code, Cursor, any compatible agent

Community signal: 445 GitHub stars.

What problem does it solve?

You cannot tell from a skill README whether an agent extension will read secrets, run shell commands, or call outbound APIs until something goes wrong.

Who is it for?

Indie builders who install many third-party Claude Code skills and want a repeatable pre-flight security checklist.

Skip if: Teams that only use first-party skills with no external marketplace installs and already run full SAST on every release.

What do I get? / Deliverables

After you add Semia, you get a structured audit of what each skill can do so you can allow, reject, or fork skills with documented justification.

Capability inventory for each audited skill with supporting evidence
Go/no-go notes for which skills belong in your personal or team catalog
Repeatable audit workflow before each new marketplace install

Plugins in this marketplace

1 plugin — install individually after you add the marketplace.

PluginVersion

SemiaStatic security audit toolkit for AI agent skills — surfaces every capability a skill may exercise, with evidence.—

Recommended Marketplaces

Authzed Marketplaceauthzed/authzed-marketplace

AuthZed Marketplace is the vendor-maintained Claude Code catalog for SpiceDB and AuthZed authorization work. Indie SaaS …2 stars

Chainguard Pluginschainguard-demo/claude-plugins

chainguard-plugins is Anthropic’s official Chainguard plugin marketplace for Claude Code, bundling documentation access …7 stars

Clashempathic/clash

Clash is a Claude Code plugin marketplace from Empathic that adds permission enforcement for agent tool usage. Solo buil…30 stars

Claude For Legalanthropics/claude-for-legal

claude-for-legal is Anthropic’s official Claude Code plugin marketplace bundling thirteen legal-focused plugins for team…8.2k stars

Claude For Legalgtgspot/clegal

claude-for-legal (market id gtgspot/clegal) is a thirteen-plugin Claude marketplace framed with Anthropic’s marketplace …

Claude Nginx Hardeningtrumb/claude-nginx-hardening

claude-nginx-hardening is a Claude Code plugin marketplace by trumb that packages one development-category plugin for op…1 stars

Journey fit

Primary fit

Security review belongs on the Ship shelf because it gates what agent skills are safe to run in production workflows. Static skill audits map directly to pre-launch security review of third-party agent extensions.

How it compares

Curated plugin marketplace for skill security auditing, not a general-purpose coding agent skill.

Common Questions / FAQ

Who is Semia for?

Semia is for solo developers and small teams using Claude Code who install community skills and need evidence-based security review before trusting them.

When should I use Semia?

Use Semia before adding new skills to your daily agent workflow, before publishing your own skill, and when re-auditing skills after upstream updates.

How do I add Semia to my agent?

Register the berabuddies Semia Claude marketplace in Claude Code, install the Semia plugin from the bundle, then point it at skill packages you want statically audited.