askill
agent-creator

agent-creatorSafety 95Repository

Guide for creating Claude Code agents (subagents). Use when users want to create a new agent, modify an existing agent, understand agent configuration, or ask about agent frontmatter fields, tools, permissions, models, memory, hooks, or skills. Triggers on "create an agent", "new agent", "agent for...", "modify agent", ".claude/agents/", agent frontmatter fields (tools, model, permissionMode, maxTurns, memory, hooks, skills, mcpServers, disallowedTools), or any question about how Claude Code agents work.

agent-creatortwiced-technology-gmbh
0 stars
1.2k downloads
Updated 2/15/2026

Package Files

Loading files...
SKILL.md

Agent Creator

Guide for creating effective Claude Code agents. An agent is a markdown file with YAML frontmatter stored in .claude/agents/. The frontmatter configures behavior; the markdown body is the system prompt.

Agent File Structure

---
name: my-agent
description: What this agent does and when to use it.
tools: [Read, Grep, Glob]
model: sonnet
permissionMode: dontAsk
maxTurns: 15
---

# Agent System Prompt

Instructions for the agent go here. Write like you're briefing a colleague.
The more specific and structured, the more consistent the behavior.

Frontmatter Fields

Required

FieldDescription
nameUnique identifier — lowercase letters and hyphens only (e.g. code-reviewer). Referenced in prompts and CLI flags.
descriptionShort sentence explaining what agent does. Claude matches messages against every agent's description to decide which to spawn — make it specific and unambiguous.

Optional

FieldValuesDefaultDescription
tools[Read, Grep, Glob, Edit, Write, Bash, WebFetch, WebSearch]All toolsAllowlist. Agent can only use listed tools. Omit to inherit all (use sparingly).
disallowedToolsTool names to removeNoneDenylist — "everything except X".
modelhaiku, sonnet, opusinheritAI model. See Model Selection below.
permissionModedefault, acceptEdits, dontAsk, bypassPermissions, plan, delegatedefaultHow agent handles permission prompts. Independent of parent session.
maxTurnsPositive integerNo limitMax API round-trips. Safety net against runaway token consumption.
skillsArray of skill namesNoneSkills injected into context at startup. Not inherited from parent — must list explicitly.
mcpServersServer names or inline configsNoneMCP servers available to this agent.
hooksPreToolUse, PostToolUse, StopNoneLifecycle hooks scoped to this agent. See references/memory-and-hooks.md.
memoryuser, project, localNonePersistent memory scope. See references/memory-and-hooks.md.

Tools Reference

ToolWhat it doesDanger level
ReadRead file contentsSafe (read-only)
GrepSearch inside files for text patternsSafe (read-only)
GlobFind files by name patternSafe (read-only)
EditModify existing files (find-and-replace)Modifies files
WriteCreate new files or overwrite existingModifies files
BashRun terminal commandsRuns arbitrary commands
WebFetchFetch content from a URLNetwork access
WebSearchSearch the webNetwork access

Read-only set: [Read, Grep, Glob] — use for reviewers, auditors, explorers. Standard write set: [Read, Write, Edit, Bash, Grep, Glob] — use for implementers.

No nesting: Agents cannot spawn other agents. Even if Task is listed, it has no effect.

Permission Modes

ModeBehaviorUse for
defaultAsk approval for each actionGeneral purpose
acceptEditsAuto-accept file edits, still ask for shell commandsTrusted writers
dontAskBlock any action needing approvalRead-only agents (second safety layer)
bypassPermissionsSkip all checksExtreme caution
planRead-only explorationPlanning agents
delegateTeam coordination onlyTeam leads

Model Selection

ModelCost/taskAccuracyBest for
haiku~$0.03~60%File lookups, formatting, bulk ops. 10 Haiku ≈ 1 Sonnet cost.
sonnet~$0.24~85%Standard dev work, code reviews.
opus~$1.20~95%Architecture, security-sensitive code.
inherit(session)(session)Default when not specified.

Use Sonnet or Opus for sensitive code: auth, payments, database ops, crypto — accuracy matters for security.

Where to Save

LocationScopeShareable
.claude/agents/ProjectYes (via Git)
~/.claude/agents/User (all projects)No
agents/ (in plugin)PluginYes (via plugin)

Agents load at session start. If created mid-session, restart or use /agents to reload.

Agent Lifecycle

  1. Spawn — Fresh context with: agent's system prompt + CLAUDE.md + environment details. Parent summarizes relevant context in the task prompt (lossy).
  2. Execute — Works independently using only its granted tools.
  3. Return — Results come back as a summary, not full output.
  4. Resume (optional) — Pass agent's ID to continue where it left off with full history intact.

What agents receive

  • Their custom system prompt (markdown body)
  • CLAUDE.md project instructions
  • Basic environment details (working directory, platform)
  • Preloaded skills (only if listed in skills field)

What agents do NOT receive

  • Parent conversation history
  • Parent skills (must be explicit)
  • Full Claude Code system prompt (agents get their own simpler prompt)

Context & storage

  • Own context window — verbose tool output stays in agent's window, not yours
  • Compaction — at ~95% capacity, older messages compressed. Put critical rules in CLAUDE.md (reloaded after compaction)
  • Transcripts — saved as ~/.claude/projects/<hash>/agent-<agentId>.jsonl. Auto-removed after 30 days.

Invocation

MethodHow
AutoClaude matches message against agent descriptions. Best match spawned. Most common.
ExplicitName agent in prompt: "Use the security-auditor agent".
/agentsSlash command to browse, create, edit agents mid-session.
--agent nameCLI flag to start session as that agent.
--agents '{...}'Register extra agents inline as JSON.

Foreground: 1 agent → conversation pauses until done. Background: Multiple agents → run concurrently in parallel. Background agents cannot use MCP tools or ask questions.

Built-in Agents

AgentModelToolsPurpose
ExploreHaikuRead, Grep, GlobSearch files, discover patterns
PlanInheritRead-onlyGather context for planning
GeneralInheritAllComplex multi-step tasks
BashInheritBash onlyTerminal commands
GuideHaikuRead-onlyAnswer Claude Code questions

Disable a built-in: { "permissions": { "deny": ["Task(Explore)"] } } in settings.

Best Practices

  1. Minimal tools — [Read, Grep, Glob] can't delete files or run commands. If prompt injection tricks it, damage is contained to reading.
  2. Specific descriptions — "Handle code tasks" matches everything poorly. "Review TypeScript for security vulnerabilities in the auth module" activates reliably.
  3. Set maxTurns — Without limit, confused agent loops indefinitely burning tokens. Code reviewer rarely needs >15 turns.
  4. dontAsk for read-only — Blocks actions needing approval. Second safety layer beyond tool restrictions.
  5. Sonnet/Opus for sensitive code — Larger models are harder to prompt-inject. Haiku follows instructions more literally.
  6. Check into version control — Agents are code. PR reviews catch permission escalation and prompt regressions.
  7. Haiku for parallel research — 10 Haiku agents cost ≈ 1 Sonnet. Finish much faster for simple file lookups.
  8. Start restrictive, expand later — Easier to grant access than recover from a security incident.
  9. Store critical rules in CLAUDE.md — Survives compaction. Agent system prompt can be lost at ~95% capacity.
  10. Provide verification criteria — "Write validateEmail, test: user@example.com → true, invalid → false. Run tests after." gives the agent a feedback loop.

Common Mistakes

  1. Swiss Army knife agent — One agent with all tools and vague description. Never activates reliably, can't be specialized, security liability.
  2. Subagents for implementation — They do NOT inherit conversation history. Use for research/information gathering; implement in main session.
  3. Parallel agents editing same files — Last-write-wins race condition. Define explicit file ownership.
  4. Expecting conversation inheritance — Agents start fresh. Include ALL necessary context in the task prompt.
  5. Not reviewing test modifications — Agents sometimes change assertions to match incorrect code. Always review test file changes.
  6. Correction loops — After 2 failed attempts, start fresh. /clear + better prompt is cheaper than noise accumulation.
  7. Over-parallelizing — 5 agents for a single-domain feature wastes tokens. Match parallelism to task complexity.

Creation Workflow

  1. Identify the task — What specific job does this agent do? Be narrow.
  2. Choose tools — Start with minimum needed. Read-only if possible.
  3. Choose model — Haiku for simple lookups, Sonnet for standard work, Opus for critical reasoning.
  4. Set permissionsdontAsk for read-only agents, default for writers.
  5. Set maxTurns — Estimate reasonable turns for the task. Add small buffer.
  6. Write description — Specific enough that Claude activates it for the right tasks and ignores it for others.
  7. Write system prompt — Tell the agent how to do its job: what to focus on, output format, what to avoid, domain rules.
  8. Add memory (optional) — Only if agent runs repeatedly across sessions. See references/memory-and-hooks.md.
  9. Add hooks (optional) — Auto-format, auto-lint, cleanup. See references/memory-and-hooks.md.
  10. Add skills (optional) — Explicitly list any skills the agent needs.
  11. Save to .claude/agents/ and commit to Git.

Advanced Topics

Install

Download ZIP
Requires askill CLI v1.0+

AI Quality Score

95/100Analyzed 2/18/2026

Comprehensive, well-structured guide for creating Claude Code agents. Covers all frontmatter fields, tools, permissions, models, lifecycle, and best practices with tables and clear workflows. Highly actionable reference suitable for any Claude Code project. Minor deduction for being in a company registry (potential internal signal) but content is broadly applicable.

95
95
95
95
95

Metadata

Licenseunknown
Version-
Updated2/15/2026
Publishertwiced-technology-gmbh

Tags

apidatabasegithub-actionslintingllmpromptingsecuritytesting