The numbers, in one paragraph
The Claude Code marketplace today lists 4,200+ skills, 770+ MCP servers, 2,500+ marketplaces, and 9,000+ plugins in total — counts that have roughly tripled since the marketplace surface went GA last fall. Two days ago, on May 4, 2026, Prismatic shipped Skills for Claude Code, an open-source plugin set explicitly designed to make integration scaffolding — authentication, multi-tenant deployment, connector behavior, webhook lifecycles, operational plumbing — feel native inside the IDE. Anthropic's own May rollout added ten new Cowork and Claude Code plugins, Microsoft 365 connectors, an MCP app pack for financial services, and Claude Security — a public-beta vulnerability scanner that scans code and proposes fixes through Opus 4.7.
For two quarters the conventional take on Claude Code was that it was a credible alternative to Cursor for terminal-native developers. That framing is now obsolete. Claude Code is a platform — and the surface that gets the most engineering attention this year is no longer the editor pane, it's the plugin layer.
Why the integration layer became the differentiator
The thing platforms commoditize is the part you don't have to build yourself. With Cursor 3, Anthropic's Cowork, and the Xcode 26.3 agent surface all converged on the same primitive (an IDE-resident agent talking to tools through MCP), the editor is no longer where teams differentiate. What's left is the quality of the tool layer the agent talks to. That layer covers four kinds of work, and almost all of it lives outside the model vendor:
1. Skills — domain-specific prompt + tool packages. A skill encodes "how a senior engineer at this shop refactors a Rails controller" or "what a clean ledger reconciliation looks like at our firm." 4,200+ public skills is a useful long tail, but the highest-leverage skills for any given team are the ones authored against the team's own conventions — and those don't show up in the marketplace.
2. MCP servers — the tool layer the agent actually uses. 770+ public MCP servers cover the obvious surfaces (GitHub, Linear, Postgres, the major cloud SDKs). They do not cover your internal design system, your feature-flag service, your analytics schema, or your deployment tooling. Those internal MCP servers are the ones that compound across every PR.
3. Marketplaces — distribution and governance for plugins. A marketplace lets a team publish skills and MCP servers internally with versioning, ACLs, and review. 2,500+ marketplaces sounds like a lot until you realize each enterprise tends to want its own; the count is mostly a function of how cheaply you can stand one up.
4. Connectors and integrations — the operational plumbing. This is where Prismatic's Skills release lands. The hard part of an integration in production is not "call the API" — it's auth flows, multi-tenant key management, webhook retry semantics, idempotency keys, observability. Prismatic's bet is that those concerns are universal enough to package as reusable skills that work across customer environments. That bet is correct, and the same playbook will get applied to deployment, observability, and incident response within the next two quarters.
What it means for engineering leaders
Plugin curation is now a platform-engineering responsibility. Letting individual developers freely install whatever's on the public marketplace is the security posture equivalent of curl | bash. The teams that move fastest and sleep at night this year are the ones with an internal allowlist, an internal mirror, and a small platform team that vets new entries against a security and compatibility rubric.
Internal MCP servers are the highest-leverage week of work on the calendar. A team that wires its design system, internal frameworks, telemetry, and feature-flag service into MCP servers is giving every Claude Code session — and every Cursor session, and every Cowork session — first-class access to the team's actual conventions. The teams that don't are leaving the agent to guess from grep. The economics of that one week of work are obscene relative to the model spend it saves.
Skill authorship is a real role. Writing a skill that compresses a senior engineer's tacit knowledge into a runnable prompt + tool bundle is a different skill than writing application code. It's closer to documentation engineering with teeth. The teams that staff for this — even part-time — get more durable leverage than the ones that don't.
Claude Security in beta is a structural shift in code review. A vulnerability scanner that scans, proposes fixes, and lets the developer accept or reject through Opus 4.7 is the natural next step after Cursor's review-mode and GitHub's Copilot Workspace. Worth piloting, with the caveat below.
Where we'd push back on the marketplace numbers
Two gaps.
9,000 plugins is mostly long-tail noise. The plugins most teams will run are a small handful — the ones for the team's source control, ticketing system, observability stack, language toolchain, and design system — plus whatever internal skills the team authors. The rest is research-grade, demo-grade, or specialized to niches that don't apply. The headline inventory number says "the ecosystem is alive"; it does not say "you should install 9,000 plugins."
A skill is only as good as its eval. A public skill that scored well on the author's repo is a hypothesis about how it'll behave in yours. Without an eval suite tied to the work your team actually does, installing a skill is a gamble. The teams that get burned this year are the ones that adopt skills aggressively without running them through a regression suite first.
What we'd build differently this week
- Stand up an internal MCP server for your design system, internal frameworks, and telemetry tooling. Highest-leverage week on the calendar. The agent that knows your conventions through tools instead of through grep is a categorically better agent.
- Pick five public plugins, vet them, and publish them through your internal marketplace with a CHANGELOG. Curated > unfiltered. Versioned > evergreen. Reviewed > fresh-from-public.
- Author one internal skill that captures a specific senior-engineer workflow at your shop. Use the same review process you'd use for production code. The artifact compounds.
- Pilot Claude Security on a low-risk service first. The scanner is in public beta; treat the false-positive rate as a real cost until you've measured it. Pair the rollout with a rule that auto-proposed fixes still need a human reviewer before merge.
Sonnet Code's take
The IDE-resident agent settled the editor question; the plugin ecosystem is settling the integration question. The work that compounds isn't installing more plugins — it's authoring the internal skills, MCP servers, and connector layers that make the agent fluent in your codebase, your conventions, and your operational reality. We staff that work for clients on two sides: AI development, where we build the internal MCP servers, write the custom skills, and wire the connector layers that turn a team's specific tooling into first-class tools the agent can call; and AI training, where senior reviewers author the eval suites and golden examples that tell you whether the agent is getting better or only louder as your skill library grows. If your team installed Claude Code last quarter and is now staring at the marketplace wondering which thirty plugins to enable, the next conversation isn't about which plugins to install. It's about which ones you should be writing.
