Summary

Claude Code clones the official plugins repository (anthropics/claude-plugins-official) using SSH ([email protected]:...) instead of HTTPS. This can lead to an approval workflow for key access when SSH agents are configured, e.g., 1Password. Since this is a public repository, HTTPS access would suffice.

Problem

SSH agents like 1Password's offer a setting to prompt the user for approval before allowing key access. Every time I started Claude, 1Password asked me if I wanted to grant applications access to an SSH key.

It took a while to figure out why starting Claude Code wanted to read my SSH key; I was concerned that I had inadvertently installed some malware somehow. After some digging, I determined that the key access attempt coincides with git clone of the marketplace repo.

The main issue here is that it wasn't clear to me WHY Claude Code was trying to read my keys, and I had to drop what I was doing to see if something sketchy was happening. For that reason, I think it would be better to clone via HTTPS instead of SSH to circumvent the issue entirely.

Steps to Reproduce

1. Use an SSH agent with per-use approval enabled (e.g., 1Password)
2. Start Claude Code
3. Observe SSH authentication prompt

Suggested Fix

Use HTTPS (https://github.com/anthropics/claude-plugins-official.git) for cloning public repositories. This requires no authentication and works regardless of SSH configuration.

Workaround

Remove the marketplace via /plugin command or allow the key access for clone one time.

Environment

• macOS
• 1Password SSH Agent
• Claude Code (latest)