The 7 Best Claude Code Skills for Software Architects

By Skill Index Editorial · May 27, 2026

An architect's day is rarely about writing code. It is about deciding which boxes go in which diagram, which trade-offs survive contact with production, and which decisions get written down so the team six months from now does not relitigate them. The artifacts are different from a developer's — design docs, C4 diagrams, sequence diagrams, ADRs, RFCs, threat models, Well-Architected reviews, runbooks — but the gap between a tight design loop and an improvised one shows up in the same places: incidents that trace back to a decision nobody wrote down, rewrites that could have been a paragraph in an RFC, the size of the technical-debt backlog. The seven skills below cover that surface area. Each is a real, verified Claude Code skill from a plugin with public commit history and real star counts.

From the gstack plugin (102,692 stars — the highest-trust signal on this list by two orders of magnitude). An engineering-manager-mode plan review that locks in the execution plan before any code is written: architecture, data flow, diagrams, edge cases, test coverage, performance. It walks through issues interactively with opinionated recommendations rather than the "looks good to me" non-review that wastes everyone's time. The mode this skill puts you in is the one that catches the load-bearing mistakes — the missing index, the synchronous call that should have been a queue, the missing idempotency key — while there is still time to fix them in the plan and not in the postmortem.

When to use: after a design doc or RFC is drafted and before any implementation begins, on every plan that touches a service boundary, and as the final gate before kickoff on anything that crosses team lines. Pair it with the backend-engineer skill stack so the implementation lands cleanly after the plan is locked, and with the Architects persona collection for the rest of the design-stage tools.

From the claude-skills plugin (13 stars). Designs AWS architectures — VPCs, EC2, ECS, Lambda, RDS, S3, CloudFront — and runs Well-Architected Framework reviews across the five pillars (operational excellence, security, reliability, performance efficiency, cost optimization). A Well-Architected review done well takes two days plus a workshop; the skill produces a defensible first draft in minutes. It does not replace the workshop, but it changes the workshop from "what should we look at" to "here are the eleven items we should actually argue about," which is the conversation that improves the system.

When to use: at the start of every new AWS workload (run it before the first terraform plan, not after), as the prep document before any quarterly architecture review, and as the diagnostic pass when a system that has drifted from its original design needs a re-baseline. Pair it with threat-modeler below for the security pillar in depth, and with technical-writer for turning the output into a permanent ADR.

Also from claude-skills. Designs Google Cloud architectures — GKE, Cloud Run, BigQuery, Pub/Sub, and Cloud Spanner solutions. GCP's strengths and traps differ from AWS's: Spanner is magical until you misunderstand the schema-design rules, BigQuery slot management eats budgets when nobody is watching, Cloud Run scaling is great until a cold-start latency SLO breaks. The skill encodes those tripwires so the architecture you sketch is one a GCP TAM would nod at, not the AWS-shaped architecture badly translated into GCP that most multi-cloud orgs ship.

When to use: any time a workload is heading to GCP rather than translating an AWS pattern over by hand, when a data team is choosing between Spanner, BigQuery, and Bigtable for a new system (the wrong choice here is the most expensive class of architecture mistake), and as the design-review companion for any GKE or Cloud Run rollout. Pair it with aws-architect when running a real apples-to-apples cloud-cost comparison rather than the napkin one.

Also from claude-skills. Designs Azure architectures — AKS, Functions, Cosmos DB, Service Bus, and Azure AD integration patterns. Azure's centre of gravity is enterprise identity, and most Azure architecture mistakes are actually Entra ID mistakes in disguise: managed identities that should have been workload identities, conditional-access policies that block service-to-service traffic, role assignments scoped at the subscription when they belonged at the resource group. The skill bakes those patterns into the design rather than leaving them as the inevitable Q2 firefight.

When to use: any time the workload's primary integration is with Microsoft 365, Entra ID, or Power Platform (the multiplier on getting identity right is the largest in any cloud), at the start of any AKS rollout where the cluster will live alongside existing Azure services rather than as an island, and whenever Cosmos DB partition-key design is on the table — that is the decision a year of latency depends on. Pair it with threat-modeler for the identity-attack surface that Azure deployments specifically attract.

Also from claude-skills. Performs threat modeling — STRIDE categorisation, attack trees, data flow diagrams, and mitigation recommendations. Threat modeling has the highest ROI per hour in architecture work and the lowest rate of actually getting done, because the manual version requires either a security specialist or an architect willing to spend an afternoon thinking adversarially about a system they just designed. The skill removes the activation energy: feed it a system description or DFD, get back a STRIDE-organised threat list with attack trees and proposed mitigations, then spend the afternoon arguing with the output instead of writing it from scratch.

When to use: on every new system before launch (no exceptions — the cheapest threat model is the one that exists), as a refresh whenever a system gains a new trust boundary (new third-party integration, new admin role, new public endpoint), and as the security pillar deep-dive after an aws-architect or azure-architect Well-Architected pass. Pair it with the DevOps skill stack so the mitigations land in real infrastructure rather than a forgotten Confluence page.

Also from claude-skills. Creates technical documentation — API docs, user guides, runbooks, architecture decision records, and onboarding guides. The ADR coverage is what earns this skill a slot in an architect's stack. An undocumented decision is one that gets relitigated, and relitigating a load-bearing architecture decision costs weeks of meetings and dropped sprint velocity. The skill enforces the canonical ADR structure (context, decision, status, consequences) so the artifact is one the team six months from now can actually use, and the runbook output covers what to do when the system catches fire at 3am.

When to use: immediately after any non-trivial architecture decision while the reasoning is fresh (write the ADR before the meeting room empties — backlogged ADRs are dead letters), as part of every system handover so the runbook exists before the on-call rotation needs it, and on any API that crosses a team boundary because undocumented APIs are tomorrow's broken contracts. Pair it with plan-eng-review upstream so the decision being recorded was actually pressure-tested first.

From the myclaude plugin (2,672 stars). Designs feature architectures by analysing existing codebase patterns and conventions, then producing comprehensive implementation blueprints with specific files to create or modify, component designs, data flows, and build sequences. The key phrase is "existing patterns" — the failure mode of green-field design inside a brown-field codebase is the architecture that ignores conventions already there, producing a feature that works but feels grafted on and accumulates technical debt from the first commit. The skill reads the codebase first, then designs against its grain rather than across it.

When to use: any time a non-trivial feature lands inside an existing codebase you do not have full memory of (most of the time, in practice), at the start of every major refactor so the target shape is concrete rather than vibes-based, and as the bridge between an approved ADR and the actual implementation tickets. Pair it with plan-eng-review for the cross-team plan view and with technical-writer for the ADR that captures why the blueprint took the shape it did.

How to install

Each skill lives inside a plugin. Add the plugin marketplace once, then install with a single command — the skill detail page on Skill Index has the exact install string and a copy button. The highest-ROI sequence for an architect: start with plan-eng-review so every plan gets the same disciplined pass, then add the cloud-specific architect skill for your primary cloud (aws-architect, gcp-architect, or azure-architect). Layer in threat-modeler so security is part of the design loop, and technical-writer so every decision becomes a permanent ADR. Reach for code-architect when the feature lands inside an existing codebase and the implementation blueprint is the missing artifact. Pair the output with the rest of the thicket toolkit — diagrams via capture.thicket.sh, QR-coded links to ADRs via qr.thicket.sh, and deep-work blocks via focus.thicket.sh — and the design loop stops being late-night Confluence pages and starts being a system you can run.

Frequently Asked Questions

Which Claude Code skill is best for reviewing a system-design plan before any code is written?

Use plan-eng-review from the gstack plugin (102,692 stars — by far the highest-trust signal in this category). It runs an engineering-manager-mode plan review that locks in the execution plan: architecture, data flow, diagrams, edge cases, test coverage, and performance. It walks through issues interactively with opinionated recommendations rather than the 'looks good to me' non-review that wastes everyone's time. The mode this puts you in catches the load-bearing mistakes (missing index, synchronous call that should have been a queue, missing idempotency key) while there is still time to fix them in the plan. Use it after a design doc or RFC is drafted and before any implementation begins, on every plan that touches a service boundary, and as the final gate before kickoff on anything that crosses team lines.

How do I run a Well-Architected Framework review on an AWS workload without spending two days on it?

Use aws-architect from claude-skills. It designs AWS architectures (VPCs, EC2, ECS, Lambda, RDS, S3, CloudFront) and runs Well-Architected reviews across the five pillars — operational excellence, security, reliability, performance efficiency, and cost optimization. A Well-Architected review done well normally takes two days of an architect's time plus a workshop with the team; the skill produces a defensible first draft in minutes. It is not a replacement for the workshop, but it changes the workshop from 'what should we look at' to 'here are the eleven items we should actually argue about,' which is the conversation that improves the system.

Is there a Claude Code skill for designing GCP architectures (GKE, Cloud Run, BigQuery, Spanner)?

Use gcp-architect from claude-skills. It designs Google Cloud architectures across GKE, Cloud Run, BigQuery, Pub/Sub, and Cloud Spanner. GCP's strengths and traps are different from AWS's — Spanner is magical until you misunderstand the schema-design rules, BigQuery slot management eats budgets when nobody is watching, and Cloud Run scaling is great until a cold-start latency SLO breaks. The skill encodes those tripwires so the architecture you sketch is one a GCP TAM would nod at rather than the AWS-shaped architecture badly translated into GCP services that most multi-cloud orgs end up with. Especially valuable when a data team is choosing between Spanner, BigQuery, and Bigtable for a new system.

What is the best Claude Code skill for Azure architecture with AKS, Cosmos DB, and Entra ID?

Use azure-architect from claude-skills. It designs Azure architectures including AKS, Functions, Cosmos DB, Service Bus, and Azure AD integration patterns. Azure's centre of gravity is the enterprise identity story, and most Azure architecture mistakes are actually Entra ID mistakes pretending to be application mistakes: managed identities that should have been workload identities, conditional-access policies that block service-to-service traffic, role assignments scoped at the subscription when they should have been at the resource group. The skill bakes those patterns into the design rather than leaving them as the inevitable Q2 firefight. Especially useful when Cosmos DB partition-key design is on the table — that is the decision a year of latency depends on.

How do I produce a STRIDE threat model and attack tree for a new system?

Use threat-modeler from claude-skills. It performs threat modeling with STRIDE categorisation, attack trees, data flow diagrams, and mitigation recommendations. Threat modeling has the highest ROI per hour spent in architecture work and the lowest rate of actually getting done, because the manual version requires either a security specialist on retainer or an architect willing to spend an afternoon thinking adversarially about a system they just designed. The skill removes the activation energy — feed it a system description or DFD, get back a STRIDE-organised threat list with attack trees and proposed mitigations, then spend the afternoon arguing with the output instead of writing it from scratch. Run it on every new system before launch and as a refresh whenever a system gains a new trust boundary.

Which skill writes Architecture Decision Records (ADRs) and runbooks in the canonical format?

Use technical-writer from claude-skills. It creates technical documentation including API docs, user guides, runbooks, architecture decision records, and onboarding guides. The ADR coverage is the part that earns this skill a slot in an architect's stack. An undocumented decision is a decision that gets relitigated, and the cost of relitigating a load-bearing architecture decision is measured in weeks of meetings and dropped sprint velocity. The skill enforces the canonical ADR structure (context, decision, status, consequences) so the artifact is one the team six months from now can actually use, and the runbook output is the operational counterpart — what to do when the system the ADR describes catches fire at 3am. Write ADRs immediately after the decision, before the meeting room empties.

Can Claude Code produce an implementation blueprint that respects the conventions of an existing codebase?

Use code-architect from the myclaude plugin (2,672 stars). It designs feature architectures by analysing existing codebase patterns and conventions, then produces comprehensive implementation blueprints with specific files to create or modify, component designs, data flows, and build sequences. The key word is 'existing patterns' — the failure mode of green-field design inside a brown-field codebase is the architecture that ignores the conventions already there, which produces the feature that works but feels grafted on and accumulates technical debt from the first commit. The skill reads the codebase first, then designs against its grain rather than across it. Pair it with myclaude/code-explorer from the same plugin to produce the pattern map the architect uses as input.

How to install

Frequently Asked Questions

More from the Skill Index