Unable to install this public marketplace via Claude Code due to upstream clone bug (anthropics/claude-code#27251) #64
Description
Update: Root cause identified and filed upstream as anthropics/claude-code#27251.
Since v2.1.7, Claude Code passes --recurse-submodules to git clone for marketplace installs. GitHub's June 2025 security advisory (Git security vulnerabilities announced) explicitly recommends avoiding git clone with --recurse-submodules against untrusted repositories due to CVE-2025-48384 (code execution via submodule path manipulation) and CVE-2025-48385 (arbitrary file writes via bundle protocol injection).
Therefore, corporate endpoint security tools (CrowdStrike Falcon, Uptycs Protect, etc.) enforce this by killing any git process whose argv contains --recurse-submodules, resulting in instant SIGKILL (exit 137) with empty stderr - which is why the error message is always blank:
✘ Failed to add marketplace: Failed to clone marketplace repository:
Confirmed on macOS with CrowdStrike + Uptycs. The kill is argv pattern-based, not behavioral, and even local clones of repos with no submodules get killed. This affects all marketplace installs including this Anthropic marketplace on startup (Failed to install Anthropic marketplace · Will retry on next startup).
Replacing --recurse-submodules with -c "submodule.recurse=true" avoids the kill while achieving the same behavior.
See anthropics/claude-code#27251 for full binary analysis, version-by-version confirmation, reproduction steps, and suggested fixes.
Workaround: Manual clone + registry entry:
git clone https://github.com/anthropics/knowledge-work-plugins.git \
~/.claude/plugins/marketplaces/knowledge-work-pluginsThen add to ~/.claude/plugins/known_marketplaces.json:
"knowledge-work-plugins": {
"source": { "source": "github", "repo": "anthropics/knowledge-work-plugins" },
"installLocation": "<HOME>/.claude/plugins/marketplaces/knowledge-work-plugins",
"lastUpdated": "2026-02-20T00:00:00.000Z"
}Original issue description preserved below for context:
I've been unable to install this marketplace via Claude Code (v2.1.45, macOS Darwin 25.2.0) using the methods provided here. This is a public repo that should require zero authentication, but both HTTPS and SSH clone attempts fail silently. I could install via a manual workaround, but this appears to be a more pervasive issue.
Repro
claude plugin marketplace add anthropics/knowledge-work-plugins
Output
Adding marketplace...
SSH not configured, cloning via HTTPS: https://github.com/anthropics/knowledge-work-plugins.git
Refreshing marketplace cache…
Cloning repository: https://github.com/anthropics/knowledge-work-plugins.git
HTTPS clone failed, retrying with SSH: git@github.com:anthropics/knowledge-work-plugins.git
Refreshing marketplace cache…
Cloning repository: git@github.com:anthropics/knowledge-work-plugins.git
✘ Failed to add marketplace: Failed to clone marketplace repository:
I get the same result with:
- /plugin marketplace add anthropics/knowledge-work-plugins (TUI)
- /plugin marketplace add https://github.com/anthropics/knowledge-work-plugins.git (full URL)
- /plugin marketplace add /tmp/test-kwp (local clone — blocked by reserved name validation)
Environment
- git clone https://github.com/anthropics/knowledge-work-plugins.git works fine from the terminal
- gh auth status shows authenticated (keyring, HTTPS protocol)
- gh auth setup-git run, no effect
- GITHUB_TOKEN exported via gh auth token, no effect
- GIT_TRACE=1 and GIT_TRACE=/tmp/file produce no output — suggesting Claude Code is not invoking system git at all
- Git credential helper: osxkeychain
Root cause
This appears to be a Claude Code clone subprocess bug, not an issue with this repo. However I believe this needs eyes aside from the issues that were filed upstream at anthropics/claude-code#18001 (see also anthropics/claude-code#13553).