Anthropic has added plugins to Cowork, turning Claude into reusable specialists for roles like Sales, Legal, Finance and Data. The launch post outlines what shipped and what’s next (Claude blog). Plugins package skills, commands and tool connections (via the open Model Context Protocol) so teams can standardise how work gets done.

What launched

• Plugins = reusable specialists. File-based bundles that encode “how we work here” for a given role or workflow. If you want examples to start from, Anthropic has open-sourced a starter set on GitHub (knowledge-work-plugins).

• Connectors via MCP. MCP provides a consistent way for AI apps to talk to your tools and data with explicit permissions (see the spec at modelcontextprotocol.io).

• Status. Available as a research preview for paid plans; plugins save locally today, with org-wide distribution on the roadmap (noted in the Claude announcement above).

Where the value lands for enterprises

1. Time-to-value. Encode proven playbooks once (e.g., call prep, legal intake); every team benefits the same day.

2. Consistency & control. Skills and slash commands reduce prompt variance; MCP scoping creates clearer boundaries to systems and data.

3. Platform flexibility. The open starters can be forked and adapted to your stack (e.g., Slack, Notion, Asana, Figma, Snowflake, Databricks).

Security, compliance & governance quick-take

• Data access model: Treat MCP connectors as first-class integrations; validate scopes, approvals and logging paths (spec: modelcontextprotocol.io).

• Local storage (today): Plan signing, config management and deployment controls until org-wide provisioning lands.

• Agent risks: Mitigate prompt-injection and over-permissioned actions; require “confirm changes” for writes.

30-60-90 day rollout plan

Days 1–30 (Foundation)

• Pick 1–2 low-risk, high-volume workflows (meeting prep, research digest).

• Stand up connectors in a sandbox; least-privilege scopes.

• Fork Productivity and Enterprise Search from the GitHub starters.

Days 31–60 (Pilot)

• Expand to Sales and Customer Support; add /approve steps and audit logging.

• Track KPIs: cycle time, error rate, human approvals, cost per completed task.

Days 61–90 (Harden & expand)

• Introduce Legal and Finance with staged permissions.

• Create a signed plugin registry (checksums) pending org distribution.

• Run a security review of MCP server/client paths; document residual risks.

Buyer’s & risk checklist

• Provisioning & distribution: Packaging/signing approach until org-wide rollout ships.

• Identity & access: SSO/SCIM, service accounts, secrets rotation at the connector layer.

• Guardrails: Human-in-the-loop for writes (finance, data, file deletes).

• Auditability: Log prompts, commands, tool calls and results to your SIEM.

• Change management: Version skills/commands; peer review before release.

• Data residency: Where configs/logs/artefacts live during the preview phase.

• Support: Clear ownership for plugin failures and connector drift.

FAQ

Is this production-ready?
Treat it as controlled production: targeted use-cases, least-privilege access, explicit approvals. The roadmap for org-wide distribution is flagged in the launch post (see the Claude blog above).

How many plugins exist today?
Anthropic has published 11 role-based starters plus a create/customise pack (browse them on the GitHub link above).

What’s the impact on app sprawl?
Plugins let people act from one pane of glass (chat), cutting context-switching — provided governance stays tight.