Custom Slash Commands and Skills

The Custom Slash Commands and Skills topic sits inside CCA-F Domain 3 (Claude Code Configuration and Workflows, 20% exam weight) under task statement 3.2 — "Create and configure custom slash commands and skills". Alongside CLAUDE.md hierarchy (3.1) and path-specific rules (3.3), Custom Slash Commands and Skills is one of the three pillars that decide whether a Claude Code installation behaves like a disciplined team tool or like an ad-hoc playground. Community pass reports from Kishor Kukreja, Rick Hightower, and the Tutorials Dojo CCA-F study guide all highlight Domain 3 as a surprise domain where candidates over-prepare for Domain 1 agentic architecture and under-prepare for the Claude Code configuration mechanics that make the Code Generation with Claude Code scenario tractable.

This study note walks through the complete Custom Slash Commands and Skills surface a CCA-F candidate must recognise: the directory layout for project-scope commands in .claude/commands/ versus user-scope commands in ~/.claude/commands/; the skill definition format in .claude/skills/ with its SKILL.md frontmatter fields context: fork, allowed-tools, and argument-hint; the isolation semantics of context: fork that prevent skill output from polluting the main conversation; the security posture of allowed-tools that restricts what a skill may do while running; the UX of argument-hint that prompts a developer for required parameters; personal skill customisation patterns via ~/.claude/skills/ without affecting teammates; and the decision heuristics for choosing between on-demand skills and always-loaded CLAUDE.md universal standards. Everything is anchored to the Code Generation with Claude Code scenario, one of the six scenarios from which the exam draws four per sitting.

Why Custom Slash Commands and Skills Matter for CCA-F Domain 3.2

Claude Code without Custom Slash Commands and Skills is a chat box plus a toolbelt. Claude Code with Custom Slash Commands and Skills becomes a shared team harness: developers can type /review, /release-notes, or /migration-plan and trigger a curated prompt that pulls in the right context, invokes the right tools, and enforces the right guardrails. Every team member gets the same behaviour because the definitions live in the repository and version control, rather than in each developer's head.

From a certification perspective, task 3.2 is one of the most consistently tested items in Domain 3 because the exam presents scenarios where a team wants to package a workflow (security review, lint-and-fix, changelog generation, code scaffolding) and asks the candidate to pick the correct directory, the correct scoping, and the correct frontmatter fields. A CCA-F candidate who confuses .claude/commands/ with ~/.claude/commands/ loses at least one scored question on every Code Generation with Claude Code sitting. A candidate who does not recognise context: fork will misread whether a skill's intermediate steps pollute the main transcript. A candidate who does not know allowed-tools will design skills that can perform destructive operations they never intended to authorise.

The Custom Slash Commands and Skills topic is narrow enough to memorise and deep enough to reward genuine understanding — a rare combination on CCA-F. Done properly, it is a free-point domain. Done sloppily, it is a trap-dense domain.

Built-In Slash Commands vs Custom Slash Commands

Before digging into custom definitions, the CCA-F candidate should be clear that Claude Code ships with a set of built-in slash commands — /clear, /compact, /cost, /help, /model, /review, /init, /exit, and similar. These exist without any configuration and behave identically across every Claude Code installation.

Custom slash commands are user- or team-authored commands that live as Markdown files on disk. When you type /my-command inside a Claude Code session, Claude Code resolves the name against a known set of directories and, if found, expands the file's contents as a prompt. The expansion can include templated arguments, file references, and structured instructions. A well-written custom command becomes a repeatable, parameterised prompt that every developer on the team can invoke consistently.

The distinction matters because exam scenarios often describe a team wanting to "formalise a workflow everyone runs differently". The correct answer is always to author a custom slash command or skill, not to rely on verbal or written convention.

Why Custom Slash Commands and Skills Beat Copy-Pasting Prompts

Before custom commands existed, teams shared prompts in Slack, Notion, and README files. Developers pasted them into Claude Code, often with stale context or missing arguments. Custom commands solve this by making the prompt executable, versioned, and discoverable. The same logic applies to Custom Slash Commands and Skills as a whole: the feature exists so that institutional knowledge can survive onboarding, offboarding, and prompt drift.

Project-Scope vs User-Scope: The Two Directories

The single most exam-relevant distinction in Custom Slash Commands and Skills is where the definition file lives. Claude Code searches two directories, each with a different audience and a different version-control story.

Project-Scope: .claude/commands/

Project-scope commands live in the .claude/commands/ directory at the root of the repository. They are checked into version control alongside the code they operate on. Every developer who clones the repository receives the same set of commands. When the lead engineer adds a new /security-review.md file to .claude/commands/, every teammate gets it on the next git pull.

Project scope is the correct choice when:

• The command encodes a team convention (release notes format, PR review checklist, migration planner).
• The command depends on repository-specific paths, tooling, or CI configuration.
• The team wants every developer — present and future — to run the same workflow.

User-Scope: ~/.claude/commands/

User-scope commands live in ~/.claude/commands/ under the developer's home directory. They are personal and never leave the developer's machine. Git never sees them. Teammates never see them.

User scope is the correct choice when:

• The command is personal (e.g. /my-todo that injects the developer's own ticket template).
• The command reflects a personal style that the team has not standardised on.
• The developer wants to experiment with a workflow before proposing it as a team convention.

The Resolution Order

When a developer types /review, Claude Code resolves the name by checking the project directory first, then falling back to the user directory. If a command exists in both places with the same name, the project-scope definition wins for that repository. This lets teams override a developer's personal preference with a canonical project version — and lets a developer keep their personal version active in every other repository they work in.

This resolution order appears in exam questions when a developer reports that "my personal /review command no longer runs as expected after I joined a new project". The correct diagnosis is that a project-scope /review in .claude/commands/ is shadowing the user-scope version — not that Claude Code has malfunctioned.

Where the /review Command Belongs

A canonical CCA-F exam-guide sample question (Q4 in the scenario cluster) asks: a team wants every developer to run the same /review command during code review. Where should the definition live? The answer is .claude/commands/ — the project-scope directory, version-controlled with the repository — not ~/.claude/commands/ (personal only) and not in CLAUDE.md (not a slash command mechanism). This exact pattern recurs with different command names (/release-notes, /security-audit, /migration), always pointing at the project directory.

Anatomy of a Custom Slash Command File

A custom slash command is a Markdown file named after the command. /review lives in review.md. /release-notes lives in release-notes.md. The file's body is the prompt that Claude Code injects when the command runs.

A minimal project-scope /review command in .claude/commands/review.md might look like:

---
description: Run a structured code review on the staged diff.
argument-hint: <optional focus area, e.g. "security" or "performance">
---

You are performing a code review on the currently staged changes.

Focus area: $ARGUMENTS

Steps:
1. Read the diff with the `git diff --cached` Bash tool.
2. For each changed file, identify correctness, security, and performance issues.
3. Produce a Markdown checklist of findings grouped by severity.

The frontmatter block at the top is optional but recommended. Common frontmatter fields include:

• description — a one-line summary shown in /help output.
• argument-hint — placeholder text telling the developer what arguments the command expects.
• allowed-tools — the subset of tools the command is permitted to use during execution.

The body is a regular prompt with one special template variable: $ARGUMENTS, which expands to whatever the developer typed after the command name.

Argument Handling and argument-hint

When a developer types /review security, the string security is captured as $ARGUMENTS and substituted into the prompt body. If the developer types /review with no argument, $ARGUMENTS is empty. This is where argument-hint earns its keep — it tells Claude Code to prompt the developer for the missing parameter with the hint text as guidance, instead of silently running with an empty argument.

Skills: The Reusable Prompt-Plus-Tool Package

Slash commands are prompts on demand. Skills are structured, reusable workflows that go further — they bundle a prompt with tool restrictions, context-isolation semantics, and optional sub-agent execution. Skills live in .claude/skills/ (project) or ~/.claude/skills/ (user), each skill in its own directory, with a SKILL.md file as the definition.

Directory Layout

A typical project-scope skill directory might look like:

.claude/
  skills/
    migration-planner/
      SKILL.md
      templates/
        migration-template.md
    release-notes/
      SKILL.md
    security-audit/
      SKILL.md
      checklists/
        owasp-top-10.md

Each skill is a self-contained folder. The SKILL.md file is the entry point; supporting files (templates, checklists, reference docs) can live alongside it and be referenced by the prompt.

SKILL.md Structure

A SKILL.md file has two parts: YAML frontmatter and a prompt body.

---
name: migration-planner
description: Plan a multi-step database migration with rollback checkpoints.
context: fork
allowed-tools:
  - Read
  - Write
  - Grep
  - Glob
argument-hint: <source version and target version, e.g. "v3 -> v4">
---

You are planning a database migration from $ARGUMENTS.

Steps:
1. Use Read and Grep to inventory affected tables.
2. Produce a migration plan with ordered steps and rollback checkpoints.
3. Write the plan to `docs/migrations/plan.md` using the Write tool.

The frontmatter fields that matter most for CCA-F are context: fork, allowed-tools, and argument-hint. These three fields appear in exam questions as answer stems, distractors, or scenario cues.

context: fork — Running Skills in an Isolated Sub-Agent Context

The context: fork frontmatter field is the defining mechanism that separates a skill from a simple slash command. When set, Claude Code spawns a sub-agent with an isolated conversation context to execute the skill, then returns only the skill's final output to the main conversation.

What Isolation Actually Means

Without context: fork, a skill's prompt and intermediate steps are appended to the main conversation. Every file read, every Grep output, every tool call, and every Claude response becomes part of the main transcript. On long workflows this pollutes the context window, consumes tokens, and introduces noise the developer never intended.

With context: fork, the skill runs inside a sub-agent whose context is separate. The sub-agent reads its inputs, performs its steps, and produces a final summary. Only that final summary is attached to the main conversation. The intermediate work is discarded, preserving the main conversation's focus and context budget.

When to Fork

Fork when:

• The skill performs many intermediate file reads that the main conversation does not need.
• The skill runs long-running exploration or analysis whose final output is a concise report.
• The skill might produce verbose or noisy intermediate output that would confuse follow-up prompts.

Do not fork when:

• The skill is a short, one-shot prompt whose entire output should be visible in the main transcript.
• The developer needs to continue interactively refining the work inside the main conversation.

The Connection to Subagents in Domain 1

CCA-F candidates preparing Domain 1 (Agentic Architecture and Orchestration, 27% weight) will recognise that context: fork is the same isolation semantic as subagent context isolation from the agent-teams documentation. Subagents do not inherit the coordinator's conversation history, and a forked skill does not leak its internals back to the main conversation. The two mechanisms are cousins: one at the agent-orchestration level, one at the Claude Code skill-execution level.

allowed-tools — Restricting Tool Access During Skill Execution

The allowed-tools frontmatter field specifies the subset of tools a skill is permitted to use while running. It is a security and safety boundary, not a performance optimisation.

Why Restrict Tools

Claude Code's default tool surface includes Read, Write, Edit, Bash, Grep, Glob, and any MCP-provided tools. A skill that is supposed to only read files and produce a report should not be allowed to run arbitrary Bash commands — a mistake or a prompt injection could cause damage. A skill that is supposed to generate a Markdown file should not be allowed to invoke the Edit tool on source code.

allowed-tools narrows the skill's capability surface to the minimum required. If the skill only needs Read and Write, list only Read and Write. If a prompt injection later tries to trick the skill into running rm -rf, the Bash tool is not in the allowed list, and the attempt fails closed.

Example: A Safe Report Generator

---
name: release-notes
description: Generate release notes from the last N commits.
context: fork
allowed-tools:
  - Read
  - Write
argument-hint: <number of commits, e.g. 20>
---

This skill can read files and write the release notes to disk. It cannot run Bash, cannot edit source files, and cannot invoke web search. If a developer later alters the prompt to include a Bash instruction, the tool is not allowed, and the skill refuses.

The Relationship to Subagent Tool Allowlists

Again, readers of Domain 1 will recognise allowed-tools as the SKILL.md analogue of the subagent tool allowlist described in the "create custom subagents" documentation. The same principle: narrow the tool surface to the minimum required, fail closed on anything outside the list.

argument-hint — UX for Required Parameters

The argument-hint frontmatter field does not enforce anything — it is purely a UX affordance. When a developer invokes a skill (or a slash command) without the expected argument, Claude Code displays the hint text to prompt for input. This matters for shared project-scope skills where the author is not present to explain usage.

Common patterns:

argument-hint: <ticket ID, e.g. PROJ-123>
argument-hint: <source version and target version, e.g. "v3 -> v4">
argument-hint: <comma-separated list of file globs to audit>

The hint appears in the /help listing next to the skill name, and is shown inline when the developer types the command without arguments. Without a hint, the developer has to either read the SKILL.md file or guess — both are friction that shared tooling should eliminate.

The Three Frontmatter Fields in One Mental Model

A compact way to remember the three frontmatter fields tested on CCA-F:

• context: fork — isolation: run in a sub-agent, keep the main context clean.
• allowed-tools — safety: narrow the capability surface, fail closed on unlisted tools.
• argument-hint — usability: tell the developer what parameter to supply.

Three axes: isolation, safety, usability. Every skill definition trades off all three. Exam questions usually target one axis per question.

Personal Skill Customisation via ~/.claude/skills/

The project-vs-user duality that applies to slash commands applies equally to skills. Project skills live in .claude/skills/ and are shared via git. Personal skills live in ~/.claude/skills/ and stay on the developer's machine.

Customising a Team Skill Without Breaking Teammates

A common scenario: a developer wants a tweaked version of the team's release-notes skill with their own preferred tone and structure. The wrong approach is to edit the project-scope release-notes SKILL.md — that would break every teammate's workflow. The right approach is to copy the skill into ~/.claude/skills/ under a different name (e.g. release-notes-personal) and customise it there.

Because the two directories are searched independently and indexed by skill name, the personal version coexists with the project version. The developer can still invoke /release-notes to get the team version and /release-notes-personal for the customised one.

Why Different Names Matter

If a personal skill uses the same name as a project skill, resolution order comes into play — the project version generally wins for the repository it belongs to, and the personal version becomes effectively dead code. Using a different name avoids the shadowing problem entirely and keeps both skills discoverable.

The Three-Tier Mental Model

Putting it all together, Claude Code's Custom Slash Commands and Skills system operates on three tiers:

1. Built-in commands (/clear, /compact, /help, /review, etc.) — shipped with Claude Code, no configuration.
2. Project-scope commands and skills (.claude/commands/, .claude/skills/) — shared with teammates via version control.
3. User-scope commands and skills (~/.claude/commands/, ~/.claude/skills/) — personal, never leave the developer's machine.

Resolution follows a specificity gradient: the tightest applicable definition wins for the repository the developer is in.

Skills vs CLAUDE.md: The On-Demand vs Always-Loaded Distinction

Task 3.2 (Custom Slash Commands and Skills) and task 3.1 (CLAUDE.md configuration) are adjacent and the exam tests whether a candidate can tell them apart. The mental model that disambiguates them is on-demand invocation vs always-loaded universal standards.

CLAUDE.md: Always-Loaded Universal Standards

CLAUDE.md files are loaded automatically at the start of every Claude Code session in the relevant directory. They encode rules that should apply to everything Claude does in that repository — coding style, naming conventions, testing requirements, architectural principles, security guidelines. The developer does not opt in; the rules are always present.

CLAUDE.md is the right choice for:

• Universal coding conventions ("use 4-space indentation", "run npm test after every edit").
• Architectural constraints ("never import from legacy/ into core/").
• Security rules ("never commit secrets, use env vars").
• Project-wide style ("use Conventional Commits for PR titles").

Skills: On-Demand Workflows

Skills are invoked explicitly by the developer typing /skill-name. They encode workflows that apply to specific situations — a code review, a migration, a release, an audit. They are not always-on; they are opt-in.

Skills are the right choice for:

• Multi-step workflows the developer triggers at a specific moment ("draft this week's release notes").
• Workflows with parameters the developer supplies per invocation ("migrate from v3 to v4").
• Workflows that should run in an isolated sub-agent context (context: fork) to protect the main conversation.
• Workflows that need tool restrictions (allowed-tools) the main conversation should not inherit.

The Deciding Question

When scenario questions ask "should this be a skill or a CLAUDE.md entry?", the deciding question is: should this rule apply to every Claude response in this repository, or only when explicitly invoked by the developer?

• Always apply → CLAUDE.md.
• Only when invoked → skill (or slash command).

If you put a one-off workflow in CLAUDE.md, every Claude response in the repo inherits the prompt, bloating context and conflating unrelated interactions. If you put a universal standard in a skill, developers forget to invoke it and the standard is silently violated.

Plain-Language Explanation: Custom Slash Commands and Skills

Abstract configuration taxonomy becomes intuitive when anchored to physical everyday systems. Three very different analogies cover the full sweep of Custom Slash Commands and Skills.

Analogy 1: The Kitchen — Built-In Utensils, Team Recipes, and Personal Notebooks

Imagine a shared professional kitchen. Claude Code's built-in slash commands are the standard utensils every kitchen has — knives, spoons, ladles. They arrive with the kitchen; you do not install them. The project-scope commands and skills in .claude/commands/ and .claude/skills/ are the team recipe binder stored on a shelf in the kitchen. Every cook who works a shift pulls the same binder, follows the same recipes, and produces the same dishes. New hires walk in and can read the binder on day one. User-scope commands and skills in ~/.claude/commands/ and ~/.claude/skills/ are the cook's personal notebook they carry in their apron pocket — tweaks, shortcuts, and flourishes nobody else sees. If a cook edits the team binder, every teammate is affected. If a cook updates their personal notebook, only they notice.

The context: fork flag is the line cook sent to a separate prep table to chop vegetables for a complicated dish, then bring only the finished prep back to the main station. The messy chopping, the peels, the onion tears — none of that touches the main station. Only the clean prep arrives. The allowed-tools list is the rule that says "this apprentice may use the paring knife and the mandoline, but not the torch". The argument-hint is the note taped to the recipe card saying "this dish needs a protein — choose chicken or fish before you start".

This analogy maps every core Custom Slash Commands and Skills concept: built-in vs team vs personal; shared vs private; isolated sub-context; narrowed capability; argument prompting.

Analogy 2: The Library — Catalogued Procedures vs Reading Room Rules

A university library has two kinds of instructions. Posted on every wall, in every reading room, are the always-present rules: silence, no food, return books to the correct shelf. These rules apply to every visitor at every moment without anyone invoking them. That is CLAUDE.md.

In the reference desk's Rolodex are procedural recipes: how to request an inter-library loan, how to reserve a group-study room, how to ask for a document scan. These procedures apply only when a visitor walks up to the desk and specifically requests them. The librarian pulls the right card, reads the steps, and executes. Different visitors invoke different procedures; most visitors invoke none. That is the Custom Slash Commands and Skills system.

If the library tried to put every procedural recipe on the walls of every reading room, the walls would be unreadable and visitors would be overwhelmed. If the library tried to put the "no food" rule into the Rolodex — only apply when invoked — visitors would eat sandwiches in the rare-books room. The rule and the procedure belong in different containers because they have different invocation patterns.

This analogy clarifies why the exam punishes candidates who stuff workflows into CLAUDE.md ("it will just always apply!") and who push universal standards into skills ("developers will remember to run it!"). The containers are not interchangeable.

Analogy 3: The Workshop Toolbox — The Team Drawer, Your Drawer, and the Safety Cage

Picture a shared electronics workshop. Each workbench has a team drawer bolted to it: everyone working at that bench gets the same soldering iron, the same flux, the same reference diagrams. That is .claude/commands/ and .claude/skills/. Each technician also carries a personal drawer from bench to bench — their preferred tweezers, their own magnifier, their notebook of tricks. That is ~/.claude/commands/ and ~/.claude/skills/.

Some procedures — working on high-voltage circuits — happen in a safety cage: a separate enclosed area with its own power, its own ventilation, and its own tool rack. A technician steps into the cage, does the work, steps out, and writes a summary on the main clipboard. The cage keeps fumes and sparks away from the rest of the bench. That is context: fork — isolation that protects the main context from the skill's internals.

The safety cage is also where allowed-tools enforcement lives. The cage's tool rack holds only the tools safe for the procedure. A technician stepping into the cage does not bring along the entire workshop's toolbelt — they use what the cage provides, or they fail to do the work. That is the capability-narrowing safety posture of allowed-tools. The argument-hint is the sign outside the cage: "before entering, state the voltage and the component type" — a prompt for the parameters the procedure needs.

Which Analogy to Use on Exam Day

• Questions about project vs user scope → kitchen analogy (team binder vs personal notebook).
• Questions about skills vs CLAUDE.md → library analogy (Rolodex vs wall posters).
• Questions about context: fork and allowed-tools → workshop analogy (safety cage with its own tool rack).

Scoping Precedence and Interaction with CLAUDE.md

Claude Code's configuration system is hierarchical. A single Claude Code session can see built-in commands, project-scope commands and skills, user-scope commands and skills, and the relevant CLAUDE.md files. Understanding the precedence is important for debugging and for passing exam questions about why a particular behaviour is observed.

Precedence for Slash Commands and Skills

The resolution order for a typed command name is:

1. Project-scope (.claude/commands/, .claude/skills/) for the current repository.
2. User-scope (~/.claude/commands/, ~/.claude/skills/).
3. Built-in (the commands that ship with Claude Code).

When a command name exists in more than one location, the project-scope version wins for that repository. This lets a team override a developer's personal preference within the team's codebase while leaving the personal version intact everywhere else.

Interaction with CLAUDE.md

CLAUDE.md is loaded automatically; skills and slash commands are loaded on invocation. When a skill runs, CLAUDE.md rules are still in force unless the skill uses context: fork, in which case the sub-agent may load CLAUDE.md fresh (per the CLAUDE.md hierarchy) and run the skill with those rules but without the main conversation's accumulated context.

A CCA-F-relevant subtlety: a forked skill running in a sub-agent does not inherit mid-conversation decisions, clarifications, or corrections from the main conversation. If the main conversation established "always use YAML, never JSON", a forked skill that reads only CLAUDE.md and the skill prompt will not see that mid-conversation directive. This is the same kind of context-isolation gotcha that Domain 1 subagent questions exploit.

Common Exam Traps: Scope Confusion and Frontmatter Mistakes

CCA-F aggressively exploits five recurring trap patterns tied to Custom Slash Commands and Skills.

Trap 1: .claude/commands/ vs ~/.claude/commands/ Swap

Answer choices invert the directory paths. The exam-guide sample Q4 — "where should the team put the shared /review command" — has .claude/commands/ as the correct answer, with ~/.claude/commands/ as the highest-quality distractor. Candidates who skim the options miss the tilde and pick the wrong directory. Read the path characters carefully: the leading . vs ~/. determines project vs user scope.

Trap 2: CLAUDE.md as a Slash Command Host

Distractor options suggest "put the /review instructions in CLAUDE.md". CLAUDE.md is not a slash command mechanism — it is an always-loaded rule file. If the workflow needs to be invoked on demand (/review), it must live as a slash command or skill, not as a CLAUDE.md section.

Trap 3: context: fork Misinterpreted as Parallelism

Some candidates read "fork" and assume parallel execution. context: fork is about context isolation, not parallel execution. The skill runs in a separate sub-agent with its own conversation, but not necessarily concurrently with the main conversation. The point is preserving the main context, not running faster.

Trap 4: allowed-tools Treated as a Performance Setting

Distractor options frame allowed-tools as a performance optimisation ("restricts tool count to reduce latency"). That is wrong. allowed-tools is a capability and safety boundary. It exists to prevent a skill — possibly influenced by prompt injection or sloppy templating — from invoking destructive tools. The observable effect on latency is negligible compared to its safety effect.

Trap 5: Personal Customisation Via Editing the Project Skill

Scenario: a developer wants a tweaked version of the team skill. The wrong answer is "edit the project-scope SKILL.md". That commits a change to version control that affects every teammate — and probably violates team convention. The correct answer is to copy the skill into ~/.claude/skills/ with a different name and customise there.

Practice Anchors: Code Generation with Claude Code Scenario

The Code Generation with Claude Code scenario is one of the six CCA-F scenario clusters, and four of the six appear in any given sitting. Custom Slash Commands and Skills questions cluster into five shapes within this scenario.

Template A: Directory Selection

A team wants every developer to run a standardised pull-request review before pushing. Where should the /review command definition live? Correct answer: .claude/commands/review.md at the repository root, committed to version control. Distractors claim ~/.claude/commands/ (personal only) or CLAUDE.md (always-loaded, not invoked).

Template B: Frontmatter Purpose

A skill definition includes context: fork in its frontmatter. What is the effect? Correct answer: the skill runs in an isolated sub-agent context, with only its final output returned to the main conversation. Distractors claim parallel execution or tool prioritisation — both wrong.

Template C: Tool-Restriction Reason

A security-focused skill includes allowed-tools: [Read, Grep] in its frontmatter. Why? Correct answer: the skill is permitted to read files and search for patterns but cannot modify files or run arbitrary Bash — a safety boundary that fails closed on any attempt to use unlisted tools. Distractors claim performance tuning or context-window reduction.

Template D: Argument UX

A shared /migration-planner skill has argument-hint: <source version and target version, e.g. "v3 -> v4"> in its frontmatter. What does this accomplish? Correct answer: when the developer invokes the command without arguments, Claude Code prompts them with the hint text indicating the expected parameter format. Distractors claim argument validation or default value assignment — neither is what argument-hint does.

Template E: Skill vs CLAUDE.md Placement

A team wants Claude to use a specific commit-message format for every interaction in the repository. Should this go in a skill or in CLAUDE.md? Correct answer: CLAUDE.md — the rule should apply always, not only when invoked. Distractors claim a skill is better because "skills can use context: fork" — irrelevant, because the rule needs to be always-loaded.

Key Terms and Numbers to Memorise

Custom Slash Commands and Skills introduces a small, memorisable glossary. Drilling these pays back directly on exam day.

Distinction Note: CCA-F Recognition vs Production Build Depth

CCA-F is positioned as a foundational certification for solution architects with 6+ months of Claude experience. It tests recognition and judgement on Custom Slash Commands and Skills — can you identify the correct directory, name the frontmatter fields, explain their purpose, and match scenarios to the right container? A higher-level certification, or a hands-on production deployment, would additionally expect you to author SKILL.md files from scratch, tune MCP tool integrations inside allowed-tools, debug skill execution traces, and design team-wide skill libraries.

What CCA-F Expects of You

• Recognise .claude/commands/ (project) vs ~/.claude/commands/ (user) and the same duality for skills.
• Name the three SKILL.md frontmatter fields (context: fork, allowed-tools, argument-hint) and describe what each does.
• Match scenarios to skill vs CLAUDE.md containers using the always-loaded vs on-demand heuristic.
• Spot the /review directory trap from the exam-guide sample.
• Explain personal skill customisation via ~/.claude/skills/ with a different name.

What CCA-F Does Not Expect of You

• Author a production SKILL.md file with complete prompt body and tool orchestration.
• Integrate a skill with a live MCP server.
• Debug skill execution traces or fork-context isolation failures at the protocol level.
• Design a team skill library with dependency graphs between skills.

If you find yourself implementing skills in production, you have moved past recognition into build depth — valuable, but beyond what CCA-F questions measure.

Custom Slash Commands and Skills Frequently Asked Questions (FAQ)

What is the difference between .claude/commands/ and ~/.claude/commands/ on CCA-F?

.claude/commands/ is the project-scope directory at the root of the repository, version-controlled alongside the code. Every developer who clones the repo gets the same set of slash commands — it is the team-shared container. ~/.claude/commands/ is the user-scope directory in the developer's home directory, never committed to git. It is personal — only that developer sees those commands. CCA-F exam-guide sample Q4 tests this exact distinction: a team-wide /review command belongs in .claude/commands/ (project), not ~/.claude/commands/ (personal). The same project-vs-user duality applies to skills (.claude/skills/ vs ~/.claude/skills/).

What does context: fork do in a SKILL.md frontmatter?

context: fork instructs Claude Code to execute the skill in an isolated sub-agent context. The sub-agent performs the skill's steps — file reads, tool calls, intermediate reasoning — in its own conversation, and only the final output is returned to the main conversation. This prevents skill internals from polluting the main context window and preserves the developer's token budget. A common use case: a long-running analysis skill that reads dozens of files should fork, so the intermediate Read outputs never accumulate in the main transcript. Do not fork when the developer expects to see the intermediate work inline for interactive refinement.

Why would I use allowed-tools in a skill definition?

allowed-tools narrows the tool surface a skill is permitted to use during execution. It is a safety and capability boundary, not a performance setting. A report-generation skill might declare allowed-tools: [Read, Write] so it can read source files and write the report, but cannot run Bash or Edit source code. If a prompt injection or a sloppy template tries to trick the skill into running a destructive command, the tool is not in the allowed list and the attempt fails closed. The same logic applies across the CCA-F syllabus — subagents also use tool allowlists for the identical safety reason.

When should I use a skill vs a CLAUDE.md entry?

Use CLAUDE.md for always-loaded universal standards that apply to every Claude Code interaction in the repository — coding style, naming conventions, testing requirements, security rules, architectural constraints. Use a skill (or slash command) for on-demand workflows the developer triggers at a specific moment — code reviews, migrations, release notes, audits. The deciding question is: should this rule apply to every Claude response in this repository, or only when explicitly invoked? "Always apply" → CLAUDE.md. "Only when invoked" → skill. Putting on-demand workflows in CLAUDE.md bloats context on every session; putting universal standards in skills means developers forget to invoke them.

How do I customise a team skill without affecting my teammates?

Copy the skill into your user-scope directory ~/.claude/skills/ under a different name (for example, append -personal or your initials). Customise that personal copy. The original team skill stays in .claude/skills/ and continues to work for every teammate; your personal version runs when you invoke the personal name. Never edit the project-scope SKILL.md in place — that commit affects every teammate and likely violates team convention. Never use the same name as the project skill in your user directory — the project version shadows it per repository and the personal version becomes silently inactive.

What exactly does argument-hint do?

argument-hint is a UX affordance. When a developer invokes a command or skill without supplying the expected arguments, Claude Code displays the hint text to indicate what parameter is expected. For example, argument-hint: <ticket ID, e.g. PROJ-123> tells the developer that the command expects a ticket identifier in that format. The hint also appears in /help listings next to the command name. argument-hint does not validate arguments, does not enforce a schema, and does not supply a default value — it purely prompts the developer for input. On shared project-scope commands, a good argument-hint prevents the "invoked it, nothing happened" confusion common with undocumented commands.

Do skills and slash commands inherit CLAUDE.md rules?

Non-forked skills and slash commands run in the main conversation's context, so they inherit all CLAUDE.md rules naturally — CLAUDE.md was already loaded at the start of the session. Forked skills (context: fork) run in a sub-agent; that sub-agent loads CLAUDE.md fresh according to the CLAUDE.md hierarchy but does not inherit mid-conversation directives from the main conversation. If the main conversation has established "use YAML only" during a back-and-forth, a forked skill may not see that directive — it only sees CLAUDE.md and the skill prompt. This is the same isolation semantic that Domain 1 subagents expose, and it appears on the exam as a context-flow trap.

Plan for this gotcha by putting durable team standards in CLAUDE.md (where forked sub-agents will see them) rather than relying on mid-conversation clarifications that sub-agents cannot inherit.

Further Reading

• Claude Certified Architect Foundations Exam Guide: https://everpath-course-content.s3-accelerate.amazonaws.com/instructor/8lsy243ftffjjy1cx9lm3o2bw/public/1773274827/Claude+Certified+Architect+%E2%80%93+Foundations+Certification+Exam+Guide.pdf
• Custom slash commands and skills — Claude Code Docs: https://docs.anthropic.com/en/docs/claude-code/slash-commands
• CLAUDE.md configuration — Claude Code Docs: https://docs.anthropic.com/en/docs/claude-code/claude-md
• Claude Code features overview: https://docs.anthropic.com/en/docs/claude-code/overview
• Claude Code settings reference: https://docs.anthropic.com/en/docs/claude-code/settings
• Create custom subagents — Claude Code Docs: https://docs.anthropic.com/en/docs/claude-code/sub-agents

Related ExamHub topics: CLAUDE.md Hierarchy and Scoping, Path-Specific Rules and Conditional Loading, Plan Mode vs Direct Execution, Claude Code CI/CD Integration, Subagents and Agent Teams.