Plugin installer should use HTTPS instead of SSH for cloning repos

Resolved 💬 3 comments Opened Mar 7, 2026 by EliasSchlie Closed Mar 11, 2026

Problem

claude plugin install and claude plugin marketplace add clone repos via SSH (git@github.com:) by default. This fails for users who don't have SSH keys configured for GitHub:

Permission denied (publickey).
fatal: Could not read from remote repository.

This affects both marketplace repos and individual plugin repos. Even the official Anthropic marketplace (anthropics/claude-plugins-official) is cloned via SSH.

Evidence

Checking the remotes of locally cached plugin data:

# Official marketplace
$ git -C ~/.claude/plugins/marketplaces/claude-plugins-official remote -v
origin	git@github.com:anthropics/claude-plugins-official.git (fetch)

# Third-party marketplace
$ git -C ~/.claude/plugins/marketplaces/elias-tools remote -v
origin	https://github.com/EliasSchlie/claude-plugins.git (fetch)

The third-party marketplace above was only cloned via HTTPS because the user had a global git config rewriting SSH to HTTPS — without that workaround, it would also use SSH.

Expected behavior

Public repos should be cloned via HTTPS by default (https://github.com/<owner>/<repo>.git). SSH should only be used when the user has explicitly configured it.

Workaround

Users can configure git to rewrite SSH URLs to HTTPS globally:

git config --global url."https://github.com/".insteadOf git@github.com:

To revert:

git config --global --unset url."https://github.com/".insteadOf

This works but is heavy-handed — it affects all git operations, not just plugin installs.

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗