Intercom introduces Claude Code platform with 13 plugins, 100+ skills, and read-only prod MCP

• Intercom says it has built an internal Claude Code platform with 13 plugins and 100+ skills plus hooks that turn the coding agent into what it calls a "full-stack engineering platform."
• The most aggressive piece is a read-only Rails production console exposed through MCP, letting Claude run Ruby against production data for checks like feature flags, business logic, and cache inspection.
• Intercom says the prod-facing tools sit behind safety gates including read-replica access, blocked critical tables, mandatory model verification, Okta auth, and a DynamoDB audit trail.
• The platform is also instrumented end to end: 14 Claude Code lifecycle events flow into Honeycomb, session transcripts land in S3 with hashed usernames, and a post-session analysis loop turns failures into Slack alerts and pre-filled GitHub issues transcript analysis gap classification.

Intercom's internal setup is larger than a few ad hoc prompts. Brian Scanlan says the company now runs "13 plugins, 100+ skills, and hooks" inside Claude Code, with the goal of making Claude operate more like a controlled engineering platform than a chatbot platform thread. The same thread says the system is spreading beyond software engineers: in one snapshot, the top users of the prod console were "design managers, customer support engineers, product management leaders" rather than developers usage details.

The thread also sketches the breadth of the skill layer. Intercom has a flaky-test fixer built as a "9-step forensic investigation workflow" with a "20-category taxonomy" of failure modes, and hard rules such as "NEVER skip a spec" and "NEVER guess root cause without CI error data" flaky test fixer. For pull requests, shell hooks intercept raw gh pr create, require a create-pr skill first, and make the agent extract business intent — "why?" not just "what changed?" — before opening the PR PR workflow. A follow-on hook blocks edits to merged branches, while a background agent watches CI with ETag-based polling that Scanlan says has "zero rate-limit cost" CI monitor.

The most consequential design choice is the MCP-backed Rails console. Intercom says Claude can execute arbitrary Ruby against production data, but only through a read-only path meant for checks such as feature-flag state, business-logic validation, and cache inspection Rails MCP console. That console is part of a broader Admin Tools MCP that exposes the same customer, feature-flag, and admin lookups engineers already use Admin Tools MCP.

Intercom's safety-gates post lists several control points: read-replica access only, blocked critical tables, "mandatory model verification before every query," Okta authentication, and a DynamoDB audit trail. Scanlan also says the wider Admin Tools MCP is locked behind a skill-level gate until Claude loads the relevant safety reference docs first, summarized internally as "No cowboy queries" safety docs gate.

That combination matters because the platform is explicitly crossing into operational systems, not just code generation. Supporting posts add that Intercom is pushing more logs into Snowflake and has a tuned skill for incident log retrieval that works alongside Honeycomb traces and Datadog metrics, while a parallel effort aims to make "all runbooks follow-able by Claude" in the next six weeks incident log skill runbook goal.

Intercom instrumented Claude Code with OpenTelemetry across 14 event types, including SessionStart, UserPromptSubmit, PreToolUse, PostToolUse, PermissionRequest, and SubagentStart, all sent to Honeycomb 14 event types. Scanlan says the privacy boundary is explicit: the company "never capture[s] user prompts, messages, or tool input" privacy boundary.

Session transcripts then sync to S3 with usernames SHA256-hashed, and a SessionEnd hook runs Claude Haiku over the full transcript to look for improvement opportunities S3 transcripts. The resulting loop classifies issues like missing_skill, missing_tool, repeated_failure, and wrong_info, then posts them to Slack with a pre-filled GitHub issue URL so gaps move from real sessions into backlog items and then new skills feedback loop.

The same hook pattern is used to reduce friction in day-to-day use. After five permission prompts, a permissions analyzer scans the last 14 days of approved shell commands and buckets them into green, yellow, and red classes before writing safe commands to settings.json permissions analyzer. Another PostToolUse hook catches "command not found" errors and BSD/GNU mismatches such as grep -P on macOS, suggests a fix once per session, installs missing tools via Homebrew, and updates CLAUDE.md so Claude remembers the environment next time tool misses.