v1.0.120 · multi-agent · MCP · self-improving LLM costs ↓ 60–80% MTTR ↓ 94% on second incident MIT · No telemetry

Ship features in 45 minutes,
not 5 hours.

The Claude Code plugin that turns one engineer into a full SDLC team. Architecture · TDD · 12-angle code review · QA · security · deploy — one pipeline. Two decisions per feature.

7 agents · 11 archetypes · 16 commands · 12-angle review · 13 compliance frameworks

$ npx great-cto init
View on GitHub → See how it works
great_cto pipeline demo: /start → approve architecture → ship
The loop

Describe the feature. Make two decisions.

You never write the architecture doc, the QA report, or the release notes. You approve, or you don't.

claude-code · /start
You: /start "add Stripe subscriptions — monthly and annual plans" pipeline: standard (5 agents) | ~45min | security gate: mandatory ARCH-stripe-subscriptions.md ready — DECISION 1: approve architecture? You: approved implementation + 12-angle review + QA + security + canary deploy DECISION 2: ship? You: ship it canary 5% → 20% → 100% → RELEASE doc written # done
Three commands, every day

The rest is automatic.

Everything you need day-to-day lives behind three commands. Everything else runs on a trigger — you don't remember it, you don't invoke it.

/start "…"
Full SDLC pipeline. Detects archetype, generates architecture + ADR, implements with TDD, runs 12-angle review, QA, security, deploys.
/review
12 independent review angles — performance, security, SQL safety, concurrency, API contracts, design system, accessibility. Each finding P0 / P1 / P2.
/inbox
Open gates, blocked tasks, incidents, backlog hygiene, DORA / SLO / security alerts. Everything that needs a decision right now — in one place.
Inside the CLI

Runs where you already work.

great_cto is a Claude Code plugin. No dashboards. No SaaS. File-based configs under .great_cto/ — inspect and edit anything.

/start output
/start — pipeline dispatched
 /review output
/review — 12 angles, prioritized
 /inbox output
/inbox — what needs you
Code review

Twelve independent angles. Not one giant prompt.

Each angle runs as a separate pass with its own rubric. Findings rated P0 / P1 / P2 — P0 blocks the gate until you decide.

01
Performance
N+1, unbounded loops, missing cache
02
Security
injection, auth bypass, IDOR, XSS, SSRF
03
Readability
naming, complexity, error handling
04
SQL Safety
raw interpolation, missing transactions
05
LLM Trust
prompt injection, output sanitization
06
Side Effects
mutations in conditionals, duplicate events
07
Data Privacy
PII in logs, GDPR/HIPAA violations
08
Error Handling
swallowed exceptions, missing timeouts
09
Concurrency
race conditions, deadlocks, stampede
10
Dep Freshness
CVEs, abandoned packages
11
API Contracts
breaking changes, status code drift
12
Design System
hardcoded tokens, accessibility
Pipeline

Scales to the work.

You don't pay for what you don't need. /start picks the scale automatically — override with "make it deep" or "this is just a quick fix".

quick 1–3 agents ~5–20min Hotfix · typo · new endpoint · small feature
standard 5 agents ~45min Default — standard feature, new service
deep 7+ agents ~90min+ Cross-cutting change · regulated domain · arch migration
What ships out of the box

Batteries included.

7
Specialized agents
11
Archetypes
13
Compliance frameworks
16
Commands
Cross-project learning

Gets smarter with every incident.

A root cause that took 4 hours to find the first time takes 30 seconds the next time — across every project you ever run great_cto on.

🔍
Extract
After every P0 or multi-iteration investigation, agents write a structured KE file — symptom, dead ends, breakthrough method, why standard checks missed it.
⚗️
Crystallize
/crystallize reviews the extraction, applies a noise filter, proposes a concrete workflow change, and waits for your approval before touching any agent file.
Inject
Approved patterns are injected at session start and surfaced as Step 0 in every agent. The right check runs first — before the diagnostic chain that failed last time.

Pattern files stay in ~/.great_cto/global-patterns/ on your machine — never committed to any repo. No private data leaves your environment.

Archetypes

Detected from your repo.

npx great-cto init scans your codebase, picks the right archetype, and wires compliance gates automatically. Each archetype gets a default security tier — signals raise it automatically during implementation.

web-service baseline
REST · GraphQL · SSR · SPA · full-stack
mobile-app baseline
iOS · Android · Electron · extensions
ai-system standard
RAG · MCP · LLM ops · ML · voice (internal)
agent-product deep
User-facing agents · Claude SDK · LangGraph · CrewAI
data-platform baseline
Pipelines · warehouses · analytics
infra standard
IaC · K8s · platform eng · migrations
library baseline
SDKs · CLIs · compilers · plugins · games
commerce standard
E-commerce · payments · SaaS
web3 deep
Smart contracts · DeFi · custody · bots
iot-embedded deep
IoT devices · hardware drivers
regulated deep
GxP · financial services · ISO 27001
Security tiers

Risk-based. Not archetype-bound.

Archetype is a starting point, not a verdict. The real tier is set by signals — conditions detected in your diff as it lands. A web-service that adds Stripe and touches auth/ gets the same depth of review as commerce does by default.

baseline ~2 min · always on · never skipped
CVE scan · secret scan · dependency freshness. Runs on every pipeline, every archetype. This is the floor — there is no "off."
standard ~15–25 min · STRIDE + compliance
Threat model · OWASP checklist · compliance pack (GDPR / PCI-DSS / HIPAA / …) · data-flow sketch. Default for ai-system · commerce · infra. Triggered on any upgrade signal below.
deep ~45–90 min · pen-test-style
Everything standard + penetration review (injection / IDOR / SSRF / XSS / auth bypass) + external-dep supply-chain audit + formal dataflow diagram with kill-chain analysis. Always on for web3 · iot-embedded · regulated.

Signals that upgrade the tier

senior-dev watches your diff and emits SECURITY_SIGNAL: lines. Signals only upgrade — never downgrade.

pci-dep-introducedStripe · Plaid · Square · Braintree · Adyen added
crypto-dep-introducedjose · jsonwebtoken · bcrypt · argon2 · libsodium
auth-path-changedfiles in auth/ · iam/ · oauth/ · saml/ · middleware/auth*
pii-field-addedmigration adds ssn · dob · passport · medical_* · health_*
iac-perimeter-changedsecurity groups · IAM policies · public buckets · 0.0.0.0/0
high-cve-in-depnpm audit / pip-audit / cargo audit reports ≥ High
Questions

FAQ

Is it production-ready?
v1.0.115 — actively maintained. MIT license, no telemetry, no SaaS lock-in. File-based configs in .great_cto/ — inspect and edit anything.
What does a real month cost?
Typical solo or small-team usage is $20–50/month in Anthropic API costs. Heavy month with many large features: ~$100. No per-seat fee from great_cto — costs are your own Anthropic usage.
Solo founder — isn't this overkill?
For a one-line typo, yes. That's why pipelines scale. /start "fix typo" runs 1 agent in ~5 min. /start "add Stripe subscriptions" runs 5 agents in ~45 min. You never pay for what you don't need.
Does it replace engineers?
No. great_cto codifies the process — architecture reviews, QA planning, security checklists, release gates. A human still writes code, owns decisions, and approves the two gates per feature. It replaces the slow, ad-hoc scaffolding around engineers on teams that don't yet have full-time specialists for each role.
What if I disagree with the architecture?
Reject at gate 1. tech-lead iterates. Your two decisions are literally approve or reject — no commitment.
I already have CLAUDE.md and a few prompts. Why switch?
You don't have to. Start with /audit — it finds gaps in your existing repo and creates a task backlog. Use that even if you never run the full pipeline.
Requirements?
Claude Code, Node 18.17+, Superpowers, and Beads. All free and open source.

Stop being the bottleneck.

Two decisions per feature. The rest happens in the pipeline.

$ npx great-cto init
Star on GitHub →