great_cto

Solo-CTO mode. Stop being the only person who can ship.

You're the solo CTO. You're also the bottleneck. GreatCTO is 34 specialist agents that handle architecture, review, QA, security, and deploy — while you make two decisions per feature.

Built for the one-person engineering org. Indie hackers, solo founders, and technical CTOs running everything themselves. Not built for teams — if you have 2+ engineers and need shared dashboards / multi-seat auth / per-developer audit logs, look at Cursor Business or GitHub Copilot Workspace.

v2.5.8 · 34 agents · 25 archetypes · 24 OWASP LLM rules · 9 hooks · works in Claude Code · Cursor · Codex · Aider · Continue · MCP server · webhooks · CI gate · per-stage Beads tasks · ~$34/mo per project · MIT

Website · Live demo · Discussions · Changelog · Blog

Language: English · Русский · 简体中文 · 繁體中文 · 日本語 · 한국어 · Español · Português (BR)

• v2.5.8: full QA pass — closed 10 bugs (docs/qa/runs/2026-05-09/REPORT.md). Highlights: cost pipeline now reflects real LLM spend (/api/cost, /api/metrics.cost were permanently zero); board returns graceful 409 beads_not_initialized instead of raw 500; phantom agents bucketed under unknown; PORT env-var honored; canonical verdict format with cost=$X tag (scripts/log-verdict.sh + agents/_shared/verdict-format.md); sub-agent sandbox / cwd policy documented (agents/_shared/sandbox-cwd-policy.md); validate.py regex fix for hyphenated commands; CI hardening — dead Playwright workflow removed, plugin-cache cleanup --keep 3 in SessionStart
• v2.5.7: per-stage Beads task lifecycle (architect / pm / senior-dev / qa / security / perf / devops / l3 each create + close their own tasks via scripts/phase-task.sh); cost-history off-by-one fix (30 → 31 buckets, inclusive window)
• v2.5.6: 6 Cursor-dogfooding UX fixes (CLI hint for slash-only commands · init $HOME refusal · clearer .great_cto/ exists message · ci archetype-drift resolution paths · agent-product detection broadened · README API schema)
• v2.5.5: critical fix — /inbox and /digest "Prompt is too long" (commands trimmed 30→2.6KB, 46→4KB; bash logic moved to scripts/cmd-data/); closed-gate mapStatus bug (P0 counter included done gates)
• v2.5.4: env-var-first host detection ($CLAUDECODE / $CODEX_SESSION / $CURSOR_TRACE_ID / $AIDER_VERSION / $CONTINUE_GLOBAL_DIR); Cursor extension VSIX with marketplace icon
• v2.5.3: Codex compat — host-aware DEPS check, Beads write-test (catches false-positive empty DB)
• v2.5.2: subcommand telemetry (track which v2.4+ commands users adopt)
• v2.5.1: critical fix — scan/ci missed findings on relative paths (broken glob-to-regex affected all v2.0+)

• HMAC-verified webhook receiver: GitHub / Sentry / generic (great-cto serve)
• Outbound dispatcher with exponential-backoff retry + DLQ → Slack / Discord / PagerDuty
• MCP SSE mode for multi-client / remote use
• HTML/JSON cost+compliance reports (great-cto report cost --period 30d)
• Cursor extension scaffold in packages/cursor-ext/ — vsce-ready
• ADR-001 multi-tenant board (architectural decision, deferred to v2.6+)

• great-cto adapt --platform [claude|codex|cursor|aider|continue|all] — single source of truth → platform-native configs
• great-cto mcp — MCP server (stdio + SSE) exposing 5 tools to any MCP host
• great-cto ci — single-command CI gate (scan + archetype check + GitHub Actions annotations + SARIF + JUnit XML)
• great-cto serve — webhook receiver scaffolding

• /agent-review [name] — performance scorecard for LLM agents (verdicts, cost, failure modes, prompt-tuning suggestions). Like a 1:1 but for AI workforce.
• /agent-retire <name> — graceful agent deprecation (archive prompt, remove from sync list, preserve verdicts for audit)
• /cost feature <slug> — ROI per shipped feature (per-agent breakdown + comparison to human equivalent)
• /cost agent <name> — quick per-agent cost summary
• New positioning: GreatCTO is the management layer between you and your AI agent fleet — hire (/template install), review (/agent-review), route (cost-per-feature), retire (/agent-retire). You're the manager; the agents are the org chart.

• edtech archetype + edtech-reviewer — COPPA/FERPA/GDPR-K + WCAG 2.2 AA + state student-privacy laws (SOPIPA-CA, NY 2-D)
• gov-public archetype + gov-reviewer — FedRAMP boundary scoping, NIST 800-53 control mapping, Section 508, PIA generation, CJIS, StateRAMP
• insurance archetype + insurance-reviewer — NAIC 50-state filing matrix, Solvency II, IFRS 17, ACORD, actuarial ASOP 41/56, anti-discrimination pricing analysis
• 9 new detection signals (LMS libs, gov design systems, ACORD/NAIC schemas)
• 9 new test cases (3 per archetype) — 50/50 archetype tests passing

• npx great-cto scan ./ — OWASP LLM Top 10 + 24 rules + SARIF for GitHub Code Scanning
• 5 scanners: prompt-injection · secrets-in-prompts · SSRF-in-tools · RAG poisoning · cost-runaway
• Merged from standalone @great-cto/agentshield package — one install, one version

• New continuous-learner agent (Haiku, ~$0.05/run) auto-extracts session patterns
• Two-tier memory: project-local lessons.md → cross-project ~/.great_cto/decisions.md
• Quality gates: max 3 lessons per session, archetype-tagged, threshold-based promotion (≥3 distinct projects)

• 4 new hooks: secret-scan (PreToolUse) · format-check (PostToolUse) · cost-guard (UserPromptSubmit) · session-end
• 13-pattern secret detection catalog (AWS, Stripe, GitHub, OpenAI, Anthropic, PEM, JWT)
• All hooks honor GREAT_CTO_DISABLE_<NAME>=1 opt-out

Full changelog →

great_cto is the orchestration layer that runs the full SDLC pipeline as 34 specialist agents — architect, planning, implementation, 12-angle review, QA, security, deployment, support — coordinated through a board you actually check. You make two decisions per feature; everything else is automatic.

It started as a Claude Code plugin and v2.4+ added cross-platform support — the same archetype/compliance/scan/MCP machinery now runs in Cursor, OpenAI Codex CLI, Aider, and Continue via AGENTS.md + MCP. See Cross-platform support below.

Kanban — 5 columns, inline status edit, live SSE updates from bd CLI.

You:  /start "add Stripe subscriptions — monthly and annual plans"

great_cto:
  → archetype: commerce | scale: standard | LLM agent: ~45min  (human team: 2–3 days)
  → compliance: pci-dss + gdpr (auto-attached)
  → ARCH-stripe-subscriptions.md ready  →  DECISION 1: approve architecture?

You: "approved"

  → senior-dev → 12-angle review → qa-engineer → security-officer → devops
  → 412 tests green · 0 highs · canary ready
  → DECISION 2: ship?

You: "ship it"  →  canary 5% → 20% → 100%  →  RELEASE doc written

npx great-cto init

The CLI scans your repo, picks the right archetype, wires compliance gates automatically. Works on new or existing projects. Restart Claude Code afterwards.

Requires: Claude Code · Node 18.17+ · Beads · Superpowers

A real run, fully traced, end-to-end. No mocking, no curated demo.

A solo CTO has a stdlib-only Python CLI tool. They want to add qacli convert <input> --output json (CSV→JSON subcommand). They run /start and walk away. Three iterations later, they have:

• 7 source files (~150 LOC stdlib-only)
• ARCH + ADR (argparse vs click vs typer, decision recorded)
• Threat model with 3 mitigations (path traversal, streaming row cap, stdout/stderr discipline)
• PM plan (5 tasks + Mermaid Gantt + cost estimate)
• 18 pytest regression tests, 76% coverage on the CLI
• Two security review cycles — second one cleared gate:ship
• 8 Beads tasks all closed, every step verdict-tagged with cost

Total LLM spend: $2.39 across 3 iterations. Human-equivalent estimate from PM agent: ~$5,460.

The most valuable signal: in iteration 1, the security-officer caught two real defects that QA passed:

• convert.py:32 did rows = list(stream_csv(...)) — defeated the streaming guarantee. Filed → senior-dev fixed in iter 2 → re-verified by 200k-row memory profile (peak RSS: 14.5 MB on 13 MB input — Python runtime overhead, no scaling with input).
• --base-dir containment from threat model §2 wasn't implemented. qacli convert /etc/passwd succeeded for any readable file. Filed → fixed → re-verified.

This is the multi-reviewer model doing what the marketing claims: catching what a single agent misses, before merge, with no human in the review loop.

Full trace: docs/qa/runs/2026-05-09/E2E-CLI-PIPELINE.md — every verdict, every cost line, every fix-loop iteration.

Living regression suite: tests/board/test_api_regressions.py — 10 tests covering every closed bug from the QA pass. Goes red in CI if any of them comes back.

great-cto board   # localhost:3141

Six views, real screenshots — see greatcto.systems#board for live shots.

Multi-project switcher — one board, every client. Cross-project decisions log finds "have we solved this before?" across all your repos.

Everything else (/audit · /digest · /sec · /cost · /release · /crystallize) runs automatically or only when you need it. See docs/COMMANDS.md for the full reference.

Each archetype activates its own specialist agents and compliance checklists.

Override at any time: npx great-cto init --archetype <name> or edit .great_cto/PROJECT.md. The CLI also offers an Anthropic Haiku second-opinion (~$0.001) when heuristic confidence is low — set ANTHROPIC_API_KEY to enable, opt out with --no-llm.

Dedicated landing pages: agent-product · fintech · healthcare.

We're not an editor — we orchestrate the process around whichever AI assistant you already use. great_cto v2.4+ runs inside Claude Code, Cursor, OpenAI Codex CLI, Aider, and Continue (one config, generated by npx great-cto adapt --platform <yours>). Use whichever tool you prefer; the pipeline, gates, and compliance machinery stay the same.

~$34/month for a typical product team — 20 pipeline runs/month, indicative.

Pay your own Anthropic API tokens. No per-seat fee. No SaaS lock-in. Routine triage is auto-routed to Kimi K2 (Sonnet-equivalent at ~5× lower cost) → 60–80% cost reduction on log clustering and noisy stack traces.

architect → pm → senior-dev → [/review ×12] → qa-engineer → security-officer → devops → l3-support

LLM-agent time is wall-clock from /start to ship-ready PR with the pipeline running on Sonnet 4.6. Human-team equivalent assumes one mid-level engineer at ~6 productive hours/day including reviews, meetings, and context switches.

/start detects the scale automatically. Override at any time: "make it deep", "this is just a quick fix".

We synthesize, not record. Total local memory ~10–50 KB per project, indexed at session start.

Agents query memory before reading source files — solved problems stay solved. Cross-project: a "JWT auth" decision in project A surfaces in project B when relevant. After a P0 incident, agents extract a structured pattern and /crystallize promotes it globally — 94% MTTR reduction on second occurrence.

Anonymous opt-in install ping (one per npx great-cto init):

• Random UUID install_id, CLI version, archetype, Node version, OS.
• No paths, code, repo names, or PII.
• Stored in ~/.great_cto/config.json so the same install isn't double-counted.
• Disable any time: --no-telemetry, GREATCTO_NO_TELEMETRY=1, or { "telemetry": false } in config.

Powers the live counter at greatcto.systems.

Native support for Model Context Protocol. Works two ways:

great-cto mcp exposes 5 tools — scan (24 OWASP LLM rules), list_rules, detect_archetype, estimate_cost, query_decisions (ADR search). Add to your host config and you can call them from chat.

Claude Desktop — add to ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows):

{
  "mcpServers": {
    "great-cto": {
      "command": "npx",
      "args": ["-y", "great-cto@latest", "mcp"]
    }
  }
}

Cursor — add to .cursor/mcp.json in your project (or ~/.cursor/mcp.json globally):

{
  "mcpServers": {
    "great-cto": {
      "command": "npx",
      "args": ["-y", "great-cto@latest", "mcp"]
    }
  }
}

Continue / any MCP host — same shape. For multi-client / remote use:

great-cto mcp --sse --port 8765    # HTTP+SSE for multi-client

Specialist sub-agents from davila7/claude-code-templates (419 agents + 336 commands) are callable via the Agent tool. Install with /template install <name>.

great_cto v2.4+ works in any AI-coding tool, not just Claude Code. Generate platform-native config from a single source of truth:

npx great-cto adapt --platform claude    # CLAUDE.md + AGENTS.md
npx great-cto adapt --platform codex     # AGENTS.md (OpenAI Codex CLI)
npx great-cto adapt --platform cursor    # .cursorrules + .cursor/rules/*.mdc
npx great-cto adapt --platform aider     # .aider.conf.yml + CONVENTIONS.md
npx great-cto adapt --platform continue  # .continue/rules.md
npx great-cto adapt --platform all       # all of the above

All variants share AGENTS.md as the cross-tool standard, so editing .great_cto/PROJECT.md (archetype + compliance) updates every consumer with one re-run.

A native VS Code / Cursor extension is in packages/cursor-ext/ — adds command-palette entries for scan / CI / report and a status-bar shield icon.

The board (great-cto board → http://localhost:3141) exposes a JSON API for external integrations / smoke tests. All list endpoints return raw arrays or top-level fields, not wrapped objects — design for direct iteration:

Common gotcha: /api/projects and /api/tasks return arrays directly, not {projects: [...]} wrappers. Smoke scripts that test data.projects will see undefined and falsely report empty data. Use:

import urllib.request, json
data = json.load(urllib.request.urlopen("http://127.0.0.1:3141/api/projects"))
assert isinstance(data, list), "endpoint returns array directly"
print(f"projects: {len(data)}")

curl -sf http://127.0.0.1:3141/api/tasks?project=Test | jq 'length'

For a full reference: packages/board/server.mjs — every route is a top-level if (pathname === '/api/...') block.

Drop into any GitHub Actions workflow:

name: AI security scan
on: [pull_request]
jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with: { node-version: 20 }
      - run: npx great-cto@latest ci ./ --sarif results.sarif
        env:
          GREATCTO_NO_TELEMETRY: "1"
      - uses: github/codeql-action/upload-sarif@v3
        if: always()
        with: { sarif_file: results.sarif }

great-cto ci auto-detects $GITHUB_ACTIONS and emits ::error file=...,line=N:: annotations inline on PR diffs. Exit codes: 0 clean / 1 findings / 2 setup error.

• Not a replacement for senior engineers — codifies process; doesn't make architectural judgement calls without one.
• Not an IDE — runs inside Claude Code. If you're not using Claude Code, this isn't for you.
• Not a CI/CD system — gates run locally / in-session. You still need GitHub Actions for the actual merge pipeline.
• Not a secrets manager / observability platform — integrates with them, doesn't host the data.
• Not deterministic — LLM-generated outputs. Every gate verdict should be sanity-checked; /inbox surfaces rubber-stamping drift.
• Not certification-audited — PCI/HIPAA/SOC2 archetype scaffolds are starting points, not certifications.

Does it work without an internet connection? Agents themselves run locally as Claude Code subagents. Only Claude API calls reach Anthropic. No code, telemetry, or memory is sent anywhere else.

Is my source code used to train models? No. The Claude API is zero-retention by default for paying customers. great_cto adds nothing — your code stays yours.

What if I already have CI/CD? great_cto runs before CI. Catches issues at architecture, review, and pre-merge. Use both — they're complementary, not competing.

Cursor / Copilot / Aider support? Currently Claude Code only. Cross-harness support (AGENTS.md-based) is on the v2.x roadmap.

Can I disable hooks if they're getting in the way? Every hook honors GREAT_CTO_DISABLE_<NAME>=1 env vars (e.g. GREAT_CTO_DISABLE_SECRET_SCAN=1). Per-file opt-out via // agentshield:ignore for security scans.

How do you keep token costs down? Three layers — (1) Haiku-by-default for cheap agents, (2) Kimi K2 router for triage (60-80% savings), (3) cost-guard hook warns before expensive prompts. See /cost for live spend.

What happens to my data when I uninstall? Plugin state lives in ~/.great_cto/ (global decisions) and .great_cto/ (per-project). Both are plain markdown — rm -rf clears everything. No external services to deauthorize.

Why not auto-pilot? Why "two decisions per feature"? LLMs are powerful but lose product judgment on ambiguous specs. Keeping a human at gate:plan and gate:ship catches the 5% of bad calls that account for 95% of cost. See ADR-015 — Learning loop architecture.

┌──────────────────────────┐    ┌──────────────────┐
│   Claude Code session    │───→│  great_cto       │
│   (you run /start here)  │    │  pipeline +      │
└──────────────────────────┘    │  34 agents       │
              │                 └────────┬─────────┘
              ↓                          ↓
┌──────────────────────────┐    ┌──────────────────┐
│   .great_cto/            │    │  Beads (dolt)    │
│   PROJECT · lessons ·    │←──→│  task DB         │
│   decisions · verdicts   │    └──────────────────┘
└──────────────────────────┘
              │
              ↓
┌──────────────────────────┐
│   great-cto board        │
│   localhost:3141         │
│   (vanilla HTML, 0 deps) │
└──────────────────────────┘

avelikiy — Chief AI & Technology Officer / Founder. CTO building AI-native trading and fintech platforms (0→1, 1→N). Specializing in high-load financial systems where technology directly impacts PnL, risk, and unit economics.

Why great_cto exists. Same code reviews, same architecture questions, same security audits — across multiple companies, the same loops. Delegating helped. Process helped. But the bottleneck was always the senior engineer making the call. When Claude Code shipped, I started automating my own loops, one agent at a time. great_cto is the result — every rule in this system appeared in response to a real problem in a real production system.

If great_cto saved you time on a project, please star the repo — it helps other solo CTOs and indie hackers find it.

• v2.2 — telemetry on lesson quality (track which lessons agents cite vs ignore)
• v2.3 — auto-promotion: high-impact decisions → reusable skills (~/.great_cto/global-skills/)
• v3.0 — cross-harness support (AGENTS.md for Cursor / Codex / OpenCode / Gemini)

Vote on the next feature →

Pull requests welcome — see CONTRIBUTING.md. Good first issues are labeled good-first-issue.

Especially needed:

• New archetype scaffolds (suggest via Discussions)
• Translations: docs/<lang>/README.md for non-English audiences
• Real-world case studies — if great_cto shipped you something, share the numbers

MIT — see LICENSE.