v1.0.159 · open source · MIT · Claude Code plugin

Stop being the only person
who can ship.

You're the CTO. You're also the bottleneck. GreatCTO is 17 specialist agents that handle architecture, review, QA, security, and deploy — while you make two decisions per feature.

$ npx great-cto init View on GitHub ↗
no signup·runs locally·pay your own API
~ /your-saas — claude code
$ /start "add Stripe subscriptions" archetype: commerce (Stripe dep → PCI-DSS triggered) scale: standard (5 agents, ~45min) ARCH-stripe-subscriptions.md ready >> DECISION 1: approve architecture? approved senior-dev TDD: 14 tests, 287 LOC /review ×12 P0:0 P1:1 P2:3 qa-engineer coverage 91% · PASS security PCI-DSS SAQ-A · PASS devops canary 5% → 20% → 100% >> DECISION 2: ship? ship it done. RELEASE-2026-05-01.md
The trade-off you shouldn't have to make

Move fast. Or move safely. Pick one.

— until now.

Before

  • You write the feature
  • You spot the SQL injection at 11pm
  • You catch the missing webhook signature in code review
  • You triage the production alert at 2am
  • You write the postmortem
  • You forget the lesson 3 months later
  • Ship in 5 hours · burnout in 18 months

After

  • You describe the feature in one sentence
  • Architect drafts ARCH-doc — you approve in 30s
  • 12-angle review catches the SQL injection (P0, blocked)
  • Security agent files CVE on stripe-js — fix proposed
  • Pattern from last incident surfaces in agent's Step 0
  • Cross-project memory makes Tuesday's fix Wednesday's prevention
  • Ship in 45 minutes · sleep tonight
That's not aspirational. That's last Tuesday on a real repo. See the actual log ↗
How it works

Three commands. The system does the rest.

No prompt-engineering. No agent-orchestration tutorial. No YAML.

01 · INSTALL

Drop into any repo

Detects archetype from manifests (15 signals → 14 archetypes), wires the gates, loads the right agents.

$ npx great-cto init archetype: web-service (95% confidence) security tier: standard 5 agents auto-loaded ready in 12 seconds
02 · START

Describe the feature in one sentence

Architect drafts the architecture doc. You approve, refine, or reject. That's decision one.

$ /start "add 2FA via TOTP" → ARCH-2fa.md ready → pipeline: standard | ~45min >> DECISION 1: approve? _
03 · REVIEW · QA · SECURITY

12 angles fire in parallel

Performance, security, SQL safety, concurrency, privacy, API contracts. Every finding rated. P0 blocks the gate.

Performance · Security · SQL safety Concurrency · Privacy · API contracts Coverage 91% · 0 highs · CSO PASS >> DECISION 2: ship? _
04 · SHIP

Canary or done

5% → 20% → 100%. RELEASE doc auto-written. On-call notified. Memory updated for next time.

$ ship → canary 5% (3min) → 20% (5min) → 100% → RELEASE-2026-05-01.md → done.
The board you'll actually check

Three views. Real data.
Live updates from your repo.

great-cto board at localhost:3141. Inbox · Kanban · Metrics · Memory · Public report. Vanilla HTML, zero deps — no Electron, no Tauri, no SaaS.

01 · KANBAN

Five columns. Uniform cards. Inline gate approval.

Gates · Backlog · In Progress · Done · Blocked. Cards are 140px fixed-height, priority-coded, agent-tagged. ⌘K search across title / id / agent / labels. Project switcher with per-archetype icons. Live SSE — agent updates appear in <1s.

localhost:3141 — board
greatcto
stripe-saas
Inbox 3
Tasks 22
Metrics
Memory
Share
Gates 2
SAAS-7q
gate:arch — Stripe subs
gate architect
Backlog 5
SAAS-32
Postgres lock contention
3 spikes last week. Profile pg_stat_activity
High
SAAS-31
Webhook retry policy
Medium
In progress 3
SAAS-23
OAuth2 token refresh
Background refresh + 401 retry queue
senior-dev Urgent 38m
Done 14
SAAS-18
PostgreSQL replica failover
backend High
SAAS-17
Stripe webhook signature check
security-officer
02 · METRICS

The six numbers your CTO update needs.

Tasks shipped · LLM spend · cost-savings vs FTE · cycle time · QA pass rate · security blocks. Plus per-agent utilization, real-time activity feed with cost per verdict, and a 30-day daily-burn chart with budget alerts.

localhost:3141 — metrics
This sprint
14shipped
Tasks done
▲ 18% vs prior
$47/d
LLM spend
vs humans: $12,400
12×
vs FTE cost
▲ stable
78m
Avg cycle
94%
QA pass
0
Open highs
3
In progress
Agent utilization
✱ architect92%
✱ backend81%
✱ security78%
✱ qa71%
✱ devops64%
Activity last 24h
architectRFC accepted, ready to implement5m
qa412 tests green, 87% coverage35m
security2 deps with high CVE filed1h
devopscanary 5% — error rate flat1h
architectlog refactor: structured JSON2h
03 · PUBLIC REPORT

Shareable, read-only. Pause anytime.

One toggle generates an unguessable URL. Headline metrics + AI-vs-human cost comparison + recently shipped list. Toggle off → "Report paused". Open issues, code, credentials are never exposed.

greatcto.systems/r/CsqYVXs
greatcto
LIVE

stripe-saas

MAY 2026 · ENGINEERING REPORT
Headline
14done
Tasks shipped
+9 this week
23h
AI time
avg 78m / task
$50
LLM cost
5 plans
AI agents
$50
23h of compute
vs
13× cheaper
Human team
$650
est. 56h equivalent
Why you ship without waking up at 2am

Twelve independent reviews.
Each finds what the other eleven miss.

Cursor and Copilot run one review pass. We run twelve. Every finding rated P0 / P1 / P2. P0 blocks the gate. You can't accidentally ship a SQL injection.

01 · PERFORMANCE
N+1, hot loops
"GET /orders runs 47 queries for 1 page — N+1 in OrderService.list()"
P1
02 · SECURITY
Injection, IDOR, JWT
"JWT verified but iss/aud claims not checked — token from any tenant valid"
P0
03 · READABILITY
Naming, complexity
"32-line nested ternary in checkout.ts:284 — extract to function"
P2
04 · SQL SAFETY
Raw interpolation
"Unparameterized ORDER BY in customers.ts:91 — injection vector"
P0
05 · LLM TRUST
Prompt injection
"User input flows into system prompt without sanitization (RAG step 4)"
P0
06 · SIDE EFFECTS
Mutation in conditions
"Mutation inside if() shadows logging — duplicate webhook events"
P1
07 · DATA PRIVACY
PII, GDPR/HIPAA
"Email logged in request middleware:54 — GDPR Article 5(1)(c)"
P1
08 · ERROR HANDLING
Swallowed exceptions
"try/catch around 3 unrelated failure modes — debugging blackhole"
P1
09 · CONCURRENCY
Races, deadlocks
"Cache stampede on /pricing — 1.4s tail at p99 under load"
P1
10 · DEPS
CVEs, abandonment
"lodash 4.17.21 has CVE-2026-1234 — bump to 4.17.22"
P1
11 · API CONTRACTS
Breaking changes
"PATCH /users now requires 'role' field — breaks v1 clients"
P0
12 · DESIGN SYSTEM
Tokens, a11y
"23 hex codes hardcoded — design tokens from src/theme.ts not used"
P2
The part no other tool has

Your agents get smarter every Friday.

Cursor forgets your project the moment you close the tab. GreatCTO synthesizes — into a 10–50 KB local memory that travels across sessions, machines, and projects.

L1 · PROJECT

What this project IS

Archetype, size, compliance frameworks, owners, team patterns. Set on first /start.

.great_cto/PROJECT.md
L2 · CODEBASE

Where the seams are

God-nodes, entry points, public API surface, routing. Built in 30s by zero-dep bash — no LLM cost.

.great_cto/CODEBASE.md
L3 · BRAIN

What you've learned

Patterns in use, what failed, decisions made. Synthesized weekly + after every postmortem.

.great_cto/brain.md
L4 · CROSS-PROJECT

Patterns that beat 4-hour debugs

Promoted via /crystallize after a P0. Surfaces in every agent's Step 0 — across every project, forever.

~/.great_cto/global-patterns/
94%
MTTR reduction · second occurrence
After every P0 incident, agents extract the detection order that worked. Next time the same shape of problem hits — any project, any week, any engineer — the pattern surfaces in the agent's Step 0. A connection-pool exhaustion that cost you 4 hours in Q1? 30 seconds in Q3.
Pricing

$34/month.
That's the whole bill.

GreatCTO is open source (MIT). You pay your own Anthropic API tokens. We don't see them. We don't bill you. Nothing to subscribe to.

Typical product team · 20 pipeline runs/month

quick · config / typo
$0.10
× 10
$1
quick · new endpoint
$1.00
× 6
$6
standard · feature
$5.00
× 3
$15
deep · cross-cutting
$12.00
× 1
$12
Total
~$34/mo
+ Routine triage auto-routed to Kimi K2 → 60–80% cost cut on log clustering
+ No per-seat. No SaaS. No data leaves your laptop.
Cursor Business
$40/seat/mo · ~$400/mo for a 10-eng team
Devin
$500/mo flat
GreatCTO
~$34/mo total · pay only when you ship
Honesty section

Who is this actually for?

✓ Perfect if you

  • Are a solo founder or technical CTO with 4–25 engineers
  • Use Claude Code daily
  • Ship to production weekly or faster
  • Are tired of being the bottleneck on every architecture call
  • Want to see what your code review actually catches

✗ Not yet if you

  • Have a 50+ engineering team with established RFC + review process
  • Don't use Claude Code (yet — or ever)
  • Run a regulated bank (we're not PCI/HIPAA/SOC2 audited — yet)
  • Need a managed SaaS with 99.99% uptime SLA — this runs on your laptop
  • Don't have any process to replace (start with one human reviewer first)
Quick start

30 seconds. No signup.
No credit card.

01 · install
$ npx great-cto init archetype detected 5 agents loaded ready in 12s
02 · start a feature
$ /start "add 2FA" → ARCH ready → DECISION 1? $ approved → 12 reviews running → QA · Security ·
03 · ship
→ DECISION 2: ship? $ ship → canary 5% → 100% → RELEASE-doc → done.
FAQ

The questions everyone asks before installing.

Will it commit to my repo without me knowing?
No. Every commit goes through your local git. Two human gates per feature. You can audit every diff before approve.
What if it makes a mistake on the architecture?
You reject the gate. Architect re-drafts with your reasoning. The conversation is in your terminal — same as a normal Claude Code session.
How is this different from Cursor / Aider?
Cursor writes code in the IDE. Aider edits files from CLI. GreatCTO sits one level above — it decides which agents to run, which gates to enforce, which compliance checks to load. The AI is the same; the process is different.
Does it work on existing codebases?
Yes. /audit reads the repo, builds CODEBASE.md, generates a backlog of gaps. Tested on JS/TS, Python, Rust, Go. ~2 minutes for 100k LOC.
What about my secrets?
Nothing leaves your machine except Claude API calls (your tokens, your Anthropic account). The board, the memory, the patterns — all local files in .great_cto/. You can .gitignore them or commit them — your call.
Can I disable an agent I don't need?
Edit .great_cto/PROJECT.mdagents: [...]. Or override at runtime: /start "feature" --agents=architect,senior-dev,qa.
Will my engineers hate it?
It runs in their Claude Code session — same UX. They'll notice slower first runs (2 min for the audit) and faster ship times (45min vs 5h). The gate prompts ask them, not their manager. Less ceremony, not more.
What happens if Anthropic changes pricing?
Routine triage already auto-routes to Kimi K2 (cheaper Sonnet-equivalent). You can pin a specific model in PROJECT.md. Worst case: it costs 2× for 6 weeks until we add the next provider. The plugin is MIT — you can fork.
Enough reading.

The bottleneck is you.
Stop being it.

$ npx great-cto init
60 seconds to install · 12 minutes to your first /start
Open source · MIT · made by an engineer who got tired of his own loops