Solo-CTO mode. Stop being the only person who can ship.
The engineering OS for Claude Code — open-source, local-first alternative to Devin. great_cto orchestrates 50 specialist agents around your Claude Code: architect, PM, senior-dev, code-reviewer, qa-engineer, security-officer, devops, plus 26 archetype reviewers and 15 domain packs (voice-AI · clinical · HR-AI · API platform · lending · clinical trials · robotics · EM-fintech · climate · drug-discovery · edtech · gov · gaming · enterprise · insurance).
You're the solo CTO. You're also the bottleneck. GreatCTO is 50 specialist agents that handle architecture, review, QA, security, and deploy — while you make two decisions per feature.
Built for the one-person engineering org. Indie hackers, solo founders, and technical CTOs running everything themselves. Not built for teams — see FAQ.
Website · Live demo · Packs explorer · Discussions · Changelog
Русский · 简体中文 · 繁體中文 · 日本語 · 한국어 · Español · Português · Deutsch · Français
You describe what you want (/start "build a billing endpoint"). 50 specialist agents — architect, PM, senior-dev, code-reviewer, qa-engineer, security-officer, devops, l3-support, plus 26 archetype reviewers and 15 domain packs (voice-AI · clinical · HR-AI · API platform · lending · clinical trials · robotics · EM-fintech · climate · drug-discovery · edtech · gov · gaming · enterprise · insurance) — orchestrate the SDLC: archetype detection → pack overlay → architecture + ADRs → threat model → plan + Beads tasks → TDD impl → 12-angle review → QA → security gate → deploy.
The pipeline scales to the work: a 1-line typo fix runs through 1 agent in 30s; a deep cross-cutting feature runs through 7+ agents over an hour. You confirm two gates (plan, ship). Everything else is automatic.
🟡 gate:plan ← you decide here (architecture + tasks + cost)
↓
🤖 senior-dev → 12-angle review → qa-engineer → security-officer → devops
↓
🟢 gate:ship ← you decide here (PR ready, security signed off)
Architects, planners, reviewers, QA, security, DevOps run automatically between those two human checkpoints. Memory persists between sessions: every gate verdict appends to ~/.great_cto/decisions.md, every retrospective appends to per-project lessons.md, and /crystallize promotes high-impact patterns to a global library agents query before re-solving.
| great_cto | Devin | Claude Code (alone) | |
|---|---|---|---|
| Open source | ✅ MIT | ❌ closed | ❌ closed plugin model |
| Self-host | ✅ runs locally | ❌ Cognition cloud | ✅ |
| BYOK / multi-model | ✅ Claude Code | ❌ proprietary | ❌ Anthropic only |
| Specialist agents | 50 (architect · PM · 12-angle review · QA · security · devops · 26 archetype reviewers · 15 domain packs) | 1 generalist | 1 generalist |
| SDLC orchestration | architect → plan → impl → review → QA → security → devops | one-shot autonomy | edit loop |
| Human gates | ✅ 2 per feature (plan + ship) | ❌ none | ❌ |
| Memory across sessions | ✅ decisions.md + lessons.md + crystallize |
||
| Cost tracking | ✅ per-agent + 30d history + savings_x | ❌ | ❌ |
| Compliance frameworks | ✅ 30+ (PCI · HIPAA · SOX · EU AI Act · FDA SaMD · COPPA · FERPA · FedRAMP · NAIC · …) | ❌ | ❌ |
| Pricing | free (you pay your LLM provider) | $500/mo | $20/mo |
| Setup | npx great-cto init |
sign up | install CLI |
great_cto is not another coding-agent loop — it's the orchestration layer above the coding agent you already use. Think "specialist team that reviews and gates the work" rather than "another assistant that types code."
npx great-cto initThe CLI scans your repo, picks the right archetype, wires compliance gates automatically. Works on new or existing projects. Restart Claude Code afterwards.
Requires: Claude Code · Node 18.17+ · Beads · Superpowers
great-cto board opens an admin UI at http://localhost:3141 — Kanban with realtime SSE updates, per-agent cost tile, pipeline status across 8 stages, and a 30-day cost history that pairs LLM spend with the human-equivalent baseline.
 Metrics — LLM cost, human-equivalent baseline, savings_x ratio |
 Inbox — pending gates, P0 incidents, blocked tasks, stale in-progress |
 Agents — 50 specialists with last-used + run counts |
 Memory — 11 layers + crystallized incident patterns |
| Tile | What you see |
|---|---|
| Tasks | Backlog → in-progress → done, drag to update via /api/tasks/<id>/status |
| Cost (30d) | LLM $ vs human-equivalent $; flag if savings_x < 100× |
| Agent fleet | 50 agents with last-used + per-agent run count |
| Inbox | Pending gates, P0 incidents, blocked tasks (auto-sorted) |
| Pipeline | 8-stage SDLC with status (architect → pm → senior-dev → … → devops) |
Full API surface: docs/BOARD-API.md.
/start "build a refund endpoint with PCI-DSS scoping"
# → architect → enterprise-saas-reviewer (PCI-DSS auto-loaded)
# → pm → 5 Beads tasks → gate:plan (you approve)
# → senior-dev → 12-angle review → qa → security-officer
# → gate:ship (you approve) → devops → deployed
/inbox
# Pending gates · P0 incidents · blocked tasks · stale in-progress
/digest
# Weekly DORA + delta vs last week + cost-per-feature roll-upPlus: /audit (existing-codebase scan), /cost (LLM router savings), /sec (security umbrella), /oncall, /release, /rfc. Full list: ~/.claude/commands/ after install.
~$34/month for a typical solo-CTO project — 20 pipeline runs/month, indicative.
| Pipeline | Cost/run | Runs/mo | Total |
|---|---|---|---|
| quick (config / typo) | $0.10 | 10 | $1 |
| quick (new endpoint) | $1 | 6 | $6 |
| standard (feature) | $5 | 3 | $15 |
| deep (cross-cutting) | $12 | 1 | $12 |
| ~$34 |
Pay your own Anthropic API tokens. No per-seat fee. No SaaS lock-in. Routine triage auto-routes to Kimi K2 (Sonnet-equivalent at ~5× lower cost) → 60–80% reduction on log clustering.
Each archetype activates its own specialist agents and compliance checklists. Top 7:
| Archetype | Tier | Specialist agents | Compliance |
|---|---|---|---|
enterprise-saas |
deep | enterprise-saas-reviewer | soc2-type-2 · iso27001 · gdpr · ccpa |
agent-product |
deep | ai-prompt-architect · ai-eval · ai-security | eu-ai-act · owasp-llm-top-10 |
fintech |
deep | pci · regulated | pci-dss · sox · kyc-aml · gdpr · dora |
mlops |
deep | mlops-reviewer · ai-eval | eu-ai-act · nist-ai-rmf · iso42001 |
library |
baseline | library-reviewer | openssf · sbom |
cli-tool |
baseline | cli-reviewer | — |
mobile-app |
standard | mobile-store-reviewer | store-policy · gdpr |
Full table (25 archetypes) + how detection works: docs/ARCHETYPES.md.
Domain packs ride on top of archetypes. Auto-attached when CLI detects pack-specific signals (deps, README terms). Each pack adds its own reviewer(s), threat-model template, EVAL suite, and human gates — independent of base archetype.
| Category | Packs |
|---|---|
| AI verticals | voice-pack · clinical-pack · hr-ai-pack · drug-discovery-pack |
| Fintech / regulated | lending-pack · em-fintech-pack · insurance-pack · enterprise-pack |
| High-compliance | clinical-trials-pack · gov-pack · edtech-pack · climate-pack |
| Engineering | api-platform-pack · robotics-pack · game-pack |
→ 22 human-gate types + 50+ reference EVAL suites + 19 TM templates. Browse all 15 packs with 4-layer journey visualization (archetype → pack → reviewer → gate): greatcto.systems/packs.html.
A Python CLI feature shipped through the full pipeline: $2.39 LLM spend vs ~$5,460 human-equivalent. Security caught two real defects QA had passed (list(stream_csv()) defeated streaming → 14.5 MB peak RSS on 13 MB input). Multi-reviewer model catching what single agents miss, before merge.
Full trace + artefacts: greatcto.systems/proof · raw: docs/qa/runs/2026-05-09/E2E-CLI-PIPELINE.md.
Drop into any GitHub Actions workflow:
- run: npx great-cto@latest ci ./ --sarif results.sarif
- uses: github/codeql-action/upload-sarif@v3
if: always()
with: { sarif_file: results.sarif }great-cto ci auto-detects $GITHUB_ACTIONS and emits ::error file=...,line=N:: annotations inline on PR diffs. Exit codes: 0 clean / 1 findings / 2 setup error.
Layered test suite — structural + state-machine tier runs in <2 min for $0 (node --test tests/*.test.mjs); real-LLM tier (25 archetypes × 4-8 stages + 15 packs + 9 reviewers) runs on-demand via OpenRouter for ~$5–10. Full breakdown: docs/testing/.
Native MCP server — call great_cto's tools (scan, list_rules, detect_archetype, estimate_cost, query_decisions) from Claude Desktop or any MCP host:
{ "mcpServers": { "great-cto": { "command": "npx", "args": ["-y", "great-cto@latest", "mcp"] } } }Full setup + internal MCPs (Grafana, LLM router, Beads): docs/MCP.md.
Five things that need you to act in <2h get emailed automatically — even when you're away from the board:
| Trigger | When |
|---|---|
| 🚨 P0 incident | A P0 task opens in any project |
| ⏸️ Gate stale > 2h | A gate:ship is waiting on you for hours |
| 🛡️ Security BLOCKED | security-officer rejected a merge |
| 💸 Budget alert | Monthly LLM spend crosses 80% / 100% of budget |
| 📊 Weekly digest | Friday 09:00 — shipped, spent, savings, QA |
Setup: board → Notifications tab → enter email → enter the 6-digit code we send → pick triggers. No Resend signup, no API keys — delivery routed through greatcto.systems/notify (free, 100 emails/24h per verified email).
- Not for teams — solo-CTO is the product. 2+ engineers? You've outgrown it.
- Not a replacement for senior engineers — codifies process; doesn't make architectural judgement calls without one.
- Not a CI/CD system — gates run locally / in-session. You still need GitHub Actions for actual merge.
- Not certification-audited — PCI/HIPAA/SOC2 archetype scaffolds are starting points, not certifications.
- Not deterministic — LLM-generated outputs. Every gate verdict should be sanity-checked.
Is my source code used to train models? No. Claude API zero-retention by default for paying customers. great_cto adds nothing.
How do you keep token costs down? Haiku-by-default + Kimi K2 router for triage (60–80% savings) + cost-guard hook.
Can I disable hooks? Every hook honors GREAT_CTO_DISABLE_<NAME>=1. Per-file opt-out: // agentshield:ignore.
What if I'm not solo? great_cto is built for the one-person engineering org. If you have 2+ engineers and need shared boards / multi-seat auth, you've outgrown it.
Full FAQ: docs/FAQ.md.
The plugin runs inside Claude Code (or any MCP-capable host); 50 agents are markdown specs; tasks live in Beads (dolt, git-native); memory is plain markdown (no vector store). Diagram + stack table: docs/ARCHITECTURE.md.
v2.9.1 (May 2026) — zero-setup email alerts (5 trigger types · 100/24h free via greatcto.systems/notify relay · no Resend signup) · session-start auto-attach reviewers (scans recent diff → flags the right specialist subagent_type so the 24 reviewers stop sitting idle) · subagent_type routing table in CLAUDE.md / AGENTS.md.
v2.8.6 — Claude Code-only release · 15 domain packs (added edtech / gov / gaming / enterprise / insurance) · 4-layer journey visualization on /packs.html · 50 specialist agents.
- v2.9 — lesson-quality tracking (which lessons agents cite vs ignore)
- v2.10 — auto-promotion: high-impact decisions → reusable skills
- v3.0 — Claude Agent SDK headless mode (CI / scheduled / webhook-triggered pipelines)
avelikiy — CTO building AI-native trading and fintech platforms (0→1, 1→N). great_cto is the result of automating my own loops, one agent at a time. Every rule appeared in response to a real problem in a real production system.
| Channel | What |
|---|---|
| 🐛 Issues | Bugs, feature requests, archetype proposals |
| 💡 Discussions | Questions, patterns, show-and-tell |
| 📝 Blog | Architecture deep-dives |
| 🔒 SECURITY.md | Responsible disclosure |
Pull requests welcome — see CONTRIBUTING.md. Good first issues: good-first-issue.
MIT — see LICENSE.
If great_cto saved you time, please star the repo — it helps other solo CTOs find it.
Built by @avelikiy Stop being the only person who can ship.