Skip to content

great_cto

AI Agents & Assistants

An AI‑powered “engineering team” that automatically reviews, builds and ships code for solo CTOs at roughly $34 per month.

Track releases GitHub Website
JavaScript Latest v2.33.1 · 5d ago Security brief →

Features

  • Provides 57 specialist AI agents (architect, reviewer, QA, security, devops, etc.) tailored to your stack and jurisdiction.
  • Automates the entire development pipeline with only two human gates per feature: planning and shipping.
  • Tracks LLM cost versus a human‑equivalent baseline, showing dramatic savings (e.g., $2.39 vs $5,460 for one feature).

Recent releases

View all 5 releases →
Upgrade now
v2.33.1 Bug fix
Auth

SessionStart config fixes

Open
No immediate action
v2.33.0 Breaking risk

digital-health-pack fix

Open
v2.32.0 Breaking risk
⚠ Upgrade required
  • `great-cto ci` now runs only archetype-drift and budget checks; existing pipelines continue to function without security findings.
  • The `secret-scan` pre‑commit hook remains unchanged.
Breaking changes
  • Removed `great-cto scan` CLI command and its `--severity` / `--scanner` flags
  • Removed `great-cto list-rules` CLI command
  • Removed `scan` and `list_rules` MCP tools (now only 7 tools remain)
Full changelog

Removed: AgentShield scanner

The bundled AgentShield static scanner has been fully removed. It was an
AI-security pattern scanner (OWASP LLM Top 10) that shipped its own CLI
commands, MCP tools, rule files, and SARIF/JUnit output. Pre-implementation
threat modelling is now owned entirely by the ai-security-reviewer agent,
which is a better fit for the gated-pipeline model.

Breaking — removed CLI surface:

  • great-cto scan command (+ --severity / --scanner flags)
  • great-cto list-rules command
  • scan and list_rules MCP tools (MCP now exposes 7 tools:
    detect_archetype, estimate_cost, query_decisions, project_status,
    cost_summary, pipeline_stages, recent_verdicts)
  • The ~/.great_cto/guardrails.yml file is no longer created on bootstrap
  • agentshield-rules/ rule files dropped from the published npm package

great-cto ci survives — the command now runs archetype-drift and
budget checks only (--no-archetype / --no-budget to skip). Existing CI
pipelines keep working but no longer fail on security findings.

Unchanged: the secret-scan pre-commit hook is a separate subsystem and
is unaffected. Per-file opt-out remains // great_cto:allow-secrets; the
whole hook honours GREAT_CTO_DISABLE_SECRET_SCAN=1.

View release on GitHub
No immediate action
v2.25.0 New feature

Triage gate + hand‑off rules + loading discipline

Open
No immediate action
v2.19.0 New feature

Token economy phases

Open

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

About

Stars
35
Forks
7
Languages
JavaScript TypeScript HTML
Downloads/week
1,915 ↓32%
NPM Maintainers
1 Single npm maintainer
Contributors
3
View on GitHub View on npm Homepage Live demo

Install & Platforms

Install via
npm

Community & Support

Community

Similar tools

Ait
Team-of-agents, A multi-role SDLC orchestrator for Claude Code
Give your AI agent a brain that understands your codebase
chacosoldier/compabob
Goose

Beta — feedback welcome: [email protected]