Skip to content

Release history

great_cto releases

Engineering-management layer of 34 specialist AI agents covering the full SDLC (architect, PM, senior-dev, reviewer, QA, security, devops, L3-support + 18 archetype-specific reviewers) with auto-detected archetypes and compliance gates (PCI-DSS, HIPAA, FedRAMP, GDPR, EU AI Act). Runs in Claude Code, Cursor, Codex CLI, Aider, and Continue via AGENTS.md + MCP. MIT.

Back to tool Latest release

All releases

5 shown

Upgrade now
v2.33.1 Bug fix
Auth

SessionStart config fixes

Open
No immediate action
v2.33.0 Breaking risk

digital-health-pack fix

Open
v2.32.0 Breaking risk
⚠ Upgrade required
  • `great-cto ci` now runs only archetype-drift and budget checks; existing pipelines continue to function without security findings.
  • The `secret-scan` pre‑commit hook remains unchanged.
Breaking changes
  • Removed `great-cto scan` CLI command and its `--severity` / `--scanner` flags
  • Removed `great-cto list-rules` CLI command
  • Removed `scan` and `list_rules` MCP tools (now only 7 tools remain)
Full changelog

Removed: AgentShield scanner

The bundled AgentShield static scanner has been fully removed. It was an
AI-security pattern scanner (OWASP LLM Top 10) that shipped its own CLI
commands, MCP tools, rule files, and SARIF/JUnit output. Pre-implementation
threat modelling is now owned entirely by the ai-security-reviewer agent,
which is a better fit for the gated-pipeline model.

Breaking — removed CLI surface:

  • great-cto scan command (+ --severity / --scanner flags)
  • great-cto list-rules command
  • scan and list_rules MCP tools (MCP now exposes 7 tools:
    detect_archetype, estimate_cost, query_decisions, project_status,
    cost_summary, pipeline_stages, recent_verdicts)
  • The ~/.great_cto/guardrails.yml file is no longer created on bootstrap
  • agentshield-rules/ rule files dropped from the published npm package

great-cto ci survives — the command now runs archetype-drift and
budget checks only (--no-archetype / --no-budget to skip). Existing CI
pipelines keep working but no longer fail on security findings.

Unchanged: the secret-scan pre-commit hook is a separate subsystem and
is unaffected. Per-file opt-out remains // great_cto:allow-secrets; the
whole hook honours GREAT_CTO_DISABLE_SECRET_SCAN=1.

View release on GitHub
No immediate action
v2.25.0 New feature

Triage gate + hand‑off rules + loading discipline

Open
No immediate action
v2.19.0 New feature

Token economy phases

Open

Beta — feedback welcome: [email protected]