by catlog22
JSON-driven multi-agent cadence-team development framework with intelligent CLI orchestration (Gemini/Qwen/Codex), context-first architecture, and automated workflow execution
# Add to your Claude Code skills
git clone https://github.com/catlog22/Claude-Code-WorkflowGuides for using ai agents skills like Claude-Code-Workflow.
Last scanned: 4/25/2026
{
"issues": [
{
"type": "npm-audit",
"message": "@hono/node-server: @hono/node-server has authorization bypass for protected static paths via encoded slashes in Serve Static Middleware",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@modelcontextprotocol/sdk: Anthropic's MCP TypeScript SDK has a ReDoS vulnerability",
"severity": "high"
},
{
"type": "npm-audit",
"message": "@vitest/coverage-v8: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@vitest/mocker: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@vitest/ui: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "ajv: ajv has ReDoS when using `$data` option",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "brace-expansion: brace-expansion: Zero-step sequence causes process hang and memory exhaustion",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "esbuild: esbuild enables any website to send any requests to the development server and read the response",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "flatted: flatted vulnerable to unbounded recursion DoS in parse() revive phase",
"severity": "high"
},
{
"type": "npm-audit",
"message": "hono: Hono JWK Auth Middleware has JWT algorithm confusion when JWK lacks \"alg\" (untrusted header.alg fallback)",
"severity": "high"
},
{
"type": "npm-audit",
"message": "lodash: lodash vulnerable to Code Injection via `_.template` imports key names",
"severity": "high"
},
{
"type": "npm-audit",
"message": "minimatch: minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
"severity": "high"
},
{
"type": "npm-audit",
"message": "path-to-regexp: path-to-regexp vulnerable to Denial of Service via sequential optional groups",
"severity": "high"
},
{
"type": "npm-audit",
"message": "picomatch: Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching",
"severity": "high"
},
{
"type": "npm-audit",
"message": "postcss: PostCSS has XSS via Unescaped </style> in its CSS Stringify Output",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "qs: qs's arrayLimit bypass in comma parsing allows denial of service",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "rollup: Rollup 4 has Arbitrary File Write via Path Traversal",
"severity": "high"
},
{
"type": "npm-audit",
"message": "vite: Vite Vulnerable to Path Traversal in Optimized Deps `.map` Handling",
"severity": "high"
},
{
"type": "npm-audit",
"message": "vite-node: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "vitest: Vulnerability found",
"severity": "medium"
}
],
"status": "WARNING",
"scannedAt": "2026-04-25T05:50:54.245Z",
"semgrepRan": false,
"npmAuditRan": true,
"pipAuditRan": true
}Claude-Code-Workflow is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by catlog22. JSON-driven multi-agent cadence-team development framework with intelligent CLI orchestration (Gemini/Qwen/Codex), context-first architecture, and automated workflow execution. It has 2,143 GitHub stars.
Claude-Code-Workflow returned warnings in SkillsLLM's automated security scan. It has no critical vulnerabilities, but review the flagged issues in the Security Report section before adding it to your workflow.
Clone the repository with "git clone https://github.com/catlog22/Claude-Code-Workflow" and add it to your Claude Code skills directory (see the Installation section above).
Claude-Code-Workflow is primarily written in TypeScript. It is open-source under catlog22 on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh Claude-Code-Workflow against similar tools.
No comments yet. Be the first to share your thoughts!
Requires a passing catalog security scan. Resolve the flagged issues and resubmit to enable featuring.
[!IMPORTANT]
This project has evolved into Maestro Flow
Claude Code Workflow is now archived. All active development continues at:
https://github.com/catlog22/maestro-flow
npm install -g maestro-flowMaestro Flow includes everything from CCW plus: Knowledge Graph, adaptive lifecycle engine (Ralph), hook system, team collaboration, and more.
From lite-plan (lightweight) to brainstorm (multi-role analysis)
Gemini, Qwen, Codex, Claude - auto-select or manual
Role-based agents with inner loop execution
Background queue execution service
start/resume/complete/sync workflow sessions
Multi-terminal grid with execution monitor
Template-based workflow visual editing
Agent-to-User interactive interface
📖 New? See Workflow Guide for complete workflow documentation.
npm install -g claude-code-workflow
ccw install -m Global
.codex/skills/)If you use Codex CLI with the .codex/skills/ workflow skills, add these required features to your ~/.codex/config.toml:
[features]
default_mode_request_user_input = true # Enable request_user_input tool for interactive confirmations
multi_agent = true # Enable multi-agent coordination (spawn_agent, wait, etc.)
multi_agent_v2 = true # Enable v4 agent API (fork_context, task_name, send_message, assign_task, list_agents)
enable_fanout = true # Enable spawn_agents_on_csv for parallel wave execution
These features are required for workflow skills to function properly. Without them, interactive confirmation gates (
request_user_input), subagent orchestration, and CSV-driven parallel execution will not work.
CCW uses two types of invocations:
| Type | Format | Examples |
|---|---|---|
| Skills | Trigger phrase (no slash) | workflow-lite-plan, brainstorm, workflow-plan |
| Commands | Slash command | /ccw, /workflow/session:start, /issue/new |
# Skill triggers (no slash - just describe what you want)
workflow-lite-plan "Add JWT authentication"
workflow-plan "Implement payment gateway integration"
workflow-execute
# Brainstorming
brainstorm "Design real-time collaboration system"
# Slash commands for session management
/workflow/session:start
/workflow/session:resume
/workflow/session:complete
Users can semantically specify CLI tools in prompts - the system automatically invokes the corresponding CLI.
| User Prompt | System Action |
|---|---|
| "Use Gemini to analyze the auth module" | Auto-invoke gemini CLI for analysis |
| "Let Codex review this code" | Auto-invoke codex CLI for review |
| "Ask Qwen about performance optimization" | Auto-invoke qwen CLI for consultation |
| Pattern | User Prompt Example |
|---|---|
| Collaborative | "Use Gemini and Codex to collaboratively analyze security vulnerabilities" |
| Parallel | "Have Gemini, Codex, and Qwen analyze the architecture in parallel" |
| Iterative | "Use Gemini to diagnose, then Codex to fix, iterate until resolved" |
| Pipeline | "Gemini designs the solution, Codex implements, Claude reviews" |
ACE (Augment Context Engine) provides powerful semantic code search.
| Method | Link |
|---|---|
| Official | Augment MCP Documentation |
| Proxy | ace-tool (GitHub) |
⚠️ In Development: CodexLens is under iterative optimization. Some features may be unstable.
Quick Examples:
# /ccw - Auto workflow selection
/ccw "Add user authentication"
/ccw "Fix memory leak in WebSocket"
/ccw "Implement with TDD"
# /ccw-coordinator - Manual chain orchestration
/ccw-coordinator "Implement OAuth2 system"
/workflow:session:start # Start new workflow session
/workflow:session:resume # Resume paused session
/workflow:session:list # List all sessions
/workflow:session:sync # Sync session work
/workflow:session:complete # Complete session
/issue/new # Create new issue
/issue/plan # Plan issue resolution
/issue/queue # Form execution queue
/issue/execute # Execute issue queue
ccw install # Install workflow files
ccw view # Open dashboard
ccw cl