Turn any AI coding agent (Claude Code, Cursor, Windsurf, Cline) into a complete, autonomous software company. The user describes their product or software idea; SoftCo handles the entire lifecycle: planning, system design, documentation, test-first coding, DevOps containerization, continuous integration, and automated deployment. The user only ever needs to configure the .env file.
An Agent Skill (supporting Agent Skills) that transforms any supported large language model (LLM) agent or developer assistant into a fully-functional, autonomous software engineering firm. It simulates an entire development team: Product Manager, Software Architect, Senior Engineer, DevOps Engineer, QA Engineer, Security Expert, and Technical Writer.
The agent operates under a highly-disciplined, professional software development lifecycle (SDLC) phase order:
Phase 0 β Phase 1 β Phase 2 β Phase 3 β Phase 4 β Phase 5 β Phase 6
Discovery Design Docs Code Test Infra Deploy
Documentation and tests come before code. Test coverage of β₯ 80% is strictly enforced. Secrets are never committed to git. Every project ships with a standardized AGENT.md contract file that lets a fresh agent session continue the work seamlessly without questions.
SoftCo integrates natively as a custom skill, system prompt instruction, or custom rule system across all major AI coding assistants and agent environments:
| Agent / Editor | Works | Install Path / Setup |
|---|---|---|
| Claude Code | β | ~/.claude/skills/softco |
| opencode (SST) | β | ~/.claude/skills/softco (shared) |
| OpenAI Codex | β | ~/.agents/skills/softco |
| Amp / Goose / Kiro | β | ~/.agents/skills/softco (shared) |
| Gemini CLI | β | ~/.gemini/antigravity/skills/softco |
| Cursor | β | .cursor/rules/softco.mdc (included rules file) |
| Windsurf | β | .windsurf/rules/softco.md (included rules file) |
| Cline | β | .clinerules/softco.md (included custom rules) |
| GitHub Copilot | β | .github/copilot-instructions.md (included instructions) |
Easily install SoftCo across all detected AI agents on your local machine using the automated installer script:
./install.shThis symlinks the skill/ directory to all detected agent paths. Restart your agent session to load.
./install.sh --agent claude # Claude Code + opencode
./install.sh --agent codex # Codex / Amp / Goose / Kiro
./install.sh --agent gemini # Gemini CLI
./install.sh --agent opencode # opencode explicit path
./install.sh --agent openclaw # OpenClaw./install.sh --uninstall./install.sh --copyIf you prefer manual configuration, run the appropriate setup commands for your AI toolchain:
# Claude Code Skill Setup
mkdir -p ~/.claude/skills && ln -s "$(pwd)/skill" ~/.claude/skills/softco
# Codex / Amp / Goose / Kiro Setup
mkdir -p ~/.agents/skills && ln -s "$(pwd)/skill" ~/.agents/skills/softco
# Gemini CLI / Antigravity Setup
mkdir -p ~/.gemini/antigravity/skills && ln -s "$(pwd)/skill" ~/.gemini/antigravity/skills/softco
# opencode Custom Skill Setup
mkdir -p ~/.config/opencode/skills && ln -s "$(pwd)/skill" ~/.config/opencode/skills/softcoSoftCo activates automatically within your agent workspace on natural language developer requests:
- SaaS & API Greenfield Development:
"build me a SaaS / web app / backend API / CLI tool" - Architecture Planning:
"design the architecture and system flow for ..." - Infrastructure as Code (IaC) & DevOps:
"set up CI/CD pipeline, Dockerfile, Kubernetes clusters, or Terraform modules" - LLM & AI Agent Integration:
"integrate Claude, OpenAI GPT, Gemini, RAG workflows, or MCP tools" - Deployment & Orchestration:
"deploy our application to AWS, GCP, Azure, Fly.io, or Render" - Code Auditing & Security Review:
"review my repository or audit my code for production readiness" - Bug Fixing & Root-Cause Resolution:
"fix this bug or resolve this specific runtime error"
SoftCo is pre-configured with industry-standard tech stack templates to accelerate development:
- Frontend Frameworks: React + Vite, Next.js (App Router), Vue, Svelte, React Native (Expo)
- Backend Frameworks: FastAPI (Python), Go + Gin, NestJS (Node), Express, Hono, Django, Flask
- AI & LLM Integration: Anthropic Claude, OpenAI GPT, Google Gemini, AWS Bedrock, GCP Vertex AI, Groq, Together AI, Ollama; LangChain, LangGraph, CrewAI, Haystack, Model Context Protocol (MCP); RAG + agentic loops + structured JSON outputs + prompt versioning
- Databases & Vector Stores: PostgreSQL + pgvector (default), MySQL, MongoDB, DynamoDB, Redis Cache, Qdrant, Pinecone, Weaviate, Neo4j, OpenSearch
- Infrastructure (IaC): Terraform-first (modular architecture); AWS, GCP, Azure, DigitalOcean, Fly.io, Render; Docker multi-stage builds; Kubernetes orchestration
- CI/CD Automation: GitHub Actions standard workflows (Python / Node / Go templates); OIDC authentication; Trivy security vulnerability scanning; Release Please auto-changelogs
- Observability & Logging: OpenTelemetry instrumentation, structured JSON logging (structlog, pino, slog), Prometheus + Grafana metrics, Sentry error tracking, Langfuse for LLM evaluation
- Security Standards: OWASP Top 10 defaults, OIDC for cloud authentication, Secrets Manager integration, API Rate-Limiting, PostgreSQL RLS multi-tenancy, Prompt-Injection defenses
skill/ # custom skill source directory (symlinked to agent paths)
βββ SKILL.md # core entry point loaded by AI agents
βββ references/ # detailed technical guides
β βββ 00-workflow.md # phase-by-phase development workflow
β βββ 01-frontend.md # React/Next.js/SPA/SSR best practices
β βββ 02-backend.md # FastAPI/Go/Node API design patterns
β βββ 03-ai-integration.md # RAG, LLM orchestration & prompt engineering
β βββ 04-databases.md # SQL/NoSQL schema design & optimization
β βββ 05-infrastructure.md # AWS/GCP cloud setup with Terraform
β βββ 06-cicd.md # GitHub Actions workflow pipelines
β βββ 07-security.md # OWASP compliance & secret management
β βββ 08-observability.md # OpenTelemetry, logging & APM metrics
β βββ 09-testing.md # Unit, integration, E2E, & AI testing
β βββ 10-prompt-engineering.md # Prompt optimization & version control
β βββ 11-doc-templates.md # Markdown document templates
β βββ 12-verification.md # Live-proof gate β run it & observe before "done"
β βββ 13-design.md # UI direction, design tokens, component inventory
βββ scripts/ # helper automation scripts
β βββ scaffold.sh # bootstraps standard project skeleton
β βββ validate_env.py # validates .env variables against .env.example
β βββ gen_schema.py # compiles SQLAlchemy models to DB_SCHEMA.md
β βββ cost_estimate.py # calculates rough monthly cloud + LLM cost
βββ assets/ # pre-packaged templates
βββ github-actions-templates/ # CI/CD pipelines (ci-python.yml, deploy-ecs, etc.)
βββ terraform-modules/ # modular cloud infra (network, ECS, RDS)
βββ docker-templates/ # optimized multi-stage Dockerfiles
- Cursor rules:
.cursor/rules/softco.mdc - Windsurf rules:
.windsurf/rules/softco.md - Cline custom rules:
.clinerules/softco.md - OpenAI Codex hooks:
.codex/hooks.json - GitHub Copilot instructions:
.github/copilot-instructions.md - Agent configs:
agents/openai.yaml, AGENTS.md, GEMINI.md
Run prompts like these inside any supported agent workspace session:
> build me a small SaaS for tracking gym workouts, with AI workout suggestions
The agent detects intent, loads the SoftCo skill, and starts at Phase 0 (Discovery). Answer the interactive questions, approve the TDR architecture plan, watch the documentation land, and review the test-driven code modules.
> audit this repo and tell me what's missing for production readiness
SoftCo parses the existing project, maps the architecture, and outputs a complete remediation plan (docs/AUDIT.md) scoring test coverage, security vulnerabilities, CI/CD pipelines, and documentation gaps.
> add password reset to my FastAPI app
SoftCo updates docs/MODULES.md and related specs, writes failing tests first, implements the logic, verifies the tests pass, and details the changes in the changelog.
SoftCo strictly adheres to enterprise-grade engineering principles and never:
- Hardcodes API keys, secrets, or passwords (always uses Secrets Manager or
.env.example). - Runs unoptimized or dangerous database queries (e.g.,
SELECT *in production schemas). - Skips the documentation first phase (SDLC rigor is always enforced).
- Merges to the
mainbranch without passing linting, formatting, and test suites. - Implements authentication from scratch when proven libraries exist (Clerk, NextAuth, Supabase).
- Deploys services without active health check and readiness probe endpoints.
- Generates
.envfiles with plaintext production credentials. - Allows un-typed or dangerous types (like
anyin TypeScript) in production code.
This project is licensed under the MIT License β see the LICENSE file for details.
π Project page: https://shihub.online/projects/softco