Ghost Architect™
v11.0.3 · Your code never touches our servers. We don't have any. · LIVE NOW

Pre-engagement triage.
Any codebase, any language, any platform.

Your code never touches our servers. We don't have any.

One finding pays for a year of Ghost.

Start Free Trial -- 7 Days Pro Max See Plans → Install Ghost Open Free →
View the source code before you install
$ npm install -g ghost-architect-open FREE
$0.23
Cost Per Scan
18
Findings Surfaced
<10
Minutes
100%
Local Execution
Senior architects on inherited codebases
Agencies managing 3+ client projects
CTOs doing pre-acquisition due diligence
Fractional CTOs evaluating new engagements
Greenfield projects on modern stacks
// last scan caught
OAuth access tokens exposed in window.facebookBusinessExtensionConfig
Readable via DevTools by any attacker. Est. impact: full Facebook Business account takeover.

Ghost Triple Crown™

Three passes. One complete picture.

01

Blast Radius™

Maps every file that breaks if you change something. Know the impact before you touch the code.

02

Conflict Detection™

Finds where two sides of the codebase expect different things. Catches contract mismatches before they hit production.

03

Ghost Brief™

Generates a developer-ready remediation prompt for every finding. Paste directly into Claude Code, Cursor, or Copilot.

Ghost Watcher™ runs the Ghost Triple Crown™ automatically on every commit. No configuration. No manual scans. Every push, every time.

PRO · TEAM · ENTERPRISE
// feature spotlight · inheritance audit

Know what's in the codebase
before you sign.

The independent codebase audit trusted before the LOI, the SOW, and the board meeting. Four analyzers, one deal-grade PDF. Run it in roughly 60 seconds for roughly $0.02 in API charges.

Built for the people writing the check. Agency founders pricing the SOW, PE diligence teams pre-LOI, and fractional CTOs walking into engagements cold.

See the audit → Unlock on Ghost Pro →
Premium feature · Ghost Pro, Team, Enterprise
~$0.02
API Charges
~60s
Runtime
4
Analyzers
5-page
Deal-Grade PDF
// four analyzers · one report
01Stack Reality. Frameworks, runtimes, EOL flags.
02Key-Person Risk. Bus factor, departed contributors.
03Hidden Deps. License risk, EOL exposure.
04Modernization Roadmap. Stabilize or rebuild, 90-day plan.
FREE ON GHOST OPEN
// feature spotlight · prompt triage

Your prompts are production code.
Find the bugs.

If you ship AI features, your prompts are running in production. Most teams have zero review process for them. Ghost Architect™ reads a folder of LLM prompts and surfaces 16 categories of defects: ambiguous instructions, conflicting directives, prompt injection patterns, token overflows, undefined output formats, and more.

Cleaner prompts behave more predictably in production. They also burn fewer tokens and cut your API bill.

See the 16 detectors → Install on npm →
16
Defect Categories
$0.41
Live Test Cost
116
Findings, One Run
100%
Local Execution
// caught in 16 categories
Ambiguity Conflicts Token Overflow Injection Patterns Undefined Output Unbounded Output Role Bleed Integration Mismatch +8 more
// capabilities

Everything hiding in the codebase
before you sign the contract.

Ghost Architect™ analyzes the entire codebase and surfaces architectural risks, conflicts, and vulnerabilities before they become production incidents.

Ghost Triple Crown™
The three-pass analysis that runs automatically on every Ghost Watcher™ commit.
👑 Triple Crown
💥

Blast Radius Analysis

Before you make a change, understand the full impact. Every dependency, every affected flow, with a rollback plan included.

👑 Triple Crown

Conflict Detection

Find contract mismatches, schema conflicts, config errors, and constant disagreements across any language or platform.

👑 Triple Crown NEW
📋

Ghost Brief™

Ghost finds it. Ghost tells the AI exactly what to do. The AI does it.

This is not vibe coding. This is governed AI remediation. One scan, one Brief, one prompt pack your AI agent executes in the right order. Surgical fixes first. Broad changes last. You control what moves and when.

We held ourselves to this standard before we asked you to buy it. We pointed Ghost at our own 42,729-line production codebase. 7 passes. 53 fixes. Zero regressions. Less than 24 hours. $3.75 in total scan cost. Full story →

See Ghost Brief™ →

🗺

Points of Interest Scan

Auto-map red flags, dead zones, fault lines, and landmarks across your entire codebase. Know what matters before you touch it.

🔍

Recon -- Engagement Sizing

Walk into the scoping call with data. Recon counts files, gauges complexity, projects scan cost, and proposes a multi-pass plan before you spend a cent on analysis.

PRO+
📋

Inheritance Audit

Four analyzers, one deal-grade PDF in ~60s for ~$0.02. Stack reality, key-person risk, hidden deps, and a 90-day modernization roadmap. Built for agencies, PE diligence, and fractional CTOs. See the audit →

OPEN+
🧪

Prompt Triage

If you ship AI features, your prompts are production code. Ghost audits a folder of LLM prompts and surfaces 16 categories of defects backed by the Tian et al. 2025 academic taxonomy. Learn more →

NEW
📊

Executive Brief™

One page. Plain language. Built for the person who signs the check.

After every scan, Ghost generates an Executive Brief: a one-page business intelligence report with a health score, plain-language risk summary, and a cost comparison showing what remediation costs manually versus with AI. No jargon. No code. Just the business case.

24 hours of manual remediation at $4,800 becomes 3 hours and $3.60 in API costs. That table closes deals. Available on Pro Max, Team Max, and Enterprise Max.

👤

Ghost Partner™ Profiles

Your name. Your branding. Your methodology. White-labeled across every report.

A Ghost Partner Profile injects your firm name, accent color, logo, billing rates, and audit methodology into every report Ghost generates. All seven report types. One profile file. The client sees your deliverable -- not Ghost Architect’s.

Create a profile in two minutes with the built-in wizard. Load it from the top-level menu, set it as your default, or point Ghost at your existing methodology document. Available on Ghost Pro and higher.

"Your client's code stays yours."

Your code never touches our servers. We don't have any. Every scan runs on your infrastructure -- your API key, your GitHub Actions runner, your GitHub repo. Ghost is the only codebase intelligence tool with nothing to breach.

🖥

Your Infrastructure

Your scan runs on your infrastructure. Your API key. Your GitHub Actions runner. Your code never touches Ghost servers.

🔑

Your API Key, Your Agreement

You bring your own Anthropic API key. Ghost Architect™ is never in the middle.

🚫

No Persistence

Nothing is stored, logged, or retained outside your own filesystem. Ever.

Zero Vulnerabilities

Ghost Architect™ has been audited with npm audit and contains zero known vulnerabilities across all dependencies. Verifiable by anyone.

🌐

Any Repo, Any Platform

GitHub, GitLab, Bitbucket -- public or private. Authenticate with a personal access token and scan. No ZIP download required. Any language. Any framework.

You signed the contract.
Now find out what's actually in there.

Most agency engagements lose money in the first two weeks. It is almost never the team's fault. The team executes. The problem is upstream: somebody scoped a contract on a codebase nobody had ever read. Ghost Architect™ closes that gap. The audit you would have paid a senior engineer two weeks to do, in an afternoon, for under five dollars.

42%
Of agency engagements run over on sprint one. Margin disappears before kickoff.
$18K
Typical write-off per misscoped engagement. Comes out of your margin, not the client.
$0.45
What a full Ghost scan costs in Anthropic API usage. Ghost Pro is $99/mo on top.

One avoided misscope pays for Ghost Pro for fifteen years. Read the full case for agency owners, including the eight questions every owner should be able to answer before signing, ROI math on a real $120K Adobe Commerce engagement, and tier comparison.

Read the case for agency owners → See plans

Built for how agency teams
actually work.

Your developers aren't pulling client codebases to their laptops. They're working from repos. Ghost Architect™ works the same way. Point Ghost at any GitHub, GitLab, or Bitbucket repository -- public or private -- authenticate with a personal access token, and run your scan. The entire analysis happens on your local machine. No code is uploaded. No third party ever sees your client's codebase.

🔗

Private Repo Support

Authenticate with a personal access token. Ghost clones the repo locally, scans it, and removes the clone when done. Your client's code never touches our infrastructure -- because there is no our infrastructure.

📁

Selective Path Scanning

Point Ghost at a specific directory within a large repo. Scan the module you're working on, not the entire monorepo.

📑

Same-Day Client Deliverables

Every scan produces a branded PDF for stakeholders, a TXT for developers, and a MD for your team to commit. Hand it to the client the same day.

💰

Per-Seat Cost Visibility

Each developer runs Ghost with their own Anthropic API key -- giving your agency complete visibility into usage and cost at the individual seat level. No black box billing.

Agency-tier plans available. Ghost Architect™ offers plans designed for multi-client portfolios, team access, and enterprise delivery workflows. See pricing →

Solo developer or independent architect? Ghost Architect™ works just as well for individuals. Start with Ghost Open free, upgrade when you need more.

Ghost Architect Partner™
your methodology, your branding, your rates.

Ghost Partner™ is the consultant edition of Ghost Architect. Load a profile YAML that injects your audit methodology, billing rates, and branding into every scan. The findings are still Ghost's. The framing, the priorities, and the dollar estimates are yours.

📜

Profile Loading

Drop a partner profile YAML at scan time. Ghost picks up your firm's methodology, severity weighting, and remediation framework automatically.

💰

Per-Profile Billing Rates

Override the default tiered billing ($85 / $125 / $200) with your own rates. Junior, mid, and senior dollar estimates reflect what you actually charge clients.

🎨

Branded PDF Output

Your firm's logo on the PDF header. Your brand colors. Your methodology signature in the executive summary. Hand it to the client without re-skinning anything.

🎯

Methodology Injection

If your firm runs every audit through a specific framework -- OWASP, SANS Top 25, your own internal checklist -- the partner profile makes it part of every scan output.

Available on Ghost Pro and above. Ghost Partner profile loading and per-profile billing rates ship with Pro ($99/mo). White-label PDF output ships with Enterprise (from $1,200/mo). See pricing →
// proof of concept

Real analysis. Real findings.

Ghost Architect™ analyzed 658 files in a real eCommerce extension and surfaced 18 architectural findings -- conflict mismatches, security risks, and integration vulnerabilities -- in under 10 minutes.

658
Files
18
Findings
<10
Minutes
7
PDF Pages
Download the Full Report ↓  // PDF · 7 pages · real eCommerce codebase · 18 findings
// Finding #1 · Critical

Client-Side Credential Exposure

OAuth access tokens exposed client-side in a global config object. Full third-party account takeover possible.

Est. fix: 8–12 hrs · Complexity: HIGH
// Finding #9 · Critical

Ad Spend Inflation Race Condition

Event deduplication race condition producing 10-20% duplicate API events. Inflates ad spend and corrupts conversion data.

Est. fix: 10–14 hrs · Complexity: CRITICAL
// Finding #3 · High

Mass Assignment Config Vulnerability

Arbitrary POST parameters saved directly to the core configuration store with no validation or allowlist. Combined with missing CSRF protection -- any system configuration value is writable by an attacker.

Est. fix: 6–8 hrs · Complexity: HIGH

These are 3 of 18 findings from a real eCommerce extension. Download the full report ↓

// frequently asked

Common questions.

What is Ghost Brief™?

Ghost Brief™ is the governed AI remediation pipeline built into Ghost Architect™. After any scan, Ghost converts your findings into a validated, blast-radius-aware prompt pack. Each prompt tells your AI coding agent exactly what to fix, which files to touch, which files to leave alone, and how to verify the fix landed. Ghost finds it. Ghost tells the AI exactly what to do. The AI does it.

Which tiers include Ghost Brief™?

Ghost Brief™ is included in Ghost Pro Max ($199/mo), Ghost Team Max ($799/mo), and Ghost Enterprise Max ($2,500/mo). Ghost Pro Max generates an individual Brief after every scan. Ghost Team Max adds the Unified Brief, which consolidates every architect's findings into one master prompt pack for the whole codebase. Ghost Enterprise Max adds unlimited Briefs, formal MSA, and dedicated Ghost Partner co-engagement.

Which AI coding agents work with Ghost Brief™?

Any of them. ghost-brief.json is a plain JSON file. Feed it to Claude Code, Cursor, GitHub Copilot, or any other AI coding agent. Ghost does not lock you into a platform. Claude Code is the primary target and was used for all internal testing.

Does Ghost Brief™ write or modify code?

No. Ghost Brief™ produces a prompt pack. Your AI coding agent executes the prompts. Ghost never touches your code. Ghost scans, Ghost briefs, the AI fixes.

What is blast radius and why does it matter for AI agents?

Blast radius measures how many parts of your codebase a change could affect. Ghost Brief™ sorts every prompt by blast radius, surgical fixes first and broad changes last, so your AI agent works in the safest possible order. Most AI agents are eager. They will fix what you point them at and break things you did not know were connected. Ghost Brief™ governs the sequence.

What exactly does Ghost Architect do?

Ghost Architect scans your codebase and produces a structured triage report -- categorizing every finding by severity (Critical, High, Medium, Low), flagging architectural risks, security vulnerabilities, and conflict mismatches. It gives your team a prioritized map of where to start, not a raw list of every issue. Output is a branded PDF for stakeholders, a TXT for developers, and a Markdown file your team can commit.

Does Ghost Architect upload my code anywhere?

No. Ghost Architect runs on your own infrastructure. Your API key, your GitHub Actions runner, your GitHub repo. Ghost has no servers. Your code never touches us. Analysis calls go directly from your machine to Anthropic's API using your own API key. Anthropic deletes API inputs and outputs within 7 days per their data retention policy.

What languages and platforms does it support?

Ghost Architect works on any codebase, any language, any platform. PHP, JavaScript, TypeScript, Python, Ruby, Java -- it doesn't matter. It's framework-aware and analyzes code structure, dependency relationships, configuration files, and integration patterns regardless of what stack you're running. Adobe Commerce and Magento are common use cases, but they're not requirements.

How much does an Anthropic API key cost to run?

A typical Ghost Architect scan costs $0.23 in Anthropic API usage. Most Pro users run 10–20 scans per month, putting their total API cost at $2–5/month on top of the membership. You can verify this yourself -- Ghost prints the exact cost of every scan in the terminal output. There are no hidden fees or usage caps imposed by Ghost Architect.

How is Ghost Architect different from running a linter or static analysis tool?

Linters catch syntax errors and style violations. Static analysis tools find known vulnerability patterns. Ghost Architect does something different -- it reasons about your codebase architecturally. It identifies how components relate to each other, where integrations are fragile, what the blast radius of a change would be, and which findings represent real business risk versus noise. It's triage intelligence, not a rule-based scanner.

Can I use Ghost Architect on a client's private repository?

Yes. Ghost Architect supports private GitHub, GitLab, and Bitbucket repositories. You authenticate with a personal access token, Ghost clones the repo locally, runs the scan, and removes the local clone when done. Your client's code never touches any third-party infrastructure beyond your own Anthropic API key. This makes it safe to use under NDA with enterprise clients.

👻 See Plans →