The problem Ghost Watcher™ solves
Ghost Architect™ has always been a pre-engagement triage tool. You run it before a project kicks off, before a change goes in, before a client signs. You get a map of the codebase -- blast radius, conflict surface, risk profile -- and you go in with eyes open.
But there is a gap. Once a project is underway, developers are committing code every day. Every commit is a new risk surface. Every push changes the blast radius of every other file. The pre-engagement scan you ran two weeks ago is already stale.
Ghost Watcher™ closes that gap. It watches every commit, runs the same analysis you would run manually, and delivers the results automatically -- before anyone has a chance to miss them.
How Ghost Watcher™ works
The loop is straightforward. A developer pushes a commit. GitHub Actions triggers. Ghost Watcher™ spins up on a clean Ubuntu runner, installs Ghost Architect™, checks out the repo, identifies what changed, and runs a full analysis pipeline against the changed files in the context of the full codebase.
Ghost Watcher™ identifies exactly which files changed in the commit using git diff. Only changed files are analyzed as the primary targets -- but the full codebase context is loaded to understand downstream impact.
Which files does this change affect? Ghost maps the dependency graph and produces a blast radius for every changed file -- how many other files would need to change, what is the rollback complexity, what is the risk tier.
Ghost scans for contract mismatches, schema conflicts, and config errors between the changed files and the rest of the codebase. These are the bugs that compile cleanly and only surface at runtime -- or in production.
Every finding gets a Ghost Brief™ prompt -- a structured, blast-radius-aware instruction set your AI coding agent can execute immediately. No translating findings into prompts. No guessing what to fix first. Ghost briefs the AI. The AI fixes the code.
Findings, severity chips, and Ghost Brief™ prompts appear in Ghost Portal under the Ghost Watcher™ tab. Commits tab shows the full history. Findings tab aggregates across all watched commits. Prompts tab has every Ghost Brief™ prompt ready to copy with one click.
When the commit is part of a pull request, Ghost Watcher™ posts a comment directly on the PR -- findings count, severity breakdown, Phase 1 and Phase 2 remediation list, and a link to Ghost Portal to copy prompts. The reviewer sees it before they read a single line of diff.
What Ghost Watcher™ finds
On the first run against Ghost Architect™'s own 194-file codebase -- a real production TypeScript and JavaScript codebase -- Ghost Watcher™ surfaced:
- 55 findings across Blast Radius and Conflict Detection
- 1 critical, 7 high, 33 medium, 14 low severity breakdown
- 50 Ghost Brief™ prompts generated and ready to copy
- Findings included schema mismatches, authentication single points of failure, SQL injection patterns, and blast radius surprises in files that looked unrelated to the change
This was a commit that touched two files. Ghost Watcher™ found 55 reasons to pay attention.
Setting up Ghost Watcher™
Setup runs through the Ghost CLI menu. No YAML editing. No workflow file writing. Ghost handles it.
ghost
Select Ghost Watcher™ → Enable Watch from the menu. The wizard asks:
- Which GitHub repo to watch
- Which branches to monitor (with custom branch support)
- Which scans to run -- Blast Radius, Conflict Detection, Ghost Brief™
- Whether to post PR comments
- Email notification addresses
- Your GitHub Personal Access Token
- Estimated commits per day -- Ghost shows you the cost estimate before you confirm
Ghost pushes ghost-watcher.yaml and .github/workflows/ghost-watcher.yml to your repo. Version-pinned to the installed Ghost version. Custom branches injected directly into the GitHub Actions trigger.
Then add four secrets to your GitHub repo settings:
| Secret | What it is |
|---|---|
ANTHROPIC_API_KEY | Your Anthropic API key (BYOK) |
GHOST_LICENSE_KEY | Your Ghost Team or Enterprise license key |
GHOST_PORTAL_REPO | Your ghost-reports repo URL |
GHOST_PORTAL_TOKEN | GitHub PAT with repo write scope |
Push a commit. Ghost Watcher™ fires. Results appear in Ghost Portal.
Ghost Portal -- the command center
Every Ghost Watcher™ run lands in Ghost Portal under the Ghost Watcher™ tile. Three tabs:
- Commits -- every watched commit with severity chips. Click any commit to expand findings and Ghost Brief™ prompts inline.
- Findings -- all findings aggregated across all watched commits, sorted by severity. Critical at the top.
- Prompts -- all Ghost Brief™ prompts from all watched commits, ready to copy with one click. Paste into Claude Code, Cursor, or any AI coding tool.
The Portal is where the loop closes. Developer commits. Ghost Watcher™ fires. Findings land. Developer opens Portal, copies the prompt for the critical finding, pastes it into Claude Code, ships the fix, and commits again. Ghost Watcher™ fires again. Findings drop. The codebase gets cleaner with every commit.
Cost transparency
Ghost Watcher™ is BYOK -- Bring Your Own Key. You pay Anthropic directly for API usage. Ghost does not mark up API costs or charge per scan.
The Enable Watch wizard shows a cost estimate before you confirm setup:
| Scans enabled | Estimated cost per commit |
|---|---|
| Blast Radius only | $0.15 – $0.30 |
| Blast Radius + Conflict Detection | $0.95 – $1.80 |
| Full pipeline (all three scans) | $1.50 – $2.50 |
On a team doing 10 commits per day, full pipeline costs run $15 – $25 per day. For a team that catches one production incident per month that would have cost $10,000 to fix, the math is straightforward.
Ghost Watcher™ never blocks a commit
This is a hard design constraint. Ghost Watcher™ is advisory only. Findings are surfaced for remediation -- they never prevent a commit from going through. Exit code is always 0.
If the Anthropic API goes down mid-scan, Ghost Watcher™ catches the error, logs it as non-fatal, delivers whatever it completed, and exits 0. The commit still ships. The developer still gets whatever findings were generated before the failure.
You can also add [ghost-skip] to any commit message to bypass Ghost Watcher™ entirely for that commit. Documentation commits, version bumps, and merge commits do not need a full codebase analysis.
Iteration limits and cost control
Ghost Watcher™ includes a configurable iteration limit. Set iterations.max in ghost-watcher.yaml and Ghost Watcher™ will stop running after that many commits on a given PR. The default is 10. When the limit is reached, Ghost Watcher™ exits gracefully and directs the developer to Ghost Portal to review findings from earlier runs.
This prevents runaway costs on long-lived PRs with dozens of commits. You control how much analysis a single PR gets.
Who Ghost Watcher™ is for
Ghost Watcher™ is available on Ghost Team ($399/month) and Ghost Enterprise ($1,200/month) memberships.
Ghost Team is built for agencies, consultancies, and engineering teams who want continuous codebase intelligence without the overhead of manual reviews. Up to 5 developers. Up to 3 repos watched. Full Ghost Brief™ pipeline on every commit.
Ghost Enterprise is for organizations with multiple codebases, large teams, and compliance requirements. Unlimited developers. Unlimited repos. Priority support.
What ships in v9.0.8
Ghost Watcher™ ships as part of Ghost Architect™ v9.0.8. Here is everything in this release:
- Ghost Watcher™ core pipeline --
ghost --watcher-commitheadless CI mode with Blast Radius, Conflict Detection, and Ghost Brief™ - GitHub Actions workflow template -- auto-generated, version-pinned, branch-injected
- Enable Watch wizard -- full interactive setup with cost estimator, custom branch support, and back/cancel at every step
- Ghost Portal Watch tab -- Commits, Findings, and Prompts with one-click copy
- PR comment -- automatic findings summary on every pull request
- Email notifications -- findings summary after each run
- Team tier context cap -- 150,000 token limit correctly applied in CI
- CI license validation -- fingerprint bypass on ephemeral runners
- ghost-skip tag -- bypass Ghost Watcher™ on specific commits
- Watch Status and Disable Watch -- manage Ghost Watcher™ from the CLI menu with back/cancel support
What comes next
Ghost Watcher™ v9.0.8 is the foundation. The roadmap for v9.0.x includes:
- Auto-inject secrets via GitHub OAuth -- the wizard handles all four secrets automatically. No manual GitHub settings.
- Ghost Pulse integration -- Ghost Watcher™ run telemetry in your Ghost Pulse dashboard. See which repos are being watched, how many findings per day, and whether your codebase is getting cleaner over time.
- CI token provisioning -- dedicated CI license tokens without machine fingerprinting, provisioned automatically during Enable Watch setup.
- Configure Watch wizard -- change branches, scan types, and notifications without editing YAML.
- Resumability -- if the Anthropic API fails mid-scan, Ghost Watcher™ picks up where it left off on the next run instead of starting over.
Ghost Watcher™ is live now.
Available on Ghost Team and Enterprise memberships. Install Ghost Architect™ v9.0.8 and run the Enable Watch wizard to get started.
View Ghost Team pricing →