# oneredoak/claude-code-workflows

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/oneredoak-claude-code-workflows).**

3,636 stars · 538 forks · mit

## Links

- GitHub: https://github.com/OneRedOak/claude-code-workflows
- awesome-repositories: https://awesome-repositories.com/repository/oneredoak-claude-code-workflows.md

## Description

This project is a suite of automated tools and an LLM code review framework designed for design auditing, security scanning, and AI-driven code analysis. It functions as a developer workflow orchestrator that uses static analysis agents and agent-based workflows to automate pull request analysis and security audits.

The system employs a dual-loop agent architecture to coordinate primary analysis and secondary verification, reducing false positives. It distinguishes itself through the use of browser automation to perform live UI component testing and verify frontend changes against accessibility standards and brand guidelines.

The framework integrates into CI/CD pipelines to trigger automated security reviews and code audits before human intervention. It covers a broad range of capabilities including third-party dependency auditing, severity-based vulnerability classification, and the enforcement of organization-specific engineering standards and security policies.

## Tags

### Artificial Intelligence & ML

- [Critic Agent Loops](https://awesome-repositories.com/f/artificial-intelligence-ml/agentic-reasoning-loops/critic-agent-loops.md) — Employs a dual-loop architecture using critic-agent loops to coordinate primary analysis and secondary verification.
- [Review Customization](https://awesome-repositories.com/f/artificial-intelligence-ml/ai-code-reviewers/review-customization.md) — Allows customization of review prompts and categories to match organization-specific architectural and quality standards. ([source](https://github.com/OneRedOak/claude-code-workflows/tree/main/code-review))

### Testing & Quality Assurance

- [Agentic Code Reviews](https://awesome-repositories.com/f/testing-quality-assurance/code-quality-review/agentic-code-reviews.md) — Employs a dual-loop agent architecture to automate pull request analysis and security audits using LLMs. ([source](https://github.com/OneRedOak/claude-code-workflows#readme))
- [Automated Design Audits](https://awesome-repositories.com/f/testing-quality-assurance/automated-design-audits.md) — Assesses front-end changes against established design principles and user experience standards during pull requests. ([source](https://github.com/OneRedOak/claude-code-workflows#readme))
- [Browser Automation](https://awesome-repositories.com/f/testing-quality-assurance/automation-interaction-tools/browser-automation.md) — Provides tools for simulating user interactions in web browsers to verify frontend visual behavior and accessibility standards.
- [Automated Code Review](https://awesome-repositories.com/f/testing-quality-assurance/code-quality-review/automated-code-review.md) — Runs automated agents to check pull requests for bugs, style guide adherence, and architectural patterns.
- [Component and Interaction Testing](https://awesome-repositories.com/f/testing-quality-assurance/general-testing-utilities/test-utilities-assertions/browser-ui-interaction/component-interaction-testing.md) — Interacts with live UI elements using browser automation to verify visual behavior and interactive functionality. ([source](https://github.com/OneRedOak/claude-code-workflows/tree/main/design-review))

### Part of an Awesome List

- [Automated Code Review](https://awesome-repositories.com/f/awesome-lists/devtools/automated-code-review.md) — Integrates automated review agents into CI/CD pipelines to provide feedback on pull requests. ([source](https://github.com/OneRedOak/claude-code-workflows/blob/main/code-review))
- [Security and Vulnerability Scanning](https://awesome-repositories.com/f/awesome-lists/security/security-and-vulnerability-scanning.md) — Detects vulnerabilities, exposed secrets, and risky external dependencies in code changes using industry standards.

### Development Tools & Productivity

- [Pull Request Analysis Agents](https://awesome-repositories.com/f/development-tools-productivity/developer-utilities-libraries/developer-tools/version-control-ecosystems/github-integrations/automated-pull-request-reviewers/pull-request-analysis-agents.md) — Uses AI-driven agents triggered via CI actions to perform deep reasoning and analysis of pull request modifications.
- [Development Workflow Orchestrators](https://awesome-repositories.com/f/development-tools-productivity/development-workflow-orchestrators.md) — Implements an orchestrator using slash commands and agents to coordinate on-demand code and architectural reviews.
- [Vulnerability Review Scanners](https://awesome-repositories.com/f/development-tools-productivity/pull-request-review-tools/vulnerability-review-scanners.md) — Performs automated security reviews on pull requests to identify vulnerabilities and exposed secrets. ([source](https://github.com/OneRedOak/claude-code-workflows#readme))
- [Slash Command Analysis Triggers](https://awesome-repositories.com/f/development-tools-productivity/slash-command-analysis-triggers.md) — Implements specialized slash commands to execute instant code analysis on specific commits or pull requests.

### DevOps & Infrastructure

- [Security Scanning Integrations](https://awesome-repositories.com/f/devops-infrastructure/ci-cd-pipeline-integrations/security-scanning-integrations.md) — Embeds automated security vulnerability scanning into CI/CD pipelines for inline feedback on pull requests. ([source](https://github.com/OneRedOak/claude-code-workflows/blob/main/security-review))
- [CI Pipeline Integrations](https://awesome-repositories.com/f/devops-infrastructure/ci-cd-pipelines/ci-pipeline-integrations.md) — Triggers automated code and security analysis within deployment pipelines to validate changes before human review.

### Education & Learning Resources

- [Automated](https://awesome-repositories.com/f/education-learning-resources/design-principles/design-auditing/automated.md) — Verifies frontend code against design principles and accessibility standards via automated scanning of code and URLs.

### Security & Cryptography

- [CI/CD](https://awesome-repositories.com/f/security-cryptography/security/supply-chain/ci-cd.md) — Provides automated detection of vulnerabilities and secrets specifically integrated into CI/CD pipelines.
- [Finding Classification](https://awesome-repositories.com/f/security-cryptography/finding-classification.md) — Categorizes and prioritizes security vulnerabilities and bugs by risk level to guide remediation.
- [Dependency Vulnerability Scanning](https://awesome-repositories.com/f/security-cryptography/security-auditing/dependency-vulnerability-scanning.md) — Includes utilities for auditing third-party dependencies and external libraries for known security risks. ([source](https://github.com/OneRedOak/claude-code-workflows/tree/main/security-review))

### Software Engineering & Architecture

- [Coding Convention Engines](https://awesome-repositories.com/f/software-engineering-architecture/architectural-design-patterns/state-management/state-logic-and-utilities/context-aware-state-engines/context-aware-validation-engines/coding-convention-engines.md) — Applies organization-specific coding conventions and design guidelines to tailor the automated review process.
- [Coding Standards Enforcement](https://awesome-repositories.com/f/software-engineering-architecture/coding-standards-enforcement.md) — Enforces organization-specific coding conventions and design principles across the codebase through automated audits.
- [On-Demand Code Analysis](https://awesome-repositories.com/f/software-engineering-architecture/custom-action-handlers/on-demand-action-executions/on-demand-code-analysis.md) — Enables instant code analysis on specific commits or pull requests using specialized slash commands. ([source](https://github.com/OneRedOak/claude-code-workflows/tree/main/code-review))
- [Static Analysis Engines](https://awesome-repositories.com/f/software-engineering-architecture/static-analysis-engines.md) — Uses AI-driven static analysis to enforce organizational coding conventions and style guides.

### User Interface & Experience

- [Visual Compliance Validations](https://awesome-repositories.com/f/user-interface-experience/ui-architecture/design-utilities/design-guidelines/visual-compliance-validations.md) — Checks user interface changes against brand guidelines and accessibility standards using browser automation.
- [Design System Enforcement](https://awesome-repositories.com/f/user-interface-experience/ui-architecture/design-utilities/design-system-specifications/design-system-enforcement.md) — Enforces project-specific brand guidelines and design principles to maintain visual consistency. ([source](https://github.com/OneRedOak/claude-code-workflows/tree/main/design-review))