EN VI
🚀 Open source · Free forever

Claude Code
Project Wizard

Give Claude Code the context it needs — security rules, architecture docs, and team conventions. Configured in 30 seconds, downloaded as a zip.

⚡ Generate My Config Why this matters ↓
Generator

Configure & Download

Fill in your project details — they get pre-written into every generated file. No blanks to hunt down afterwards.

📦 Phase
Phase 0 — Kickstart2 min
1 file · Just trying CLAUDE.md out, no commitment
Phase 1 — Equipped15 min
Solo project · Permissions + architecture docs
Phase 2 — Collaborative ⭐30 min
Team of 2–5 · Hooks + stack templates + decision log
Phase 3 — Battle-Tested1-2 hrs
Production · Full 7-layer security + audit trail + CI/CD
⚡ Framework
Next.js
TypeScript
🐍
FastAPI
Python
🍃
Spring Boot
Java
🐹
Go
Golang
🛠
Custom
Any
📁 Project Details
Phase 2 — Collaborative ⭐
The recommended setup for a team of 2–5 with hooks + decision log.
📦 Files in your zip
Loading…
Phase 2 — Collaborative · Express · ~60 files
After downloading — 3 quick steps:
① Copy files into your project
cp -r my-app/. your-project/
② Make hooks executable
chmod +x .claude/hooks/*.py .claude/hooks/*.sh
③ Open project in Claude Code
claude . # CLAUDE.md auto-loads ✅
The Problem

Claude Code is powerful.
But it's flying blind in your project.

Without proper context, AI makes wrong assumptions, ignores your conventions, and sometimes does dangerous things.

4h+
saved per week on
repeated context setup
20+
dangerous command
patterns blocked by hooks
30s
to configure and
download your zip
0
blank fields — every file
pre-filled with your project info
❌ Without this framework
Claude codes in the dark
  • 😵 Doesn't know your architecture — writes code in the wrong layer
  • 😵 Ignores your conventions — inconsistent style, wrong patterns
  • 😵 No guardrails — could push to main, delete files, run unsafe commands
  • 😵 Forgets decisions your team made — reinvents the wheel every session
  • 😵 CLAUDE.md is vague or nonexistent — "use best practices" means nothing
✅ With this framework
Claude works like a senior teammate
  • 🎯 Knows your exact architecture, layer boundaries, and why they exist
  • 🎯 Follows your code style, naming conventions, and team patterns
  • 🎯 Security hooks block 20+ dangerous commands before they run
  • 🎯 ADR system preserves every architectural decision across sessions
  • 🎯 Specific, actionable CLAUDE.md — not just "use best practices"
What You Get

Everything Claude Code needs
to work correctly

One zip file. Unzip into your project. Claude auto-loads everything.

📋
CLAUDE.md — Your AI Operating Manual
Not a README. This is the instruction manual Claude reads at the start of every session: your stack, architecture rules, commands, security policies, and conventions. All specific, all actionable.
All phases
🛡️
Security Hooks
Python scripts that intercept every command Claude tries to run. Block rm -rf, force push, eval(), prompt injection, and 20+ other attack patterns — before they execute.
Phase 2+
📁
Architecture Docs
Pre-structured templates for ARCHITECTURE.md, DATA-MODELS.md, API-CONTRACTS.md. Claude references these as Source of Truth — so decisions made today aren't forgotten tomorrow.
Phase 1+
⚙️
Permission Rules (.claude/settings.json)
Fine-grained allow/deny/ask rules. Claude can freely write to src/ but must ask before touching package.json or running git commands. Secrets files are fully blocked.
Phase 1+
🗂️
ADR System (Decision Records)
Architecture Decision Records keep institutional knowledge alive. Why did you choose PostgreSQL? Why JWT over sessions? Claude reads these so it never re-debates settled decisions.
Phase 2+
🔍
Path-Scoped Rules
Rules in .claude/rules/ are lazy-loaded only when relevant. Security rules apply near auth code. API rules apply near routes. Save tokens, boost accuracy.
Phase 2+
How It Works

From zero to configured in 3 steps

1
Configure
Choose your phase, framework, and project details in the generator above. Pick which hooks and docs you need.
⬇ Takes ~30 seconds
2
Download
Click Generate & Download. You get a zip with all files pre-filled with your project info — no blanks to hunt down.
📦 One zip file
3
Drop in & Go
Unzip into your project root. Make hooks executable. Open Claude Code — it auto-loads CLAUDE.md and you're done.
✅ Claude is now context-aware
Pick Your Phase

Which situation describes you?

Each phase builds on the previous — upgrading later only adds files, nothing to redo. Pick the one that fits right now.

🧪
Just exploring
I heard about CLAUDE.md and want to see what it does. I'll drop one file into a project and try it out. No commitment.
Phase 0 · 1 file ⏱ 2 minutes
👤
Solo developer, serious project
I code alone but I want Claude to know my architecture, follow my conventions, and stop touching files it shouldn't.
Phase 1 · 17 files ⏱ 15 minutes
👥
Small team building together
2–5 people on the same codebase. We need shared rules, documented decisions, and security guardrails so Claude doesn't do something unexpected.
Phase 2 · ~60 files ⏱ 30 minutes
🏭
Live in production, real users
Our app is live. I need every AI action logged, prompt injection scanning, full supply chain hygiene, and nothing left to chance.
Phase 3 · ~100 files ⏱ 1–2 hours
What does each component actually do?
📋CLAUDE.mdAll phases
The AI's operating manual. Claude reads this at the start of every session — your stack, architecture, commands, coding conventions, and rules. Without it, Claude guesses.
→ Like onboarding a new developer, but for AI
⚙️.claude/settings.jsonPhase 1+
Hard permission rules: what Claude can freely read/write, what it must ask about first, and what is permanently blocked. Claude cannot override these.
→ Like file system permissions, but for AI actions
🛡️Security hooksPhase 2+
Python scripts that intercept every command before it runs. They block rm -rf, force push, eval(), reading .env, and 20+ other attack patterns — automatically, before execution.
→ Like a seatbelt — you don't notice it until you need it
📁Architecture docsPhase 1+
Pre-structured templates for ARCHITECTURE.md, DATA-MODELS.md, and ADRs. Claude references these as Single Source of Truth — so decisions made today aren't forgotten in the next session.
→ Institutional memory that survives context resets
📜Path-scoped rulesPhase 2+
Rules in .claude/rules/ are loaded only when Claude works in matching directories. Security rules near auth code. API rules near routes. Saves tokens, improves accuracy.
→ Context-aware guidance without bloating every prompt
🔍Audit log + Injection scanPhase 3+
Every AI tool call gets logged to audit.jsonl for review. A separate hook scans all tool output for prompt injection patterns before Claude acts on them.
→ Full observability and defense-in-depth for production
⚡ Generate My Config →
🚧 Beta · More coming soon

This is just the beginning

The generator is free and open source. We're building smarter tools — VS Code extension, GitHub Action CI integration, and AI-powered auto-fill. Drop your email to get notified when they ship.

VS Code Extension
Generate and apply configs directly from your editor without leaving VS Code.
GitHub Action
Automatically validate CLAUDE.md is up to date on every PR in CI.
AI Auto-Fill
Point at your repo — AI reads your stack and fills in all the config fields for you.
Phase 4 — Enterprise
SOC 2 controls, multi-repo governance, team-wide policy enforcement.
Resources

Go deeper with official docs

Everything you need to understand how Claude Code works under the hood.

📋 Opinion
Why CLAUDE.md Is the Most Important File in Your Project
Claude Code has no memory between sessions. Here's the one file that fixes this and transforms output quality from mediocre to excellent — across every single session.
Read on ShipWithAI →
🛡️ Tutorial
Claude Code Hooks: The Power Feature Nobody Talks About
Hooks let you run custom scripts at 17 different points in Claude Code's workflow. How to use all 4 handler types for security, logging, and automation.
Read on ShipWithAI →
⚠️ Case Study
I Set Up 3 Layers of Defense. It Deleted My File Anyway.
A real-world lesson on why security configuration matters more than security layers — and how a single character fix changed everything.
Read on ShipWithAI →
✅ Listicle
5 Claude Code Mistakes Every Developer Makes
After helping hundreds of developers adopt Claude Code, here are the most common mistakes I see — and the simple fixes that make all the difference.
Read on ShipWithAI →
🔒 Security
How I Protect Sensitive Code While Using Claude Code
4 battle-tested strategies to use Claude Code without exposing API keys, credentials, or proprietary code — ranked by security, speed, and daily sustainability.
Read on ShipWithAI →
📚 Tutorial
Claude Code Components Explained: Skills, Hooks, Agents & More
Master every Claude Code building block — CLAUDE.md, Skills, Commands, Hooks, Agents, and Plugins — with real code and a cheat sheet.
Read on ShipWithAI →
FAQ
What exactly is CLAUDE.md?
CLAUDE.md is a special file that Claude Code automatically reads at the start of every session. Think of it as an operating manual for Claude — not a README for humans, but a specific set of instructions for the AI: what your stack is, how your architecture works, what commands to use, what to never do, and what coding conventions to follow. Without it, Claude guesses. With it, Claude follows your rules.
How is this different from just writing my own CLAUDE.md?
You can write your own — but most people write vague ones like "use best practices" that Claude ignores. This framework gives you a proven structure with specific, actionable sections. It also includes the security hooks, permission settings, and documentation templates that take hours to set up manually. Phase 2 alone has ~60 files that would take 30+ minutes to write from scratch.
Which phase should I start with?
Phase 0 — Kickstart if you just want to try CLAUDE.md out — 2 minutes, one file, zero commitment.
Phase 1 — Equipped for solo projects that need basic permissions + architecture docs.
Phase 2 — Collaborative ⭐ is the recommended starting point for teams of 2–5 — hooks, stack templates, and a decision log. 30 minutes of setup that saves hours of confusion.
Phase 3 — Battle-Tested if you're live in production and need full 7-layer security, audit trail, and CI/CD.

Every phase is a superset of the previous — you can always upgrade later without redoing anything.
What are the security hooks and why do I need them?
Security hooks are Python scripts that Claude Code runs automatically before and after every tool use. The validate-command.py hook blocks dangerous bash patterns like rm -rf /, git push --force, eval(), and network exfiltration attempts. The protect-files.py hook prevents Claude from reading or writing your .env files, secrets, or even modifying CLAUDE.md itself. These aren't just advisory rules — they actually intercept and block execution.
What is CLAUDE.local.md?
CLAUDE.local.md is a personal override file that you never commit to git. Use it for your own preferences — "explain things in Vietnamese", "show me the diff before committing", "I'm working on the payments module this sprint". It takes priority over CLAUDE.md, so your personal settings override team settings without affecting your teammates.
Does this work with tools other than Claude Code?
The CLAUDE.md principles work with any AI coding assistant — Cursor, GitHub Copilot, or any LLM that can read files. The security hooks and settings.json are specific to Claude Code's hook system. The documentation files (ARCHITECTURE.md, ADRs, etc.) are universally useful regardless of what AI tools you use.
My project already has some of these files. Will this overwrite them?
The zip is just a folder with files — nothing is applied automatically. You review the contents and manually copy what you want. If you already have a CLAUDE.md, you can open both and merge the sections you want to adopt. If you already have .gitignore, just add our entries to yours. You're always in control.
✅ Downloaded! Unzip and drop into your project.