disclosure: this is my open source project ( github ), free and MIT licensed. sharing because the claude code workflow is the interesting part. my background is 15 years of ux at faang companies. decided to relearn dev this past year and claude code has been my primary tool. wanted to share the workflow stuff because i think its useful for other people building ambitious projects with it. the problem i was solving claude generates code differently every time. same prompt, different day, different components, different styling, different patterns. coming from design systems where consistency is the whole point, this was making me lose my mind. so i decided to build a component library and framework that constrains the output. workflow stuff that actually helped CLAUDE.md is everything. i have a massive CLAUDE.md file with architecture decisions, design system rules, coding conventions, security requirements. claude code reads this at the start of every session. without it the output drifts immediately. with it, consistency goes way up. AGENTS.md for component discovery. every package ships a markdown file listing all exports with props and examples. when claude reads these it imports existing components instead of generating new ones from scratch. this single pattern probably saved me more time than anything else. subagents for parallel work. i use subagents heavily. one exploring the codebase, one writing tests, one doing security audits, all running in parallel. keeps the main context window clean. plan mode before anything complex. any task over 3 steps, i make claude plan first. the plans arent always right but they catch problems before i waste 20 minutes going the wrong direction. security auditing workflow. i ran 12 rounds where i basically told claude “try to break this.” it found regex denial of service, path traversal, prototype pollution, timing attacks, missing security headers. each round found stuff the previous round missed. the adversarial prompting approach is genuinely powerful for security. what came out of it 13 npm packages. 109+ react components. 18 themes. own vite 7 runtime with file system routing and ssr. auth, payments, ai cost tracking, security middleware. 3,221 tests. going from zero framework experience to this in a few months of sporadic work is wild. not possible without claude code. what didnt work long sessions degrade. after ~30 min of heavy editing the context gets noisy and claude starts making worse decisions. i break sessions frequently claude loves to over engineer. i have explicit rules in CLAUDE.md about not adding features beyond whats asked. it still tries inconsistency is real even with CLAUDE.md. same task different session, different approach. the framework im building literally exists because of this problem security is a blind spot. claude will write code that looks secure but has subtle issues (timing attacks, incomplete escaping). you need to specifically prompt for adversarial review links if youre curious about the actual project github docs demo the project is early stage, small demo apps only. but the claude code workflow patterns are what i actually wanted to share. anyone else doing something similar with large codebases? submitted by /u/Free-Path-5550
Originally posted by u/Free-Path-5550 on r/ClaudeCode