G Stack gives your AI agent 23 specialist roles and 8 power tools. Learn how to install it in Claude Code or Codex and use it for code review and planning.
What G Stack Actually Is (And Why It’s Worth Your Attention) #
Solo developers and small engineering teams have always faced the same problem: you can write code, but you can’t always afford to have a dedicated security reviewer, a performance specialist, and a senior architect all looking at your work before you ship. G Stack — a CLAUDE.md configuration created and shared by Y Combinator CEO Garry Tan — is a direct attempt to solve that.
The core idea behind G Stack is straightforward. Instead of using your AI coding agent as a general-purpose assistant, you configure it with 23 specialist roles and 8 power tools, turning it into something closer to a structured engineering team. You can invoke a security engineer when you need an audit, a database architect when you’re designing schemas, or a tech lead when you need a plan before writing a single line of code.
This article covers what G Stack is, how the roles and tools are structured, how to install it in Claude Code or OpenAI Codex, and how to get the most out of it for real engineering tasks like code review and sprint planning.
The Problem G Stack Is Solving #
Other agents ship a demo. Remy ships an app. #
Real backend. Real database. Real auth. Real plumbing. Remy has it all.
Most developers who use AI coding tools have noticed the same pattern: ask Claude or GPT to write code, and it tries to be everything at once. It will write the feature, add some tests, maybe refactor a few things — but it’s not thinking like a security engineer checking for injection vulnerabilities, and it’s not thinking like a database architect worried about N+1 queries.
That’s not a failure of the model. It’s a prompting problem. When you don’t give the model a specific lens to look through, it defaults to a generalist approach.
G Stack addresses this by front- the context. The CLAUDE.md file — which Claude Code reads automatically at the start of every session — tells the agent exactly who it can be and how each role should behave. When you invoke the security engineer role, the agent applies that specific frame: it’s no longer trying to ship features, it’s actively looking for vulnerabilities.
The result is more focused, more useful output that reflects how actual specialist engineers think.
The 23 Specialist Roles #
G Stack defines 23 distinct engineering personas, each with its own priorities, heuristics, and areas of concern. These aren’t just labels — each role comes with behavioral instructions that shape how the agent approaches problems.
Core Engineering Roles
The backbone of G Stack covers the engineers you’d expect on any software team:
Architect— Thinks in systems, not features. Evaluates trade-offs, designs for scale, and asks “what happens in two years?”** Senior Backend Engineer**— Focused on reliability, API design, and server-side logic. Defaults to proven patterns over clever solutions.** Frontend Engineer**— Handles UI, state management, and browser compatibility. Thinks about user experience alongside code quality.** Full-Stack Engineer**— The generalist who can move across layers when needed.** DevOps / SRE**— Thinks about deployment, CI/CD pipelines, observability, and what happens when things break at 2am.** Mobile Engineer**— Specialized context for iOS and Android development patterns.
Specialist Roles
Beyond the core team, G Stack includes roles that most small teams don’t have on staff:
Security Engineer— Looks specifically for vulnerabilities, insecure defaults, and attack surfaces. This is the role you invoke before any code touches production.Performance Engineer— Focuses on latency, memory usage, query optimization, and bottlenecks.** Database Architect**— Thinks in schemas, indexes, and query plans.** API Designer**— Cares about consistency, versioning, and developer experience.** QA / Test Engineer**— Designs test coverage strategies, not just writes unit tests.** Accessibility Engineer**— Ensures interfaces meet WCAG standards.** ML / AI Engineer**— Handles model integration, data pipelines, and inference optimization.
Leadership and Process Roles
G Stack also includes roles that operate at a higher level of abstraction:
Tech Lead— Translates business requirements into technical direction. Good for planning sessions before implementation starts.** Staff Engineer**— Thinks across teams and systems. Useful for cross-cutting concerns and architectural decisions.** Principal Engineer**— The highest-level technical voice. Useful when you need someone to challenge your assumptions.** Solutions Architect**— Bridges technical and business contexts.** Project Manager**— Breaks work into tasks, estimates, and dependencies.** Scrum Master**— Runs process: sprint planning, retrospectives, and velocity tracking.** Business Analyst**— Translates user needs into requirements.** UX / Product Designer**— Brings user-centered thinking to technical decisions.** Documentation Specialist**— Writes and structures technical documentation.** Code Reviewer**— Does nothing but review. No implementation, no suggestions about architecture — just code quality, style, and correctness.
Seven tools to build an app. Or just Remy. #
Editor, preview, AI agents, deploy — all in one tab. Nothing to install.
The 8 Power Tools #
Alongside the roles, G Stack includes 8 power tools — slash commands that trigger specific workflows rather than specific personas.
/plan
Forces the agent to produce a structured implementation plan before writing any code. You describe the feature or change, and the agent maps out components, dependencies, edge cases, and risks. This is the most valuable tool for avoiding the trap of starting to code before you understand the full problem.
/review
Initiates a structured code review. You can optionally specify which role should conduct the review — a security engineer reviewing authentication code will look at very different things than a performance engineer reviewing a data pipeline.
/refactor
Analyzes existing code for improvement opportunities: clarity, duplication, coupling, naming. The agent produces a prioritized list of changes with reasoning for each.
/debug
Steps through a problem methodically. Rather than jumping to solutions, the agent identifies assumptions, eliminates possibilities, and proposes hypotheses.
/test
Generates a testing strategy — not just test cases, but coverage analysis. What’s untested? What are the edge cases that matter most?
/docs
Produces technical documentation for the code or system you specify. Output format can be README-style, API reference, or inline comments.
/security
A dedicated security audit. The agent looks specifically at vulnerabilities, insecure configurations, and attack vectors — separate from normal code review.
/optimize
Performance analysis focused on identifying bottlenecks, inefficient queries, unnecessary re-renders, or wasteful operations.
How to Install G Stack #
Installing in Claude Code
Claude Code automatically reads a CLAUDE.md
file from your project’s root directory at the start of each session. This makes it the natural home for G Stack.
Step 1: Get the G Stack CLAUDE.md file. Garry Tan shared the G Stack configuration publicly. You can find it through his posts on X (formerly Twitter) and the associated GitHub repository. The file contains the full role definitions and tool configurations.
Step 2: Add it to your project.
Place the CLAUDE.md
file in the root of your project directory. If you already have a CLAUDE.md
, you can merge the G Stack content into it — the role definitions can coexist with your existing project context.
Step 3: Verify Claude Code is reading it. Start a new Claude Code session and ask: “What roles do you have available?” Claude should enumerate the G Stack personas. If it doesn’t, check that the file is in the project root and not in a subdirectory.
Step 4: Invoke roles by name. You can call roles directly in your prompts:
As the Security Engineer, review the authentication middleware in /src/auth
Or use the power tools:
/review src/api/users.ts
/plan Add OAuth2 login to the existing auth system
Installing in OpenAI Codex
Codex doesn’t use a CLAUDE.md file, but you can achieve the same effect through its system prompt configuration.
Remy doesn't build the plumbing. It inherits it. #
Other agents wire up auth, databases, models, and integrations from scratch every time you ask them to build something.
Remy ships with all of it from MindStudio — so every cycle goes into the app you actually want.
Option 1: System prompt in the API. When calling the Codex API, pass the G Stack role definitions as part of your system message. The structure is the same — you’re just putting the content in a different location.
Option 2: Custom instructions. In the Codex interface, add the G Stack configuration to your custom instructions. This persists across sessions without requiring you to add it to every prompt.
Option 3: Project-level configuration. If you’re using Codex through a platform that supports project-level settings, paste the G Stack content into the project system prompt. Every session in that project will then have access to the full role set.
The key difference from Claude Code: you’ll need to be more explicit about invoking roles, since there’s no native CLAUDE.md reading behavior. Including a brief instruction like “To activate a role, I’ll say ‘As the [Role Name]’” at the top of your system prompt helps the model understand the intended behavior.
Using G Stack for Code Review #
Code review is where G Stack shows its clearest value. Running the same code through multiple specialist lenses in sequence can surface issues that a single generalist pass would miss.
A Structured Review Workflow
Here’s a practical multi-pass review process using G Stack roles:
Pass 1 — Correctness (Code Reviewer role) Start here. Ask the Code Reviewer to check for logical errors, off-by-one problems, unhandled edge cases, and anything that would fail in production.
Pass 2 — Security (Security Engineer role) Run the same code through the Security Engineer. Focus especially on any code that handles user input, authentication, data storage, or external API calls.
Pass 3 — Performance (Performance Engineer role) If the code is on a hot path or involves database queries, bring in the Performance Engineer to look at efficiency.
Pass 4 — Maintainability (Senior Backend Engineer role) Finally, ask a Senior Backend Engineer to evaluate the code from a long-term maintenance perspective. Is it readable? Are abstractions at the right level? Will a future engineer understand what’s happening?
Running these passes takes maybe 10–15 minutes total. That’s roughly what a real multi-person code review would take to schedule, let alone conduct.
Reviewing a Real Feature
Say you’ve written a new endpoint that handles file uploads. A complete G Stack review might look like:
Security Engineer: Review this file upload handler for security vulnerabilities.
[paste code]
Then:
Performance Engineer: Review this same code for efficiency. Are there any bottlenecks?
[paste code]
Then:
/review [file path]
Each pass produces a different set of observations. The Security Engineer will focus on file type validation, size limits, path traversal attacks, and storage security. The Performance Engineer will look at whether large files could block the event loop. The Code Reviewer will catch things like missing error handling or inconsistent naming.
Using G Stack for Planning #
The /plan
tool and the Tech Lead / Architect roles are most useful before you start coding — not after.
Sprint Planning
Before starting a sprint or a significant new feature, use the Tech Lead role to run a structured planning session:
As the Tech Lead, help me plan the implementation of [feature].
Context: [describe current codebase, constraints, team size]
Goal: [what the feature needs to do]
Constraints: [timeline, performance requirements, compatibility needs]
The Tech Lead role will produce a breakdown of tasks, flag dependencies and risks, and identify decisions that need to be made before implementation starts. This is particularly useful for catching “we haven’t decided how to handle X” issues before they become mid-sprint blockers.
Architecture Decisions
For larger decisions, use the Architect role paired with the /plan
command:
As the Architect, help me evaluate options for [technical decision].
Option A: [description]
Option B: [description]
Option C: [description]
Constraints: [what matters most — scale, cost, maintainability, etc.]
The Architect role will compare options against your stated constraints, identify the trade-offs, and recommend an approach with reasoning. This mirrors the kind of technical design review you’d run with a senior engineer before starting significant work.
Decomposing Vague Requirements
Product requirements are often vague. The Business Analyst role is useful for translating fuzzy requirements into concrete technical specifications:
As the Business Analyst, help me turn this requirement into technical specs:
"Users should be able to export their data"
The agent will probe the ambiguities: What formats? What data? What size limits? One-time export or scheduled? The output is a set of clarifying questions and then a more precise specification — the kind of thing you’d normally spend a 45-minute meeting working through.
Where MindStudio Fits #
G Stack makes your AI coding agent more capable. But there’s a related challenge: once you’ve built something with that agent, how do you automate the workflows around it?
If you’re building AI-powered applications — not just writing code but deploying agents that actually do things — MindStudio is worth looking at. It’s a no-code platform that lets you build and deploy AI agents with access to 200+ models and 1,000+ integrations. You can wire together things like code review notifications, automated documentation generation, or multi-step engineering workflows without writing infrastructure code.
The Agent Skills Plugin is particularly relevant here. It’s an npm SDK (@mindstudio-ai/agent
) that lets any AI agent — including Claude Code — call MindStudio’s 120+ typed capabilities as simple method calls. So if you want your coding agent to automatically send a Slack notification when a review is complete, log output to Airtable, or trigger a downstream workflow, the Skills Plugin handles the infrastructure layer without you building it from scratch.
For teams already using G Stack for structured engineering workflows, MindStudio can handle the surrounding automation: routing review results, triggering CI/CD events, or connecting your agent output to the rest of your tooling. You can try it free at mindstudio.ai.
Common Mistakes When Using G Stack #
Invoking the wrong role for the job
Using the Full-Stack Engineer role for a security review will produce generic observations. Use the Security Engineer. The specificity of G Stack only pays off if you’re deliberate about which lens you’re applying.
Skipping the planning phase
The most common mistake is jumping straight to implementation. The /plan
command and Tech Lead role exist specifically to catch problems before they become expensive. Use them.
Not providing enough context
Remy is new. The platform isn't. #
Remy is the latest expression of years of platform work. Not a hastily wrapped LLM.
G Stack roles are powerful, but they work better with context. When invoking a role, give it relevant background: what the code is for, what constraints exist, what you’ve already considered. A security review of “this handles payments” will produce different (and more useful) output than a review of decontextualized code.
Treating role output as gospel
G Stack is a structured way to get better coverage, not a replacement for judgment. The Security Engineer might flag something that isn’t actually a vulnerability in your context. Treat the output as expert input, not final verdict.
Frequently Asked Questions #
What is G Stack?
G Stack is a CLAUDE.md configuration created by Garry Tan (CEO of Y Combinator) that equips AI coding agents with 23 specialist engineering roles and 8 power tools. It works by structured role definitions into the agent’s context, allowing you to invoke specific expert personas — like a security engineer or database architect — during your development workflow.
Does G Stack work with coding agents other than Claude Code?
Yes. While G Stack is designed for Claude Code’s native CLAUDE.md support, the same role definitions can be used as a system prompt with OpenAI Codex, GPT-4, or any other model that supports system-level instructions. The behavior will be similar, though Claude Code has the most seamless integration since it reads CLAUDE.md automatically.
How do I invoke a specific role in G Stack?
You can invoke roles directly in your prompts by naming them explicitly: “As the Security Engineer, review this code.” You can also use the power tools — slash commands like /review
, /plan
, and /security
— which trigger structured workflows independently of specific roles. Some tools work well combined: /review
followed by specifying a role gives you both the structured workflow and the specialist lens.
Is G Stack free to use?
G Stack is a free, open configuration that Garry Tan shared publicly. You’ll need a Claude Code subscription (which requires an Anthropic Claude Pro or API plan) or access to OpenAI Codex to use it. The configuration itself has no cost — you’re just a text file into your agent’s context.
What’s the difference between G Stack roles and just asking the AI to “act like a security engineer”?
G Stack roles include detailed behavioral instructions, priorities, and heuristics — not just a label. A well-written role definition tells the model what to look for, how to prioritize findings, and what questions to ask. It’s the difference between saying “be a chef” and giving someone a professional kitchen, a set of recipes, and culinary training. The detail in the role definition is what produces specialist-quality output.
Can I customize G Stack roles for my team?
Yes, and that’s encouraged. The CLAUDE.md format is just text — you can add roles specific to your stack, modify existing role definitions to reflect your team’s priorities, or remove roles that aren’t relevant. Many teams add a role that knows their internal conventions, preferred libraries, or compliance requirements.
Key Takeaways #
G Stack gives your AI coding agent 23 specialist roles— from security engineer to database architect — each with distinct behavioral instructions, not just labels.** The 8 power tools**(/plan
,/review
,/security
,/refactor
, etc.) trigger structured workflows that improve consistency and coverage.Installation in Claude Code requires placing the CLAUDE.md file in your project root; for Codex, it goes in the system prompt.Multi-pass code review— running the same code through Security Engineer, Performance Engineer, and Code Reviewer in sequence — surfaces issues that a single generalist pass misses.The planning tools(Tech Lead, Architect,/plan
) are most valuable before you start coding, not after.- G Stack is a prompting layer, not magic — specificity and context still matter when invoking roles.
- ✕a coding agent
- ✕no-code
- ✕vibe coding
- ✕a faster Cursor
The one that tells the coding agents what to build.
If you’re building AI-powered workflows beyond just coding — orchestrating agents, automating engineering processes, or connecting tools — MindStudio lets you build and deploy those systems without writing infrastructure from scratch. Start free and see how far you can get.