Detailed Analysis
A developer going by vzwjustin has released an open-source tool called **advisor**, a slash command for Claude Code that implements a hierarchical multi-agent architecture in which Anthropic's Opus model acts as a strategic coordinator directing multiple Sonnet model instances as parallel "runners" to analyze codebases for bugs and vulnerabilities. The system works by having Opus perform an initial structural pass using Glob and Grep to rank files by priority (P1–P5), then dynamically spawn a number of Sonnet sub-agents scaled to the size of the codebase rather than using a fixed pool. Each runner receives a custom-tailored prompt from Opus for its specific file batch, reads assigned files, and reports findings back to Opus in a live feedback loop. Opus then verifies each reported finding by directly reading the cited file and line number before confirming it, acting as an integrated quality filter. The tool is installable via a single `uvx` command and carries zero runtime dependencies beyond the Claude Code CLI itself.
The architecture addresses several practical problems that plague naive multi-agent code review implementations. Scope drift — where sub-agents wander off-task — is controlled through a "two-strikes rotation rule" that replaces drifting runners rather than attempting to correct them indefinitely. Context window management is handled proactively, with Opus tracking the context limits of each Sonnet runner and redistributing work before overload occurs. The developer reports that running advisor on its own source code surfaced six genuine bugs, including a bidirectional-character "trojan source" vulnerability in the prompt sanitizer — a class of attack that embeds invisible Unicode control characters to make code appear different to human reviewers than it does to compilers — and a missing ReDoS (Regular Expression Denial of Service) guard on one of four glob-compile branches. These are non-trivial findings that underscore the system's ability to surface security-relevant issues rather than just stylistic complaints.
The project reflects a growing practitioner consensus that the most productive use of large language models in software engineering is not a single monolithic agent but a tiered hierarchy in which more capable, more expensive models handle planning and verification while cheaper, faster models handle high-volume parallel execution. This mirrors patterns emerging across the broader AI engineering community, where frameworks like LangGraph, CrewAI, and Anthropic's own agent tooling have popularized the concept of "orchestrator-worker" topologies. What distinguishes advisor is its deliberate avoidance of external API dependencies and third-party frameworks, leaning entirely on Claude Code's native agent tool primitives. This design choice reduces operational surface area and latency while keeping the tool self-contained — a meaningful tradeoff given the complexity and fragility that often accompanies multi-service AI pipelines.
The tool also highlights the maturing ecosystem forming around Claude Code specifically as a platform for agentic developer tooling, distinct from using Claude via raw API. By operating as a slash command within the Claude Code environment, advisor benefits from the existing authentication, file system access, and tool-calling infrastructure that Anthropic has built into that product. The developer's note that the system works in Codex only "as a skill" suggests that portability across agentic IDE environments remains an open engineering challenge, as each platform exposes different primitives for spawning sub-agents and managing context. With only one GitHub star at time of writing, advisor is early-stage, but its architecture and the security findings it surfaced on its own codebase represent a technically credible proof of concept that the orchestrator-worker pattern can deliver real value in automated code review at modest token cost.
Read original article →