Automatic code review
Every change you make — or that a contractor makes — gets reviewed by a senior-engineering-level reviewer before it ships. You see exactly what was caught and why, and decide what to do about it.
Ship AI-built software like a real engineering team — without hiring one.
ApexYard is the SDLC framework that makes AI agents ship production software — with the same gates, reviews, and receipts a real engineering org runs on. It governs its own development; check the log. See a day with it →
Built by me2resh
No setup beyond /setup. No new dashboards to learn. Three things you start getting from day one.
Every change you make — or that a contractor makes — gets reviewed by a senior-engineering-level reviewer before it ships. You see exactly what was caught and why, and decide what to do about it.
Before you push to customers, run one command and find out what's still missing — security, performance, accessibility, the lot. No surprise emails from users telling you about it.
Every project you're building shows up in one inbox. Pull requests that need a look, issues someone's stuck on, anything that needs your attention — all in one screen, no tab-juggling.
Three shapes of person we built this for. If you recognise yourself, keep reading.
Solo founders shipping with AI
You're building the product alone, with Claude Code or Cursor doing most of the typing. You need the guardrails a real team would give you — without a real team.
Non-technical founders running contractors
You're managing a small dev team or a contractor or two. You need to know the work is solid before it goes live, without reading every commit yourself.
Small teams with no process yet
You've shipped your first version. Now you need real review, real testing, real release discipline — before things get harder to fix than they already are.
ApexYard is built using ApexYard. These are real numbers from the framework's own GitHub history — every change you see here went through the same review and guardrails the tool installs in your fork.
Not a mockup. This is PR #787 in ApexYard's own history — a change to the framework's own trust chain, replayed exactly as it happened. Every line below links to something you can check yourself.
Check it yourself — the gate that blocked the first attempt, the hook the security review checked, and the PR itself, reviews and all.
These aren't guidelines an agent is asked to remember. Each one is a small script that runs at the moment it matters and refuses to let the risky thing happen. Four of them, named, with the actual source.
An agent's shortcut push during a "quick fix" can't land: the hook blocks it before it reaches the branch, whether a human or an agent is holding the keyboard. Every change goes through a PR, zero exceptions for "just a typo."
.claude/hooks/block-main-push.sh ↗The agent that writes the code and the agent that reviews it run in separate contexts, so an author can't quietly approve its own PR. If a build agent tries to fake that separation by writing its own approval marker, this hook catches it before the merge gate ever sees it.
.claude/hooks/warn-review-marker-write.sh ↗Saying "go" to a six-step plan doesn't authorize the merge buried inside step four. Every merge needs a named human to look at that specific pull request and say so. That's exactly what you watched happen in the PR #787 replay above.
.claude/hooks/block-unreviewed-merge.sh ↗Pick a library, a pattern, or an architecture without writing down why, and review flags it. Not busywork: the next engineer, human or agent, inherits the reasoning instead of just the code six months later.
.claude/hooks/require-agdr-for-arch-pr.sh ↗If you'd rather skim the plain-English version, read how it works. The replay below is for the technical friend you'll show this to.
gh repo fork me2resh/apexyard --clone
One command forks apexyard into your org and clones the fork locally. The fork is your ops repo — no nested installs, no symlinks. Want the plain-English version of what happens next? Read how it works. Want the technical setup? Jump to the quickstart.
Works with what you already use · TypeScript + AWS Lambda · Next.js web apps · Chrome extensions · native Swift macOS apps. The framework cares about review, gates, and process — not your stack.
Every pull request ties to a ticket.
Every ticket has acceptance criteria.
Code review validates against those criteria, and QA verifies the result in a separate pass before the ticket closes.
From fork to first command. Everything is public; no invite needed. This is the real path, not a highlight reel — three commands, three /setup questions, and you're wired into your first ticket. No separate install, no waitlist, no trial account. If you'd rather see a day with it before installing, read how it works first.
One command via the GitHub CLI. Rename to your-org/ops if you prefer - GitHub handles the rename cleanly. Adding upstream lets you sync later via /update.
gh repo fork me2resh/apexyard --clone cd apexyard git remote add upstream \ https://github.com/me2resh/apexyard.git
/setupEverything loads automatically from CLAUDE.md. On first run, a session-start hook checks upstream drift. Then run /setup once - three exchanges to configure company, team, and tech stack.
cd apexyard claude /setup # three questions → onboarding.yaml is configured
Two entry points depending on what you walked in with. /handover takes an existing repo and generates an assessment of its shape, plus a starter architecture diagram, plus the registry entry. /idea captures a new product concept to the shared backlog so it doesn't evaporate.
/handover <repo-url> # existing project → assessment + registry + architecture stub /idea # new concept → ideas-backlog.md, optional GitHub issue
Each walkthrough starts with a moment you'll recognise — and shows what apexyard does about it. Below the screens are technical captions for the friend who's vetting this with you.
# "I have an idea. Ship it without forgetting a step." › /idea → /write-spec → /decide Idea captured · spec drafted · decision recorded › /start-ticket 178 (labels the session) # code, tests, push… › gh pr create auto-code-review.sh: "Rex REQUIRED before merge" › invoke Rex on PR #178 APPROVED at c8b736f · marker written › /approve-merge 178 (per-PR CEO nod) › gh pr merge 178 ✓ merged · #178 → QA state, not Done yet
# "Monday. Where do I look first?" › cd ~/apexyard ApexYard: 3 commits behind upstream/main. Run /update to sync. › /inbox curios-dog · 2 PRs awaiting Rex billing-api · CEO approval pending · #203 sharppick · stale PR #89 (14 days) marketing-site · clear internal-tools · 1 P1 bug · unassigned # Friday afternoon… › /stakeholder-update weekly Drafted projects/updates/2026-04-17.md - rollup across all 5 projects
# "Just drop a column. Can't be that hard." › edit prisma/schema.prisma BLOCKED: database changes need a real plan first apexyard: rollback plan + tested first › /migration billing-api → rollback plan? (required, non-empty) → estimated downtime? → other services that read this? → data volume? → how will you know it worked? ✓ Decision recorded · ticket #214 created ✓ Plan is complete — edit allowed › /start-ticket #214 · retry the edit ✓ all checks pass · safe to proceed Rex: "analytics job reads this column every night — confirm it skips the missing column before you ship."
Section 01 told you what ApexYard does for you. This section is the inventory — the actual reviews, audits, ticketing, and portfolio surfaces you get when you fork it. Outcome on the left of each row, technical detail (counts, names, file paths) on the right.
The reviewer changes based on what you're working on. Touching auth code? A security reviewer takes a look. Touching the database? Someone who specialises in database changes walks you through the rollback plan. Behind the scenes: 20 role definitions across 5 departments, each with its own checklist and boundaries.
Want to adopt a project you've inherited? /handover. Want to capture an idea before it evaporates? /idea. Want to know what's waiting on you across every product? /inbox. Want a launch-readiness check before customers see it? /launch-check. 54 of these in total — each one is a focused workflow with safety rails.
Every edit needs a real ticket behind it. Every database change needs a rollback plan. Every merge needs a real review. Secrets in code get caught before they're committed. Mechanically enforced — 32 small scripts that fire at the right moments, so you don't have to remember to check.
The reviewer reads what changed and how the rest of the system reacts to it — not just the diff. It flags missing tests, surfaces decisions you made silently, and refuses to approve work that bypasses the team's standards. Pushing new code invalidates the previous approval, so nothing slips through after the review is done. Powered by 24 specialised reviewer agents under the hood.
Run /inbox and see every pull request waiting on you, every issue stuck, every comment unanswered — across every product you're building. Run /stakeholder-update weekly on Friday and the rollup writes itself from the actual week's activity. Backed by a one-file registry at your fork root; add a project with /handover, sync the framework with /update.
Seven ready-made GitHub Actions pipelines you can drop into any project — code quality, security scans, dependency audits, PR-title and review checks, SEO checks. No starting from scratch, no copy-pasting from someone else's repo. Lives at golden-paths/pipelines/.
The framework itself is MIT, forever: fork it, run it, change anything, never pay a cent. What's not free is the premium cockpit and the self-hosted Box, plus having me personally wire either one into your repos instead of doing it yourself.
Solo band, up to 3 clean repos. Growth teams (more repos, messier history) start from £999, quoted by the /handover harnessability assessment. Not a guess.
Updates, new skills and hooks as they ship, and direct support. Billed per product, not per repo: a monorepo and a 5-service product cost the same.
Founding Access is onboarded personally. Every install gets me on the call, and founding customers keep their rate for life, even after the price goes up for everyone else.
No checkout link anywhere in this page. Every engagement starts as an email, scoped and quoted to what you're actually bringing, not a fixed shelf price.
Once your repo runs under ApexYard's gates, tell people. Drop this in your README: it links straight to the framework so anyone who clicks can see exactly what "governed" means here.
[](https://github.com/me2resh/apexyard)
Fork it, run /setup, start your first day. Free and open source — fork freely, change anything to match how you work. No SaaS, no monthly fee, no lock-in.
New here? Play You vs. the LLM — a fast, fun game on how AI actually works: tokens, embeddings, RAG, prompt injection, the agent loop. Think you can beat it? Score it, share it.