v1.0.0 — Built for Claude Code

Ship Your Webapp Wisely.

The launch lifecycle plugin for Claude Code. 15 skills that make Claude's answers production-ready — from architecture decisions to deploy-day security. Same auth prompt, 2× the security coverage.

Get Started Read the Docs

Claude Code — shipwise

01> /shipwise

02Running diagnostic interview...

03✓ Stack detected: Next.js + Postgres + Vercel

04✓ 23 checklist items generated

05✓ 4 hooks installed

06[Shipwise] Ready: 42% | P0 gaps: 5

07Top priority: Set up error tracking...

Tested Against Real Projects

12 scenarios. 3 developer archetypes. Every one passed.

Full test results, prompts, and findings are open source.

Solo Founder · Beginner

First project scaffold

> /shipwise

Answered 9 questions as a beginner building her first SaaS. Shipwise detected her Next.js project, generated a personalized 23-item checklist, and offered to walk her through the top 3 items step by step.

✓ PASS

Senior Engineer · Side Project

Codebase-aware scaffold

> /shipwise

Shipwise scanned his SaaS project and correctly detected Prisma (12 models), Clerk auth, Stripe billing, 47 test files, and Vercel config. Identified 5 P0 gaps: no CI/CD, no error tracking, no health endpoint, no legal pages, no security headers.

✓ PASS

Solo Founder · Beginner

Picking a tech stack

> "I need to pick my tech stack. I know a little React."

Instead of 'it depends,' Shipwise gave a clear recommendation with beginner-friendly explanations: Next.js for React familiarity, Postgres for reliability, Vercel for zero-config deploys.

✓ PASS

Senior Engineer

tRPC vs GraphQL tradeoff

> "Deciding between tRPC and GraphQL for a Next.js monorepo..."

Surfaced the real tension: tRPC is ideal for monorepos (same team, same types), but GraphQL has stronger subscription support. Gave a nuanced 'start with tRPC, add GraphQL subscriptions for real-time features' recommendation.

✓ PASS

Mid-Level Dev

REST API with proper patterns

> "Build me a REST API for user management with proper conventions..."

Generated endpoints following RESTful conventions with Zod validation, auth middleware, structured error responses, rate limiting, and cursor-based pagination — patterns the skill prescribes but vanilla Claude often skips.

✓ PASS

Mid-Level Dev

Accessible data table

> "Create a reusable data table with sorting, filtering, pagination..."

Output included loading skeletons, empty state with CTA, error with retry, aria-sort on headers, aria-checked on row selection, keyboard navigation, and 44px touch targets.

✓ PASS

QA · Negative Test

Off-topic silence

> "What's the weather in Denver?" · "Write a poem about debugging"

Four off-topic prompts, zero false triggers. Shipwise stayed completely silent. No skills activated, no whispers, no checklist noise. The plugin only speaks when it has something relevant to say.

✓ PASS

QA · Boundary Test

Correct skill routing

> "Set up React Hook Form with Zod for a multi-step signup form."

Fullstack development skill triggered correctly (form handling). Architecture skill did NOT trigger — it's not a stack decision. Billing skill's 'plan' trigger was tightened to 'pricing plan' to prevent false matches.

✓ PASS

Solo Founder · Beginner

Architecture to code flow

> "Help me choose my stack" → "Set up the DB schema" → "Build the API"

Three prompts, natural skill transition: architecture → fullstack development. Each response built on the previous. The schema from prompt 2 was used in the API from prompt 3. Felt like one continuous conversation.

✓ PASS

Startup CTO

Pre-launch audit

> /launch-audit

Full codebase scan of a 50-file SaaS project. Correctly detected 9/9 tech components. Found 20 gaps across security, observability, legal, and SEO. Output: structured report with readiness percentage and top 3 priorities with time estimates.

✓ PASS

Startup CTO

Domain-specific checklist

> /launch-checklist security

Produced OWASP Top 10 walkthrough with verification steps, auth hardening checklist (Argon2id, rate limiting, MFA), and copy-paste security headers for Next.js. Invalid domain input handled gracefully with available domain list.

✓ PASS

Mid-Level Dev · THE KEY TEST

Before/After: 18 → 36

> "Set up user auth with email/password. Include proper security practices."

Same prompt, same project. Without Shipwise: 18/40 — basic bcrypt, no rate limiting, no CSRF. With Shipwise: 36/40 — Argon2id, account lockout, CSRF tokens, session hardening, HaveIBeenPwned check. 24 specific improvements.

✓ PASS

Four Modes of Guidance

sensors

Automatic Checkpoint Gates

Writing auth code? Claude automatically includes rate limiting and CSRF protection. About to deploy with no error tracking? The deploy gate warns you. Shipwise runs on four lifecycle hooks — you never invoke them. They catch what you'd forget at 11pm before a launch.

Zero friction — fully automatic arrow_forward

terminal

One-Time Scaffold

Run /shipwise once. It detects your stack (Next.js? Prisma? Clerk? Stripe?), scans for gaps, and generates a personalized launch checklist. In testing, it correctly identified 9/9 tech components and 20 missing items in a real SaaS codebase.

query_stats

On-Demand Audit

Run /launch-audit before your beta, staging deploy, or public launch. Get a structured report: ✓ Stripe integration found, ✗ No health endpoint, ✗ No privacy policy. Readiness: 42%. Top 3 priorities with time estimates.

15 Contextual Skills

You don't invoke these — Claude loads them when your task matches. In our Before/After test, the same auth prompt scored 18/40 without Shipwise and 36/40 with it. The difference: 24 specific security improvements Claude wouldn't suggest on its own.

Active Skills

The Lifecycle

Design. Build. Ship. Grow.

lightbulb

Validate & Design

20-question user interview scripts. RICE scoring templates for MVP scoping. WCAG 2.2 AA design checklists. Co-founder agreement outlines. Entity formation decision trees. The stuff you Google at 2am — already in your Claude context.

code

Architecture & Code

React vs Vue vs Svelte decision matrix. tRPC vs GraphQL decision tree. Auth provider comparison (Clerk, Auth0, Supabase Auth, NextAuth). GitHub Actions workflow templates. k6 load test scripts. Security headers for Next.js, Express, Nginx — copy, paste, done.

rocket_launch

Monitor & Launch

Sentry config templates you can copy into your project. Health endpoint code for Next.js and Express. Stripe vs Paddle comparison matrix. GDPR/CCPA checklist. A launch day timeline: T-2h deploy, T-0 Product Hunt, T+30m email waitlist, T+2h check error rates.

trending_up

Analyze & Scale

Event naming conventions (noun_verb). Funnel tracking from signup to payment. Retention cohort templates (D1, D7, D30). Email drip sequences: onboarding day 0/1/3/7, re-engagement at day 14, churn prevention on cancel intent. Weekly cloud cost review checklist.

Phase 1

Design

Validate, scope, and plan

→

Phase 2

Build

Architecture, code, test, secure

→

Phase 3

Ship

Monitor, optimize, comply, launch

→

Phase 4

Grow

Analyze, retain, iterate, scale

Skills

Covering idea validation through post-launch growth. Each with dual-mode output for beginners through seniors.

45+

Reference Docs

Every doc has at least one copy-paste template. Change the marked values and ship.

Lifecycle Hooks

Session context, edit whispers, deploy gate, and auto-progress tracking. Zero friction checkpoint gates.

2×

Auth Security Score

Auth security score improvement (18/40 → 36/40). Validated Before/After test.

Quick Start

Install

curl -fsSL https://raw.githubusercontent.com/harmansidhudev/shipwise/main/scripts/install.sh | bash

Initialize

/shipwise

Ship wisely

# That's it. Hooks are active. Skills auto-trigger.
# Build your app — Shipwise watches your back.

Ready to Ship Wisely?

12/12 test scenarios. 24 security improvements. 2× auth score. Zero friction.

Get Started VIEW RELEASES

MIT License · Built for Claude Code · Skills portable to Cursor, Codex, Gemini CLI via convert.sh

Ship