Your codebase improves itself
KyZN runs real linters, dispatches 4 AI specialists to find issues, fixes them with build verification, and opens a PR. One command. Zero config.
The Problem
Improving code with AI is still manual
You're the glue holding the workflow together. KyZN replaces all 8 steps with one command.
8Manual steps every time
1KyZN does it all
Profile repo. 4 Opus specialists. Consensus. Sonnet fixes in severity batches. Build verification. Score gate. PR.
Get Started
Install in 10 seconds
One command. Works on macOS and Linux.
$ curl -fsSL https://raw.githubusercontent.com/bokiko/KyZN/main/install.sh | bashFirst run
kyzn doctor— Check prerequisiteskyzn init— Interactive setupkyzn measure— See your health scorekyzn fix— Deep analysis + auto-fix → PRRequires: git, gh (GitHub CLI), claude (Claude Code), Bash 4.3+. macOS users need brew install bash.
Pipeline
How it works
From detection to PR in one command. Every step is automated, verified, and safe.
Detect
Identifies project type from package.json, Cargo.toml, go.mod, or pyproject.toml
Measure
Runs real tools (eslint, ruff, clippy, go vet) to compute a health score out of 100
Analyze
4 Opus specialists review in parallel: security, correctness, performance, architecture
Fix
Sonnet implements fixes in severity batches — CRITICAL first, LOW last — with build verification after each
Verify
Build gate + test gate + score regression gate. If anything breaks, reflexion retry kicks in
Ship
Opens a PR with before/after health scores, findings summary, and all changes on an isolated branch
Efficiency
More value per token
KyZN is designed to get more done per dollar than an interactive Claude session.
Structured JSON input
Linter output is parsed into scored JSON — Claude gets signal, not 200 lines of raw tool output
Mode constraints
Deep mode blocks cosmetic changes (renames, reformats, import reordering) so tokens go to real fixes
Read-only analysis
Specialist agents only get Read/Glob/Grep — zero tokens spent on exploratory edits during analysis
Cached profiler
Repo conventions are profiled once per commit SHA and reused across runs
Consensus dedup
4 specialists may flag the same issue — consensus removes duplicates before the fix phase starts
Hard budget caps
Every Claude invocation has --max-budget-usd and --max-turns enforced
Stateless sessions
--no-session-persistence on every call — no cross-run context bloat accumulating
Structured fix plans
Each finding includes target file, function, and pattern — the fix agent doesn't spend tokens figuring out where to edit
Features
Everything you need
From health scoring to automated PRs. One CLI, no dependencies beyond Claude Code.
Health Scoring
5 weighted categories out of 100: security (25%), testing (25%), quality (25%), performance (15%), documentation (10%). Measured with real tools, not heuristics.
Deep Analysis
4 Opus specialists review your code in parallel — security, correctness, performance, and architecture. A consensus step deduplicates and ranks findings.
Auto-Fix
Sonnet implements fixes in severity batches with build verification after each. If a fix breaks the build, reflexion retry gives it a second chance with error output.
Safety Model
12 safety layers: branch isolation, tool allowlists, file restrictions, budget caps, build gates, score regression gates, secret detection, and more.
Scheduling
Set it and forget it. kyzn schedule daily runs at 3am and opens PRs while you sleep. Full cron support with proper PATH management.
Review Workflow
Full auditability: kyzn history shows all runs, kyzn diff shows changes, kyzn approve/reject with feedback. Every run is tracked.
Languages
Built-in support for 4 ecosystems
Real tools, not LLM guesses. Each language uses its native linters, type checkers, and test runners.
Node.js
eslint, tsc, vitest/jest
Python
ruff, mypy, pytest
Rust
clippy, cargo test, cargo audit
Go
go vet, go test
Plus a generic measurer that works on any project type for general analysis.
Safety
12 layers of protection
KyZN runs AI with real tool access on your code. Every layer has safety constraints.
Isolation
- All changes on kyzn/ branches — never touches main
- Git hooks disabled via core.hooksPath=/dev/null
- Rejects repos with symlinks escaping the repo root
- Autopilot config in gitignored local.yaml (not poisonable via commits)
Access Control
- Per-language tool allowlists tightened to specific subcommands
- Claude cannot read ~/.ssh, ~/.aws, .env, key files, Terraform state
- CI workflow files unstaged by default
- Secret detection unstages .env, .pem, .key, and credential patterns
Budget & Limits
- Hard ceiling: $25/run, 100 turns, 10,000 diff lines
- Per-invocation --max-budget-usd and --max-turns enforced
- 10-minute timeout on every Claude call
Verification Gates
- PR only created if build + tests pass
- Score regression gate — aborts if health score drops
- Per-category floor — no single category drops more than 5 points
- jq and yq verified with SHA256 checksums on install
Full threat model available in SECURITY.md
Open Source
Contribute to KyZN
KyZN is early-stage and actively developed. Whether it's a bug fix, a new language measurer, or a pipeline idea — contributions are welcome.
New Languages
Add measurers for Ruby, Java, PHP, and more
measurers/ — follow python.sh as a template
Measurers
Improve scoring accuracy, integrate new tools
measurers/*.sh
Analysis Prompts
Better specialist prompts, fewer false positives
templates/
Safety
New edge cases, threat model gaps
lib/execute.sh + SECURITY.md
Tests
Cover untested paths, add new edge cases
tests/selftest.sh
Docs
Improve guides, add examples and tutorials
README.md + docs/
Found a bug or have an idea?
Use our issue templates to report bugs or request features. We review every submission.
See CONTRIBUTING.md for conventions, commit format, and PR guidelines.
Start improving your codebase today
One command. Zero config. Real bugs fixed, verified, and shipped. Schedule it daily and let your codebase improve while you sleep.