A local multi-agent coding assistant that plans, generates, and peer-reviews code using LLMs — entirely from your terminal.

LLMs write code fast, but a single prompt-to-code pass has no guardrails: the output may be logically broken, insecure, or slow — and you won't know until you run it.

AspectCoder wraps generation in a structured multi-agent review loop. A dedicated Planner designs the approach, a Generator writes the code, and three independent reviewers — Functional, Security, and Performance — critique it in parallel. An Aggregator decides whether to accept, ask the generator to fix issues, replan from scratch, or escalate to you. The result is code you can trust without manual spot-checking.

flowchart TD
    A([Task Description]) --> B[Planner]
    B --> C[PlanVerifier]
    C -->|reject, up to 3x| B
    C -->|approve| D[Generator]
    D --> E[Functional Reviewer]
    E -->|fail| AGG[Aggregator]
    E -->|pass| SEC["Security Reviewer
    CWE Top 25 / OWASP SCP"]
    E -->|pass| PERF[Performance Reviewer]
    SEC --> AGG
    PERF --> AGG
    AGG -->|REGEN + feedback| D
    AGG -->|REPLAN| B
    AGG -->|HUMAN| HU([Escalate to user])
    AGG -->|DONE| OUT([Generated files written to project])

Each cycle either accepts the output, asks the generator to fix specific issues, replans from scratch, or escalates to you when human judgment is required.

• Multi-agent pipeline — dedicated agents for planning, generation, and three orthogonal review dimensions
• Configurable reviewers — enable only the reviewers you need per run; skip all with --reviewer none
• Three security levels — basic (fast), standard (CWE Top 25), strict (CWE Top 25 + OWASP SCP)
• Local security knowledge — CWE Top 25 and OWASP Secure Coding Practices are embedded locally; no retrieval calls
• Prompt caching — static knowledge blocks are cached server-side, cutting redundant token usage
• Best-effort completion — accepts output when only minor issues remain after exhausting retries
• Job history — every run is snapshotted; roll back to any previous version instantly
• Provider-agnostic — any model supported by LiteLLM works out of the box (Anthropic, OpenAI, …)

• Python 3.11+
• An Anthropic and/or OpenAI API key

git clone https://github.com/keyanUB/AspectCoder.git
cd AspectCoder
pip install -e .

Copy the example env file and add your API keys:

cp .env.example .env
# edit .env — set ANTHROPIC_API_KEY and/or OPENAI_API_KEY

AspectCoder reads config.yaml from the working directory. The default model assignments are:

Edit config.yaml to swap in any LiteLLM-supported model.

# Inline description
aspectcoder run "Implement a thread-safe LRU cache in Python with get/put and a pytest suite"

# From a Markdown spec file
aspectcoder run --file demo/python-lru-cache.md

# Only functional + security (skip performance)
aspectcoder run --file task.md --reviewer functional --reviewer security

# Skip all reviews — generate only
aspectcoder run --file task.md --reviewer none

# basic — obvious issues only (fastest, cheapest)
aspectcoder run --file task.md --security-level basic

# standard — CWE Top 25 (default)
aspectcoder run --file task.md --security-level standard

# strict — CWE Top 25 + OWASP Secure Coding Practices
aspectcoder run --file task.md --security-level strict

aspectcoder status <job-id>

aspectcoder rollback <job-id> --version 1

Four example specs are in demo/:

aspectcoder run --file demo/python-lru-cache.md

After a successful run:

• Generated source files are written to the paths chosen by the planner (e.g. src/lru_cache.py, tests/test_lru_cache.py)
• A Markdown report is saved to reports/<job-id>.md
• All snapshots are stored under .aspectcoder/jobs/<job-id>/

pip install -e ".[dev]"
pytest

The project follows strict TDD (Red → Green → Refactor). All 140+ tests must pass before merging.

MIT — see LICENSE.