Claude Code Workflow

Orchestrate a team of agents on work too big for one context.

Fan out subagents, run them through ordered pipelines, and verify every result before you trust it.

workflow: security-review.ts

$ claude workflow run review.ts

fan-out   spawning 4 agents over /src ........ ok
  auth      3 findings
  payments  5 findings
  api       2 findings
  jobs      1 finding

verify    skeptic agent refuting each ...... 8 kept
loop      re-running until dry ............. 0 new

Done. 8 verified findings, 3 rejected.

One context window has a ceiling. A workflow does not.

Workflow lets you script many Claude Code subagents with real control flow. You decide what runs in parallel, what runs in sequence, and what has to be proven true before it counts. The model handles the reasoning; your script keeps the run deterministic.

Core building blocks

Four primitives you compose into anything.

Parallel fan-out

Launch many independent agents at once across files, services, or sources, then collect every result into one place. Wide coverage in a single pass instead of one slow sequential crawl, so a thousand-item job finishes in the time of one.

agent 1agent 2agent 3agent 4

Pipelines

Push each work item through ordered stages with no barrier between them, so a finished item moves on while the rest are still in flight.

Adversarial verification

An independent skeptic agent tries to refute each finding before it is accepted. Only claims that survive the challenge reach you.

Loop until dry or until budget

Keep spawning finder agents until no new results come back, or until a token budget is hit. You set the stopping rule; the workflow respects it and reports where it stopped.

How a workflow runs.

Author the control flow

Write loops, conditionals, and stage order in a script. Determinism lives in your code, not in a prompt the model might drift away from.

Fan out the work

The runner spawns one subagent per work item with its own fresh context, so a thousand-file task is never bound by a single window.

Verify before accepting

Each result passes to a skeptic agent that argues against it. Findings that cannot be defended are dropped before they reach your report.

Collect and stop on your terms

Results stream back into one structured output. The loop continues until it runs dry or hits the budget you set, then hands you the summary.

What teams point it at.

Anything where the work outgrows a single conversation and the answer has to be right.

code review

Comprehensive review

Fan an agent over every module, gather findings, and let a skeptic cut the false positives before a human ever opens the report.

migrations

Large codebase migrations

Run the same transform across hundreds of files in parallel, with a verification stage confirming each change still compiles and behaves.

research

Multi-source research

Loop finder agents across many sources until no new material surfaces, then reconcile the results into one cited synthesis.

audits

Security and dependency audits

Sweep the tree for risks, challenge every flag adversarially, and report only the issues that hold up under scrutiny.

Authored, not improvised

The control flow is yours to read.

A workflow is a script. Loops and conditionals are explicit, so a run is reproducible and reviewable.

review.ts

// Fan out one agent per module, then verify what comes back.
const modules = await listModules("./src");

const findings = await fanOut(modules, (m) => {
  return agent.review(m, { focus: "security" });
});

// Adversarial pass: a skeptic must fail to refute each finding.
const verified = await verify(findings, {
  refuteWith: skeptic,
  keepIf: (f) => f.survivesChallenge,
});

// Loop until no new findings, capped at a token budget.
await loopUntilDry({ budget: 200_000 });

report(verified);