Everything Claude Code: The Open-Source Harness System That Cuts Costs 60%
Yesterday, Anthropic accidentally exposed Claude Code’s source code via a npm source map. Today, someone released a 50K-star open-source system that out-engineers what’s in that leaked codebase for most practical use cases.
The timing is accidental but instructive.
What everything-claude-code Actually Is
Built by Anthropic hackathon winner Affaan Mustafa over 10 months of daily production use, everything-claude-code isn’t a config pack or a prompt template collection. It’s a complete harness performance system — a structured layer that sits on top of Claude Code (or Codex, Cursor, OpenCode) and shapes how the agent behaves across every session.
The numbers: 27 agents, 64 skills, 33 commands, 1,282 security tests, 98% coverage. Claimed 60% cost reduction in production.
But the numbers aren’t the interesting part.
The Core Insight: Harness Quality Is the Bottleneck
The README frames it directly: “Not just configs. A complete system: skills, instincts, memory optimization, continuous learning, security scanning, and research-first development.”
This connects to something the MedOpenClaw paper demonstrated empirically this week and the Meta-Harness paper argued theoretically: the scaffold around a model shapes its behavior as much as the model itself. The same Claude, running through a well-designed harness vs. a bare API call, produces dramatically different results on complex multi-step tasks.
everything-claude-code is 10 months of one developer’s hard-won evidence for what that scaffold should look like.
What’s Actually Useful
The six capability areas worth paying attention to:
Token optimization — model selection logic, system prompt slimming, background process patterns. The 60% cost claim comes from here. The key lever is routing: not every subtask needs Sonnet. Knowing when to drop to a cheaper model mid-session without degrading output quality is where most of the savings live.
Memory persistence — hooks that automatically save and reload context across sessions. This is the problem every agent builder hits: the model forgets everything between sessions. ECC’s hooks handle this at the harness level rather than making it the application’s problem. The v1.9 update added a SQLite state store with a query CLI, which is a meaningful step up from flat markdown files.
Continuous learning — auto-extraction of patterns from sessions into reusable skills. The agent observes its own successful patterns and codifies them. This is the self-improvement loop that makes the system compound over time rather than stay static.
Verification loops — checkpoint vs. continuous evals, grader types, pass@k metrics. This is the piece most agentic systems skip entirely. ECC bakes evaluation into the workflow rather than treating it as a separate offline concern.
Parallelization — git worktrees, cascade method, instance scaling patterns. When to run multiple agent instances vs. a single sequential agent is non-obvious. The cascade method (hierarchical task decomposition with parallel leaf execution) is the pattern that scales.
AgentShield — 1,282 security tests covering prompt injection, path traversal, command injection, data exfiltration vectors. Published as a standalone npm package (ecc-agentshield). This is the piece that matters most for production deployment and the piece most people building on Claude Code have skipped entirely.
The Leaked Source Code Connection
Here’s the irony the leak surfaces: the Claude Code source code exposed yesterday shows Anthropic’s internal harness — the coordinator.ts, the cost tracker, the context management logic. That’s months of Anthropic’s own engineering.
everything-claude-code is months of a power user reverse-engineering what works from the outside. The two together — Anthropic’s internal architecture and a community-built optimization layer — give a more complete picture of production-grade agentic Claude than either alone.
One specific overlap worth noting: ECC’s v1.8 release added /harness-audit, /loop-start, /loop-status, and /quality-gate commands — the same instrumentation concerns that appear in the leaked cost-tracker.ts and coordinator modules. Independent convergence on the same problems.
The Commands Worth Installing First
If you’re running Claude Code and want to start somewhere:
/plan— forces a structured planning phase before execution; prevents the most common failure mode (agent starts coding before it understands the problem)/tdd— test-driven workflow; writes failing tests first, then implements/security-scan— runs AgentShield checks against the current codebase/model-route— explicit model selection per task type rather than using one model for everything/harness-audit— scores your current harness configuration against ECC’s criteria
Install
npx ecc-universalWorks on Claude Code, Cursor, OpenCode, and Codex CLI. Selective install in v1.9 means you can pull only the components you want rather than the full system.
Repo: github.com/affaan-m/everything-claude-code
Security module: npm install ecc-agentshield