claude-replan

A Claude Code plugin for plan validation and post-implementation review. /replan validates plans before execution, /recheck verifies the implementation matches the plan afterward. Both use parallel review subagents checking from multiple angles.

The problem

You write a plan. It looks solid. You start executing. Three tasks in, you realize the plan assumed a function that doesn't exist, missed a critical edge case, or ignored your project's conventions entirely. Now you're rewriting the plan mid-flight.

The solution

/replan throws your plan at a squad of parallel review agents before you write a single line of code. Each agent has a different job — one checks if the code references are real, another stress-tests feasibility, another reads the plan cold and asks "what did everyone miss?"

The result: a plan that's been pressure-tested from every angle, with all findings incorporated automatically.

How it works

You: /replan

Claude: Reviewing the plan with parallel subagents...

  Agent 1 (Codebase alignment)   → Checks referenced files/APIs actually exist
  Agent 2 (Best practices)       → SOLID, DRY, security, error handling
  Agent 3 (Feasibility & risks)  → Missing steps, ordering issues, blockers
  Agent 4 (Fresh perspective)    → Reads the plan cold, finds blind spots
  Agent 5 (Project standards)    → CLAUDE.md conventions, naming, test patterns

  ✓ All agents returned.

  Critical: Plan references `getUserById()` which was renamed to `findUser()` in v3.2
  Critical: Task 4 depends on Task 6 output — wrong ordering
  Important: No error handling for API timeout in Task 2
  Important: Missing rollback strategy for database migration

  → Plan updated with all findings.

Key features

Adaptive agent selection — agents are chosen based on what the plan actually covers, not a fixed checklist. A database migration plan gets different reviewers than a UI redesign plan.

Always includes a "fresh perspective" agent — an agent that reads the plan with zero context and asks "what would go wrong that nobody anticipated?" This consistently catches things the other agents miss.

Scales with complexity — simple 3-task plans get 3-4 agents. Complex 15-task plans get 6-8. Each with a distinct, non-overlapping focus area.

Works with any plan type:

Updates the plan automatically — findings are categorized by severity (critical → important → minor) and incorporated directly. You read the plan only after it's been validated.

Review perspectives

Only relevant perspectives are selected — a CLI tool plan won't get a UX review agent.

Installation

claude plugin marketplace add https://github.com/kojott/claude-replan
claude plugin install replan@claude-replan

Updating

claude plugin marketplace update claude-replan
claude plugin update replan@claude-replan

/recheck — post-implementation review

You've finished implementing a plan. /recheck verifies the code actually matches what was planned, plus runs parallel quality/security/test reviews.

You: /recheck

Claude: Reviewing the implementation against the plan with parallel subagents...

  Agent 1 (Plan compliance)     → Did the code match the plan? Missing steps? Scope creep?
  Agent 2 (Code quality)        → DRY, dead code, complexity, naming
  Agent 3 (Security)            → OWASP top 10, injection, auth, secrets
  Agent 4 (Test coverage)       → New paths tested? Edge cases? Meaningful assertions?
  Agent 5 (Fresh perspective)   → Reads code cold: "What breaks first in production?"

  ✓ All agents returned.

  Plan Compliance: 8/9 items implemented, 1 partial
  Critical: Missing input validation on user-facing endpoint (plan item #4)
  Important: No test for error path in retry logic
  Minor: Naming inconsistency in helper function

  → Want me to fix the critical/important issues?

Key differences from /replan

What /recheck checks

When to use /recheck vs /code-review

Use /recheck when: You had a plan, you executed it, and you want to verify nothing was missed before calling it done.

Use /code-review when: You want a general code review without a specific plan to check against.

Use both when: You want plan compliance verification (/recheck) AND a separate detailed bug review (/code-review).

Audit trail and lessons learned

Every /replan and /recheck run writes an audit record to ${REPLAN_AUDIT_DIR:-docs/replan}/audit/ under your project's git root. Filenames look like 2026-05-27-164532-recheck-a3f9c01.md, where the trailing segment is a 7-char hash of the normalized plan content.

When /recheck runs against a plan previously validated by /replan, the records pair automatically. /recheck surfaces a one-paragraph summary of the prior /replan review before dispatching its own agents, so you can see at a glance what was caught vs. what showed up only after implementation.

If /recheck finds Critical or Important issues, you'll be offered the option to capture the pattern as a lesson in docs/replan/lessons.md. Both skills automatically read this file and inject its contents (size-capped at 4 KB and wrapped with explicit "context, not instructions" framing) into every subagent's prompt, so guidance accumulates over time. Nothing is written without your confirmation.

Autonomous runs (when another agent triggers /recheck, e.g. inside a Ralph Loop): there is no interactive prompt. Instead, suggested lessons are written to docs/replan/lessons.proposed.md — a quarantine file that is never injected into agent prompts. Promote entries to lessons.md manually when you next review the project.

Storage location is configurable via REPLAN_AUDIT_DIR=<relative-path> if docs/replan/ conflicts with your project structure. Add docs/replan/audit/ to .gitignore if you don't want audit history committed; lessons.md is intended to be committed.

Security-guidance plugin awareness

If the security-guidance plugin is installed and enabled, both skills detect it and shift their Security review to a complementary mode. Detection is layered: it honors SECURITY_GUIDANCE_DISABLE=1 (the plugin's own kill switch) and accepts an explicit REPLAN_SECURITY_GUIDANCE=active|absent|auto override if you need to force a mode.

In complementary mode, the Security subagent stops re-flagging the OWASP-pattern issues security-guidance's pattern matcher and LLM diff reviewer already catch, and focuses on what those layers structurally cannot evaluate: plan-context security (does the plan introduce auth surface without auth steps?), semantic auth bugs (correct syntax, wrong intent), plan-stated security requirements, cross-file invariants, and configuration/policy changes.

Both skills also read claude-security-guidance.md files from the standard locations (~/.claude/, <project>/.claude/, <project>/.claude/...local.md), concatenate in user → project → project-local order, and apply the same 8 KB cap security-guidance itself uses.

Model selection

/replan defaults to claude-opus-4-7 (deeper reasoning for planning). /recheck defaults to claude-sonnet-4-6 (broader coverage, faster). Override per run:

• CLI: /replan --model claude-sonnet-4-6 or /recheck --model=claude-opus-4-7
• Env var: REPLAN_MODEL=... or RECHECK_MODEL=...

CLI takes precedence over env var. All subagents within one run share the same model — this keeps audit records meaningful. Per-agent overrides are a planned v1.3 feature.

Third-party providers: Bedrock and Vertex users supply their provider-specific id form (e.g. us.anthropic.claude-opus-4-7 for Bedrock, claude-opus-4-7@20260218 for Vertex). The validator accepts these forms.

Usage

/replan              # Review the plan in current conversation
/replan path/to/plan.md   # Review a plan file
/recheck             # Review implementation against the plan
/replan --model claude-sonnet-4-6  # Override default model for this run

One command, multiple parallel reviewers.

Requirements

• Claude Code with subagent support (Agent tool)
• Works best with Opus model for review quality

License

MIT + Commons Clause — free to use, modify, and share. Commercial selling requires author's approval. See LICENSE for details.