Software Development
Codebase Onboarding Generator
Analyzes an unfamiliar codebase and produces a machine-readable and human-readable brief with architecture map, conventions list, and flagged risk areas. Useful for first-contact orientation on new or legacy projects. Engineers joining a new team, tech leads creating onboarding docs for existing projects, AI-assisted development sessions on unfamiliar codebases, open-source maintainers helping first-time contributors. The expensive part is not reading files — it is synthesizing dozens of files into a mental model of what the system does and how it is organized. A structured onboarding generator does this synthesis once, writes it to a durable artifact (`CODEBASE_BRIEF.md`), and future sessions or new hires consume a crisp brief instead of re-deriving it.
One-Time Purchase
$19.99
CODEBASE_BRIEF.md — FinTrack Platform (fintrack-platform)
Analyzer: ClearPoint Nexus — Codebase Onboarding Generator · Depth: Medium · Audience: AI-assisted session + new engineer hire
In one paragraph
Layered TypeScript monorepo on Turborepo, three deployable apps (Next.js dashboard, Fastify+tRPC API, BullMQ worker) consuming seven internal packages plus a semi-isolated Python ML service. Postgres via Drizzle, BullMQ on Redis, JWT auth, AWS ECS for the apps and Lambda for webhooks. Five risks worth surfacing on day one; two are blockers for a clean local boot.
1. Repository at a Glance
| Field | Value |
|---|---|
| Primary Language | TypeScript (84%), Python (11%), Shell (5%) |
| Runtime Targets | Node 20 (API), Python 3.11 (ML pipeline) |
| Monorepo Tool | Turborepo (turbo.json) |
| Package Manager | pnpm 8 (pnpm-lock.yaml) |
| CI Platform | GitHub Actions (.github/workflows/) |
| Deployment Target | AWS ECS + Lambda (inferred from infra/ecs-task-def.json, infra/lambda/) |
| Test Frameworks | Vitest (unit), Playwright (e2e), pytest (ML) |
| Source of truth | packages/ — 7 workspace packages; apps/ — 3 deployable apps |
2. Architecture Map
The platform follows a layered monorepo pattern with a shared internal package registry. Three applications consume shared packages; the ML pipeline is semi-isolated.
Apps · deployable
3 entrypoints
Consume packages; never the other direction
Packages · internal
7 shared libraries
Versioned together; no external publish
Out-of-tree dependency
The Python ML service (ml/) is reached only via the packages/ml-client gRPC wrapper. Treat it as an external service in the dependency graph — its lifecycle is independent of the Turborepo pipeline.
3. Tech Stack Summary
| Layer | Technology | Config File |
|---|---|---|
| Frontend | Next.js 14 (App Router) | apps/web/next.config.ts |
| API | Fastify 4 + tRPC v11 | apps/api/src/server.ts |
| Background Jobs | BullMQ + Redis | apps/worker/src/queue.ts |
| Database | PostgreSQL 15 via Drizzle ORM | packages/db/drizzle.config.ts |
| Auth | JWT (RS256) + iron-session | packages/auth/src/index.ts |
| ML Service | FastAPI + scikit-learn, served via gRPC | ml/main.py, ml/proto/ |
| Infrastructure | AWS ECS (API/worker), Lambda (webhooks) | infra/ |
| Secrets | AWS Secrets Manager + .env.local for dev | packages/config/src/env.ts |
4. Key Conventions
- Environment validation: All env vars are declared and parsed with Zod in
packages/config/src/env.ts. Adding an undeclared var will throw at startup. Add new vars there first. - Database migrations: Run via
pnpm db:migrate(wrapsdrizzle-kit migrate). Never edit migration files after they are committed — create a new one. - API layer pattern: tRPC routers live in
apps/api/src/routers/. Each domain (accounts, transactions, reports) has its own file. Shared middleware (auth guard, rate-limit) is inapps/api/src/middleware/. - Component authorship: All UI components go in
packages/ui. Do not create one-off components insideapps/web— PRs doing so are rejected at review (seeCONTRIBUTING.md§3). - Commit style: Conventional Commits enforced by
commitlint+ Husky pre-commit hook (.husky/,commitlint.config.ts).
5. Setup — Verified Commands
Commands verified against
README.mdandMakefile. Run in order.
# 1. Prerequisites: Node 20+, pnpm 8+, Docker Desktop, Python 3.11
corepack enable
corepack prepare pnpm@8.15.4 --activate
# 2. Clone and install
git clone https://github.com/example-org/fintrack-platform.git
cd fintrack-platform
pnpm install
# 3. Start infrastructure (Postgres + Redis)
docker compose up -d # uses docker-compose.yml at repo root
# 4. Environment setup
cp .env.example .env.local # fill in DB_URL, REDIS_URL, JWT_PRIVATE_KEY
# 5. Run migrations and seed dev data
pnpm db:migrate
pnpm db:seed # ⚠️ see Risk R-02 below
# 6. Start all apps in dev mode
pnpm dev # Turborepo runs web:3000, api:3001, worker
# 7. (Optional) Start ML service
cd ml && python -m venv .venv && source .venv/bin/activate
pip install -r requirements.txt
uvicorn main:app --port 50051
6. Risk Register
| ID | Area | Severity | Finding |
|---|---|---|---|
| R-01 | Onboarding tooling | Medium | No automated dev environment script (make setup or equivalent). Steps must be followed manually. Recommend creating scripts/setup.sh. |
| R-02 | Seed data | High | pnpm db:seed exists but seed file (packages/db/src/seed.ts) references a SEED_USER_EMAIL env var not documented in .env.example. Will throw on first run for new devs. Ask the team or add to .env.example. |
| R-03 | ML service coupling | Medium | apps/api will start but return 500 on any /reports endpoint if the ML gRPC service is not running. No circuit breaker or graceful degradation detected in apps/api/src/routers/reports.ts. |
| R-04 | Secret rotation | Low | JWT_PRIVATE_KEY is loaded from .env.local in dev with no rotation tooling. Production uses Secrets Manager (confirmed via infra/ecs-task-def.json), but no rotation Lambda is present yet. Flag for security review. |
| R-05 | packages/analytics purpose | Low | Module exports a track() client but destination (Segment? internal?) is not inferrable from code alone. Purpose not fully inferred from code; ask the team. |
7. First-Week Suggested Tasks
These tasks are safe, scope-contained, and give genuine codebase exposure.
-
Fix the
.env.examplegap (R-02) — AddSEED_USER_EMAILto.env.examplewith a placeholder value. Touchespackages/db/src/seed.tsand repo root. Low risk, immediately useful, good first PR. -
Add a
pnpm typecheckscript to CI —tsconfig.jsonfiles exist across all packages but no CI step runstsc --noEmit. Add a step to.github/workflows/ci.yml. Improves type-safety feedback loop with zero production risk. -
Write a missing tRPC router test —
apps/api/src/routers/accounts.test.tsexists;transactions.test.tsdoes not. Write the happy-path and auth-guard tests using the existing Vitest + tRPC caller pattern inaccounts.test.ts. -
Document the analytics module — Add a
README.mdinsidepackages/analytics/explaining the tracking destination and event schema. No code changes required; addresses R-05 and improves team knowledge retention. -
Spike: ML service health check — Investigate adding a gRPC health probe to
apps/api/src/routers/reports.tsthat returns a 503 with a clear message when the ML service is unreachable (addresses R-03). Propose approach in a draft PR — no need to merge first week.
8. Gaps & Recommendations
- ⚠️ No dev environment automation — a
scripts/setup.shwrapping steps 1–6 above would eliminate the most common new-hire friction (R-01). - ⚠️ No CODEOWNERS file — unclear who owns
packages/ml-clientandinfra/. Add.github/CODEOWNERS. - ℹ️ Turborepo remote cache not configured —
turbo.jsonhas noremoteCacheentry. CI builds are slower than they need to be.
This brief was generated by the ClearPoint Nexus Codebase Onboarding Generator skill. All claims cite source files above. Verify anything marked ⚠️ with a team member before acting.
// codebase-brief.json (machine-readable sibling)
{
"repo": "fintrack-platform",
"primary_language": "TypeScript",
"runtime": { "api": "Node 20", "ml": "Python 3.11" },
"monorepo_tool": "Turborepo",
"package_manager": "pnpm@8",
"apps": [
{ "name": "web", "framework": "Next.js 14", "port": 3000 },
{ "name": "api", "framework": "Fastify 4 + tRPC", "port": 3001 },
{ "name": "worker", "framework": "BullMQ", "port": null }
],
"packages": [
{ "name": "ui", "purpose": "Radix + Tailwind component library" },
{ "name": "db", "purpose": "Drizzle ORM schema and migrations" },
{ "name": "auth", "purpose": "JWT and session utilities" },
{ "name": "config", "purpose": "Shared ESLint, TS config, env schema" },
{ "name": "analytics", "purpose": "UNCLEAR — ask team", "flag": true },
{ "name": "ml-client", "purpose": "Python gRPC client wrapper for ML service" },
{ "name": "types", "purpose": "Shared Zod schemas and TypeScript types" }
],
"risks": [
{ "id": "R-01", "severity": "medium", "summary": "No dev setup automation script" },
{ "id": "R-02", "severity": "high", "summary": "SEED_USER_EMAIL missing from .env.example" },
{ "id": "R-03", "severity": "medium", "summary": "No circuit breaker for ML service unavailability" },
{ "id": "R-04", "severity": "low", "summary": "No JWT rotation tooling in dev" },
{ "id": "R-05", "severity": "low", "summary": "analytics package destination not inferrable" }
],
"first_week_tasks": [
"Fix .env.example gap (R-02)",
"Add pnpm typecheck to CI",
"Write transactions router tests",
"Document analytics package",
"Spike ML service health check (R-03)"
],
"setup_commands_source": "README.md + Makefile",
"conventions_sources": ["CONTRIBUTING.md", "packages/config/src/env.ts", "commitlint.config.ts"]
}
Examples in this sample use a fictional repository (fintrack-platform) for illustration. Real client code is never included in sample outputs.
This sample illustrates the skill's output format. Names, metrics, and operational details are illustrative unless the artifact explicitly analyzes public information.
View full sample →
All sales final. No refunds on digital products.
Includes support for Claude Code, Codex, OpenClaw, and Google Antigravity in the same license.
Also in Product Documentation & Onboarding
Bundle price: $55. Compare this skill with the full workflow bundle or Pro access.
Best for
Engineering teams hiring into legacy codebases, AI-assisted development sessions starting in unfamiliar projects, and tech leads writing onboarding docs that get rewritten every quarter as the codebase drifts. Most valuable on medium-sized repos (10K–200K lines) where reading every file is not feasible but a structured brief saves days of orientation.
Not ideal for
Trivial codebases (a single-file script, a starter template) where the brief would be longer than the code, or enormous monorepos where a single brief flattens too much context. Also a poor fit as a substitute for direct domain knowledge transfer when a team is in active development and the codebase changes weekly.
Included in this purchase
- Claude Code, Codex, OpenClaw, and Google Antigravity skill files.
- Setup guidance for the right adapter in your workspace.
- One-time license for the purchased skill version.
Setup
Plan for a short setup in the repository or workspace where the skill will run. Some coding familiarity helps for implementation-heavy outputs.
Related Skills
$19.99
One-time license
$19.99
One-time license
$19.99
One-time license
Future Updates
This purchase includes the current version of the skill. If you want future adapter updates — meaning compatibility and packaging updates as supported platforms evolve — plus new catalog additions included automatically, upgrade to Pro.