Examples

Examples that prove the workflow.

Start with a tiny app, then inspect the custom workflow stack. Each example is small enough to run locally and specific enough to show what Nanostack checks.

Start with starter-todo →See compliance-release →View examples on GitHub
5examples
4starter apps
1workflow stack
opt-inE2E harness
localsandbox runs

Runtime examples run in the opt-in E2E workflow, not every PR.

Choose by intent

I am newTry starter-todo first.I build CLIsTry cli-notes.I own APIsTry api-healthcheck.I work on frontendTry static-landing.I want to extend NanostackTry compliance-release.

Example library

beginnerstarter app

Starter Todo

Best for: new users

  • Full sprint on a tiny app
  • Plain artifacts
  • Safe local changes

Phases: /think → /nano → build → /review → /security → /qa → /ship

Covered by opt-in examples E2E

Open on GitHub →
intermediatestarter app

CLI Notes

Best for: CLI builders

  • Command-line workflow
  • Testable behavior
  • Release-ready PR notes

Phases: /think → /nano → build → /review → /security → /qa → /ship

Covered by opt-in examples E2E

Open on GitHub →
intermediatestarter app

API Healthcheck

Best for: backend and API users

  • Real HTTP probe
  • API verification
  • Security-aware endpoint changes

Phases: /think → /nano → build → /review → /security → /qa → /ship

Covered by opt-in examples E2E

Open on GitHub →
beginnerstarter app

Static Landing

Best for: frontend users

  • Visual QA
  • Safe static-site changes
  • No script injection

Phases: /think → /nano → build → /review → /security → /qa → /ship

Covered by opt-in examples E2E

Open on GitHub →
advancedworkflow stack

Compliance Release

Best for: framework evaluators

  • Custom phases
  • phase_graph scheduling
  • Release gate composition

Phases: license-audit → privacy-check → release-readiness

49 static contract checks + 51 runtime assertions in opt-in E2E

Advanced example. Not a starter app and not a compliance certification.

Open on GitHub →

Selected example

Starter Todo

Tiny app. Default sprint. Local artifacts only.

What this proves

  • The default seven-phase sprint runs end to end on a real app.
  • Each phase writes a structured artifact under .nanostack/.
  • /review and /security run before /qa, so QA exercises a checked build.

Run it locally

npx create-nanostack

Detects your agent and installs the skills.

/nano-run

Run inside your agent to configure the project.

Expected artifacts

  1. Scope

    think.jsonwedge, user, premise.

  2. Plan

    plan.jsonfiles, risks, checks.

  3. Review

    review.jsonscope drift and structural findings.

  4. Security

    security.jsonOWASP/STRIDE findings and grade.

  5. QA

    qa.jsonchecks against the running app.

  6. Ship

    ship.jsonPR, CI state, sprint journal.

What Nanostack checks

  • Plan vs diff scope drift before review approves.
  • Auth, secret, and injection patterns through /security.
  • Real running behavior through /qa with screenshots when relevant.

Artifacts are saved under .nanostack/ and resolved through bin/resolve.sh.

View transcript walkthrough

The full starter-todo README in the repo shows the exact prompts and outputs for each phase, plus the resulting artifacts. The value is in the artifact trail, not a long chat log.

Open starter-todo README →

Get started

Install nanostack →Back to home →