DEV Community

Cover image for An open-source AI Product Builder now ships compliance-reviewed software for 5 regulated industries
Alexander Velikiy
Alexander Velikiy

Posted on • Originally published at greatcto.systems

An open-source AI Product Builder now ships compliance-reviewed software for 5 regulated industries

Cross-posted from greatcto.systems/blog.

GreatCTO is an open-source AI Product Builder that runs on Claude Code: describe a product, approve the spec, and a pipeline of specialist agents ships real software. Until now its catalog covered ten US service industries — 40 products across six build pipelines.

This week it's 15 industries and 60 products — and all five new verticals are regulated, with the compliance review built into the pipeline.

The five new verticals

Industry Products
🩺 Allied health & clinics Patient scheduling · Clinical charting · Insurance claims · Patient intake
🦷 Dental practices Dental scheduling · Treatment planning · Dental claims · Recall & reactivation
🛡️ Insurance agencies Quote management · Policy management · Commission management · Agency CRM
🧾 Accounting & tax firms Client books · Tax workflow · Document portal · Engagement billing
⚖️ Law firms & solo practitioners Matter management · Document automation · Client intake · Trust & billing

The compliance reviewer comes with the build

The hard part of regulated software isn't the CRUD — it's the rules around it. So when you build in one of these verticals, GreatCTO detects the archetype and auto-attaches the matching domain reviewer before anything ships:

  • Health & dental → HIPAA / PHI (encryption, access control, BAA surface, CDT/ICD coding)
  • Insurance → NAIC / ACORD (actuarial auditability, anti-discrimination pricing, filing standards)
  • Accounting & tax → SOX ITGC + IRS (segregation of duties, ASC 606, 1099, Circular 230)
  • Law firms → a dedicated legal reviewer

The reviewer writes a threat model, flags the domain risks, and signs off before the build proceeds. You approve one spec; the compliance expertise runs inside the pipeline.

A whole legal archetype

Law-firm software has failure modes no generic reviewer catches, so it got its own archetype + reviewer covering the profession's real obligations:

  • UPL — software must inform, not advise; attorney review is a structural gate.
  • IOLTA / client trust accounting — no commingling, per-client ledgers, three-way reconciliation. Get it wrong and it's a bar complaint, not a bug.
  • Attorney-client privilege — Model Rule 1.6: encryption, matter-level access, metadata scrubbing.
  • Conflict screening — adverse-party checks that block intake before a conflict exists.
  • E-filing — PACER / CM-ECF, FRCP 5.2 redaction.

Also new this cycle

  • Measured product quality — every generated product gets an automated 0–100 score (a clean build benchmarks ~89/100).
  • Cross-model review — high-stakes diffs are red-teamed by a different model family, because a model reviewing its own family's code is blind to its own mistakes.
  • great-cto upgrade --self — one-command self-upgrade that detects how the CLI was installed (npm / pnpm / volta / npx).
  • Leaner local board — bundles on a fresh install, runs fully offline.

Try it

MIT-licensed, runs locally:

npx great-cto@latest
Enter fullscreen mode Exit fullscreen mode

All 60 products at greatcto.systems/build. v2.82.2 is live.

Top comments (0)