XRay is a project health audit that produces a score from 0 to 100 and a maturity level from 1 to 5. Makeover is the follow-up command that takes XRay’s output and automatically applies the top-priority fixes using a Claude agent swarm. Together, they give you a clear picture of where a codebase stands and a fast path to improving it.
Running XRay
Slash command
Headless dispatch
Main menu
Inside any Claude Code session: From the terminal, without an interactive session:ccc --dispatch "run xray"
Run ccc, select Research & analyze (d) from the main menu, then choose Code audit / review.
The 6 audit dimensions
XRay scans the project and scores each of the following dimensions independently. The weighted scores are summed to produce the overall health score.
| Dimension | Weight | What it checks |
|---|
| Security | 25% | CVEs, exposed secrets, .env files tracked in git, lockfile integrity |
| Testing | 20% | Test configuration, coverage, E2E frameworks, presence of test files |
| Maintainability | 20% | Code complexity, linting config, formatting, duplication |
| Dependencies | 15% | Outdated packages, known vulnerabilities |
| DevOps | 10% | CI/CD presence, quality gates, deployment configuration |
| Documentation | 10% | README.md, CLAUDE.md, inline docs, API documentation |
Security carries the highest weight at 25% because findings in this dimension — exposed credentials, known CVEs, untracked lockfiles — carry the highest risk in production. A project with perfect testing and documentation but failing security checks will score below 75/100 overall.
Maturity levels
Every XRay report assigns a maturity level in addition to the numeric score:
| Level | Name | Typical score range | What it means |
|---|
| 1 | Initial | 0–20 | No test infrastructure, no CI, likely no README |
| 2 | Managed | 21–40 | Some structure in place but major gaps in at least 2 dimensions |
| 3 | Defined | 41–60 | Consistent practices, CI present, basic test coverage |
| 4 | Quantified | 61–80 | High coverage, security checks passing, full DevOps pipeline |
| 5 | Optimizing | 81–100 | All dimensions healthy, docs current, zero known vulnerabilities |
XRay output
The XRay report includes:
- Overall health score and maturity level
- A score bar for each dimension
- Prioritized recommendations with the relevant skill to run for each finding
- Quick-fix commands for immediate wins
Project Health: 42/100 — Maturity: 2 (Managed)
Security ████░░░░░░ 38/100 ← No lockfile, 2 CVEs in deps
Testing ██░░░░░░░░ 20/100 ← No test files found
Maintainability ██████░░░░ 60/100 ← ESLint configured
Dependencies ████████░░ 78/100 ← 3 minor outdated packages
DevOps ░░░░░░░░░░ 0/100 ← No CI pipeline
Documentation ████░░░░░░ 40/100 ← README present, no CLAUDE.md
Top recommendations:
1. Add CI pipeline (impact: 85) → /senior-devops
2. Create test files (impact: 90) → /tdd-workflow
3. Create CLAUDE.md (impact: 80) → /project-kickoff
Running Makeover
After an XRay scan, run Makeover to apply the highest-impact fixes automatically:
Makeover re-runs XRay to get the current state, then presents the top 5 recommendations sorted by impact score. For each recommendation, it offers three choices: apply it automatically using the recommended skill, skip to the next one, or stop the makeover.
Current Health: 42/100 (Maturity: 2 - Managed)
[1/5] No CLAUDE.md (impact: 80)
-> Running /project-kickoff...
-> Done. CLAUDE.md created.
[2/5] No test files (impact: 90)
-> Running /tdd-workflow...
-> Done. 12 test files created.
[3/5] No CI pipeline (impact: 85)
-> Running /senior-devops...
-> Done. .github/workflows/ci.yml created.
Updated Health: 71/100 (Maturity: 3 - Defined)
Improvement: +29 points
Makeover options
| Flag | What it does |
|---|
--dry-run | Show recommendations without applying any changes |
--auto | Apply all recommendations without prompting |
--max N | Limit to N recommendations (default: 5) |
--category CAT | Focus on one dimension only: security, testing, devops, quality, docs, or architecture |
# Preview what Makeover would do without changing anything
/ccc:makeover --dry-run
# Fix only security findings
/ccc:makeover --category security
# Apply everything automatically, up to 10 recommendations
/ccc:makeover --auto --max 10
Run XRay before starting any new project or onboarding onto an existing codebase. The baseline score tells you exactly which dimensions need attention before you add features, and it gives you a concrete target to hit before calling a codebase production-ready.
Makeover applies changes directly to your working directory. Commit or stash any in-progress work before running Makeover with --auto, so you can review or revert the changes as a clean diff.