Autonomous Agent

Nightshift

A senior engineer on the night shift. Runs while you sleep — systematically discovers and fixes production-readiness issues across your entire stack.

Nightshift isn't a linter. It's an autonomous agent that reads your codebase like a new hire on day two — noticing the Rust function that panics on empty input, the React component with no error boundary, the test file that only covers the happy path. It fixes what it can, logs what it can't, and documents everything in a detailed shift log.

Install

One-liner

$curl -sL https://raw.githubusercontent.com/Recusive/Nightshift/main/install.sh | bash

Or manually

$mkdir -p ~/.claude/skills/nightshift

$curl -sL github.com/Recusive/Nightshift/raw/main/SKILL.md -o ~/.claude/skills/nightshift/SKILL.md

$curl -sL github.com/Recusive/Nightshift/raw/main/run.sh -o ~/.claude/skills/nightshift/run.sh && chmod +x ~/.claude/skills/nightshift/run.sh

How it works

Every shift follows a disciplined loop. Nightshift rotates through discovery strategies for breadth — it doesn't grind one folder for 8 hours.

Discover

Pick an area and strategy. Find something worth improving.

Assess

Read the code, check git blame. Is this a real issue?

Decide

Can you fix this safely in 5 files or less? Fix or log.

Act

Make the fix, write tests if needed, run them.

Document

Update the shift log with what you found and did.

Commit

One atomic commit per fix. Clear message. Repeat.

Two ways to run

Interactive

Type /nightshift inside Claude Code. The agent creates a worktree, reads your project conventions, and starts the discovery loop immediately. Watch it work or walk away.

>/nightshift

Overnight

Run the shell script before bed. It spawns fresh 30-minute Claude sessions inside a git worktree. Each cycle reads the previous shift log and picks up where it left off.

$~/.claude/skills/nightshift/run.sh

$~/.claude/skills/nightshift/run.sh 10 45

Default: 8 hours, 30-minute cycles. Args: hours, minutes-per-cycle.

7 discovery strategies

Nightshift rotates through these strategies every 30-45 minutes for breadth. It doesn't just run one strategy all night — the shift log should read like a senior engineer explored the whole codebase.

Security

Hardcoded secrets, injection vectors, unsafe eval, path traversal, overly broad permissions

Error Resilience

Missing error boundaries, unhandled promises, API calls without try/catch, crash paths under edge cases

Test Coverage

Critical paths flying blind — business logic without tests, happy-path-only coverage, untested utilities

Accessibility

Missing aria-labels, broken keyboard navigation, focus traps, forms without labels, color-only information

Code Hygiene

Aged TODOs, debug logging in production, dead exports, convention violations, type safety gaps

Performance

Memory leaks, missing lazy loading, N+1 queries, unbounded re-renders, event listeners never cleaned up

Production Polish

Missing loading states, blank empty states, unhelpful error messages, broken responsive layouts

Safety rails

Nightshift is autonomous but cautious. These are hard rules with no exceptions — a cautious night shift is better than a bold one that breaks things.

Never touches your main working directory — all work in an isolated git worktree

Never force pushes, modifies architecture, or deletes files

Always runs tests before committing — reverts if tests fail

Never suppresses warnings (@ts-ignore, eslint-disable, #[allow])

Checks git blame — skips code being actively worked on

Respects CLAUDE.md, AGENTS.md, linter configs, and style guides

Fixes touch 5 files or fewer — anything larger gets logged for you

Never modifies CI/CD, build configs, or deployment scripts

Fix or log?

Nightshift uses a strict decision framework. Not every issue should be fixed overnight — some need human input, and that's by design.

Fix it when

The change touches 5 files or fewer
It's additive — tests, error boundaries, aria-labels
Existing tests still pass after the change
Git blame shows the code isn't actively being worked on

Log it when

It crosses module boundaries or >5 files
It requires architecture or interface changes
It needs product or design input
The code is actively being worked on

Performance

Measured across real-world overnight runs on production codebases — TypeScript/React frontends, Rust backends, and full-stack applications.

8-15

Fixes per shift

Atomic, tested commits across the full stack — not just linting

<5%

Revert rate

Tests must pass before every commit — if they fail, it reverts automatically

Full

Stack coverage

Frontend, backend, tests, a11y, security — rotates strategies for breadth

Unlimited

Context window

Fresh 30-minute cycles with shared shift log — runs 8-10 hours overnight

What you wake up to

Three deliverables — all in an isolated git worktree so your working directory is untouched.

docs/Nightshift/2026-04-02.md

The shift log — executive summary, numbered fixes with file paths and reasoning, logged issues that exceeded autonomous scope, and strategic recommendations. This is the first thing you read.

nightshift/2026-04-02

A clean git branch with atomic, prefixed commits. Each commit message explains the issue and the fix. Cherry-pick individual fixes or merge the whole branch.

Passing test suite

Every fix is tested before commit. If a change breaks tests, it gets reverted and logged instead. The final test suite run confirms everything is green.

Example shift log

A condensed example of what a real shift log looks like after an overnight run.

docs/Nightshift/2026-04-01.md

# Nightshift — 2026-04-01

Branch: nightshift/2026-04-01
Base: main

## Summary

Covered React components, Rust backend commands,
and test coverage. Fixed 3 unhandled promise
rejections in API hooks, hardened 2 Rust IPC
commands against empty input, added error
boundaries to the dashboard and settings panels,
and wrote 4 new test files for untested stores.
Logged a session recovery architecture issue that
needs design input.

## Stats
- Fixes committed: 11
- Issues logged: 3
- Tests added: 4
- Files touched: 19

## Fixes

### 1. Error boundary for Dashboard (cycle 1)
- Category: Error Handling
- Files: src/components/Dashboard.tsx
- What: Crash in chart rendering white-screens
  the entire app
- What I did: Wrapped component tree in
  ErrorBoundary with fallback UI

### 2. Hardened parse_config (cycle 2)
- Category: Security
- Files: src-tauri/src/config.rs
- What: User-supplied path passed to fs::read
  without sanitization
- What I did: Added path traversal check, reject
  paths containing ".."

## Logged Issues

### 1. Session recovery needs redesign
- Severity: High
- Files: src/stores/session.ts (+ 8 others)
- Why not fixed: Touches >5 files, requires
  architecture decision on recovery strategy

Integration

Everything lives in an isolated git worktree. Review at your own pace, cherry-pick what you want, merge the rest.

#Review the shift log

$cat docs/Nightshift/2026-04-01.md

$git log nightshift/2026-04-01 --oneline

#Cherry-pick or merge

$git merge nightshift/2026-04-01

#Clean up

$git worktree remove docs/Nightshift/worktree-2026-04-01

Commit format

Every commit is atomic, prefixed, and self-documenting. One fix per commit — never batched.

nightshift: [error-handling] add error boundary to Dashboard

What: crash in chart rendering would white-screen the entire app
Fix: wrapped component tree in ErrorBoundary with fallback UI

nightshift: [security] sanitize path input in parse_config

What: user-supplied path passed to fs::read without validation
Fix: reject paths containing ".." to prevent directory traversal

What makes it different

Most automated code improvement tools fall into the same traps. Nightshift is designed to avoid them.

Not a linter pass

Adding aria-labels to 50 files is real work, but it's also what a linter rule does. Nightshift mixes in error handling, tests, security fixes, and backend hardening — the shift log reads like a senior engineer reviewed the whole codebase.

Not frontend-only

React components are numerous and visible, so AI agents gravitate toward them. Nightshift explicitly rotates to Rust, Go, Python — wherever the backend lives. Backend bugs are often more consequential.

Not repetitive

If it finds the same issue in 14 files, it fixes a couple as examples and logs the pattern with a recommendation ("add an ESLint rule"). Spending an entire cycle on the same mechanical fix is a wasted shift.

Builds on previous shifts

Each cycle reads the shift log from previous cycles. It won't repeat work that's already been done — it goes somewhere different, covering more of the codebase each night.

Architecture

Isolated worktree + cyclic sessions

All work happens inside a git worktree at docs/Nightshift/worktree-YYYY-MM-DD/. Your main checkout is never touched — no stashing, no branch switching, no risk to uncommitted work. For overnight runs, the shell script spawns fresh 30-minute Claude sessions. Each session starts clean but reads the shared shift log to continue from where the last cycle left off. This bypasses context window limits entirely — Nightshift can run 8-10 hours without degradation.

Git worktree isolationClaude Code CLISKILL.md (Markdown)run.sh (Bash)Zero dependencies

Requirements

Claude Code CLIGit (with worktree support)

That's it. No npm packages, no build tools, no API keys. Two files — SKILL.md and run.sh.

Open source. MIT license.

Two files, zero dependencies, fully autonomous. Install in 30 seconds and let it run tonight.

View on GitHub Browse all skills