Research → Plan → Implement: The Claude Code Framework

The Problem with AI-Assisted Development

90% of developers use AI tools wrong.

They jump straight to implementation, skip research, and wonder why their AI assistant produces buggy, inconsistent code that doesn't follow project patterns.

The Research → Plan → Implement framework changes that.

The Framework That Changes Everything

Research → Plan → Implement → Validate

This isn't just a workflow. It's a force multiplier that turns Claude Code from a coding assistant into your senior engineering partner.

Core Philosophy

1. Context Is King

AI without context is just fancy autocomplete. The framework ensures Claude understands:

Your codebase patterns
Your architectural decisions
Your team conventions
Your production constraints

2. Plans Prevent Pain

Writing code is easy. Writing the right code is hard. Plans ensure:

Clear scope and requirements
Phased, testable implementation
Measurable success criteria
No scope creep or surprises

3. Persistent Knowledge

Every research finding and plan becomes organizational memory:

Research documents accumulate insights
Plans serve as technical specifications
Session summaries enable seamless handoffs

The Complete Workflow

Phase 1: Research (`/1_research_codebase`)

Purpose: Deep understanding before any code is written

/1_research_codebase
> How does the authentication system handle session management and token refresh?

What Happens Behind the Scenes:

# Claude spawns parallel agents
agents = [
    CodebaseLocator(find="auth files, session management"),
    CodebaseAnalyzer(understand="token refresh implementation"),
    PatternFinder(discover="authentication patterns to follow")
]
 
# Agents work simultaneously
results = await parallel_execute(agents)
 
# Synthesize comprehensive findings
research_doc = compile_findings(results)

Output: Detailed research document with:

File locations and line numbers
Code patterns and conventions
Architecture insights
Implementation recommendations

Real Example Output:

## Authentication System Analysis
 
### Token Management
- JWT tokens stored in httpOnly cookies (auth-utils.ts:45)
- Refresh tokens in secure Redis store (session-manager.ts:112)
- 15-minute access token, 7-day refresh token
 
### Session Handling Pattern
 
    // Current implementation at auth-middleware.ts:78
    async function refreshSession(refreshToken: string) {
      const session = await redis.get(`session:${refreshToken}`);
      if (!session || isExpired(session)) {
        throw new UnauthorizedError();
      }
 
      const newTokens = generateTokenPair(session.userId);
      await redis.setex(`session:${newTokens.refresh}`,
        7 * 24 * 60 * 60, session);
 
      return newTokens;
    }
 
 
### Security Considerations Found
- CSRF protection via double-submit cookies
- Rate limiting on refresh endpoint (5 requests/minute)
- Token rotation on every refresh

Phase 2: Planning (`/2_create_plan`)

Purpose: Create detailed, phased implementation plans

/2_create_plan
> Based on the research, add OAuth 2.0 support with Google and GitHub providers

Interactive Planning Process:

Claude analyzes requirements
Researches similar implementations
Proposes phased approach
Iterates with you until perfect

Example Plan Structure:

# OAuth 2.0 Integration Plan
 
## Overview
Add OAuth 2.0 authentication with Google and GitHub providers while maintaining existing JWT session management.
 
## Implementation Approach
Extend current auth system rather than replace. Use Passport.js for OAuth strategies, integrate with existing JWT/Redis session management.
 
## Phase 1: Database & Models
 
### Changes Required:
 
#### 1. Database Schema
**File**: `prisma/schema.prisma`
**Changes**: Add OAuth provider tracking
 
    model User {
      id            String    @id @default(cuid())
      email         String    @unique
      providers     OAuthProvider[]
      // existing fields...
    }
 
    model OAuthProvider {
      id            String    @id @default(cuid())
      provider      String    // 'google' | 'github'
      providerId    String
      userId        String
      user          User      @relation(fields: [userId])
 
      @@unique([provider, providerId])
    }
 
### Success Criteria:
 
#### Automated Verification:
- [ ] Migration runs successfully: `npm run db:migrate`
- [ ] Schema validates: `npm run db:validate`
- [ ] Tests pass: `npm test -- auth.test.ts`
 
#### Manual Verification:
- [ ] Database accepts OAuth records
- [ ] Existing auth still works
 
---
 
## Phase 2: OAuth Strategy Implementation
 
### Changes Required:
 
#### 1. Passport Strategies
**File**: `src/auth/strategies/oauth.ts`
**Changes**: Implement OAuth strategies
 
    export const googleStrategy = new GoogleStrategy({
      clientID: process.env.GOOGLE_CLIENT_ID,
      clientSecret: process.env.GOOGLE_CLIENT_SECRET,
      callbackURL: "/auth/google/callback"
    }, async (accessToken, refreshToken, profile, done) => {
      const user = await findOrCreateUser({
        provider: 'google',
        providerId: profile.id,
        email: profile.emails[0].value
      });
      done(null, user);
    });
 
 
### Success Criteria:
- [ ] Google OAuth flow completes
- [ ] GitHub OAuth flow completes
- [ ] Sessions created properly
- [ ] Rate limiting still works

Phase 3: Implementation (`/4_implement_plan`)

Purpose: Execute the plan systematically

/4_implement_plan
> @thoughts/shared/plans/001_oauth_integration.md

How It Works:

Reads plan and creates todo list
Implements phase by phase
Runs verification after each phase
Updates plan checkboxes
Handles blockers intelligently

Real Implementation Session:

Starting Phase 1: Database & Models
 
✓ Updated prisma/schema.prisma
✓ Created migration
✓ Running migration... Success!
✓ Tests passing
 
Phase 1 Complete. Starting Phase 2...
 
✓ Installed passport dependencies
✓ Created OAuth strategies
⚠️ Issue: Google Client ID not in .env
 
Blocker Found:
Need GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET environment variables.
Please add these to your .env file:
 
GOOGLE_CLIENT_ID=your_client_id_here
GOOGLE_CLIENT_SECRET=your_client_secret_here
 
Once added, I'll continue with Phase 2.

Phase 4: Validation (`/3_validate_plan`)

Purpose: Verify implementation matches plan and prepare for commit

/3_validate_plan
> Validate the OAuth implementation

Comprehensive Validation:

## Validation Report: OAuth 2.0 Integration
 
### Implementation Status
✓ Phase 1: Database & Models - Fully implemented
✓ Phase 2: OAuth Strategies - Fully implemented
✓ Phase 3: UI Integration - Fully implemented
 
### Automated Verification Results
✓ Build passes
✓ All 47 tests pass
✓ Type checking clean
✓ No linting issues
 
### Code Review Findings
 
#### Matches Plan:
- Database schema correctly extended
- OAuth strategies properly configured
- Session management integrated seamlessly
 
#### Security Validation:
- CSRF protection maintained
- Rate limiting applies to OAuth endpoints
- Tokens properly secured
 
### Manual Testing Checklist:
- [ ] Google sign-in flow works
- [ ] GitHub sign-in flow works
- [ ] Session persistence correct
- [ ] Logout clears all sessions
- [ ] Account linking works

Advanced Features

Cloud Infrastructure Analysis (`/7_research_cloud`)

Purpose: Analyze cloud deployments without making changes (READ-ONLY)

/7_research_cloud
> Azure
> all

What It Analyzes:

Resource inventory and architecture
Security and compliance posture
Cost breakdown and optimization opportunities
Performance and scaling configurations
Network topology and access controls

Example Analysis Output:

## Cloud Infrastructure Analysis: Production Azure
 
### Resource Inventory
| Type | Count | Monthly Cost | Region |
|------|-------|--------------|--------|
| VMs | 12 | $2,400 | East US |
| Storage | 8 | $450 | East US |
| SQL DBs | 3 | $1,200 | East US |
 
### Security Findings
✅ All storage encrypted at rest
⚠️ 2 VMs missing network security groups
❌ Public RDP exposed on jumpbox-01
 
### Cost Optimization
- $800/month: Resize overprovisioned VMs
- $300/month: Delete unattached disks
- $150/month: Use reserved instances
 
### Recommendations
1. Immediate: Close public RDP port
2. Short-term: Implement NSGs on all VMs
3. Long-term: Migrate to AKS for containers

Supported Platforms:

Azure (az CLI)
AWS (aws CLI)
Google Cloud (gcloud CLI)
Multi-cloud analysis

Session Management (`/5_save_progress`, `/6_resume_work`)

Save Your Work:

/5_save_progress
> Need to switch to urgent bug fix, save OAuth work

Creates comprehensive checkpoint:

## Session Summary: OAuth Integration
 
### Completed:
- Phase 1: Database setup ✓
- Phase 2: Strategy implementation ✓
- Partial Phase 3: UI (50% complete)
 
### Current State:
- Working on OAuth button components
- Google flow tested and working
- GitHub flow needs callback URL fix
 
### To Resume:
1. Fix GitHub callback URL in .env
2. Complete button styling
3. Add loading states
4. Test account linking
 
### Commands to Resume:
/6_resume_work @thoughts/shared/sessions/2025-09-23_oauth.md

Resume Later:

/6_resume_work
> @thoughts/shared/sessions/2025-09-23_oauth.md
 
Restored context:
- Plan: OAuth 2.0 Integration
- Progress: Phase 3 (50% complete)
- Next: Fix GitHub callback URL
 
Continuing from where we left off...

Framework File Structure

your-project/
├── .claude/                      # Framework configuration
│   ├── agents/                   # Specialized AI agents
│   │   ├── codebase-locator.md
│   │   ├── codebase-analyzer.md
│   │   └── codebase-pattern-finder.md
│   └── commands/                 # Workflow commands
│       ├── 1_research_codebase.md
│       ├── 2_create_plan.md
│       ├── 3_validate_plan.md
│       ├── 4_implement_plan.md
│       ├── 5_save_progress.md
│       ├── 6_resume_work.md
│       └── 7_research_cloud.md  # Cloud infrastructure analysis
├── thoughts/                     # Persistent knowledge base
│   └── shared/
│       ├── research/            # Research findings
│       │   ├── 001_auth_system.md
│       │   └── 002_payment_flow.md
│       ├── plans/               # Implementation plans
│       │   ├── 001_oauth_integration.md
│       │   └── 002_stripe_upgrade.md
│       ├── sessions/            # Work sessions
│       │   └── 2025-09-23_oauth.md
│       └── cloud/               # Cloud infrastructure analyses
│           └── azure_production.md
└── CLAUDE.md                    # Project-specific instructions

Setting Up the Framework

Step 1: Install Framework Files

# Clone the framework
git clone https://github.com/brilliantconsultingdev/claude-research-plan-implement.git
cd claude-research-plan-implement
 
# Run the setup script with your project directory
./setup.sh /path/to/your-project

The setup script will:

Guide you through the installation process
Check for existing framework files
Ask for confirmation before overwriting any existing files
Create necessary directories if they don't exist
Preserve your customizations when updating

Note: The setup script intelligently handles updates - if you already have framework files, it will ask whether to overwrite, skip, or merge changes for each file.

Step 2: Start Using Commands

# Research a feature
/1_research_codebase
> How does the current search implementation work?
 
# Create a plan
/2_create_plan
> Add Elasticsearch to improve search performance
 
# Implement the plan
/4_implement_plan
> @thoughts/shared/plans/elasticsearch_integration.md
 
# Validate
/3_validate_plan
 
# Commit changes manually
git add .
git commit -m "feat: Add Elasticsearch integration"

Pro Tips for Maximum Efficiency

1. Always Start with Research

Even if you think you know the codebase:

/1_research_codebase
> Current error handling patterns in API routes

Research prevents:

Missing edge cases
Breaking existing patterns
Duplicate implementations

2. Be Specific in Plans

Vague plans lead to vague implementations:

Bad: "Add caching to improve performance"

Good: "Add Redis caching layer for product API with 5-minute TTL, invalidation on update, and fallback to database on cache miss"

3. Use Session Management for Complex Features

Don't try to do everything in one sitting:

# Day 1: Research and plan
/1_research_codebase
/2_create_plan
/5_save_progress
 
# Day 2: Implement core
/6_resume_work
/4_implement_plan (Phase 1-2)
/5_save_progress
 
# Day 3: Finish and ship
/6_resume_work
/4_implement_plan (Phase 3)
/3_validate_plan
git commit -m "feat: Complete feature implementation"

4. Leverage Parallel Agents

The framework spawns multiple agents simultaneously:

/1_research_codebase
> How do authentication, authorization, and rate limiting work together?
 
# Spawns 3 parallel agents to research each aspect
# 3x faster than sequential research

5. Build Your Knowledge Base

Every research and plan adds to your project's intelligence:

After 10 research docs: Claude understands your architecture
After 20 plans: Claude knows your implementation patterns
After 30 sessions: Claude can predict your preferences

Common Patterns & Solutions

Pattern 1: Feature Addition

/1_research_codebase → /2_create_plan → /4_implement_plan → /3_validate_plan

Pattern 2: Bug Investigation

/1_research_codebase (understand the bug) → /4_implement_plan (fix) → /3_validate_plan

Pattern 3: Refactoring

/1_research_codebase (current state) → /2_create_plan (refactor strategy) → /4_implement_plan (incremental changes)

Pattern 4: Performance Optimization

/1_research_codebase (bottlenecks) → /2_create_plan (optimization strategy) → /4_implement_plan → /3_validate_plan (benchmark)

Pattern 5: Cloud Cost Optimization

/7_research_cloud (analyze current) → /2_create_plan (optimization plan) → /4_implement_plan (apply changes)

Pattern 6: Security Audit

/7_research_cloud (security focus) → /1_research_codebase (app security) → /2_create_plan (remediation)

The Framework Mindset

Think in Phases

Every task has natural breaking points:

Setup/Configuration
Core implementation
Edge cases
Testing
Documentation

Embrace the Process

Research prevents rework
Plans prevent scope creep
Validation prevents bugs
Documentation prevents knowledge loss

Your Next Steps

Today (5 minutes):

Copy framework files to your project
Create basic CLAUDE.md with your conventions
Try one research command

This Week (30 minutes):

Research one aspect of your codebase
Create a plan for a small feature
Implement using the framework

This Month:

Use framework for all new features
Build up 10+ research documents
Measure your efficiency improvement

Resources & Support

Framework Repository

GitHub: github.com/brilliantconsultingdev/claude-research-plan-implement
Documentation: Full setup and customization guide
Examples: Real-world implementations

The Bottom Line

The Research-Plan-Implement Framework isn't just about writing better code faster. It's about transforming how you think about AI-assisted development.

Stop treating Claude as a code generator. Start treating it as your senior engineering partner who:

Researches thoroughly before coding
Plans systematically before implementing
Validates comprehensively before shipping
Learns continuously from every interaction

The best time to adopt the framework was when you started your project. The second best time is now.

Ready to transform your development workflow? Install the framework and join engineers shipping better code faster: github.com/brilliantconsultingdev/claude-research-plan-implement

Questions? Connect with me: alex@alexkurkin.com