First Steps¶
Run your first AI workflow and see results in under 5 minutes.
Your First Workflow¶
Let's run a security audit on some code. This workflow scans for vulnerabilities and provides actionable recommendations.
Option 1: CLI (Fastest)¶
# Scan your source directory
attune workflow run security-audit --path ./src
# Or scan current directory
attune workflow run security-audit --path .
Example output:
Security Audit Results
======================
Status: completed
Findings: 3
[HIGH] SQL query vulnerable to injection
File: src/database.py:45
Fix: Use parameterized queries
[MEDIUM] Hardcoded API key in config
File: src/config.py:12
Fix: Move to environment variable
[LOW] Missing input validation
File: src/handlers/user.py:28
Fix: Validate user input before processing
Cost: $0.0850
Option 2: Python¶
from attune.workflows import SecurityAuditWorkflow
import asyncio
async def audit():
workflow = SecurityAuditWorkflow(enable_cache=True)
result = await workflow.execute(target_path="./src")
print(f"Status: {result.status}")
print(f"Found {len(result.findings)} issues:")
for finding in result.findings:
print(f" [{finding.severity}] {finding.description}")
print(f"\nCost: ${result.cost_report.total_cost:.4f}")
asyncio.run(audit())
Try More Workflows¶
Attune AI includes 10+ built-in workflows:
| Workflow | Command | What It Does |
|---|---|---|
| Security Audit | attune workflow run security-audit |
Find vulnerabilities |
| Bug Prediction | attune workflow run bug-predict |
Predict likely bugs |
| Test Coverage | attune workflow run test-coverage |
Generate missing tests |
| Release Prep | attune workflow run release-prep |
Pre-release checklist |
| Dependency Check | attune workflow run dependency-check |
Find outdated deps |
# List all available workflows
attune workflow list
# Get help for a specific workflow
attune workflow run security-audit --help
Understanding the Output¶
Every workflow returns:
| Field | Description |
|---|---|
status |
success, partial, or failed |
findings |
List of issues found (for analysis workflows) |
cost_report |
API costs and cache hit rate |
metadata |
Timing, model used, etc. |
Cost Tracking¶
All telemetry data stays local in ~/.empathy/telemetry/.
What Just Happened?¶
When you ran the security audit:
- File scanning - The workflow read your source files
- Tiered analysis - Simple files used a cheap model, complex ones used a capable model
- Pattern matching - Known vulnerability patterns were detected
- Report generation - Results were formatted and returned
This is the tiered model approach - automatically routing to the right model based on task complexity.
Next Step¶
Now that you've run a workflow, it's time to Choose Your Path based on how you want to use the framework.
See Also¶
- Choose Your Path - Decide between Quick Start, Tutorial, or Deep Dive
- Installation Guide - Package options and configuration
- MCP Integration - Connect to Claude Code for IDE integration
- Multi-Agent Coordination - Build agent teams
- Configuration Reference - Customize framework behavior