diff --git a/.github/workflows/claude-review.yml b/.github/workflows/claude-review.yml
new file mode 100644
index 000000000000..c71ab63ccaaf
--- /dev/null
+++ b/.github/workflows/claude-review.yml
@@ -0,0 +1,24 @@
+name: Claude Code Review
+on:
+  issue_comment:
+    types: [created]
+
+jobs:
+  review:
+    if: |
+      github.event.issue.pull_request &&
+      contains(github.event.comment.body, '@claude') &&
+      github.event.comment.user.login == 'ssilvert'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
+      issues: write
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - uses: anthropics/claude-code-action@v1
+        with:
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
diff --git a/claude.md b/claude.md
new file mode 100644
index 000000000000..a58003515b70
--- /dev/null
+++ b/claude.md
@@ -0,0 +1,27 @@
+# Keycloak Codebase Context
+
+## Architecture
+
+- SPI-based extension model: implementations go in `services/`, interfaces in `core/`
+- Quarkus-based server, built with pnpm monorepo for the admin console (React/TypeScript)
+- Realm isolation is a hard boundary — cross-realm data access is always a bug
+
+## Security-critical areas
+
+- `services/src/main/java/org/keycloak/authorization/` — FGAP/AuthZ logic
+- Admin REST API endpoints — check for proper permission checks on every operation
+- Token issuance and validation paths
+
+## Review conventions
+
+- New SPIs must follow the existing provider factory pattern
+- Admin REST resources must check permissions via AdminPermissions, not raw role checks
+- No business logic in JAX-RS resource classes — delegate to managers/services
+- JavaScript source map files (.map) must never be served in production
+
+## What to flag
+
+- Cross-realm data leakage
+- Missing permission checks on admin operations
+- SPI implementations that bypass the provider registry
+- Hardcoded realm or client names