From a sentence to a running thing — agents, systems, full apps, infrastructure. Every irreversible step still waits on your yes.
>
awaiting intent
Eight stations, one continuous loop. You only ever touch the two that stop and ask.
Builds silently · no input from you
You describe the outcome in plain words. Forge asks a few sharp questions until the idea is fully understood.
Your words become a structured spec — shown to you before anything is built.
Forge works out how to build it and what kind of thing it is, then routes to the right mold.
The builder generates it on top of vetted scaffolds, then lints and tests it.
It runs in a sealed, single-use environment first. If it breaks, it breaks safely in there — never on you.
Your approval · nothing happens without your yes
Your yes → a private repo in your GitHub, code pushed. You own it from the first commit.
Your yes → a live URL. Nothing public happens unprompted.
Live
It's yours, running — and kept alive around the clock if it needs to be.
Examples of what a finished forge looks like — real run metrics land here after launch.
Scans new CV papers daily, emails a 5-bullet brief at 07:00 UTC.
arxiv-morning-brief
Three agents tracking five competitors weekly — pricing, hiring, social — into a Monday digest.
competitor-watch
Employees submit, managers approve, everyone sees status.
expense-flow
Postgres with row-level security for a four-person team, daily backups, observability.
team-postgres
“Asks before it ships” isn’t a tagline. It’s three structural guarantees, present since the first version.
Forge never creates a repo or deploys without your explicit yes, each time. The gate is the point — it's what makes letting software build for you trustworthy.
Everything Forge produces runs in an isolated, single-use sandbox before it touches anything real. No exceptions.
Every build and every running product lives under a spend cap with an instant kill switch. The system can never quietly run away.
You type
“A web app where my team submits expenses, a manager approves them, and everyone sees their own history.”
Forge
It pauses — twice
You get
Public the moment you approved it.
In your GitHub. Yours to keep.
Watch, manage, or stop it anytime.
Approve both gates above to release the build →
Try a real forge end to end for five dollars.
Connect your own model-provider key — model usage is billed to you directly, so there's no markup hiding in the middle.
A spend cap and kill switch on every build and every running product.
No. You describe the outcome in plain words; Forge handles every technical detail.
Yes. Forge creates a private repository in your own GitHub and pushes there. You own it from the first commit.
No. Every build and running product runs under a hard spend cap with an instant kill switch. You set the ceiling.
Never. Two explicit gates — “create the repo?” and “deploy?” — wait on your yes. Nothing public happens unprompted.
In an isolated, single-use sandbox. Generated code is treated as untrusted until it's proven safe — so a broken build breaks in there, not on you.
Agents, multi-agent systems, full applications, and infrastructure — rising in power, each on the same safe engine.
It fails inside the sandbox. Failures are classified — a transient hiccup retries automatically; a real stop is surfaced to you on a readable timeline.