alpha · MIT

Memory.
Guardrails.
Governance.

For the agents that write your code.

foundry-ai wraps Claude Code, Cursor, Codex, and Gemini CLI with persistent memory, inviolable guardrails, and a PM-driven workflow where tickets become the unit of agent work. Self-hosted. Your data never leaves your machine.

$ npm install -g foundry-ai
View on GitHub
Public launch
-- d
-- h
-- m
-- s
zsh — ~/projects/my-api
Core capabilities

Everything your agents need.
Nothing they don't.

Persistent memory, guardrails, and governance — enforced at the hook level, without changing your existing workflow.

Persistent Memory

Every agent session captured and indexed with FTS5 full-text search. Find what any agent saw, decided, or wrote — across all sessions and tools.

fnd memory "why did we pick X"
fnd memory --since 24h --source cursor
fnd memory --session <id>

Inviolable Guardrails

Secret detection, intent alignment, and test gating enforced at the hook level. Rules that can't be soft-overridden mid-session.

sentinel.sanitize(snippet)
redacts secrets before prompting
HMAC chain: tamper-evident audit

PM-Driven Workflow

Linear, Jira, Asana tickets become governed specs — from ticket to audit trail, with HMAC-chained verdicts and lifecycle tracking.

fnd spec from-ticket linear:ABC-123
draft audited executing done
architect verdict: pass / fail / conditional
Architecture

No extra tokens.
No SaaS layer. Just a smarter agent loop.

foundry-ai operates through hooks and MCP — your agent's existing subscription does all the reasoning.

01

Agent fires hook

Claude Code, Cursor, or any MCP-aware agent triggers foundry hooks on every significant action.

pre-tool / post-tool
02

Foundry captures

Events stored in your local SQLCipher-encrypted .fnd/echo — searchable, HMAC-chained, tamper-evident.

.fnd/echo
03

MCP surfaces context

The architect surfaces memory, specs, and master context on demand — no extra prompts needed.

stdio MCP
04

Score tracks health

fnd score and fnd doctor give real-time health across memory, guardrails, specs, and chain integrity.

fnd score --json
Command surface

Every command you need.
Nothing you don't.

A focused CLI. No bloat. Works in any project, any shell, any machine.

fnd init Set up memory + hooks in any project
fnd memory FTS5 search across agent sessions
fnd spec Manage governed work units (specs)
fnd score Real-time project health dashboard
fnd doctor 5-check system health report
fnd daemon Long-lived process + multi-device TCP
fnd connect Wire up Jira, Asana, Linear
fnd score + doctor
$ fnd score
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
foundry score v0.5.0
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Memory ████████░░░ 78/100
Guardrails █████████░░ 91/100
Specs ██████████ 88/100
Integrity ███████████ 100/100
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Overall █████████░░ 89/100
$ fnd doctor
.fnd/echo reachable
HMAC chain intact (2,847 events)
Claude hooks registered
Daemon running pid=38291
Events (24h) 73 captured

Works with every agent and PM tool you already use

AI Agents

Claude Code
Cursor
Codex CLI
Gemini CLI

Project Management

Linear
Jira
Asana

No SaaS.
No backend.
No surprises.

Your .fnd/echo stays on the host you choose. No telemetry, no cloud component, no paid tier.

SQLCipher encrypted

Everything in .fnd/echo is AES-256 encrypted at rest. The key never leaves your machine.

Tamper-evident HMAC chain

Every write is chained. External edits via sqlcipher are caught by fnd doctor immediately.

Multi-device via TCP

The daemon serves a token-authenticated TCP endpoint. One machine, many clients.

No paid LLM calls

The architect role uses your existing agent subscription. foundry-ai persists verdicts, not prompts.

developer docs

Everything you need to build.

From first init to production governance. Full reference, zero fluff.

~5 min

Getting Started

Install, init, and wire your first agent session in under 5 minutes.
reference

CLI Reference

Every fnd command with flags, examples, and exit codes.
10 tools

MCP Tools

All 10 tools exposed by the Foundry MCP server — schemas, examples, return shapes.
config

Configuration

master_context, sentinel rules, hook events, daemon options, PM connections.
Jira · Asana

PM Integration

Connect Jira or Asana once. Use pm.get_ticket() from any MCP-compatible agent.
internals

Architecture

How the daemon, echo store, MCP server, and hooks connect. The full mental model.
fewer tokens · faster loops

One call
instead of five.

pm.get_ticket() collapses ticket fetch, spec lookup, memory search, and governance check into one MCP call. All orchestration runs in Rust — not in your token budget.

Without Foundry
⏱ 0ms
4+ tool calls ~800 tokens
With Foundry
⏱ 0ms
1 tool call ~200 tokens 0 LLM calls from Foundry
~75%
fewer tokens per ticket lookup
estimated
4→1
tool calls collapsed
0
LLM calls from Foundry
pure Rust

Get started in minutes.

Install once. Works with every agent that supports MCP.

BASIC SETUP
$ npm install -g foundry-ai
# init in any repo
$ cd my-project && fnd init
# verify everything is wired
$ fnd doctor
That's it. Claude Code hooks register automatically. Start a session and your prompts are captured.
ADVANCED SETUP
# start the background daemon
$ fnd daemon start --detach
# connect PM (Jira or Asana)
$ fnd connect jira
# watch a GitHub repo for PRs
$ fnd connect github
Once connected, pm.get_ticket enriches every ticket with specs, memory, and a workflow hint — in one call.