BlueForge documentation
Create and ship production-ready applications with AI. BlueForge generates a complete blueprint — frontend, backend, database, auth — and deploys it. No setup. No DevOps.
Quick start
Get up and running with BlueForge in just a few minutes
Import project
Bring your existing project from Cursor, Replit, or VS Code
Key Features
| Feature | Description |
|---|---|
| Blueprint System | Visualize your entire app architecture before a single line of code. 5 layers: Screens, Features, Architecture, Workflows, DB/API. |
| Smart LLM Router | Claude, Gemini, GPT — automatically picks the best model for each task. |
| Multi-Agent AI | 20+ specialized agents (Frontend, Backend, Security, DevOps) collaborate on complex tasks. |
| Build Studio | AI coding workspace with Monaco Editor, integrated terminal, and real-time code generation. |
| Device Lab | Test across 30+ device viewports simultaneously — iPhone, Android, Desktop. |
| 9-Phase Dashboard | Plan, Design, Source, Infra, Build, Test, Docs, Deploy, Monitor. |
| Project Import | Auto-detect tech stack from Cursor, Replit, Lovable, VS Code projects. |
| One-Click Deploy | Cloudflare, Vercel, Railway — SSL and database provisioned automatically. |
Platforms
Desktop App
macOS (Apple Silicon & Intel), Windows. Full Electron IDE.
CLI
npm package for Linux/macOS/CI. One-shot, interactive, or HTTP mode.
Web App
Browser-based at blueforge.space. No download required.
Quickstart
Create your first project with BlueForge in under 2 minutes.
Sign In
Open BlueForge and sign in with Google. Your account includes free credits.
Create New Project
Click "New Project" on the Home screen. Enter a name and description.
Describe Your App
Tell BlueForge what you want to build in plain language: "Build a job board with Stripe payments."
Review the Blueprint
BlueForge generates screens, features, architecture, database schema. Review and approve.
Build
Go to Build Studio. The AI agent generates production-ready code in real-time.
Deploy
Click Deploy. Your app goes live with URL, SSL, and database — all provisioned automatically.
You can also import an existing project instead of starting from scratch. See Import existing project.
Installation
BlueForge is available as a desktop app (macOS/Windows), an npm CLI, and Docker image.
Desktop App
Download for the full IDE experience with integrated terminal, file browser, and live preview.
| Platform | Architecture | Format |
|---|---|---|
| macOS | Apple Silicon (M1–M4) | .dmg |
| macOS | Intel (x64) | .dmg |
| Windows | x64 | .exe |
Auto-updates are built in. Download from blueforge.space.
CLI (npm)
Requires Node.js 18+.
npm install -g blueforge-cli
Docker
# One-shot mode docker run --rm -v $(pwd):/workspace \ -e ANTHROPIC_API_KEY=sk-... \ blueforge-cli "Build a landing page" # HTTP server mode docker run -d -p 3202:3202 \ -v $(pwd):/workspace \ blueforge-cli --serve
System Requirements
| Requirement | Desktop | CLI |
|---|---|---|
| OS | macOS 12+ / Windows 10+ | Linux, macOS, Windows |
| Node.js | Bundled | 18+ |
| RAM | 4GB min | 2GB min |
Import existing project
Bring your existing project into BlueForge. Auto-detect your tech stack, scan for databases, and continue building with AI assistance.
No lock-in. Import does not modify your existing code. A single project.json is added. Git history is fully preserved.
Steps
Click "Import Project"
On the Home screen, click the Import card.
Select Folder
Pick any project directory on your machine.
Review Scan
BlueForge auto-detects framework, language, package manager, and database.
Choose DB Option
Keep your existing database or optionally switch to ForgeDB.
Start Building
A Blueprint is generated from your code. Use Build Studio for AI-assisted development.
Supported Stacks 40+
BlueForge auto-detects 13 ecosystems (incl. embedded firmware — PlatformIO & Arduino) and 40+ frameworks. Import any project and continue development with AI assistance.
Node.js / JavaScript / TypeScript
| Framework | Detection | Dev Server |
|---|---|---|
| Next.js | next in deps | npx next dev |
| Vite | vite in devDeps | npx vite dev |
| Nuxt | nuxt | npm run dev |
| Remix | @remix-run/react | npm run dev |
| SvelteKit | @sveltejs/kit | npm run dev |
| Angular | @angular/core | npm run dev |
| Astro | astro | npm run dev |
| Gatsby | gatsby | npm run dev |
| Expo / React Native | expo or react-native | npx expo start |
| Electron | electron | npm run dev |
| Express / Fastify / Hono / Koa / NestJS | In dependencies | npm run dev |
| CRA | react-scripts | npx react-scripts start |
Python
| Framework | Detection | Dev Server |
|---|---|---|
| Django | manage.py | python manage.py runserver |
| FastAPI | fastapi in requirements | uvicorn main:app --reload |
| Flask | flask in requirements | flask run --debug |
| Streamlit | streamlit in requirements | streamlit run app.py |
| Gradio | gradio in requirements | python app.py |
Package managers: pip, poetry, pipenv, uv, conda
Go
| Framework | Detection | Dev Server |
|---|---|---|
| Gin | gin-gonic/gin in go.mod | go run . |
| Echo | labstack/echo | |
| Fiber | gofiber/fiber | |
| Chi | go-chi/chi | |
| Standard net/http | go.mod exists |
Rust
| Framework | Detection | Dev Server |
|---|---|---|
| Actix Web | actix-web in Cargo.toml | cargo run |
| Axum | axum | |
| Rocket | rocket | |
| Tauri | tauri | |
| Leptos / Yew / Dioxus | In dependencies | |
| Bevy (Game) | bevy |
Java / Kotlin (JVM)
| Framework | Detection | Dev Server |
|---|---|---|
| Spring Boot | spring-boot in pom.xml / build.gradle | ./mvnw spring-boot:run |
| Quarkus | quarkus | ./mvnw quarkus:dev |
| Ktor | ktor | ./gradlew run |
| Micronaut | micronaut | ./gradlew run |
Dart / Flutter
| Framework | Detection | Dev Server |
|---|---|---|
| Flutter | pubspec.yaml with sdk: flutter | flutter run -d chrome |
| Pure Dart | pubspec.yaml | dart run |
PHP
| Framework | Detection | Dev Server |
|---|---|---|
| Laravel | laravel/framework in composer.json | php artisan serve |
| Symfony | symfony/framework-bundle | symfony server:start |
| WordPress | wp-config.php | php -S localhost:8000 |
Ruby
| Framework | Detection | Dev Server |
|---|---|---|
| Ruby on Rails | rails in Gemfile | bundle exec rails server |
| Sinatra | sinatra | ruby app.rb |
| Jekyll | _config.yml + _posts/ | bundle exec jekyll serve |
C# / .NET
| Framework | Detection | Dev Server |
|---|---|---|
| ASP.NET | .csproj with Microsoft.NET.Sdk.Web | dotnet run |
| Blazor | Microsoft.AspNetCore.Components | |
| .NET MAUI | Microsoft.Maui |
Deno
| Framework | Detection | Dev Server |
|---|---|---|
| Fresh | fresh in imports | deno task dev |
| Oak | oak in imports | deno task dev |
Static Sites & Docker
| Type | Detection | Dev Server |
|---|---|---|
| Hugo | hugo.toml | hugo server -D |
| Plain HTML | index.html (no package.json) | npx serve . |
| Docker | docker-compose.yml | docker compose up |
Embedded / Firmware New
| Toolchain | Detection | Build |
|---|---|---|
| PlatformIO | platformio.ini | pio run |
| Arduino | *.ino sketch | arduino-cli compile |
Embedded projects compile to firmware — there's no dev server or browser preview. BlueForge auto-detects the toolchain, compiles, and parses gcc/PlatformIO compiler errors (file:line:col) so the AI can self-fix. Flash with pio run -t upload / arduino-cli upload when a board is connected. ESP32 & Arduino first. Requires pio / arduino-cli installed locally.
Database & BaaS Detection
| Provider | Detection | ForgeDB Convert |
|---|---|---|
| Supabase | @supabase/supabase-js | Supported |
| Firebase | firebase | Detect only |
| Prisma | @prisma/client | Detect only |
| Drizzle | drizzle-orm | Detect only |
| MongoDB | mongoose / mongodb / pymongo | Detect only |
| PlanetScale | @planetscale/database | Detect only |
| Neon | @neondatabase/serverless | Detect only |
| Convex | convex | Detect only |
| Turso / libSQL | @libsql/client | Detect only |
| Upstash Redis | @upstash/redis | Detect only |
| SQLAlchemy (Python) | sqlalchemy | Detect only |
| PostgreSQL (Go) | pgx / lib/pq | Detect only |
| Diesel / SQLx (Rust) | diesel / sqlx | Detect only |
| JPA / Hibernate (Java) | spring-data-jpa | Detect only |
| ActiveRecord (Ruby) | activerecord | Detect only |
| Eloquent (PHP) | Laravel artisan | Detect only |
| Clerk (Auth) | @clerk/nextjs | Detect only |
| Auth.js | next-auth / @auth/core | Detect only |
All original files are backed up to .blueforge-backup/ for easy rollback.
Home
Your project hub. Create, import, and manage all projects from here.
Project Cards
Each project is a card with name, description, tech stack, and last modified date. Click to open.
Sidebar Navigation
- Home — Project list
- Settings — API keys, preferences
- MCP Servers — Manage MCP connections
- Commands — Slash command management
- Agent Skills — Passive behavioral skills
- Extensions — Marketplace
Discovery
The Discovery wizard guides you through defining your project. Describe what you want, and BlueForge generates a complete architecture blueprint.
Project Basics
Enter project name and description in natural language.
AI Analysis
BlueForge generates follow-up questions to clarify requirements.
Blueprint Generation
A complete blueprint is generated: screens, features, architecture, workflows, DB schema.
Review & Approve
Edit any layer in the Blueprint Workspace before proceeding.
Blueprint
A visual representation of your entire app architecture, organized into 5 layers.
5-Layer Structure
| Layer | Code | Description |
|---|---|---|
| Screens | S | All UI screens with layout and component specs. |
| Features | F | Feature modules with user stories. |
| Architecture | A | System architecture and tech stack. |
| Processes | P | Workflows and business logic. |
| DB / API | D | Database schema and API endpoints. |
Implementation Tiers
| Tier | Phase | Description |
|---|---|---|
| T1 | Foundation | Core layout, navigation, auth. |
| T2 | Core | Primary screens and CRUD. |
| T3 | Advanced | Search, notifications, integrations. |
| T4 | Polish | Animations, dark mode, SEO. |
Project Dashboard
A 9-phase lifecycle view from planning to production monitoring.
Layout
Header shows project name and progress gauge. The Phase Timeline displays 9 circular stages below.
Phases
| # | Phase | Purpose |
|---|---|---|
| 1 | Plan | Discovery data summary, radar chart |
| 2 | Design | Theme, color palette, typography |
| 3 | Source Control | GitHub integration |
| 4 | Infrastructure | Backend, hosting, database selection |
| 5 | Build | Task generation, Build Studio access |
| 6 | Test | Test strategy configuration |
| 7 | Docs | Documentation scope selection |
| 8 | Deploy | Domain provider, CDN |
| 9 | Monitor | Monitoring and analytics tools |
Data Persistence
All settings are auto-saved to project.json. Tokens are stored in OS secure keychain.
Phase 1 — Plan
Summarizes project requirements from Discovery.
Radar Chart
Displays 5 axes — Screens, Features, Architecture, Processes, DB/API — showing project scope. This phase is read-only. Edit the Blueprint directly.
Phase 2 — Design
Configure your project's visual design system.
Design Theme
8 AI-recommended themes. Click a card to apply. "Browse All" for the full preset library.
Color Palette
6 colors: Primary, Secondary, Accent, Background, Surface, Text.
Live Preview
Preview in Login, Landing, and Dashboard layouts.
Typography
Heading, Body, and Mono fonts from Google Fonts with live preview.
Theme & Shape
Mode (Light/Dark/System) and Radius (None/Small/Medium/Large).
Phase 3 — Source Control
Connect GitHub for version control.
Generate PAT
Create a Personal Access Token at github.com/settings/tokens with repo scope.
Connect
Paste and click "Connect". Green check confirms success.
Configure
Repository name, visibility (Public/Private), branch strategy (main-only/git-flow).
Token is encrypted in OS secure keychain, never stored in plain text.
Phase 4 — Infrastructure
Choose backend, hosting, and database stack.
Recommended Combos
7 pre-configured stacks (ForgeDB Native, Vercel+Supabase, AWS Full Stack). Each shows price tier.
Custom Stack
| Layer | Options |
|---|---|
| Backend | ForgeDB API, Supabase, Firebase, Custom Express |
| Frontend | Cloudflare Pages, Vercel, Netlify, AWS Amplify |
| Database | ForgeDB Postgres, Supabase Postgres, PlanetScale |
Phase 5 — Build
Code generation, task management, and quality verification.
Generate Tasks
AI analyzes your blueprint and generates development tasks by tier.
Build History
Recent 5 builds with success/failure, task count, errors, and deploy status.
Quality Gate
Automatic lint, type checking, and build verification.
Phase 6 — Test
Configure and run tests across multiple categories.
Test Types
Toggle: Unit, Integration, E2E, Component, A/B, Load, Security.
Modes
- Auto — Detects Jest/Vitest and runs automatically.
- Manual — Record Pass/Fail/Skip manually.
AI Test Generation
"Generate Tests" creates test items per category from code analysis.
Phase 7 — Docs
Select documentation types to generate.
Toggle: README, API Docs, Storybook, ADR, User Guide, Changelog. Generated after first deployment.
Phase 8 — Deploy
Configure deployment infrastructure.
Domain Provider
Cloudflare, Namecheap, GoDaddy, Route53, or None.
CDN
Cloudflare, Vercel Edge, AWS CloudFront, or None.
Phase 9 — Monitor
Monitoring and analytics setup.
Monitoring
Sentry, Datadog, or None.
Analytics
Google Analytics 4, PostHog, Mixpanel, or None.
Build Studio
AI-powered coding workspace. The agent reads your blueprint and generates production-ready code in real-time.
Interface
- Chat Panel — Communicate with the AI agent
- Code Editor — Monaco Editor with syntax highlighting
- File Explorer — Browse project files
- Terminal — Integrated xterm.js
- Preview — Live preview of your running app
AI Agent Workflow
Understand
Reads project context, blueprint, existing code.
Plan
Generates step-by-step implementation plan.
Implement
Writes code, creates files, installs dependencies.
Verify
Runs app, checks errors, fixes issues.
Commit
Stages and commits with descriptive messages.
LLM Selection
| Provider | Models |
|---|---|
| Anthropic | Claude Sonnet, Opus, Haiku |
| Gemini 2.5 Pro, Flash | |
| OpenAI | GPT-4o, o1, o3 |
| DeepSeek | V3, R1 |
| xAI | Grok |
Device Lab
Test across multiple devices simultaneously. Compare iOS, Android, and desktop viewports in real-time.
Supported Devices
iOS
iPhone SE, 14/14 Pro, 15/15 Pro, 16/16 Pro and Plus/Max variants.
Android
Pixel 7–9 Pro, Galaxy S23–S25 Ultra, Z Flip/Fold 6, Galaxy A54, OnePlus 12.
Web
Desktop 1920x1080, 1440x900, 1280x720, iPad, iPad Pro 12.9", Galaxy Tab S9.
Usage
Enter URL
Type your app URL and click "Apply All".
Select Devices
Pick from sidebar, filter by platform.
Multi-Slot Compare
Up to 4 slots side by side.
Rotate & Zoom
Toggle portrait/landscape, zoom, show/hide frames.
Settings
Configure API keys, LLM preferences, and account settings.
API Keys (BYOK)
ANTHROPIC_API_KEYClaude modelsGEMINI_API_KEYGoogle GeminiOPENAI_API_KEYGPT-4o, o1, o3DEEPSEEK_API_KEYDeepSeek modelsKey Priority
1. Explicit selection (manual model picker) 2. Environment vars (ANTHROPIC_API_KEY, etc.) 3. App settings (Settings page BYOK) 4. BlueForge credits (default fallback)
Local AI Models
Run AI tasks on your own machine using Google Gemma 4 via Ollama. Zero cloud costs, full privacy, no internet required.
Paid Tier Feature. Local AI routing is available on Starter, Pro, and Max plans. Free tier users can still download and test models, but routing to local models requires an active paid subscription.
Setup
Install Ollama
Download from ollama.com or click "Install Ollama" in Settings > LLM Models > Local AI Models. BlueForge auto-detects if Ollama is already installed.
Auto-Scan
When you open Settings, BlueForge automatically scans your system: detects Ollama status, starts it if needed, discovers downloaded models, and runs health diagnostics.
Download a Model
Choose from the Gemma 4 catalog and click Download. Progress is shown in real-time. Start with E2B (2GB) for basic tasks.
Configure Task Routing
In the Local AI Task Routing table, choose which tasks run locally vs cloud. Use presets (Cost Saver / Balanced / Quality First) or configure individually.
Model Catalog
Google Gemma 4 models, optimized for code generation and analysis.
| Model | Params | RAM | Context | Best For |
|---|---|---|---|---|
| Gemma 4 E2B | 2B | 2 GB | 128K | Chat, summaries, terminal commands |
| Gemma 4 E4B | 4B | 3 GB | 128K | Data analysis, web search, vision |
| Gemma 4 26B MoE | 26B (3.8B active) | 16 GB | 256K | Code implementation, debugging |
| Gemma 4 31B | 31B | 20 GB | 256K | Architecture, full system refactoring |
Smart Downgrade. If a task requires a 26B model but only E4B is downloaded, BlueForge automatically selects the best available model. If no suitable model exists, the task falls back to cloud.
Task Routing
Choose which AI tasks run on your local machine vs cloud APIs. Tasks are grouped into 9 categories. BlueForge auto-detects your downloaded models and optimizes routing automatically — if you have 26B+ models, Code and Review tasks route locally too.
| Group | Tasks | Default (with all models) |
|---|---|---|
| General | Chat, Document Summary, Terminal, Docs, Walkthrough | Local |
| Code | Implementation, UI, Translation, API, Tests | Local (26B+ required) |
| Review & Debug | Code Review, Bug Analysis, Debugging, Performance | Local (26B+ required) |
| Planning | Implementation Plan, Architecture Design | Local (31B required) |
| Data & Search | Web Search, Data Analysis | Local (E4B+ required) |
| Database | Database Migration | Local (31B required) |
| Image & Vision | Vision Analysis, Image Gen, Image Edit | Cloud (locked) |
| Critical | Full Refactor, Production Incident, Multi-Service | Cloud (locked) |
| Security | Security Audit | Cloud (locked) |
Cloud-Locked Tasks
These tasks always run on cloud and cannot be routed to local models:
- Image & Vision — No local image generation models are available
- Critical — Full system refactoring and production incidents require premium reasoning capabilities
- Security — Security audits require the highest-quality models for accurate vulnerability detection
Presets
| Preset | Behavior |
|---|---|
| Cost Saver | Routes as many tasks as possible to local models. Best when you have 26B+ downloaded. |
| Balanced | Low-complexity tasks (chat, docs, terminal) local; everything else cloud. Default. |
| Quality First | All tasks use cloud APIs. Local models not used. Maximum quality. |
Credits & Pricing
Local model usage is always free — no credits are deducted. This applies regardless of which model you use (E2B through 31B). Only cloud-routed tasks consume credits.
Local (Gemma 4 E2B/E4B/26B/31B) FREE # 0 credits Cloud (Gemini 2.0 Flash) 10 # credits per call Cloud (Claude Sonnet 4) 20 # credits per call Cloud (GPT-4o) 20 # credits per call
System Requirements
| Model | Min RAM | Recommended | Apple Silicon |
|---|---|---|---|
| E2B | 4 GB | 8 GB | M1 or later |
| E4B | 6 GB | 8 GB | M1 or later |
| 26B MoE | 16 GB | 32 GB | M2 Pro or later |
| 31B Dense | 20 GB | 64 GB | M2 Max or later |
Fallback Safety. If Ollama goes offline mid-request, BlueForge automatically falls back to gemini-2.0-flash so your work is never interrupted.
AI Memory
A 3-tier memory system that prevents the AI from forgetting context — Short-term · Project State · Long-term Semantic Memory.
Since v0.7.27, the AI no longer keeps re-asking for GitHub tokens, deploy targets, or account info that you already shared. v0.7.28 adds opt-in semantic long-term memory for Pro+ users.
3-Tier Memory Architecture
| Tier | Scope | Audience | Storage | Cost |
|---|---|---|---|---|
| Tier A — Short-term | Last 20 messages, full text (user 3000ch / AI 5000ch) | All users (incl. Free) | In-memory | ~5-15K tokens / call |
| Tier B — Project State + Spine | GitHub repo, deploy target, active model + Context Spine decision summary | All users (incl. Free) | {projectDir}/.blueforge/spine.json |
~750 tokens / call |
| Tier C — Long-term Semantic PRO+ | Auto-retrieves top-5 semantically similar past messages | Pro / Max plan + toggle ON | {projectDir}/.blueforge/long-term-memory.json |
Reuses your BYOK Gemini embedding key (~$0.04 / 1000 messages) |
Tier A — Short-term Memory
Every LLM call now carries the last 20 messages as full text in the system prompt. Before v0.7.26 only 3 messages were sent, so anything older than message 4 was instantly forgotten.
- User messages: up to 3000 characters (long GitHub PATs or deploy configs pasted at once are not truncated)
- AI responses: up to 5000 characters
- Short follow-ups like "continue": window expands to last 30 messages
Applied automatically for all users. No setup required.
Tier B — Project State Header + Context Spine
Two blocks are automatically prepended to the system prompt on every LLM call.
Project State Header (~150 tokens)
## Project State (current configuration — do not re-ask) - GitHub: jays-visionAI/blueforge - Deploy target: vercel - Active model: claude-sonnet-4-6 (anthropic)
Context Spine Summary (~600 token budget)
An auto-summarised view of decisions, completed work, and recent agent activity from previous sessions. Spine read was disabled in v0.7.18 and revived in v0.7.27.
Tier C — Long-term Semantic Memory PRO+
Pro / Max plan only. The toggle is disabled for Free and Starter users.
How to activate
Open Settings → Approval Settings
Find the "Long-term Memory" section (PRO+ badge)
If you are on the Pro or Max plan the toggle is enabled. Click to turn it on.
Confirm a Gemini API key is registered
Embeddings reuse your existing BYOK Gemini key. No new key needed.
How it works
- Each message you send → embedded with Gemini embedding-001 (768-dim) → stored in a local JSON file
- Each new message → embedded → cosine-similarity scored against every past entry → top-5 picked (similarity ≥ 0.55)
- Those 5 snippets are auto-injected into the system prompt under
## Relevant Past Context (semantic recall — Pro+) - The AI can then accurately quote details from messages 50+ turns ago
Storage & Cost
| Item | Detail |
|---|---|
| Storage location | {projectDir}/.blueforge/long-term-memory.json (local file) |
| Format | JSON: { version: 1, entries: [{ id, role, text, embedding[], createdAt }] } |
| Approximate size | ~6 KB per message. 1,000 messages ≈ 6 MB |
| Max entries | 5,000 per project (oldest entries auto-pruned) |
| Embedding cost | Gemini embedding-001 — $0.025 / 1M tokens (≈ $0.04 per 1,000 messages on your BYOK key) |
| External SaaS | None — no vector DB, no extra signup |
Privacy
- Embedding requests go directly from your machine to Google using your registered Gemini API key (never via Blueforge servers)
- Both vectors and original text live only on your local disk
- Backing up the project folder backs up memory too (
.blueforge/is included) - Deleting the project automatically deletes its memory
Disable / Reset
- Toggle OFF in Settings → new messages stop being embedded (existing data is preserved)
- Full wipe → delete
{projectDir}/.blueforge/long-term-memory.json
FAQ
CLI Reference
Run BlueForge AI agent from the terminal — Linux, macOS, CI/CD, Docker. No GUI required.
Installation
npm install -g blueforge-cliThree Modes
One-shot Default
Pass a prompt. Executes and exits. Perfect for CI/CD.
Interactive TUI
Rich TUI with streaming, tool approval, history.
HTTP Server API
REST + SSE + web dashboard. Control remotely.
One-shot
blueforge "Add a login page with email/password" blueforge -m claude-sonnet-4-20250514 "Refactor auth.ts" blueforge -p gemini "Generate unit tests for src/utils/"
Interactive
blueforge # Start interactive session blueforge -p anthropic # With specific provider
HTTP Server
blueforge --serve
blueforge --serve --port 8080 --api-key my-secret-keyAPI Endpoints
| Method | Path | Description |
|---|---|---|
| GET | /health | Health check |
| POST | /api/agent/run | Execute prompt (SSE) |
| POST | /api/agent/approve | Approve tool call |
| GET | /api/project/files | List project files |
| GET | /api/project/file?path= | Read file |
| GET | /api/screenshot | Browser screenshot |
Environment Variables
ANTHROPIC_API_KEYClaude modelsGEMINI_API_KEYGoogle GeminiOPENAI_API_KEYGPT-4o, o1, o3BLUEFORGE_API_KEYHTTP server authMCP Server
Connect your AI agents to BlueForge via Model Context Protocol. Access file operations, terminal, git, and project context.
Architecture
Your Agent (LLM) | MCP Client (BlueforgeConnector) | MCP Protocol (stdio / SSE) BlueForge MCP Server +-- file_read / file_write / file_edit +-- file_delete / file_list / file_search +-- terminal_exec / npm_install +-- git_status / git_diff / git_commit +-- project_info
Setup
{
"mcpServers": {
"blueforge": {
"command": "node",
"args": ["dist/index.js"],
"env": {
"BLUEFORGE_PROJECT_DIR": "/path/to/project"
}
}
}
}Available Tools
Security
| Protection | Description |
|---|---|
| Path Sandboxing | All paths resolved relative to project dir. Traversal blocked. |
| Command Scope | Shell commands in project directory only. |
| Timeout | Terminal commands max 120s. |
| Output Buffer | stdout capped at 5MB. |
CredentialVault (API Key Encryption)
MCP server API keys are encrypted at rest using OS-level keychain via Electron safeStorage. Keys are never stored as plaintext in config files.
| Item | Detail |
|---|---|
| Encryption | Electron safeStorage (macOS Keychain / Windows DPAPI / Linux libsecret) |
| Config File | mcp-servers.json stores __vault__ markers only — no actual key values |
| Decryption | Only at connect() time — injected into process.env for child process, then discarded |
| Deletion | Keys are purged from Keychain when MCP server is uninstalled |
[Install] User API Key -> CredentialVault.store() -> OS Keychain (encrypted) -> mcp-servers.json: { "API_KEY": "__vault__" } [Connect] mcp:connect -> retrieveCredentials() -> OS Keychain decrypt -> process.env injection -> child_process.spawn() -> MCP handshake -> connected [Uninstall] mcp:remove -> removeCredentials() -> OS Keychain purge
Existing MCP servers with plaintext env values continue to work. The vault system is backward compatible — only __vault__ markers trigger keychain lookups.
.bfx Bundle Format
Blueforge Extension (.bfx) is a self-contained bundle format for MCP servers. It eliminates npx dependencies and enables offline, one-click installation.
| Feature | npx | .bfx |
|---|---|---|
| Network | Required every time | Offline capable |
| Version | latest (unstable) | Pinned in bundle |
| Startup | Package download wait | Instant |
| Dependencies | Global npm conflicts possible | Isolated node_modules |
| Security | Supply-chain attack surface | Snapshot frozen |
manifest.json
{
"name": "my-mcp-server",
"version": "1.0.0",
"description": "Server description",
"transport": "stdio",
"command": "node",
"entrypoint": "index.js",
"env_keys": ["API_KEY"],
"category": "Development"
}Installation
Import
Click "Import .bfx" in the MCP Servers page header and select a .bfx file.
Extract
BlueForge extracts the bundle to userData/mcp-extensions/{bundle-id}/.
Register
The server is auto-registered with the MCP client using manifest metadata.
Connect
Enter required API keys (stored in Vault), then toggle the connection.
Multi-Agent System
20+ specialized AI agents collaborate on complex tasks. An intelligent router selects the best agent for each request.
Master Agents
| Agent | Role |
|---|---|
| Orchestrator | Coordinates multiple agents for complex tasks. |
| Project Planner | 4-phase: Analyze, Plan, Design, Implement. |
Domain Specialists
| Agent | Role |
|---|---|
| Frontend Specialist | Web UI/UX, React, Next.js, CSS. |
| Backend Specialist | API design, server architecture. |
| Mobile Developer | iOS, Android, React Native, Flutter. |
| Database Architect | Schema design, indexing, ORM. |
| Game Developer | 2D/3D, Canvas/WebGL. |
Quality & Security
| Agent | Role |
|---|---|
| Debugger | Systematic 4-phase debugging. |
| Security Auditor | OWASP, vulnerability scanning. |
| Test Engineer | Testing patterns, TDD. |
| Performance Optimizer | Core Web Vitals, profiling. |
| DevOps Engineer | CI/CD, deployment. |
Routing
| Request | Agent |
|---|---|
| "Build a dashboard" | Frontend + Backend |
| "Fix login error" | Debugger |
| "Audit this API" | Security Auditor |
| "Deploy to production" | DevOps |
| "Build a full SaaS" | Orchestrator |
Commands & Agent Skills
BlueForge provides two complementary systems for extending AI behavior: Commands (active, slash-invoked) and Agent Skills (passive, auto-injected).
Commands (Active)
Slash commands like /plan, /debug. Invoke explicitly to trigger specific workflows.
Agent Skills (Passive)
SKILL.md files from .agent/skills/. Auto-injected into every AI call as behavioral instructions.
Commands
Commands are slash-triggered workflows you invoke in the chat with /command-name. They provide specialized behavior for common tasks.
How to use
Open Chat
In Build Studio or any project view, open the chat panel.
Type slash
Type / to see autocomplete suggestions for all available commands.
Select & send
Pick a command and add your prompt. The AI applies the command's specialized behavior to your request.
Built-in Command Categories
| Category | Commands |
|---|---|
| Planning | /plan, /brainstorm, /create |
| Development | /enhance, /debug, /test |
| DevOps | /deploy, /preview |
| Workflow | /orchestrate, /status, /ui-ux-pro-max |
Managing Commands
Navigate to Commands in the sidebar to browse, enable, or disable commands. Commands are project-independent and available across all projects.
Agent Skills
Agent Skills are passive behavioral instructions housed in .agent/skills/ directories within your project. They are automatically injected into the AI system prompt for every LLM call, shaping how the AI writes code, reviews, and responds.
Claude Code compatible. Agent Skills use the same SKILL.md format as Claude Code's skill system. You can copy skills directly from any Claude Code project.
Directory structure
my-project/
.agent/
skills/
clean-code/
SKILL.md // Main instruction file
testing-patterns/
SKILL.md
scripts/
test_runner.py // Optional helper scripts
frontend-design/
SKILL.md
examples/
card-component.tsx // Reference implementationsSKILL.md format
Each SKILL.md file has YAML frontmatter followed by markdown instructions.
--- name: Clean Code Standards description: Pragmatic coding standards for concise, readable code trigger: always_on --- # Instructions body (markdown) All code must follow these rules: - Use meaningful variable names - Keep functions under 30 lines - No unnecessary comments - Self-documenting code preferred ...
Frontmatter fields
| Field | Required | Description |
|---|---|---|
name | Yes | Display name for the skill |
description | No | Brief description shown in the UI |
trigger | No | always_on (default) — injected on every call |
skills | No | Comma-separated list of dependent skills |
How it works
Scan
BlueForge scans .agent/skills/ (or .blueforge/skills/) when a project is opened.
Parse
Each SKILL.md is parsed for frontmatter metadata and instruction body.
Inject
Enabled skills with trigger: always_on are injected into the system prompt as Layer 14.
Apply
The AI follows these behavioral instructions for every code generation, review, and response.
Managing Agent Skills
Navigate to Agent Skills in the sidebar to view all detected skills, toggle them on/off, and see estimated token usage per skill.
| Action | How |
|---|---|
| Enable/Disable | Toggle switch on each skill card |
| Preview | Click "Preview Instructions" to see parsed content |
| Rescan | Click "Rescan" after adding new SKILL.md files |
| Token budget | Monitor total token estimate in the stats bar |
Built-in Skill Categories
BlueForge's .agent/skills/ directory includes 30+ pre-built skills:
| Category | Skills |
|---|---|
| Frontend | frontend-design, react-best-practices, tailwind-patterns, web-design-guidelines |
| Backend | api-patterns, database-design, nodejs-best-practices, python-patterns, rust-pro |
| Mobile | mobile-design |
| Security | vulnerability-scanner, red-team-tactics |
| Testing | testing-patterns, tdd-workflow, webapp-testing |
| DevOps | deployment-procedures, server-management |
| SEO | seo-fundamentals, geo-fundamentals |
| Quality | clean-code, code-review-checklist, performance-profiling |
Commands vs Agent Skills
| Commands | Agent Skills | |
|---|---|---|
| Activation | Manual — /slash-command | Automatic — always active |
| Scope | Global (all projects) | Per-project (.agent/skills/) |
| Injection | Only when invoked | Every LLM call (Layer 14) |
| Format | Built-in catalog | SKILL.md files |
| Use case | Specific workflows (debug, deploy, plan) | Coding standards, design rules, best practices |
| Compatibility | BlueForge-specific | Claude Code compatible |
Extensions
Access the Extension Marketplace from the sidebar to browse, install, and manage extensions that add new capabilities to BlueForge.
Custom AI Rules
Control how the AI behaves across all your projects or for a specific project. BlueForge provides two rule layers: BlueforgeRule (global system rules via Settings) that always apply as a baseline, and ProjectRule.md (per-project file) that adds project-specific overrides. Both layers are active simultaneously.
Two-Tier Rule System
BlueForge uses a two-tier rule system. BlueforgeRule provides a global baseline for all projects, while ProjectRule.md lets you customize behavior for a specific project.
BlueforgeRule Settings
Global system rules. Apply to all projects as a baseline. Set once in Settings > General. Always active.
ProjectRule.md File
Project-specific rules. Apply to one project only. Place a ProjectRule.md file in the project root. Takes precedence over BlueforgeRule on conflict.
BlueforgeRule (Settings)
BlueforgeRule defines global system rules that apply across all projects. Managed directly in the Settings UI. Perfect for personal coding standards, naming conventions, and universal preferences.
Open Settings
Navigate to Settings > General tab.
Find BlueforgeRule
Scroll down to the BlueforgeRule section. You'll see a text editor.
Write your rules
Write rules in plain markdown. The AI will follow them for every project.
Save
Click Save Rules. Changes apply to the next AI request automatically.
| Property | Value |
|---|---|
| Priority | Layer 1 — Always active as global baseline |
| Max size | 12,000 characters (auto-truncated if exceeded) |
| Storage | Local to your machine (persists across app restarts) |
| Scope | All projects (applied alongside ProjectRule.md if both exist) |
ProjectRule.md (Per-Project)
For project-specific rules, create a ProjectRule.md file in the project root directory. When this file exists, it is applied alongside BlueforgeRule. On any conflict, ProjectRule.md takes precedence.
Create the file
Create a file named ProjectRule.md in your project root directory.
Write your rules
Add project-specific rules in plain markdown.
Start coding
BlueForge automatically detects and loads the file on every AI request.
| Property | Value |
|---|---|
| Priority | Layer 0 — Highest (overrides BlueforgeRule on conflict) |
| Max size | 16,000 characters (auto-truncated if exceeded) |
| Location | Project root directory |
| Scope | Current project only |
Directory Structure
my-project/ ProjectRule.md // Project-specific AI rules (overrides BlueforgeRule on conflict) .agent/ skills/ // Agent Skills (Layer 14) src/ package.json
Example: BlueforgeRule (Settings)
# My Global Coding Rules ## Code Style - Use TypeScript strict mode for all files - Prefer functional components with hooks - Use Zustand for state management, no Redux ## Naming Conventions - Components: PascalCase (UserCard.tsx) - Hooks: camelCase with use prefix (useAuth.ts) - Constants: SCREAMING_SNAKE_CASE ## Forbidden - No `any` type usage - No console.log in production code - No hardcoded API URLs (use env variables)
Example: ProjectRule.md
# E-Commerce Project Rules ## Tech Stack - Next.js 15 with App Router - Supabase for database and auth - Tailwind CSS v4 for styling ## Architecture - Feature-based folder structure: src/features/{name}/ - All API calls must go through src/services/ - Use Row Level Security (RLS) on all tables ## API Design - RESTful endpoints under /api/v1/ - Always return { data, error, meta } response shape ## Deployment - Target: Vercel - Preview deployments on every PR
How Priority Works
Both BlueforgeRule and ProjectRule.md are always injected into the AI's context simultaneously. When rules from different layers conflict, the higher-priority layer wins:
| Priority | Source | Behavior |
|---|---|---|
| 1 (Highest) | ProjectRule.md | Always active when file exists. Wins on conflict with BlueforgeRule. |
| 2 | Settings > BlueforgeRule | Always active as global baseline. Applied alongside ProjectRule. |
| 3 | Agent Skills (.agent/skills/) | Always active alongside rules |
| 4 | Built-in agent behavior | Always active as default |
Merge, not replace. Both rule layers are always active. BlueforgeRule provides your global baseline, and ProjectRule.md adds or overrides project-specific behavior. Non-conflicting rules from both layers apply together.
Comparison with Other Tools
| Tool | Global Rules | Project Rules |
|---|---|---|
| BlueForge | Settings > BlueforgeRule | ProjectRule.md |
| Cursor | Settings > Rules for AI | .cursorrules |
| Gemini Code Assist | — | GEMINI.md |
| Claude Code | ~/.claude/CLAUDE.md | CLAUDE.md |
| Windsurf | Settings > Global Rules | .windsurfrules |
Portable. If you're migrating from Cursor, you can copy the contents of .cursorrules directly into ProjectRule.md. The markdown format is compatible.
Token budget. BlueforgeRule is truncated at 12,000 characters, ProjectRule.md at 16,000 characters. Keep your rules concise for best results.
Integrations & Workflows
BlueForge's Platform Workflow Engine (PWE) provides pre-built browser automation workflows for 56+ platforms across 14 categories. The AI Agent uses these workflows to navigate external services, extract credentials, and configure integrations automatically.
Workflow Studio. Admins can manage, customize, and create new workflows via the Workflow Studio in the Admin Console. Workflows support OTA updates without app releases.
Overview
| Metric | Value |
|---|---|
| Total Platforms | 56 |
| Total Workflows | 82 |
| Categories | 14 (Payment, Auth, BaaS, Hosting, AI, Email, SMS, Messaging, Maps, Database, Storage, DNS, SEO, CDN) |
| Regions | Global, Korea, Japan, Thailand, Southeast Asia, Philippines, Vietnam |
| Version | 2026-Q2-v4 |
Global Services
BaaS & Database
| Platform | Workflows | Category |
|---|---|---|
| Supabase | Create Project, Get API Keys, Storage Bucket, Enable Auth | BaaS |
| Firebase | Create Project, Web Config, Firestore, Auth | BaaS |
| ForgeDB | Create Project, Get Connection, Enable Realtime, Auth | BaaS |
| Neon | Create Database | Database |
Auth
| Platform | Workflows |
|---|---|
| Clerk | Setup Project (publishable + secret keys) |
AI
| Platform | Workflows | Env Variable |
|---|---|---|
| OpenAI | Get API Key | OPENAI_API_KEY |
| Anthropic | Get API Key | ANTHROPIC_API_KEY |
| Gemini API | Get API Key | GEMINI_API_KEY |
Hosting & Compute
| Platform | Workflows |
|---|---|
| Vercel | New Project, Connect Git, Environment Variables |
| Netlify | New Site, Deploy, Environment Variables |
| Cloudflare | Create Pages, Workers |
| GitHub Pages | Enable Pages, Custom Domain |
AWS (8 Services)
| Service | Workflows | Category |
|---|---|---|
| S3 | Create Bucket | Storage |
| EC2 | Launch Instance | Compute |
| Lambda | Create Function, Add API Gateway Trigger | Compute |
| RDS | Create Database (PostgreSQL/MySQL) | Database |
| CloudFront | Create Distribution | CDN |
| DynamoDB | Create Table | Database |
| SES | Verify Email Identity | |
| Route 53 | Create Hosted Zone, DNS Records | DNS |
Payment
| Platform | Workflows |
|---|---|
| Stripe | Get API Keys, Create Product, Create Webhook |
Email & SMS
| Platform | Workflows |
|---|---|
| Resend | Setup & Get API Key |
| SendGrid | Get API Key |
| Twilio | Get Account Credentials (SID + Auth Token + Phone) |
Messaging
| Platform | Workflows |
|---|---|
| Slack | Create Incoming Webhook |
| Discord | Create Bot & Webhook |
Maps & SEO
| Platform | Workflows |
|---|---|
| Google Maps | Get API Key |
| Google Search Console | Add Property, Submit Sitemap |
| Google Analytics 4 | Get Measurement ID, Setup Data Stream |
DNS & SCM
| Platform | Workflows |
|---|---|
| GitHub | Create Repo, PAT Setup, Deploy Key |
| Spaceship | Configure DNS |
| Namecheap | Configure DNS |
| GoDaddy | Configure DNS |
| Google Cloud | Create Project, Enable APIs |
| Apple Developer | Register App ID, Signing Certificate |
Korea
| Platform | Workflows | Category |
|---|---|---|
| Toss Payments | Get API Keys, Setup Webhook | Payment |
| Kakao Pay | Setup & Get CID | Payment |
| Naver Pay | Setup & Get Client ID | Payment |
| Kakao Login | Setup OAuth | Auth |
| Naver Login | Setup OAuth | Auth |
| Kakao Maps | Get JavaScript Key | Maps |
| Solapi | Get API Key | SMS |
Japan
| Platform | Workflows | Category |
|---|---|---|
| PayPay | Get API Credentials | Payment |
| LINE Pay | Get Channel Credentials | Payment |
| LINE Login | Setup OAuth | Auth |
| LINE Bot | Create Messaging API | Messaging |
Southeast Asia
| Platform | Workflows | Region |
|---|---|---|
| PromptPay | Generate QR Code | Thailand |
| SCB Open API | Get API Credentials | Thailand |
| GrabPay | Get API Credentials | SEA (6 countries) |
| iPay88 | Get Merchant Credentials | Malaysia |
| GCash | Get API Credentials | Philippines |
| Maya | Get API Credentials | Philippines |
| DragonPay | Get Merchant Credentials | Philippines |
| MoMo | Get Partner Credentials | Vietnam |
| VNPay | Get Merchant Credentials | Vietnam |
| ZaloPay | Get App Credentials | Vietnam |
Security Model
Workflows enforce a human-in-the-loop security model. Each step has an agentCanDo flag:
| Flag | Behavior | Example |
|---|---|---|
agentCanDo: true | Agent executes automatically via browser automation | Navigate to URL, click buttons, fill forms |
agentCanDo: false | Agent pauses and instructs the user to complete manually | Copy API secrets, confirm billing, reveal tokens |
Sensitive Operations. Secret keys, API tokens, and billing-related actions are never automated. The agent will always ask the user to complete these steps manually.
3-Layer Merge Strategy
Workflows are resolved in a 3-layer priority system:
| Layer | Source | Priority |
|---|---|---|
| Bundled | Built into the app binary | Lowest (base) |
| OTA | Downloaded from ForgeDB server | Medium (overrides bundled) |
| Custom | Created by admin in Workflow Studio | Highest (overrides all) |