Ecosystem
Stackbilder is built on multiple complementary tools that enforce governance across the full development lifecycle.
The Pieces
| Tool | License | Role |
|---|---|---|
Charter (@stackbilt/cli) — CLI Reference |
Apache-2.0 (open source) | Local + CI governance runtime with ADF context compiler |
AEGIS Core (@stackbilt/aegis-core) |
Apache-2.0 (open source) | Persistent AI agent framework — multi-tier memory, autonomous goals, dreaming cycles, MCP native |
evidence-core (@stackbilt/evidence-core) |
Apache-2.0 (open source) | E-E-A-T gap detection and scoring library. Three policy presets (Google Nov 2024 default). Usable standalone. |
audit-chain (@stackbilt/audit-chain) |
Apache-2.0 (open source) | Domain-agnostic tamper-evident audit logging for Cloudflare Workers (R2 + D1). SHA-256 hash-chained records. |
| worker-observability (GitHub) | Apache-2.0 (open source) | ODD-driven telemetry SDK for Cloudflare Workers. Metrics, traces, spans, SLI/SLO. Not yet published to npm — install from source. |
| Stackbilder | Commercial | Unified platform on stackbilder.com — architecture generation, scaffold engine, Evidence Engine, Content Provenance, Worker Observability, Consultations, img-forge |
Charter and AEGIS are the open-source foundations. Stackbilder is the commercial platform that wraps them.
Service Map
| Service | URL | Purpose |
|---|---|---|
| Stackbilder | stackbilder.com |
Unified platform Worker — UI, REST API, scaffold engine, governance, Evidence Engine, Observability |
| Auth | auth.stackbilt.dev |
Authentication service (Better Auth + D1, OAuth, SSO) — service binding from Stackbilder |
| img-forge | imgforge.stackbilt.dev |
Multi-provider image generation gateway — service binding from Stackbilder |
| MCP gateway | mcp.stackbilt.dev/mcp |
OAuth-authenticated MCP Worker that proxies to TarotScript / img-forge / Engine / Deployer. Sibling consumer of the platform’s product workers (see MCP Gateway) |
| Trust verifier | trust.stackbilder.com/evidence/:hash |
Public Evidence Engine receipt verifier (anti-probe semantics) |
How They Fit Together
┌──────────────────────┐
│ AI agent / LM │
│ (Claude Code, etc.) │
└──────────┬───────────┘
│ OAuth + MCP
▼
┌──────────────────────┐
│ mcp.stackbilt.dev │
┌─ human ─►─ stackbilder.com ──┐ │ (MCP gateway) │
│ (web UI + API) │ └──────────┬───────────┘
│ │ │
│ ▼ ▼
│ ┌─────────────────────────────────────┐
│ │ Backend product Workers │
│ │ ─ tarotscript-worker (scaffold) │
│ │ ─ img-forge-mcp │
│ │ ─ stackbilt-engine (architecture) │
│ │ ─ stackbilt-deployer (CF deploy) │
│ │ ─ edge-auth (entitlements + quota) │
│ └─────────────────────────────────────┘
│
└─ CLI ─►─ Charter (charter blast / surface) ──► same backends via API
A single user prompt — “build me an X” — flows through whichever consumer is closest:
IDEA
│
▼
runFullFlowAsync(idea) ← invoked from web UI, MCP tool, or REST
→ PRODUCT → UX → RISK → ARCHITECT → TDD → SPRINT
│
└── inline governance: blessed-pattern enforcement,
red-team review, ADR persistence (Pro/Team tiers)
│
▼
getFlowScaffold(flowId) → deployable project
│
▼
Charter: validate + drift → commit and stack compliance
│
▼
SHIPPED (governed)
Charter: Local Enforcement + ADF Context Compiler
Charter runs in your terminal and CI pipeline. It validates commit trailers, scores drift against your blessed stack, and blocks merges on violations. Zero SaaS dependency - all checks are deterministic and local.
Charter also ships ADF (Attention-Directed Format) - a modular, AST-backed context system that replaces monolithic .cursorrules and claude.md files with compiled, trigger-routed .ai/ modules. ADF treats LLM context as a compiled language: emoji-decorated semantic keys, typed patch operations, manifest-driven progressive disclosure, and metric ceilings with CI evidence gating.
npm install --save-dev @stackbilt/cli
npx charter bootstrap --preset fullstack --ci github --yes
npx charter adf init # scaffold .ai/ context directory
Governance commands: bootstrap, validate, drift, audit, classify, hook install, score, serve, context-refresh.
ADF commands: adf init, adf fmt, adf patch, adf create, adf bundle, adf sync, adf evidence, adf migrate, adf metrics.
See the CLI Reference for full flag and option documentation, or the Charter Kit guide for quickstart and conceptual overview.
For quantitative analysis of ADF’s impact on autonomous system architecture, see the Context-as-Code white paper.
Stackbilder: Architecture + Scaffold + Trust
The 6-mode pipeline (PRODUCT → UX → RISK → ARCHITECT → TDD → SPRINT) produces structured artifacts with cross-referenced IDs. After completion, the scaffold engine generates a deployable Cloudflare Workers project. On Pro/Team, additional capabilities run alongside the scaffold pipeline:
- Evidence Engine — content E-E-A-T validation and tamper-evident receipts (
stackbilder.com/api/v1/evidence/*, see API Reference) - Worker Observability — hosted telemetry ingest + dashboard
- Consultations — CISO and CTO advisory flows backed by structured prompts and receipt-bound deliverables
- Inline governance — blessed-pattern enforcement, red-team review, ADR persistence (replaces the previously-standalone Compass service binding)
Available via:
- Browser UI at stackbilder.com (interactive, human users)
- REST API at
stackbilder.com/api/*(direct HTTP — Charter CLI, server-to-server, CI; see API Reference) - MCP gateway at
mcp.stackbilt.dev/mcp(OAuth-authenticated agent access; routes scaffold/image/deploy tools to the same backend Workers — see MCP Gateway)
See the Stackbilder Platform docs for the full 6-mode pipeline, governance tiers, and scaffold engine details. For security architecture and supply chain controls, see Security.
Lightweight Agent Pattern
The recommended agent workflow downloads ~40KB total (down from 300KB+):
runFullFlowAsync → getFlowSummary polls → getArtifact per mode → getFlowScaffold
Governance Modes by Plan
| Plan | Max Mode | Behavior |
|---|---|---|
| Free | PASSIVE |
Log only — never blocks |
| Pro | ADVISORY |
Warn on issues, flow continues |
| Team | ENFORCED |
Block on FAIL, require remediation |
When governance mode is capped by plan tier, a soft upsell prompt appears in the governanceState response.
Blessed Patterns
The platform maintains a ledger of approved technology patterns. These are injected into the ARCHITECT prompt automatically when governance is enabled. Example:
- Compute: Cloudflare Workers (not AWS Lambda)
- Database: Cloudflare D1 (not PostgreSQL)
- Cache: Cloudflare KV (not Redis)
- Queue: Cloudflare Queues (not SQS)
Worker Observability: ODD-Driven Monitoring
worker-observability is the OSS library (Apache-2.0, GitHub) — not yet published to npm; install from source. The hosted Pro product on stackbilder.com wraps it with D1 storage and a dashboard.
ODD Pillars (Observability → Debugging → Diagnostics)
| Pillar | Signal | Library class | D1 tables |
|---|---|---|---|
| Observability | Metrics, request counts, health | MetricsCollector, Logger |
traces, metrics |
| Debugging | Traces, spans, correlated logs | Tracer, Span |
spans, logs |
| Diagnostics | Alerts, SLI/SLO status | AlertManager, SLIMonitor |
alert_incidents |
Tier Gating
| Feature | Free | Pro ($29/mo) |
|---|---|---|
| Retention | 24h | 30d |
| Workers | 1 | Unlimited |
| Traces + logs | Health status only | Full drilldown |
| SLI/SLO tracking | — | Yes |
| Alert history | — | Yes |
Integration (3 lines)
The package is not yet published to npm. Install directly from GitHub:
npm install github:Stackbilt-dev/worker-observability
import { createMonitoring } from '@stackbilt/worker-observability';
const obs = createMonitoring({
service: 'my-worker',
version: '1.0.0',
stackbilt: {
endpoint: 'https://stackbilder.com/api/observe/ingest',
token: env.STACKBILT_TOKEN,
},
});
Governance-First Development
Every significant decision flows through governance before implementation:
- Pre-approval — Stackbilder validates the idea against policy during the PRODUCT/RISK modes
- Architecture — Stackbilder generates a governed blueprint with blessed patterns injected into ARCHITECT
- Review — Inline red-team review runs against the architecture output
- Record — ADRs are persisted to the governance ledger (when
autoPersist: true) - Scaffold — Stackbilder generates deployable project files
- Commit — Charter enforces
Governed-By:trailer compliance at the repo level - Evidence — Charter validates ADF metric ceilings (
adf evidence --auto-measure --ci) - CI — Charter blocks merges on drift violations or metric ceiling breaches
All Repositories
The complete Stackbilt-dev organization — public and private. For private repos, this page is the SoT for documentation.
Core Governance
| Repo | Visibility | Package | Docs |
|---|---|---|---|
| charter | Public | @stackbilt/cli |
Charter Kit · CLI Reference |
| evidence-core | Public | @stackbilt/evidence-core |
evidence-core |
| audit-chain | Public | @stackbilt/audit-chain |
audit-chain |
| worker-observability | Public | (install from GitHub) | worker-observability |
Agent Infrastructure
| Repo | Visibility | Docs |
|---|---|---|
| aegis-oss | Public | AEGIS Core |
| mindspring | Public | MindSpring |
| edgeclaw | Public | EdgeClaw |
| cc-taskrunner | Public | cc-taskrunner |
Infrastructure Libraries
| Repo | Visibility | Package | Docs |
|---|---|---|---|
| llm-providers | Public | @stackbilt/llm-providers |
llm-providers |
| feature-flags | Public | @stackbilt/feature-flags |
feature-flags |
| contracts | Public | @stackbilt/contracts |
contracts |
Platform (Private)
| Repo | Visibility | Docs |
|---|---|---|
| stackbilt-web | Private | stackbilt-web · Stackbilder Platform |
| tarotscript | Private | TarotScript |
| img-forge | Private | img-forge |
| stackbilt-mcp-gateway | Private | MCP Gateway |
| edge-auth | Private | edge-auth |
| codebeast | Private | CodeBeast |
| roundtable | Private | Roundtable |
| stackbilt-build | Public | stackbilt-build |
| edgestack-v2 | Private | (deprecated) |
Developer Tools
| Repo | Visibility | Docs |
|---|---|---|
| bildy | Public | bildy |
| ai-playbook | Public | AI Playbook |
Standalone Apps
| Repo | Visibility | Docs |
|---|---|---|
| social-sentinel | Public | Social Sentinel |
| n8n-transpiler | Public | n8n-transpiler |
| equity-scenario-sim | Public | equity-scenario-sim |
This Site
| Repo | Visibility | URL |
|---|---|---|
| docs | Public | docs.stackbilder.com |
Authentication
Stackbilder issues two credential types, both accepted at every endpoint:
- Session cookie —
better-auth.session_token, set during OAuth sign-in (GitHub, Google) at auth.stackbilt.dev. Used by the browser UI. - API key —
Authorization: Bearer ea_*, issued from/settings. Used by Charter CLI, server-to-server pipelines, and MCP-style consumers.
API key resolution: GET /api/account/me returns the caller’s identity (userId, orgId, plan) — useful for tier-aware routing in CI scripts.