Governed runtime for AI-written apps

AI writes the app.
ObjectOS keeps it governable.

Point your coding agent at ObjectStack. It writes models, UI, workflows, permissions, and tools as compact metadata, not a full codebase. In many CRUD/workflow apps, code moves toward 1%, iteration toward 100x, and people review small governed diffs.

Open protocol
Apache 2.0, self-hostable
~1% code surface
Metadata instead of app code
~100x iteration
Small diffs, governed runtime
ObjectOS connecting business data, applications, and AI agents
Unified business object layerConnecting applications, data, and agents

For AI-written enterprise software

Keep the systems that work.
Add a governed runtime for agents.

Enterprise AI does not need another rebuild project or another pile of generated code. It needs a compact target format agents can write, humans can review, and a runtime that keeps each change governed across legacy systems, new applications, and AI agents.

Platform capabilities

Start with the business model,
not a blank codebase

Read about AI and agents
  1. 01

    Give agents a business model

    Model customers, orders, equipment, cases, and approvals as objects agents can read, relate, and act on.

  2. 02

    Extend systems without replacing them

    Add APIs, permissions, workflows, and intelligence on top of databases, ERP, CRM, and custom systems.

  3. 03

    Generate metadata, not app code

    For typical CRUD and workflow software, agents write the compact ObjectStack definition while ObjectOS supplies tables, APIs, UI, tools, permissions, and audit. Less code to generate, less code to review.

  4. 04

    Enforce governance at runtime

    Reuse enterprise identity, permissions, approval queues, and audit logs so every agent action has a defined boundary.

AI build and agent operations

Let agents create the software.
Keep people in the review loop.

ObjectOS turns objects, fields, workflows, permissions, and actions into declarative metadata that agents can read and update through governed tools. In the open-source edition, you bring your own AI: a coding agent writes metadata as source files, often a tiny fraction of a generated app codebase; you review the diff, and any MCP client can query your data. For CRUD and workflow surfaces, the runtime supplies the repeated 99%, so metadata-only changes can move at two-orders-of-magnitude iteration speed. The in-app Build and Ask assistants run on Cloud and Enterprise.

View the AI security model
01

AI Builder

Cloud & Enterprise: describe a change in natural language. The in-app Builder generates objects, fields, views, and workflows, then routes structural changes for approval. In open source, your coding agent writes the same compact metadata diff instead of a full app codebase.

02

AI Ask

Cloud & Enterprise: ask questions inside the product, analyze business context, and trigger approved actions within the signed-in user’s permissions. In open source, query the same objects through MCP with your own AI.

03

Tools / MCP

All editions: @objectstack/mcp exposes objects, queries, and actions as policy-aware tools for Claude, Cursor, any MCP client, or a local model.

How it works

Turn business operations into
a structure agents can use

ObjectOS describes objects, relationships, permissions, workflows, and actions in unified metadata. Agents change a compact definition layer instead of regenerating application code, so business iterations stay fast, reviewable, and governed.

Your existing systems
CRMERPDatabasesCustom systems
Model objects
OBJECTOS BUSINESS OBJECT LAYER Objects · Permissions · Workflows · API · Audit
Govern execution
What runs on top
Business appsAI agentsAutomation

Security and governance

Keep data in your network.
Let AI work inside permissions.

ObjectOS runs as a self-hosted runtime on your infrastructure. Business records, identities, audit logs, and files stay under your control; AI agents access objects through governed tools and inherit the signed-in user’s permissions.

Explore security and governance

Data residency

Connect your databases and storage. Unless you configure an external service, ObjectOS does not send telemetry, contact a license server, or transmit data back to ObjectStack.

User-scoped AI

Agents act as signed-in users and obey object, record, and field permissions, so they cannot see data the user cannot see.

Approval and audit

Structural changes go through a human approval queue. Reads, writes, tool calls, and permission changes can be written to audit logs.

Offline ready

Run in a VPC, on local servers, or in air-gapped networks with local models, internal identity, and your own secrets management.

Application templates

Start with working templates,
not a blank canvas

How it compares

Different from
the tools you know

Read the comparison

Latest insights

Practical thinking on AI-native software

Browse all articles
When an AI Agent Deletes Production Data: Runtime Guardrails Beat Prompts

When an AI Agent Deletes Production Data: Runtime Guardrails Beat Prompts

The Replit database incident shows a structural lesson: an agent's blast radius must be controlled by runtime permissions, approvals, and audit logs, not only by a prompt.

Retool vs. Governed AI App Platforms: Can You Review Business Authority?

Retool vs. Governed AI App Platforms: Can You Review Business Authority?

Retool has strong access governance, including RBAC, audit logs, SSO, and self-hosting. The harder question is whether business authority is declared as a reviewable fact.

Power Platform Lock-In: Dataverse, Azure, and the Self-Host Tradeoff

Power Platform Lock-In: Dataverse, Azure, and the Self-Host Tradeoff

Power Platform is already inside the Microsoft tenant, but self-hosting, Dataverse export, AI usage pricing, and sovereignty requirements matter for long-running systems.

Next step

Start with the business data you know best.

Connect one existing system, define its key business objects, and let your agent ship the first governed AI-written application as a small metadata diff.

Learn how to connect existing systems