What's New in Forge
A detailed log of every feature, improvement, fix, and security update shipped across the Forge platform.
Data-First Rule and CEO/COO Identity for All Primes
Enforces a mandatory data-first rule across all Prime agents so they always query real data before reporting status. Updates identity language from supervisor/coordinator to CEO/COO for both ForgeBot Primes and ForgeOps Prime.
- AddedMandatory data-first rule (priority 0 block) in PrimePromptBuilder forces all Primes to query real data before reporting
- AddedCEO/COO identity injected into PrimePromptBuilder for ForgeBot Primes and orchestrator.js for ForgeOps Prime
- AddedFull-status collector added to DaemonTemplate (5 built-in collectors) and ForgeOpsDaemon (10 collectors total)
- ImprovedEnhanced conversational personality with CEO/COO examples and stronger problem-working protocol
- ImprovedUpdated all 20 ForgeBot template Prime roles with isSupervisor: true and executive-style descriptions
- ImprovedExecutor.js supervisor prompt updated with data-first and CEO/COO identity
- FixedOrchestrator.js Prime system prompt now enforces bridgeOps-first for status queries
Knowledge Injection System and Prime Personality
Adds a three-pronged knowledge injection system that keeps Forge's codebase knowledge fresh. Introduces the Prime conversational personality with anti-hallucination guardrails. Cleans up Fly.io references to reflect Oracle ARM64 as primary deployment.
- AddedGit post-commit hook triggers automatic knowledge re-indexing on every commit
- AddedKnowledgeWatcher (fs.watch) detects file changes and queues re-indexing via NATS
- AddedKnowledgeIndexer handles NATS subscriptions with 6-hour full reindex cycle
- AddedStaleness tracking: green (<1h), yellow (1-24h), red (>24h), critical (>7d)
- AddedPrime personality with conversational CTO style and anti-hallucination guardrails
- ImprovedCLAUDE.md Section 8 updated to reflect Oracle ARM64 + PM2 + Cloudflare Tunnel as primary deployment
- FixedFly.io references cleaned up — retained only for Forge Compute ephemeral machines (Phase 22)
Forge Connect — Universal API Connectivity via Pipedream
Introduces Layer 29 and Pillar 26: Forge Connect, wrapping Pipedream Connect SDK to provide 3,000+ API integrations for ForgeBots and Forge workflows. Includes provider-agnostic abstraction for risk mitigation.
- AddedLayer 29: Forge Connect Engine with connect-manager.js, connect-proxy.js, connect-events.js, connect-registry.js, and connect-billing.js
- AddedPillar 26: Forge Connect (Universal API Connectivity) for 3,000+ third-party API integrations
- Added3 MCP modules: forge_connect_list, forge_connect_run, forge_connect_events
- AddedProvider-agnostic abstraction with PipedreamAdapter (default), ComposioAdapter, and NangoAdapter stubbed
- AddedConnect Apps tab in ForgeBot Builder configuration UI
- AddedEvent-driven reactive agent triggers from Pipedream event sources
- SecurityForgeGuard security overlay enforced on every Forge Connect tool call (pre-execution S1-S4, post-execution S5-S6)
- SecuritySpiceDB permission enforcement on all connected accounts and actions
Project Intelligence — Deep Project Knowledge System
Adds Pillar 25: Project Intelligence, giving ForgeBot agents deep understanding of project codebases through automated ingestion, knowledge compilation, and pattern extraction.
- AddedProject Ingestor scans git repos, docs, configs, tests, and history for knowledge extraction
- AddedKnowledge Compiler uses LLM extraction to build structured knowledge from raw project data
- AddedPattern Extractor identifies project-wide patterns (architecture, conventions, anti-patterns)
- AddedKnowledge Index with queryable vector + graph + keyword search
- Added5 MCP tools: forge_intelligence_query, forge_intelligence_ingest, forge_intelligence_patterns, forge_intelligence_refresh, forge_intelligence_status
- ImprovedRAPTOR L0-L3 pyramid for hierarchical project knowledge organization
- SecuritySpiceDB permission enforcement on all intelligence endpoints
- SecurityAutomatic .env file exclusion and credential redaction during ingestion
ForgeOps Agent Platform and Executive Engine
Delivers the complete ForgeOps internal operations platform with 8 specialized agents, prime-first routing, and the executive engine for autonomous task execution.
- Added13 new source files: advisory.js, consultation.js, prime-prompt.js, exec-engine.js, claude-code-bridge.js, git-ops.js, deploy-controller.js, task-engine.js, validation-pipeline.js, capabilities/registry.js, capabilities/gate.js, capabilities/api.js, routing/prompt-optimizer.js
- Added8 ForgeOps agents: ForgeOps Prime, Ops Monitor, Security Sentinel, Performance Engineer, Revenue Scout, Research Analyst, Code Architect, Deal Scout
- AddedExecutive Engine for autonomous task planning and execution with validation pipeline
- AddedClaude Code Bridge for direct integration with Claude Code CLI for code generation tasks
- ImprovedPrompt optimizer for routing-aware prompt construction
- ImprovedCapability registry and gate system for tier-aware feature access
- FixedAgent scheduling now uses BullMQ with proper retry and dead-letter handling
Six Pillars Integration — Phase 21 Completion
Completes the Six Pillars integration phase with Enterprise Permissions, Multi-LLM Parallel Executor, Context Sharding, Provider Access Manager, and Autonomous Workflow Continuity.
- AddedLayer 22: Enterprise Permissions Engine with SpiceDB Zanzibar-style permissions (<5ms)
- AddedLayer 23: Multi-LLM Parallel Executor implementing LLMCompiler pattern for concurrent LLM calls
- AddedLayer 24: Context Sharding Engine with RAPTOR 4-level hierarchical summaries
- AddedLayer 25: Provider Access Manager with setup wizard and tier-gated provider access
- AddedAutonomous Workflow Continuity: state-tracker, context-manager, context-injector, session-bridge, drift-detector, preflight-validator
- ImprovedOPA policy evaluation now uses WASM compilation for <2ms execution
- SecurityOPAL real-time policy distribution ensures permission changes propagate within seconds
Forge Mesh and Link — Agent Coordination Layer
Delivers the Forge Mesh agent coordination fabric and Forge Link cross-organization agent collaboration protocol. Agents can now discover, communicate, and coordinate across organizational boundaries.
- AddedLayer 19: Forge Mesh with NATS JetStream-powered agent discovery and message routing
- AddedLayer 20: Forge Link with cross-org agent authentication and authorization
- AddedAgent discovery protocol with capability advertisement and health monitoring
- ImprovedNATS JetStream configuration optimized for agent coordination workloads
- ImprovedBlackboard pattern enhanced for multi-LLM coordination scenarios
- FixedMemory consistency issue when agents share state across Redis CRDT replicas
- SecurityCross-org agent communication requires mutual TLS and SpiceDB authorization
ForgeGuard S2 Enhancement — LlamaFirewall Integration
Upgrades the S2 input scan layer with Meta's LlamaFirewall as the primary defense, replacing the previous regex-based scanning with ML-powered prompt injection detection.
- AddedLlamaFirewall integrated as primary S2 defense with PromptGuard 2 core classifier
- AddedDeBERTa-v3 added as secondary semantic analysis classifier for S2
- ImprovedS2 scanners now run concurrently for reduced latency (parallel LlamaFirewall + DeBERTa + Presidio + LLM Guard)
- ImprovedAugustus adversarial probing (S6) expanded with 200 new attack vectors
- FixedFalse positive rate in Presidio PII detection reduced by 40% with custom entity recognizers
- FixedS5 output scan now correctly handles streaming responses without buffering entire output
- Securitymcp-scan (S7) updated with latest vulnerability database and behavioral fingerprinting
- SecurityPre-Gate SpiceDB authorization cache invalidation now triggers within 500ms of permission changes
Older versions are archived. For the complete history, see the GitHub repository.