SignalBrain Forge

AI Change Control
for Engineering Teams

SignalBrain Forge turns AI-initiated engineering changes into auditable, policy-controlled pull requests with tests, blast-radius analysis, signed receipts, and rollback evidence.

Let agents do the work. Keep humans in control.

Request a Pilot Pitch deck Receipt spec

THE PROBLEM

AI coding tools can write code. They cannot prove the change was safe.

Engineering leaders are being asked who authorized an AI-initiated change, what policy gates ran, what files changed, what tests passed, what evidence supports the decision, whether it failed closed, and whether rollback is ready.

When evidence is missing or a tool would fake success, Forge records BLOCKED — not a green checkmark with nothing behind it.

SignalBrain Forge gives you that answer.

WHAT FORGE DOES

Runtime-hardening tickets become auditable, mergeable PRs.

Inspect the repository and affected systems.

Generate a scoped work plan.

Create a branch and pull request.

Add or update contract tests.

Run verification checks.

Calculate blast radius.

Enforce policy gates.

Produce output_receipt_v1.

Require human approval before merge.

Preserve rollback evidence.

For multi-package requests: compose package branches and verify the integrated artifact (assembly gate).

INTEGRATION ASSEMBLY

Settled packages are not a shipped product until they compose.

Multi-module Forge work merges settled package branches into an integration branch in build order, then runs assembly-level smoke from runner-attested evidence. A request is not complete until assembly is verified — or a remediation package is opened when compose or smoke fails.

ComposeRunner merges package branches with composePackageBranches; conflicts block assembly with recorded paths.

SmokeProfile-specific assembly command must pass before the request records assembly verified.

MonolithSingle-package and non-assembly flows are unchanged — no false multi-package split.

Assembly states recorded from evidence only: pending → ready_to_compose → composed → verified | smoke_failed | blocked. Receipts can include integration branch, integration commit, package commits, and smoke stdout/stderr hashes.

LIVE REPO PROOF

Forge reached a settled verdict on real repo work.

A bounded runtime-hardening attempt moved through the full Forge lifecycle: submitted, verified, and settled. The run produced branch and commit evidence, an API-side receipt, and R1/R2/R3 runtime-hardening checks before Forge marked the package verified.

SettledFull marketplace lifecycle completed: submitted -> verified -> settled.

3 / 3Runtime-hardening checks passed before settlement: output exists, scope contained, denied paths absent.

VerifiedFinal API-side receipt recorded verifier_verdict=verified and gate_verdict=pass.

Forge lifecycle proof showing submitted, verified, and settled states — Lifecycle evidence: a real Forge attempt reached the terminal settled state.

Forge runtime hardening checks R1 R2 and R3 passing — Verification evidence: R1/R2/R3 checks passed before the package was certified.

Forge output receipt proof showing verified verdict and pass gate — Receipt evidence: the canonical API receipt records the final verified verdict.

Screenshots are redacted public proof generated from a local settled Forge run. Raw marketplace records, internal paths, and private repository data remain outside the public website.

View sample Forge receipts ->

THE RECEIPT IS THE PRODUCT

The agent is the demo. The receipt survives audit.

Every governed change produces a signed receipt that records what was requested, who or what proposed it, which gates judged it, what changed, and how it can be rolled back.

request and intentauthority tier mutation authority statuschanged files policy gatestests and verification model/tool provenanceoutput hash receipt-chain linkagesignature metadata rollback noteshuman approval evidence assembly statusintegration commit smoke evidence hashes

FIRST WORKFLOW

Runtime Hardening PRs

Forge is purpose-built for high-trust engineering work: removing unsafe runtime dependencies, fixing production config drift, adding missing contract tests, validating container/runtime parity, enforcing governance invariants, and producing readiness evidence before deployment.

For platform teams

AI-assisted work without uncontrolled mutation, backed by deterministic checks and reviewable evidence.

For SRE

Policy gates that fail closed, readiness proof, blast-radius reports, and rollback notes before production change.

For security

PR-level audit evidence, provenance, signatures, and contract-test discipline around every governed change.

NEXT STEP

Runtime Hardening Pilot

In 30 days, SignalBrain Forge helps identify and execute 3-5 runtime-hardening changes in your repository. Each change includes a scoped ticket, governed PR, blast-radius analysis, contract tests, verification evidence, signed receipt, rollback notes, and final readiness report.

Pilot accounting: verified-work states are simulated — receipts and lifecycle evidence, not payment movement. Human merge to main always.

Apply for Pilot

AI-initiated engineering changes, controlled by policy, proven by receipts.

Technical proof (public)

Canonical receipt — attempt_proof_rh_verified · R1/R2/R3 pass · verifier_verdict=verified
GitHub PR #191 — runner-attested assembly verification (a714e22fb4 on main)
Receipt JSON in repo — same bytes as operator canonical copy
PR #189 — integrations fail closed (no fabricated tool success)
Gap closure plan — phased roadmap (profile smoke, brain decompose, receipt audit)

Older receipts on the index may predate the assembly gate; cite them as package-level evidence unless re-audited under current gates.

AI Change Controlfor Engineering Teams