Atriux

How the build agent works

Atriux specializes in AI-powered single-purpose tools — one input, one AI button, one output, plus a small history of past runs. The agent at /build is a tool-using Claude loop that produces exactly that shape and refuses everything else.

The shape every tool follows

Every tool the agent ships has the same anatomy:

  • One clear input field (a URL, a topic, a name, a paste).
  • One AI button (the AgentResearchBlock) that runs the specific work and writes the result back to the row.
  • A small history of past runs (ItemListBlock or ItemDetailBlock) so the user can revisit results.

Examples that fit: company research, paper summarization, contract red-flag analysis, follow-up email drafting, news lookup, flashcard generation. Introduction has a longer list.

The loop

  1. You submit a prompt at /build. The frontend POSTs to /api/build with { prompt }.
  2. The orchestrator (buildAgent.ts) creates a fresh draft row and starts a Claude Sonnet 4.6 conversation. The agent has access to a closed set of tools — nothing else.
  3. The agent calls set_mode({ mode: "compose" }) first, then runs the MVP recipe: set_metadata, set_schema, add_block (HeroBlock + AgentResearchBlock + ItemListBlock at minimum), finish_compose_project.
  4. Each tool call is validated server-side. The orchestrator soft-coerces close-but-wrong inputs (slug casing, snake_case keys, enum near-matches) before validation, so the agent rarely retries on trivial mistakes.
  5. If the brief is out of scope, the agent calls cancel({ reason }) with a polite redirect to a more general-purpose builder.
  6. On success the frontend redirects to /p/<slug>. On cancel, the build is treated as not-shipped and you can revise the brief.

The tool surface

The agent only has access to these tools — no shell, no fetch, no escape hatches:

Always called

  • set_mode({ mode: "compose" }) — Atriux v2 always uses compose mode for the narrow specialization.
  • set_metadata({ name, slug, description }) — populates the project shell.
  • set_schema({ noun, noun_plural, fields }) — declares the data shape. Three fields are typical: input, result, status.
  • add_block({ type, props }) — appends a block from the catalog. Validated against the block's Zod schema.
  • finish_compose_project() — terminal. Writes to projects with mode='compose'.

Optional

  • cancel({ reason }) — abort with a redirect message, used when the brief is out of scope.
  • suggest_new_block({ name, description, useCase }) — proposes a new catalog block to admin review when the brief genuinely needs a primitive that doesn't exist.

Other tools (write_file, read_file, list_files, validate_project, list_repo_files, read_repo_file) are still registered in the build-agent registry but are NOT in the active prompt's instructions. They're the surface for v1's broader scope (generate-mode and repo-import). The narrow agent doesn't use them.

Out of scope — what the agent will NOT build

The agent refuses anything that doesn't fit the input → AI → output shape:

  • Multi-domain workspaces (a finance OS, a full CRM, a project management hub)
  • Kanban boards or sprint planners
  • Forms or surveys
  • Real-time / interactive apps (webcam, canvas, drawing tools)
  • Internal dashboards with multiple charts
  • Generic CRUD trackers without an AI per-row component
  • Anything needing OS-level access, browser automation, or external app integration

For any of these, the agent calls cancel with a redirect message pointing you at Lovable, Replit, or a different tool. A clean cancel beats a half-built project.

Why a closed surface

The build agent has no fetch, no shell access, no ability to install packages, no escape hatch. This is deliberate — it's the core of the platform's security model and the basis of the "every tool ships ready-to-use" promise. The agent can only produce projects that fit the shape Atriux supports, which means we can guarantee anything the agent ships is automatically safe to run, theme-consistent, and integrated with the platform's identity + billing.

Cost model

Building is free for creators. There's a generous weekly limit on builds (currently being tuned) instead of a per-build credit charge. End users pay credits when they use the tool — see Earnings model.

Iteration limits + recovery

  • 16 tool-call iterations max per build.
  • If the agent submits the same invalid input three times in a row, the orchestrator auto-cancels with a clear log entry instead of burning all 16 iterations.
  • If the agent returns plain text instead of calling a tool, the orchestrator nudges it once; if it deviates again, the build fails with the agent's text in the error so you can see what it was trying to say.

Next: Block catalog →