ForgeHive^AI

Makes every Claude Code session smarter than the last.

What ForgeHive does

ForgeHive is a memory and learning layer for Claude Code. Every autonomous run writes successes, failures, and anti-patterns into a local vector DB. The next run injects semantically relevant memories and stack-specific warnings directly into the planning prompt.

In one sentence: Claude remembers what you taught it last time, even across sessions and machines.

What ForgeHive is not

• Not a new LLM
• Not a cloud service
• Not a Cursor replacement
• Not a multi-tenant SaaS

ForgeHive is the persistence layer Claude Code is missing — local-first, deterministic, provider-agnostic for embeddings (OpenAI, Voyage) and chat (Anthropic SDK, Claude CLI).

Quick Start

npm install -g forgehive
cd your-project
fh init
fh auto "Add OAuth login to the API"

fh init scans your stack, infers conventions from sibling files, and sets up a .forgehive/ directory inside your project. Claude reads it automatically. fh auto runs the full plan → implement → test → PR loop with persisted memory.

Five core commands cover the everyday flow:

fh help --all lists 50+ advanced commands (memory, security, party, MCP, planning, threat modeling, trust, ADR detection, cross-project learning). See docs/reference.md for the full surface.

How the memory loop works

1. Scan — fh init reads your package.json / Cargo.toml / pyproject.toml and computes a deterministic stack signature.
2. Infer — conventions.ts examines sibling files for naming and structural patterns, so prompts can say "match the existing style" concretely.
3. Embed — Each successful or failed run writes a MemoryEntry to sqlite-vec (192-dim Voyage Matryoshka by default, OpenAI fallback).
4. Recall — Before each plan/implement prompt, ForgeHive runs a semantic search on the task description and pulls the top k hits plus any stack-matching anti-patterns into the prompt.
5. Learn — After three consecutive failures of the same task type with the same error signature, an anti-pattern is recorded. The next prompt warns Claude explicitly and tells it to try a different approach.

This is the loop that makes the second session smarter than the first.

Security model

• Credentials live in the OS keychain (keytar — macOS Keychain, libsecret on Linux, Credential Manager on Windows). The legacy encrypted-file store remains as a graceful fallback for headless environments and migrates transparently on first use.
• Tool outputs are wrapped in an __fh_untrusted JSON boundary before re-injection; the system prompt instructs Claude to treat them as data, not as instructions.
• A configurable spend hard-cap (fh cost --limit <usd>) is enforced before every Anthropic call. No silent runaway runs.
• MCP skill pulls require GPG-signed commits by default; FH_ALLOW_UNSIGNED=1 is the only override and is intentionally an environment variable, not a CLI flag.

VS Code Extension

ForgeHive ships a VS Code extension that surfaces your project's memory directly in the editor.

Features:

• Memory Sidebar — shows your top anti-patterns and recent learnings in a dedicated panel
• Stack Indicator — status bar shows detected stack + hash (⬡ typescript, react #a3f2b1)
• Cost Pill — accumulated session cost visible at a glance

Install (manual until Marketplace listing):

cd extensions/vscode
npm install
npm run package        # builds forgehive-0.1.0.vsix
code --install-extension forgehive-0.1.0.vsix

The extension activates automatically when a .forgehive/capabilities.yaml is found in the workspace. Run fh init first if it hasn't activated.

Marketplace listing coming — tracked in ROADMAP.md.

What's new in v3.7.0 — NextGen Agent Suite

• Three new agents — Ned (STRIDE threat-modeling + MITRE ATLAS + CVSS 3.1), Morgan (blameless incident postmortems + DORA metrics), Val (adversarial validation meta-agent that catches hallucinated findings and severity inflation).
• Three new party sets — /threat-party, /incident-party, /trust-party.
• fh trust — Trust-Score dashboard. Aggregates Val's per-session scores into .forgehive/trust-log.yaml; shows trend + per-agent reliability (validated/disputed/retracted ratio).
• fh global-learn push/pull/status — cross-project agent memory transfer. The SWE-EVO play: durable [SEMANTIC]/[PROCEDURAL]/[PATTERN] lines learned in Project A become first-class context when an agent runs in Project B. [EPISODIC] entries stay project-local.
• fh adr detect — pattern-matches the last commit (new interfaces, abstract classes, major dependency adds, migrations, new configs, structural removals) and writes a draft ADR stub with Context/Decision/Consequences skeleton when ≥2 signals fire. Auto-runs from the new post-commit hook (fh init --hooks).
• fh threat-model, fh incident, fh recover, fh sprint — four new strategic-tier commands.
• Upgraded context builders — Eli (full Docs), Vera (full SecOps + MITRE ATLAS AI threats), Viktor (Architecture Recovery + ADR-NEEDED hints), Hugo (full SRE + DORA + SLO impact).
• 1322 tests passing — including 17 new tests for trust-log, global-learn, and ADR detection.

What's new in v3.6.0

• fh plan — transforms fh analyze + full project context (CLAUDE.md, ADRs, CI/CD, infra, security docs) into a 7-section strategic execution plan with Foundation-Work synthesis. Three-role mindset (Principal Architect + Staff Engineer + Product Strategist).
• fh fix — interactive patch browser for auto-generated fix suggestions.
• fh init --hooks — installs git pre-push (fh ci --fail-on-entropy) hook.
• fh memory compact — LLM-driven dedup of agent memory files.
• fh watch --signal — file-watch mode that re-runs quick analysis and prints signal delta.
• Static-analysis additions: circular dependency detection, TypeScript any density, public-export delta, fixed zombie-test false-positives on snapshot tests.
• Cross-agent quality: contradiction arbiter, auto-populated open issues on BLOCK, diff-based agent routing (DB → Mira, API → Aria), preference decay (0.8^periods).

What's new in v3.0.0

• 200 expert skills — 49 new Wave 3 skills across 8 categories: deployment & release (Deployment Strategies, SLO Patterns, Release Management, Feature Lifecycle), compliance & audit (SOC2, HIPAA, ISO27001, PCI-DSS), AI/ML engineering (Agent Architecture, Fine-Tuning, Context Engineering, LLM Caching), platform & DX (Developer Portal, Golden Path Templates, Platform Metrics, Documentation), data governance (Data Mesh, Data Governance, Data Quality, CDC, Data Lakehouse), performance & edge (Edge Computing, API Gateway, Web Performance, WebRTC, Real-Time Sync), security deep (Secure Coding, Pen-Test Methodology, Secrets Rotation), full-stack patterns (CQRS, Multi-Cloud, Saga Orchestration, Form Patterns, Analytics Instrumentation, A/B Testing, Idempotency, Bulk Operations, File Handling, Email Patterns, Visual Regression, Test Data Management, A11y Deep, Build Systems, Dependency Management)
• 56 agents — 5 new agents: Chip (Edge Computing), Mona (Developer Experience), Prue (Data Governance), Cal (Compliance Deep), Webb (WebRTC & Real-Time Sync)
• 3 new party sets — /edge-party (Chip + Theo + Hugo), /platform-dx-party (Mona + Ivan + Dot), /compliance-deep-party (Cal + Pia + Vera) — 33 total party sets
• Schema fix — architecture family added to AgentFamilySchema; initForgehiveRuntime skips agents/memory/ subdirectory during copy
• 1148 tests passing — all wiring, agent, skill-selector, init-confirm, and commands-registry tests green

What's new in v2.5.0

• 151 expert skills — 84 new skills added across 10 categories: full language coverage (Ruby, PHP, Elixir, Node, Scala, R, Dart, Groovy, Clojure, Lua, WASM, Solidity), framework-specific (Next.js, NestJS, Django, FastAPI, React, Vue, Svelte, Nuxt, gRPC, Spring Security, HTMX, Tauri), ML/AI deep (MLOps, RAG, Prompt Engineering, Feature Engineering, Vector DB, LLM Observability, AI Safety, Model Deployment, Data Contracts, Streaming Analytics, LLM Evaluation, Synthetic Data), cloud extended (Azure, GCP, Cloudflare, FinOps), security deep (Cryptography, Threat Modeling, Container Security, Incident Response, SAST/DAST, Network Security, API Security, DevSecOps), testing extended (Mutation Testing, Property-Based Testing, API Testing, Fuzz Testing), architecture extended (Hexagonal, Vertical Slice, Modular Monolith, API Versioning, ADR, Technical Debt Strategy, Strangler Fig, Event Storming, Service Mesh, Distributed Systems, Protocol Design, Scheduling), frontend/mobile deep (iOS, Android, PWA, Micro-frontend, CSS Architecture, React Native), backend extended (Rate Limiting, Webhooks, Search, Background Jobs, Concurrency, Multi-tenancy), data/domain (Data Science, Feature Store, Streaming Processing, Data Visualization, Payment, Geospatial, Notification Systems, Audit Logging)
• 51 agents — 5 new agents: Gabi (Azure/GCP Cloud), Ori (iOS/Android Native), Rox (Data Science), Pax (Advanced Testing), Mod (Architecture Evolution)
• 4 new party sets — /native-mobile-party, /data-science-party, /testing-advanced-party, /architecture-party — 30 total party sets
• Skill-selector extended — fh init now maps 200+ capability IDs to the right skill (azure → azure-patterns, mlops → mlops-patterns, stryker → mutation-testing, etc.)

What's new in v2.4.0

• 67 expert skills — 28 new skills added: full language coverage (Python, Go, Rust, Java, Kotlin, Swift), backend architecture (Microservices, Event-Driven, SQL Optimization, NoSQL, Event Sourcing, Serverless, WebSocket), cloud & infrastructure (AWS, Kubernetes, GitOps, Platform Engineering, Secrets Management, Zero-Trust, Supply Chain Security), quality & testing (Contract Testing, Load Testing, Chaos Engineering, E2E Testing), and architecture & design (DDD, Feature Flags, Design System, i18n)
• 46 agents — 21 new agents with full Skill-Matrix wiring: language/framework specialists (Nova, Ember, Quinn, Jax, Ash, Cruz, Blake), systems engineers (Rio, Marco, Dev), domain/ops (Dot, Finn, Lex, Bex, Zoe, Lena, Ivan, Pia, Sage, Cy, Rex)
• 10 new party sets — /systems-party, /cloud-party, /security-deep-party, /realtime-party, /frontend-deep-party, /framework-party, /compliance-party, /domain-party, /ops-party — each with full command files and optimized agent coalitions
• YAML-driven orchestrator — party/orchestrator.ts reads all sets from party/defaults.yaml; no hardcoded party logic; buildAgentContext() loads skills dynamically from agent YAML skills: block
• Skill-selector extended — fh init now maps 50+ capability IDs to the right skills (kafka → event-driven-patterns, playwright → testing-e2e, dynamodb → nosql-patterns, etc.)

What's new in v2.3.4

• 34 expert skills — 8 new: docker-patterns, caching-strategies, graphql-patterns, refactoring-patterns, mobile-patterns, data-pipeline-patterns, iac-patterns, sre-patterns; plus auth-security, gdpr-compliance, owasp-top10 indexed
• Stack-aware fh init — detects your stack and writes active_skills to capabilities.yaml. Claude loads the right skills automatically at session start. No manual selection.
• Milo (Mobile Engineer), Dani (Data Engineer), Ray (GraphQL Architect) — 3 new agents with full skill files and party sets (/mobile-party, /data-party, /graphql-party)
• Registry populated — registry/skills.yaml lists all 34 core skills; fh skills search now returns remote results

What's new in v2.3.3

• 26 expert skills — 5 new: frontend-patterns (Luna, Core Web Vitals), accessibility (WCAG 2.1 AA, ARIA), ci-cd-patterns (GitHub Actions, deployment gates), state-management (React Query, Zustand, Pinia), embedded-patterns (Otto, memory/ISR safety)
• fh skills search <query> — search local skills + remote registry by keyword, tag, or description. Community skills via fh skills pull <git-url>.
• fh doctor --fix — auto-repairs: activates draft capabilities, injects missing CLAUDE.md block. Prints manual instructions for everything else.
• Multi-provider LLM (fully documented) — FH_PROVIDER=openai|bedrock|ollama for non-Anthropic backends. Auto-selected via env vars.
• Luna + Otto agents — Frontend/UX engineer and Embedded/IoT engineer now fully operational with their skill files.

What's new in v2.3.0

• SQLite outcome store — outcomes.sqlite (WAL mode) replaces outcomes.jsonl; O(1) spend queries, no rotation logic, cost-summary.json sidecar for the VS Code extension.
• 4-stage routing cascade — routeTaskWithHistoryAsync() now runs: Party dispatch → History-boosted → Semantic persona match → Keyword fallback; every result carries a complexity field (simple | moderate | complex).
• Agent memory in party — each party agent gets the last 50 lines of its .forgehive/agents/memory/<name>.md injected into its system prompt.
• Kai–Sam dialog in review-party — runKaiSamDialog() runs automatically after the parallel review phase for a consensus synthesis.
• ForgeHive SDK (packages/memory-layer) — ForgeHiveMemory facade class for embedding ForgeHive memory in Cursor, Continue, and Copilot; includes YAML-based anti-pattern reader and portable JSONL outcome store.

See CHANGELOG.md for the full list.

Project layout

.forgehive/
├── capabilities.yaml      # inferred stack + tools
├── memory/                # static MD + vectorised entries
│   ├── feedback.md
│   ├── project.md
│   ├── stories/
│   └── epics/
├── outcomes.sqlite        # per-run ledger (cost, success, errors)
├── patterns/              # stack-specific anti-patterns
├── runs/                  # per-run state
└── scan-result.yaml

Documentation

• Tutorial — step-by-step walkthrough of a first run
• Command reference — every command, every flag
• Architecture — memory layer, pattern store, agents
• User guide — workflows and recipes

Contributing

ForgeHive is a solo-founder project. Issues and PRs are welcome but the roadmap stays focused on the memory-layer thesis. If your contribution adds breadth (new agents, new wires, new docs surface) please open an issue first.

License: Elastic License 2.0.