Greg IsenbergWatch original video

Isenberg Autonomous App Building Framework

Build a self-updating, agent-operated app or internal tool inside Codex that runs and improves autonomously — without you manually editing it every time.

// TL;DR

The Isenberg Autonomous App Building Framework is a step-by-step method for building self-updating, agent-operated web apps and internal tools inside OpenAI Codex. Instead of manually editing your app every time something changes, you set up persistent storage (Memory), define Safe Actions that constrain what agents can do, create a reusable Codex Skill as an instruction manual, checkpoint your progress with Save Gates, and then Prove the Loop by having a fresh AI chat operate the live app autonomously. Use it whenever you want to build a living product that AI agents can populate, update, and improve without your manual intervention.

Framework
codex-sitesautonomous-appsvibe-codingagentic-engineeringinternal-toolsno-codeai-agentsproduct-building

// When should you use the Isenberg Autonomous App Building Framework?

Use this skill whenever you want to build a functional, persistent web app or internal tool using Codex Sites — especially when your goal is an app that agents can keep operating, updating, and populating for you without manual intervention.

// What inputs do you need before starting the Isenberg framework?

  • App conceptrequired
    What the app or internal tool does — its purpose, columns, cards, fields, or core function.
  • Key data entitiesrequired
    The main record types the app needs to store (e.g. ideas, tasks, entries) and the actions that should be performed on them.
  • Safe actions list
    The named mutations the app should expose (e.g. add_idea, move_card, score_idea). Can be derived from Codex itself if unknown.
  • Skill name
    A short, descriptive name for the Codex Skill that will serve as the reusable instruction manual for this app.

// What core principles guide the Isenberg Autonomous App Building Framework?

Autonomous Product Building

The goal is not to build a static site you manually update — it is to build a living product that agents operate for you. Every design decision should move toward the app updating, editing, and improving itself without you touching it.

Memory First

Without explicit persistent storage, your app is just a demo. You must prompt Codex to add a durable data store (e.g. Cloudflare D1) so the app saves data between visits. The app saves data, but without this, it's just a demo.

Safe Actions as the Automation Layer

Safe Actions are named, approved mutations (add, update, move, score, archive) that constrain what agents can do. Instead of arbitrary SQL or generic database writes, agents call only named mutations — making automation safe, predictable, and triggerable from any Codex chat.

Skills as the Reusable Instruction Manual

A Codex Skill is a persistent instruction manual so Codex knows how to operate the app in any future chat. Without a Skill, future chats have no context. With a Skill, you can open a new chat, invoke the skill, and the agent knows exactly how to interact with your app.

Save Gates as Checkpoints

Like checkpoints in a video game, Save Gates lock in a stable version before moving forward. Codex does not autosave — explicitly save for review at key milestones to protect your progress and confirm build status, storage config, and access settings before deploying.

Prove the Loop

Before considering the build done, open a brand new chat, invoke the Skill, and issue a real command (e.g. add an idea). If the agent reads the board, calls only the Safe Action layer, and the live site updates — the loop is proven. This is the wow moment that confirms the app is truly autonomous.

// How do you apply the Isenberg framework step by step?

  1. 1

    Invoke Codex Sites and build the shell

    Start a new Codex project and invoke the @sites plugin. Prompt it to build your app concept using realistic sample data. Critically: instruct it to save for review, do not deploy. This forces it to build a real product/service, not a homepage. Example instruction pattern: 'Build [app concept] with [columns/structure]. Use realistic sample data. Save for review, do not deploy.'

  2. 2

    Add Memory — define the data model before touching code

    Prompt Codex to add persistent storage but ask it to show you the data model and which records and actions the app needs BEFORE it writes any code. This surfaces your entities (e.g. one record per card) and the full action list (list, add, update, move, score, archive). Review and approve before proceeding. Recommended store: Cloudflare D1.

  3. 3

    Create Safe Actions for all key mutations

    Using the action list surfaced in Step 2, prompt Codex to create Safe Actions for each mutation. If you are non-technical and don't know what your Safe Actions should be, just ask Codex — it will derive them from the data model. The goal is an explicit safe action boundary so the agent can only call named mutations, never arbitrary SQL.

  4. 4

    Create a Codex Skill for the app

    Prompt Codex to create a Codex Skill with a clear name (e.g. 'startup ideas admin'). The Skill should explain: how to read the board/data, how to add records, how to move/update records, how to score/archive records, and include at least five example commands. This skill is the reusable instruction manual for every future chat that needs to operate this app.

  5. 5

    Save Gate — checkpoint the stable version

    Prompt Codex to save the current state as a named version (e.g. 'v1 review'). Explicitly instruct: do not deploy. Ask it to confirm: build status, storage choice, access settings, and the exact version saved. Check the top-right environment panel to confirm branch, connection status, and change history.

  6. 6

    Prove the Loop — verify autonomous operation in a new chat

    Open a completely new chat — this is critical. Invoke the Skill you created and issue a real operational command (e.g. 'Use [skill name] to add [real item], place it in [column], give it a first-pass score and next step'). Watch whether the agent: loads the skill, calls only the Safe Action layer (no raw SQL, no generic DB writes, no deploy), and the live app reflects the change. If it does, the loop is proven and the app is operating autonomously.

// What are real-world examples of the Isenberg framework in action?

A content creator wants a live editorial calendar that agents can populate automatically as new topic ideas come in from research chats.

Build the calendar shell in Codex Sites (Step 1) with columns like Backlog, Scripting, Filming, Published, Archived. Add D1 persistent storage with a data model review (Step 2). Create Safe Actions for add_topic, move_topic, update_status, archive_topic (Step 3). Create a Codex Skill called 'editorial calendar admin' with example commands (Step 4). Save Gate at v1 (Step 5). Then Prove the Loop: open a new chat, invoke the skill, say 'add topic [X] to backlog with a priority score' — if the live board updates via Safe Action only, the loop is proven.

A solo founder wants a CRM-lite that automatically logs new leads from other Codex chats without manually editing a spreadsheet.

Build the CRM shell with columns like New Lead, Contacted, Qualified, Closed, Lost. Add persistent storage and surface the data model (Step 2 — entities: contact record with name, source, status, score, next action). Create Safe Actions for add_lead, update_lead, move_lead, score_lead (Step 3). Create a Codex Skill called 'lead tracker admin' (Step 4). After the Save Gate, Prove the Loop by opening a new chat, invoking the skill, and commanding 'add lead [name] from [source] to New Lead with an initial score' — confirming the live CRM updates autonomously.

// What common mistakes should you avoid when using the Isenberg framework?

  • Not invoking @sites explicitly — the plugin must be invoked or Codex won't use the Sites building workflow.
  • Letting Codex auto-deploy before you've reviewed — always instruct 'save for review, do not deploy' in your initial prompt to avoid premature deployment.
  • Skipping the data model review step — asking Codex to add storage without first seeing the data model means you won't know what Safe Actions to create, especially if you're non-technical.
  • Not creating Safe Actions — without them, agents fall back to arbitrary SQL or generic database writes, which is unsafe and unpredictable.
  • Skipping the Skill creation step — without a Codex Skill, every new chat starts blind and can't operate the app. Skills are what make the app reusable across future chats.
  • Not doing the Save Gate before deploying — Codex does not autosave, so skipping checkpoints risks losing stable versions.
  • Proving the Loop in the same chat instead of a new chat — the entire point of proving the loop is that a fresh chat with no prior context can operate the app using only the Skill. Same-chat testing does not validate true autonomy.
  • Expecting Codex Sites to handle everything out of the box like Replit or Lovable — Codex Sites currently requires you to explicitly prompt for memory, payments, analytics, and other integrations. It is more powerful for autonomous operation but more hands-on to configure.

// What key terms and concepts does the Isenberg framework use?

Codex Sites
The OpenAI Codex plugin (invoked via @sites) that enables building, hosting, and autonomously updating web apps and internal tools directly within the Codex ecosystem.
Autonomous Product Building
The design philosophy where agents — not humans — handle the ongoing updating, editing, and populating of a live app or website. The human sets up the structure; the agents keep it running.
Memory
Persistent storage explicitly added to a Codex Sites app so data saves between visits. Without memory, the app is just a demo. Typically implemented using Cloudflare D1.
Safe Actions
Named, approved mutations (e.g. add_idea, move_card, score_idea) that define the only operations an agent is permitted to perform on the app's data. They prevent arbitrary SQL or generic database writes and make automation safe and predictable.
Skill
A reusable instruction manual stored in Codex that tells any future chat how to operate a specific app — what data it holds, what actions are available, and example commands. Created once; invoked in any future chat.
Save Gate
A manual checkpoint — like a video game save point — where you explicitly instruct Codex to commit the current stable state as a named version without deploying, confirming build status and storage config.
Prove the Loop
The validation step where you open a brand new Codex chat, invoke the app's Skill, issue a real operational command, and confirm the live site updates using only the Safe Action layer — proving the app operates autonomously without human editing.
Safe Action Boundary
The explicit constraint that agents may only call named mutations defined as Safe Actions — never raw SQL, never generic database writes, never deploy commands. Enforced during the Prove the Loop step.

// FREQUENTLY ASKED QUESTIONS

What is the Isenberg Autonomous App Building Framework?

It is a structured method created by Greg Isenberg for building web apps and internal tools inside OpenAI Codex that AI agents can operate, update, and populate autonomously — without you manually editing them. The framework uses six steps: building the shell, adding persistent Memory, creating Safe Actions, writing a reusable Codex Skill, checkpointing with Save Gates, and Proving the Loop by verifying autonomous operation in a brand new chat.

What are Safe Actions in the Isenberg framework?

Safe Actions are named, approved mutations — like add_idea, move_card, or score_idea — that define the only operations an AI agent is allowed to perform on your app's data. They replace arbitrary SQL or generic database writes with a predictable, constrained action layer. This makes automation safe because agents can only call explicitly approved functions, never raw database commands.

How do I build an autonomous app in Codex using this framework?

Start by invoking @sites in Codex and prompting it to build your app shell with realistic sample data. Then add persistent storage (like Cloudflare D1) after reviewing the data model. Create Safe Actions for every mutation, build a Codex Skill as the reusable instruction manual, save a checkpoint via a Save Gate, and finally Prove the Loop by operating the app from a completely new chat using only the Skill.

How do I create a Codex Skill for my app?

Prompt Codex to create a Skill with a descriptive name (e.g. 'startup ideas admin'). The Skill should explain how to read the app's data, how to add, update, move, score, and archive records, and include at least five example commands. This Skill becomes the persistent instruction manual that any future Codex chat can invoke to operate your app without prior context.

How does the Isenberg framework compare to building apps in Replit or Lovable?

Unlike Replit or Lovable, the Isenberg framework in Codex Sites is specifically designed for autonomous agent operation, not just one-time app generation. You must explicitly configure memory, Safe Actions, and Skills — it's more hands-on to set up but far more powerful for ongoing autonomous updates. Replit and Lovable build apps you still manually manage; this framework builds apps that agents manage for you.

When should I use the Isenberg Autonomous App Building Framework?

Use it whenever you want to build a functional, persistent web app or internal tool that AI agents can keep running without your manual intervention. It's ideal for solo founders building CRMs, content creators managing editorial calendars, teams tracking ideas or leads, or anyone who wants a living product that updates itself through agent-issued commands rather than human editing.

What results can I expect after using the Isenberg framework?

You'll have a live, deployed web app with persistent data storage that any Codex chat can operate autonomously by invoking a Skill. The app updates in real-time when agents issue commands through the Safe Action layer. The end result is a self-updating tool where you add data, move records, and manage workflows through natural language commands in new chats — no code editing required after setup.

What does Prove the Loop mean in the Isenberg framework?

Prove the Loop is the critical validation step where you open a brand new Codex chat with no prior context, invoke the app's Skill, and issue a real operational command like adding a record. If the live site updates using only the Safe Action layer — no raw SQL, no manual editing — the loop is proven and the app is truly autonomous. Testing in the same chat doesn't count because it doesn't validate context-free operation.

What is a Save Gate in the Isenberg framework?

A Save Gate is a manual checkpoint — like saving in a video game — where you explicitly instruct Codex to commit the current stable version without deploying. You confirm the build status, storage configuration, access settings, and the exact version saved. Since Codex does not autosave, Save Gates protect your progress and ensure you can roll back if something breaks in later steps.

Why do I need persistent storage in a Codex Sites app?

Without persistent storage (Memory), your app is just a demo — data disappears between visits. The Isenberg framework requires you to explicitly add a durable data store like Cloudflare D1 so that records are saved permanently. This is the foundation for autonomous operation because agents need real, persistent data to read from and write to when they operate the app in future chats.

// GET STARTED

Turn Any YouTube Video Into An AI Skill

SkillForge captures a creator's exact methodology from their video and turns it into a reusable AI skill you can invoke in Claude, ChatGPT, or any LLM.

Forge your own skill