Frequently Asked Questions About Isenberg Autonomous App Building Framework
21 answers covering everything from basics to advanced usage.
// Basics
What is the difference between a Codex Skill and a regular prompt?
A Codex Skill is a persistent, reusable instruction manual stored in Codex that any future chat can invoke by name. A regular prompt exists only in the current chat and is lost when you start a new conversation. Skills are what make autonomous operation possible — they give fresh chats full context about your app's data model, available Safe Actions, and example commands without you re-explaining everything.
What is Codex Sites and how does it relate to the Isenberg framework?
Codex Sites is the OpenAI Codex plugin (invoked via @sites) that lets you build, host, and update web apps directly in Codex. The Isenberg framework is a methodology layered on top of Codex Sites that adds persistent storage, Safe Actions, Skills, Save Gates, and a validation loop — turning a basic Codex-built app into an autonomously operated product that agents can manage without human intervention.
Can I use the Isenberg framework if I'm not a developer?
Yes. The framework is explicitly designed for non-technical users. If you don't know what Safe Actions your app needs, you can ask Codex to derive them from the data model. The step-by-step workflow uses natural language prompts, not code. The key is following the sequence — build the shell, add memory, create Safe Actions, write the Skill, save a checkpoint, and prove the loop — and Codex handles the technical implementation.
What is the Safe Action Boundary and why does it matter?
The Safe Action Boundary is the explicit constraint that agents may only call named mutations (Safe Actions) — never raw SQL, never generic database writes, never deploy commands. It matters because without it, an agent could execute arbitrary database operations that corrupt data or cause unpredictable behavior. The boundary makes automation safe, auditable, and predictable, which is essential for apps that run without human oversight.
Why does the framework say to test in a new chat instead of the same chat?
The same chat has full conversation history and context from the build process. Testing there doesn't prove autonomy — it only proves the app works when the agent already knows everything about it. A new chat starts with zero context, forcing the agent to rely entirely on the Skill for instructions. If it works in a fresh chat, it will work in any future chat, which is the definition of autonomous operation in this framework.
// How To
How do I add persistent storage to a Codex Sites app?
Prompt Codex to add persistent storage (Cloudflare D1 is recommended) but critically ask it to show you the data model first — the record types and actions — before it writes any code. Review the entities (e.g., one record per card with fields like title, status, score) and approve the schema. Then let Codex implement it. Skipping the data model review means you won't understand what Safe Actions to create.
How do I set up Safe Actions in Codex?
After your data model is defined in Step 2, prompt Codex to create a Safe Action for each mutation the app needs — for example, add_idea, move_card, update_status, score_idea, and archive_idea. If you're non-technical, simply ask Codex to derive the Safe Actions from the data model. The goal is an explicit list of named operations that replaces arbitrary database access with constrained, predictable mutations.
How do I invoke the @sites plugin in Codex?
Type @sites explicitly in your Codex prompt. Without this invocation, Codex won't use the Sites building workflow and may try to generate code in a different context. Always include @sites at the beginning of your first prompt when starting a new project under this framework. This is one of the most common mistakes — forgetting to invoke the plugin and wondering why the app-building workflow doesn't activate.
How do I write the initial prompt for Step 1 of the Isenberg framework?
Use this pattern: 'Build [app concept] with [columns/structure]. Use realistic sample data. Save for review, do not deploy.' For example: 'Build a startup idea tracker with columns Backlog, Evaluating, Building, Launched, Archived. Use realistic sample data. Save for review, do not deploy.' The 'save for review, do not deploy' instruction is critical to prevent premature deployment before you've added memory and Safe Actions.
// Troubleshooting
Why is my Codex app losing data between visits?
Your app doesn't have persistent storage. By default, Codex Sites apps don't include a durable data store — data exists only in the browser session. You need to explicitly prompt Codex to add Memory (persistent storage like Cloudflare D1). Follow Step 2 of the Isenberg framework: ask Codex to show you the data model, approve it, then let it implement the storage layer. After this, data will persist across visits.
Why can't my new Codex chat operate my app?
You likely skipped the Skill creation step. Without a Codex Skill, new chats have zero context about your app — they don't know the data model, available actions, or how to interact with it. Go back and create a Skill (Step 4) that documents how to read data, what Safe Actions are available, and includes example commands. Then invoke the Skill by name in your new chat.
My agent is writing raw SQL instead of using Safe Actions — what went wrong?
You either didn't create Safe Actions (Step 3) or didn't include them in your Codex Skill (Step 4). The agent defaults to the most direct database access method available. Ensure Safe Actions are defined for every mutation and that your Skill explicitly states the agent must only use named Safe Actions — never raw SQL or generic database writes. Re-create or update the Skill with this constraint clearly documented.
I accidentally deployed my app before adding storage — can I fix it?
Yes, but this is why Save Gates matter. If you have a saved checkpoint, roll back to it. If not, you'll need to add persistent storage in a new prompt and re-deploy. Going forward, always include 'save for review, do not deploy' in your initial prompts and use Save Gates at every major milestone. The framework explicitly warns against letting Codex auto-deploy before the full setup is complete.
// Comparisons
How does the Isenberg framework compare to using Cursor or Windsurf for app building?
Cursor and Windsurf are AI-assisted code editors — they help you write code faster but you still manually manage, deploy, and update the app. The Isenberg framework builds apps that agents operate autonomously after setup. The key difference is the Skill + Safe Action layer: once configured, any Codex chat can operate the app without you touching code. Cursor/Windsurf are better for complex codebases; the Isenberg framework is better for living tools that run themselves.
How is the Isenberg framework different from just prompting ChatGPT to build me an app?
Prompting ChatGPT to build an app gives you static code you must manually deploy and update. The Isenberg framework produces a live, hosted app with persistent data, a Safe Action boundary for secure automation, and a reusable Skill that lets any future Codex chat operate the app autonomously. It's the difference between getting a code file and getting a self-operating product.
// Advanced
Can I use the Isenberg framework for apps that need payments or analytics?
Yes, but Codex Sites requires you to explicitly prompt for payments, analytics, and other integrations — they're not included by default. After completing the core six steps, add additional features by prompting Codex in follow-up chats. Each new integration should get its own Safe Actions and be documented in the Skill. Expect more configuration work compared to platforms like Shopify that bundle these features.
Can multiple Codex Skills operate the same app simultaneously?
Yes. You can create multiple Skills targeting different aspects of the same app — for example, one Skill for content management and another for analytics reporting. Each Skill should reference the same Safe Action layer to ensure consistent, constrained operations. This is an advanced pattern useful for teams where different roles interact with different parts of the app through separate Codex chats.
How do I update my app after it's already deployed and proven?
Open a new Codex chat, invoke your Skill, and describe the changes you want. For structural changes (new columns, new record types), update the data model, add new Safe Actions, update the Skill documentation, and create a new Save Gate before re-deploying. For data operations (adding records, moving cards), simply issue commands through the Skill. Always maintain the Safe Action boundary even during updates.
What types of apps work best with the Isenberg framework?
The framework works best for structured data apps with clear CRUD operations — idea trackers, CRMs, editorial calendars, kanban boards, lead pipelines, inventory trackers, and internal dashboards. Apps where the ongoing work is adding, moving, updating, scoring, and archiving records are ideal because these operations map cleanly to Safe Actions. Complex apps with real-time collaboration or heavy computation may need additional architecture beyond what the framework covers.
Is Cloudflare D1 the only storage option for the Isenberg framework?
No, but Cloudflare D1 is the recommended option because it integrates well with Codex Sites' hosting infrastructure. You could theoretically prompt Codex to use other storage solutions, but D1 is the most commonly referenced and tested option within this framework. The key principle is Memory First — any durable storage that persists data between visits satisfies the requirement. The specific technology matters less than having persistent storage at all.
What happens if I skip the Prove the Loop step?
You won't know whether your app is truly autonomous. Without Proving the Loop in a brand new chat, you can't confirm that a fresh agent — with no prior context — can successfully operate your app using only the Skill and Safe Actions. Your app might work in the original build chat (which has full context) but fail when a new chat tries to use it. This step is the difference between a demo and a real autonomous product.