Roadmap.
Moonshift is still early, but the direction is clear. We're building a fully AI-native app development platform - not just “generate an app and stop.”
We want Moonshift to keep helping you build, fix, improve, maintain, deploy, and scale your product over time. A platform that stays with the app after launch - not one that builds, then walks away. Here's what's live today, and where we're headed.
End-to-end autonomous build
One prompt to a deployed, working app in ~5 minutes. 15 specialized agents - web research, planner, database, backend, frontend, tests, landing, security audit, deploy, marketing - run the build with no hand-holding.
Your repo, your cloud, your domain
Every build lands in your own GitHub repo and deploys to your Vercel (Netlify and Cloudflare Workers supported too). Attach a custom domain with automatic SSL. Full ownership from day one, zero lock-in.
Iterate after it ships
Open any build in a workspace with a file tree and code viewer, @-mention files as context for your next change, and watch agent activity stream live. Every change is a numbered version - ship a tweak, roll back to any previous version in one click.
Tested, audited, real data
A Playwright suite runs E2E against your app and a dedicated security agent audits it before deploy. Generated apps ship on Next.js + Drizzle + Turso with real CRUD, real auth, and realistic seed data - not placeholder dashboards.
Forkable templates
Start a run from a real, working app instead of a blank prompt. Every template is a polished Moonshift build with a live demo and a public GitHub template repo you fork into your own GitHub - not a zip you copy. Or seed a run with it: the agents start from the working app and reshape it into your product at normal run pricing.
Cloud IDE - browser editor + LSP + hot-reload preview
Today the build lands in your repo, and to change a line you clone it, run npm install, and open a local editor. We're pulling the editor INTO Moonshift: the full file tree, a language server over your code for autocomplete, go-to-definition, and inline type errors as you type, plus a hot-reload preview pane wired to the dev server. No clone, no local toolchain.
Example Open app/page.tsx, rewrite the hero, Cmd-click <HeroCTA /> to jump to its file where the LSP red-underlines a renamed prop, fix it, hit save - the preview Fast-Refreshes in under a second. The loop from "read the code" to "see the change" happens in the tab.
Integrated shell + streaming logs + live devtools
The moment your app deploys, you're outside the product to do anything real - no way to run a command, tail a log, or read a stack trace. We're building it in: an interactive terminal against your running app, a console capturing raw stdout/stderr, application + deployment logs tailing live, and a preview pane with the real browser console and network tab attached.
Example Run npm run db:seed in the terminal, click Checkout in the live preview, watch POST /api/checkout 500 stream in. Expand it: TypeError at app/api/checkout/route.ts:23. The network tab shows the failed call, the trace points at the line - no redeploy, no leaving the tab.
Always-on agent sessions with production log access
Today our agents run the build, then terminate. The moment your app is live, nothing is watching it - a runtime 500 at 2am is invisible until a user complains. We're building persistent sessions that stay attached to the deployed app and hold read access to its production logs, pattern-match on error signatures, and flag anomalies instead of dying at build time.
Example 2:14am, a webhook handler starts rejecting events. The session catches it in the production log within seconds and pins it to your task board: "webhook signature failing, 6 events dropped since 02:14." You wake up to a scoped error tied to the exact request and trace.
Autonomous bug-fix + refactor from real runtime errors
Tests run at build time; nothing watches the app a week later. We're wiring the agent to live errors: hand it a stack trace, or just describe the symptom in plain English. It reproduces the failure in a headless browser, isolates the line that's actually wrong, and opens a minimal patch PR - one file, smallest diff, nothing else touched. Same loop for refactors, with the Playwright suite re-run to prove behavior held.
Example You type "signups are failing." The agent drives a headless browser through the form, catches POST /api/signup returning 500, traces it to a query reading user.email before a null check, and opens a one-file diff adding the guard plus a regression test - green before it asks you to merge.
Scheduled maintenance loops with presets
After we ship, the clock works against you: deps drift, CVEs land in transitive packages, SEO regresses, bundle size creeps. We're building maintenance loops - parallel agents on a shared task board, each owning a lane (dependency bumps, security scan, perf budget, SEO pass), running on a cadence you choose. Agents fan out in isolated branches; a PR only opens when every check is green.
Example Toggle the "Weekly hardening" preset. Each Monday at 03:00, agents run in parallel: npm audit + update within semver, lint + typecheck, Playwright against a preview, Lighthouse diff. All green - one PR: "weekly hardening: 6 deps bumped, 1 high-sev advisory cleared, LCP -180ms." One lane fails - no PR, you get a draft with the failing trace.
Reusable modules
Forkable templates shipped; modules are next. Reusable modules the agent drops in instead of regenerating: auth, billing, dashboards, as real code in your repo with the schema migration and env wiring applied.
Example Fork the "SaaS starter" template, then prompt "add Stripe billing." The agent drops in the checkout + webhook routes, generates a /pricing page, adds the subscriptions tables, runs the migration against your Turso db, and writes the secrets into your env vault - signature check validating against the real secret. No black box; you can read and edit every line.
Integrations as presets - vaulted, typed, wired
Adding a service after the build is on you today: read the docs, install the SDK, find where the key goes, write the wrapper. We're replacing that with presets, not plugins. Pick a service and we do three things up front: write its credentials into the encrypted vault, instantiate the client, and generate a typed helper with the correct call signature already wired. Correct by default, no docs dive.
Example Pick the object-storage preset. The bucket creds land in the vault (never in source) and you get a typed upload({ key, file, contentType }) helper plus getSignedUrl({ key, expiresIn }) wired to the right region and bucket. Same loop for payments, auth, email - pick it, it's wired.
Real-time multiplayer - shared cursors, RBAC, teams + SSO
Moonshift is single-player today. We're building real-time multiplayer: many people in one workspace over a CRDT-synced document layer, shared cursors and selections, and one shared running instance instead of everyone forking a local copy. Access is role-based (owner / editor / viewer), enforced per file and per action. On top: team accounts and SSO/SAML.
Example Share one workspace link. Your designer edits Tailwind classes while you wire the /api/checkout route - you watch her cursor in real time, one hot-reload reflects both diffs in the preview URL you're both staring at. A client joins viewer-only: live preview, zero write access, can't see env vars.
First-class hosting + managed runtime
Today we deploy to your Vercel and hand you a Turso SQLite db - great for a request/response app, but anything stateful, scheduled, or growing lives elsewhere. We're building a runtime under the app: autoscaling deploys plus reserved always-on VMs for workers and websockets, cron jobs, managed Postgres with versioned migrations, object storage, an encrypted secrets vault, two-way GitHub sync, and custom domains with automatic SSL. Still your repo, still zero lock-in.
Example Prompt "email me a churn report every Monday 9am" - a cron job queries Postgres, renders it, ships it. A launch tweet drives a 40x traffic spike - autoscale absorbs it, no cold-start 500s. You add a nullable column - the migration runs zero-downtime while the always-on VM keeps draining the email queue.
End-to-end autonomous build is just the start. Everything above turns the ~5-minute build into a platform that stays with your app: an in-browser IDE and terminal to change it, streaming production logs, always-on agents that catch real runtime errors and open patch PRs, scheduled maintenance, real-time multiplayer, forkable templates, and a managed runtime under it.
This is a direction, not a dated commitment. Timelines shift as we learn. Want something prioritized? Tell us on X or in Discord - testers and feedback move things up this list.