Pillar 01 · Dark Factory

The Autonomous AI-Native
Software Development Lifecycle.

Agents author, critic, validate, and ship. Every gate is deterministic. Every bypass is logged. Multi-vendor adversarial review, declarative branch-protection, per-SHA evidence — the SDLC built for codebases where most commits are AI-authored. Reach the same gate through the CLI, the GitHub App, the dashboard, an MCP-speaking agent, or a cloud env in your browser.


The pipeline

PRD to production —
engineered by agents, gated by code.

Humans set direction: write the PRD, refine the cycle spec, prompt the agents. Agents do the work: decompose into cycle specs, write code in TDD, run their own critics, validate in CI with adversarial multi-model review, deploy to preview, soak under load, and promote to production when every gate is green.

0

PRD

human-led

What to build, why, success criteria.

1

Cycle Spec

agent

Plan agent decomposes PRD into cycle docs; critic reviews the plan PR.

2

Local Dev

creator + critic

Creator writes TDD; local critic enforces evidence per commit.

3

CI Gates

multi-agent

Deterministic invariants + adversarial cross-model critics.

4

Preview

auto-deploy

Auto-deployed environment per PR. Smoke + E2E.

5

Soak

eval + obs

Time-bounded. Eval harness, traces, error rates.

6

Production

auto-promote

Canary → full rollout. Auto-rollback on regression.


The ten services

Composable. Open-spec.
Hosted runtime where it counts.

Dark Factory decomposes into ten services. The schemas and CLI ship open-source. The aggregation policy, critic prompts, and severity calibration are the hosted IP that makes the verdicts honest.

01

Critic Orchestrator

Five critic vendors run in parallel under min-complete-quorum aggregation. Multi-vendor adversarial review beats single-model bias.

02

Policy Engine

Severity thresholds, bypass classification, and reason taxonomy — declared in darkfactory.yaml, evaluated against every verdict.

03

Trusted-Surface Rebind

When the PR diff touches verifier code, the critic runs against BASE — closing the self-modifying-policy attack surface.

04

Per-SHA Evidence Store

Quality-gate verdicts keyed by commit SHA + diff hash. Every merge has a forensic trail. No cross-SHA leakage.

05

Cycle Doc Trailer Validator

Every commit carries Cycle: / Issue: / ProjectItem: trailers. Lifecycle state machine refuses code without a traceable plan.

06

Merge Queue Admission Policy

ALLGREEN + thread-resolution-required + zero human approvals. Plan-PR vs code-PR routing. AI-native default.

07

Branch-Protection Drift Detector

spec.yaml is the desired state. Live ruleset is reconciled on every PR + weekly cron. Drift fails the gate.

08

Audit + Compliance Trail

Structured bypass events with reasons, append-only NDJSON, audit-grade. Every override is an audited event, not a silent escape hatch.

09

PR Flow Assessor

Every merged PR is meta-reviewed post-hoc. Recurring patterns auto-promote in priority; fixes are closed-loop-validated against the next N PRs of similar shape.

10

Designer Mode

Designers, PMs, and founders ship real changes in plain language — on your production repo and design system, confined to safe surfaces and reviewed through the same rival-vendor gate as engineer code.




Why Dark Factory

What makes Dark Factory different.

01 — Vendor portfolio

Multi-model adversarial review

Five critic vendors by default — Cursor, Codex, Gemini, Grok, and MiniMax. GitHub will default to OpenAI; Cursor will default to Anthropic. Critics that disagree are critics that catch things. No single vendor's review is sufficient against models from the same family.

02 — Policy as code

Declarative + drift-detected

darkfactory.yaml is the gate config; spec.yaml is the branch-protection desired state; the drift detector runs every PR. GitHub's tools are imperative + GUI. Cursor's BugBot is app-configured. Neither is git diff-able.

03 — Provider neutrality

Works with any model stack

Anthropic shops, Google shops, Mistral shops, open-weights shops, OpenAI shops — DF installs the same way. The provider-neutral posture matters for orgs that have already committed to non-OpenAI primaries.

04 — Trusted-surface rebind

Self-modifying policy can't sneak through

When a PR diff touches policy code, the critic runs against the BASE ref's policy. A PR cannot edit the rules that judge it. The trusted-surface rebind pattern closes a class of supply-chain-style attacks on the gate itself.


Install

One command, then every PR has a verdict.

The GitHub App handles the hosted-runtime case. The OSS CLI mirrors the local pre-push critic for power users, air-gapped deployments, and reproducible local-vs-CI verdicts. Same binary, same policy schema, same evidence store.

~/your-repo — pre-push critic
$ git push origin feat/new-thing darkfactory: running critic quorum on SHA 5d8e1a3 cursor-sdk · APPROVED (0 findings) codex-sdk · APPROVED (0 findings) gemini-sdk · CHANGES_REQUESTED (1 HIGH) grok-direct · APPROVED (0 findings) minimax-direct · APPROVED (0 findings) aggregation: min-complete-quorum verdict: CHANGES_REQUESTED evidence: .git/agent-reviews/quality-gates/5d8e1a3/ push blocked. resolve gemini finding or file a structured bypass.

Get Started

Make your AI-authored code reviewable.

Multi-vendor critic portfolio. Deterministic merge gates. Audit-grade bypass trail. Install via the GitHub App or the OSS CLI.