Mother can write and run code
Ask Mother for something that needs real code — compute cohort LTV from an orders export, dedupe a customer list, turn a messy CSV into a clean chart — and Mother runs it in an isolated sandbox and hands you back the result plus the code as a reviewable artifact. Nothing of yours is touched: the sandbox has no network, no secrets, and no access to your stores or repos. You see exactly what it did before anything goes anywhere.
How it works
You ask Mother for something that needs code; Mother runs it safely and shows you the result.
Ask Mother for a coding task
In a normal Mother conversation, ask for something that needs real code on data you have — "compute cohort LTV from this orders export and chart retention by channel," "dedupe this customer list and give me the cleaned file." You don't connect anything or write any config; Mother's coding specialist picks up the task.
Mother opens an isolated sandbox
Mother spins up a fresh, ephemeral sandbox to run the work in — created with the network fully blocked and zero secrets attached, isolated from your other data and from every other org. Untrusted code never runs in Mother's control plane.
Your inputs go in; the work runs
Mother uploads the files the task needs into the sandbox and runs commands against a pre-baked toolchain — read the CSV, run the analysis, generate the chart, run the checks. Everything is self-contained: no package installs, no cloning your repos, no calls out to the internet.
Mother verifies before claiming done
If the task has checks — tests you supplied or ones the agent wrote — Mother runs them in the sandbox and only reports success if they pass. No verifiable signal? Mother surfaces the change as proposed-but-unverified rather than overclaiming.
You get a reviewable result
Mother returns the output plus the code and a unified diff of everything that changed — a reviewable change-artifact. It's propose-only: nothing is deployed, pushed, scheduled, or written back to your systems. You review the diff and the result, then decide what happens next.
There's nothing to connect
This isn't an MCP server you point your own agent at. The coding agent runs inside Mother: when you ask for a task that needs code, Mother drives these tools for you in an isolated sandbox and hands back a reviewable result. Just ask Mother — no setup, no config, no keys.
“Compute cohort LTV from this orders export and chart retention by channel.” A normal Mother conversation — attach the file, describe the task.
In an isolated sandbox with the network blocked and no secrets — no access to your stores or repos. Untrusted code never runs in Mother's control plane.
Mother returns the result plus the code and a verified diff. Propose-only: nothing deploys or writes back to your systems until you approve it.
The tools Mother drives
Session-keyed coding tools Mother calls inside its own loop — create an isolated session, upload inputs, run commands, inspect the diff, and tear down. Pulled live from the Gentic MCP manifest.
code_create_session
Open a Coding Agent sandbox session.
code_exec
Run a shell command inside a Coding Agent sandbox session and get stdout/stderr/exit_code/elapsed_seconds back synchronously.
code_get_diff
Get the unified diff (+ a name-status file list) of all changes made in a Coding Agent sandbox session so far.
code_terminate
Terminate a Coding Agent sandbox session.
code_upload
Upload one or more files into a Coding Agent sandbox session.
Why it's safe
Running arbitrary code is the load-bearing risk. The capability is built so that a coding task can do real work while touching nothing of yours until you approve it.
Isolated by construction
Every task runs in an ephemeral sandbox created with the network fully blocked and no secrets attached, external to Mother's control plane. A malicious dependency can't phone home, reach your data, or see another tenant — there's nothing in the box to exfiltrate and nowhere to send it.
Propose-only
A coding change is returned as a reviewable artifact — the result, the code, and a unified diff — not applied to anything. There is no path from "Mother wrote a fix" to "your system changed" that skips your approval. In this release nothing deploys, pushes, or writes back at all.
Verified, not asserted
A coding result is deterministically checkable, so Mother runs the task's tests in the sandbox before presenting it as done. If there's no verifiable signal, it says so — proposed-but-unverified — instead of claiming a success it can't stand behind.
Bounded compute
Each session is capped (wall-clock per command and per session) and metered against a per-org daily compute cap that's checked before a sandbox is even created. A runaway prompt loop can't spin up unbounded sandboxes — it's refused with a clear, non-billed message.