Honest > slideware. Every "live" item below is verifiable from the API or the repo. Every "beta" item names its caveat. Every "planned" item has a target window. We don't ship vapor and we don't ship platform-shaped wishlists.
Every item here passes a smoke check on the production deploy or has artifact IDs you can verify.
86 production tools focused on the ChiefMO launch wedge. JSON-RPC 2.0, HTTP transport, llms.txt, .well-known/mcp.json, smithery.yaml. api.chieflab.io is the proxy-free Vercel-direct primary endpoint; chieflab.io/api/mcp is the brand-domain fallback.
proof: POST chieflab.io/api/mcp with tools/list — returns 86 tools (customer-smoke gates this number).
Plan → create → approve → publish → measure → recommend, in real artifacts. X publish via Zernio (real post 69f8a74fc50416d0f77f852e). Email via Resend (real messageId ba122a9c-2843-4d38-b998-a345990911dc). 24h post-launch review pulls Zernio + GA4 + Search Console and recommends next iteration.
proof: CLOSED_LOOP_VERIFIED.md in repo lists every artifact ID.
Two human-control surfaces, one backend. Signed HMAC reviewUrl (no login, 7-day TTL) for the agent-shareable approval. Workspace Inbox for owner-side multi-run control. Approve / reject / inline feedback — rejection feedback flows into per-tenant memory.
proof: Try it: POST chieflab.io/api/sandbox/launch and click the returned reviewUrl.
Real OAuth flow, encrypted token storage, real fetch against analyticsdata.googleapis.com and webmasters/v3. Wired into chiefmo_post_launch_review.
proof: Connect from /app/connections — read snapshot returns real data.
Real per-platform publishing across LinkedIn / X / Threads / IG / FB / Bluesky / TikTok via Zernio. Real email send via Resend (mail.chieflab.io is verified; onboarding@resend.dev is the bootstrap fallback).
proof: Approve a publishAction or sendAction — the connector fires immediately.
Inline brand: { audience, voice, pillars } threads into agent drafting prompts. Approved/rejected voice samples persist. The tenancy spine — every run, action, secret, memory entry is workspace+tenant scoped.
proof: chieflab_create_tenant + chieflab_set_tenant_context — second run uses the context.
Opt-in via imagesNeeded > 0. Three modes: brief / prompt for caller's image model (free, default), BYOK image gen (free), hosted Gemini ($0.04 / image). No surprise bills.
proof: Sandbox launch with imagesNeeded: 1 — returns a generated image URL.
Cursor (one-click cursor:// deeplink), Claude Desktop, Codex, Lovable, Bolt, OpenClaw, Hermes, Base44. Direct HTTPS works for any agent that can fetch.
proof: Each config block is in /install/<runtime> and re-tested on every release.
npm run smoke:customer runs after every prod deploy and gates the Cloudflare Pages function bundle that proxies chieflab.io/api/* to the API. A documented prior regression makes this script load-bearing.
proof: Run scripts/customer-smoke.mjs — non-zero exit on any regression.
Apache 2.0 benchmark in benchmark/. 20 real product URLs, 6-dimension rubric, deterministic LLM-judge prompt. Compares ChiefLab vs raw Sonnet, raw GPT-5, Sonnet+chieflab-launch skill.
proof: cd benchmark && node run.mjs — leaderboard.md is the artifact.
Eight specialized GTM sub-agents under ChiefMO (launch / social / email / blog-seo / creative / analytics / experiment / approval). Typed handoffs, per-tenant shared memory, declared dependencies. Orchestrator routes; agents never call each other directly. 8 MCP tools: chiefmo_gtm_run_start + 7 read/write helpers. Public agents page at /agents. Architecture spec: docs/proposals/p10-multi-agent-gtm.md. NB: this row is the SCAFFOLD only; the dogfood + design-partner proof is in Beta below.
proof: node scripts/gtm-smoke.mjs — orchestrator end-to-end smoke green. node scripts/security-mismatch-smoke.mjs — workspace isolation contract on every GTM tool green (18 assertions).
POST /webhooks/stripe verifies the Stripe-Signature header (HMAC-SHA256, 5-min replay tolerance) and applies customer.subscription.{created,updated,deleted} + invoice.paid to chieflab_workspace_owners. Idempotent via chieflab_stripe_events. STRIPE_WEBHOOK_SECRET env required; STRIPE_PRICE_TO_PLAN env maps price ids to plan names.
proof: node scripts/stripe-webhook-smoke.mjs — 7/7 green (signature missing/malformed/stale/wrong-secret all 400; valid sig 200; replay 200; invoice.paid 200).
Things that ship today but with a known limitation we're transparent about. Use them with the caveat in mind.
API shape designed in docs/proposals/repo-aware-mvp.md. Caller passes routes, recent commits, README excerpts; ChiefLab uses them in drafting prompts. Currently behind a flag while we eval against the repo-aware fixture set in benchmark/fixtures/. Targeting general availability after first 5 design partners run on real repos.
caveat: Today: repo context flows through, but eval signal vs. plain-agent baseline is in collection.
OAuth completes; token is captured but the encrypt+persist + getDealsForWorkspace read function are still TODO. ChiefSales runs return mock-shaped data until the read path lands.
caveat: Hidden from /app/connections behind HUBSPOT_READS_LIVE flag — listed as 'Beta' there once unhidden.
Webhook handler is shipped + smoke-gated (see Live above). Plan column flips on customer.subscription.{created,updated,deleted}; invoice.paid stamps last_invoice_paid_at. What's still required to actually charge a customer: (1) STRIPE_WEBHOOK_SECRET env on Vercel; (2) Stripe products/prices created in the dashboard; (3) STRIPE_PRICE_TO_PLAN env (JSON map); (4) the 202605070400 migration applied. All 4 are dashboard/env tasks, not code work.
caveat: Until the user runs through (1)–(4) there are still zero paid customers. Code is no longer the blocker.
Route + schedule + queue table all shipped (vercel.json schedules 23 8 * * *). Skips with 'env not set' until CHIEFLAB_OPERATOR_WORKSPACE is configured.
caveat: Toggle is one env var away from firing; first run after setup populates the queue.
Agent that mints a key gets a workspace; design for letting the human later attach their Google account to the same workspace is in docs/proposals/workspace-claiming.md.
caveat: Today: agent-first signup works; the human-claim handoff is the next ship.
/app/usage exists; ingestion is per-workspace metered. Cloudflare Web Analytics is the planned host-level analytics for chieflab.io itself (no signup, native to Pages).
caveat: Analytics on chieflab.io is not yet enabled.
Six panes: active runs, agent kanban (one column per agent), approvals queue, scheduled work, assets timeline, results. Reads from /workspace/gtm/runs (list, paginated) and /workspace/gtm/runs/:id (full agent_runs + handoffs timeline) — both wired in apps/api/src/server.js as of 2026-05-08.
caveat: Page renders the empty-state copy until a workspace fires its first chiefmo_gtm_run_start AND the GTM migration (202605070300) is applied to prod. Pre-migration the orchestrator falls back to in-memory; the dashboard sees 0 rows.
The orchestrator works in smokes; no real launch has been run through it yet, on chieflab.io or any partner repo. Until that happens, the multi-agent claim is architecture, not validated product. Outreach templates ready in docs/DESIGN_PARTNER_LOOP.md; first-run script ready at scripts/dogfood-gtm.mjs.
caveat: Honest framing for any investor / design-partner conversation: 'orchestrator + 8 agents are scaffolded with typed handoffs; first real-world run is the next ship.' Not 'multi-agent GTM team is live.'
Live behavior: launch (positioning + channel picker heuristic), social (per-platform briefs → Zernio publish on approval), email (per-segment briefs → Resend send on approval), blog-seo (multi-source target-query picker reading positioning + repoContext + recent commits, de-duped against prior workspace targets), creative (Gemini image-gen opt-in), analytics (real GA4 + SC reads), experiment (3 hypotheses grounded in metrics movers + P9 brain channel.performance, skips top hypothesis if it matches prior run's recommendation), approval (existing approval-pack skill + reviewUrl flow).
caveat: By design ChiefLab does NOT pay for the writing — the caller's LLM renders the final copy from each brief. The next ship is wiring the optional outputMode: 'full' path through providers.modelRouter for callers who don't have an LLM in front of them (e.g. stand-alone CLI flows).
If we don't ship these by 2026-06-05, we'll move them down to 60-day bucket and explain why on this page.
Recruit + onboard. Weekly feedback loop, per-partner case studies. Outreach templates in docs/design-partner-loop.md.
Run benchmark/fixtures against ChiefLab vs raw-Sonnet, publish leaderboard.md, link from this page.
Submit to Smithery, Cursor MCP catalog, Anthropic MCP catalog after eval signal exists. Submission packets in docs/MCP_REGISTRY_SUBMISSION.md (currently being rewritten with accurate connector claims).
mail.chieflab.io DKIM/SPF/DMARC pending DNS — drop the onboarding@resend.dev fallback once verified.
Migration is applied; REST endpoints are wired; orchestrator and 6 of 8 agents call real providers (launch heuristic, social/Zernio, email/Resend, creative/Gemini, analytics/GA4+SC, approval). blog-seo and experiment still emit valid frame-stub handoffs in mock mode — next ship wires them through the existing skill registry + modelRouter so the multi-agent loop is fully provider-backed end-to-end.
Invoke chiefmo_gtm_run_start({ goal: 'Launch the GTM operating system to existing ChiefLab users', productUrl: 'chieflab.io' }) — capture handoffs, verify orchestrator picker accuracy, screenshot the command center for the deck.
Move HubSpot from 'Beta' to 'Live' on /trust. Unhide in /app/connections.
Code is live (see Live above). Remaining: set STRIPE_WEBHOOK_SECRET env on Vercel, create Starter $39/mo + Pro $149/mo prices in Stripe dashboard, register the webhook URL https://api.chieflab.io/webhooks/stripe, paste the price IDs into STRIPE_PRICE_TO_PLAN env, apply migration 202605070400. After that, the first real subscription flips a workspace to plan='starter' automatically.
Today: delete by emailing hi@chieflab.io. Goal: one-click workspace + tenant delete with 7-day soft-delete window.
Repo context → launch pack → approval → publish/send → measured 24h result. Template in marketing/case-study-template.md.
These ship only if design-partner pull justifies them. We'd rather miss a 90-day target than ship features no one is asking for.
Only after ChiefMO has signal from design partners. HubSpot real OAuth + a real CRM-writes path. Not before.
TypeScript SDK first. Python second, when we see Python-runtime callers in the wild.
ChiefLab needs its own Discord server for support + community. ~10 min to spin up; deferred until after design partners are running.
Things we've considered and ruled out. Listing them here saves us a thousand "are you going to build X?" emails.
Cut from the wedge. Tool definitions exist, zero connectors wired. Will revisit only after ChiefMO has clear pull.
Hosted runtime is the product. If asked, email hi@chieflab.io — but we won't promise OSS we can't support.
Usage-based or workspace-flat. Not per-seat. The buyer is a developer, not a 50-seat marketing team.
Design partners shape this roadmap directly. If you'd run ChiefLab on a real repo and give weekly feedback, email hi@chieflab.io.