The protocol and runtime for agentic work. Write a manifest, ship an app, let users (or agents) run it.
Floom ships as a small CLI (Go, one static binary) and an optional local runtime (Docker). You need either curl or brew. No Node.
Every Floom app is a manifest + code. You can run one from the store without installing anything: paste a JSON input, get JSON back.
Floom is for internal tools, productivity apps, and weekend-project apps that do real work: score leads, screen resumes, analyse competitors, classify webhooks. Think 3 to 50 steps per run, JSON in, bearer or API-key auth, done in seconds to a few minutes.
It is not a workflow builder like n8n, it is not a frontend generator like Lovable, it is not a model playground like Hugging Face Spaces. It is the thin, opinionated layer between your app idea and a running endpoint.
Every Floom app is a ready-to-use MCP tool at mcp.floom.dev/app/<slug>. Point your agent at that URL and it can call the app like any other tool. There’s also a discovery endpoint so agents can find apps on their own, and a web Studio for managing the apps you own.
JSON list of live apps with manifests. Read-only, no auth. Great for agents that pick a tool at runtime.
mcp.floom.dev/searchOne MCP endpoint per app. Invoke with JSON input, get structured JSON + a run URL back.
mcp.floom.dev/app/<slug>Create, update, redeploy, rotate secrets. Web UI, not an MCP endpoint — sign in with your Floom account.
floom.dev/studioMost users wire up /search + one or two /app/<slug> endpoints (zero auth required for public apps) and use the web Studio for everything else.
Open ~/Library/Application Support/Claude/claude_desktop_config.json (Mac) or %APPDATA%\Claude\claude_desktop_config.json (Windows) and paste:
Quit and reopen Claude. Ask "What Floom apps exist for lead scoring?" — Claude calls search, then hits app/lead-scorer on the one you pick. Add the Authorization header only on apps that require a key (private apps or ones that charge).
Cursor reads ~/.cursor/mcp.json. Same shape as Claude Desktop. Reload Cursor after editing.
Codex CLI supports MCP via ~/.codex/mcp.json (same schema). Any MCP-compliant client works: VS Code Continue, Zed, OpenAI ChatGPT’s MCP bridge. The endpoint URL is always https://mcp.floom.dev/app/<slug> for a specific app, or https://mcp.floom.dev/search to let the agent discover apps on its own.
For a per-app install flow (single app, one JSON block), every app page has an Install in Claude button that pre-fills the config with that app’s MCP URL.
The core runtime is MIT-licensed and ships as a single Docker image. Live reference instance: docker.floom.dev.
Open http://localhost:3000, log in with the password, deploy your first app from the dashboard or the marketplace. Every run executes in an isolated container; no host access.
| Variable | Default | What it does |
|---|---|---|
| AUTH_PASSWORD | required | Shared password for the sign-in page. Server refuses to start without this. |
| HOST_PORT | 3000 | Host port to publish. Container always listens on 3000 internally. |
| HOST_BIND | 127.0.0.1 | Listen on localhost by default. Set 0.0.0.0 only behind a reverse proxy. |
| RUNNER_MEMORY | 512m | Memory cap per app run container. |
| RUNNER_CPUS | 1 | CPU quota per app run container. |
| RUNNER_TIMEOUT | 300000 | Max run duration in ms (5 min default). Run is killed past this. |
| BUILD_TIMEOUT | 600000 | Max build duration in ms (10 min default) for first deploy. |
| GEMINI_API_KEY | optional | Enables cross-document knowledge synthesis. Not required for app runs. |
Data lives in the floom-data volume (SQLite in WAL mode, no external deps). Backups: docker run --rm -v floom-data:/data alpine tar czf - /data > backup.tgz.
What a single app run can do on the hosted Floom Cloud. Self-host has the same defaults but is fully configurable.
| Resource | Limit | Notes |
|---|---|---|
| Memory per run | 512 MB | Container RSS cap. Hit = container killed with OOM. |
| CPU per run | 1 vCPU | Docker --cpus=1 equivalent. Bursty allowed. |
| Max run duration | 5 min | Kills the container past 300s. Long jobs: use the job-queue renderer (phase 2). |
| Max input size | 10 MB | JSON body + uploaded files combined. File uploads: parse_to: "json" or "text" runs before your code sees it. |
| Max output size | 5 MB | JSON response + artifacts. Larger = upload to storage, return a URL. |
| Max file upload (Cloud) | 10 MB | Matches max input. Self-host: unlimited (operator's disk). |
| Build timeout (first deploy) | 10 min | Includes dependency install + container build. |
| Network | bridge | Outbound yes. No inbound, no host access, no sibling containers. |
| Scope | Limit | Notes |
|---|---|---|
| Anon IP per app | 5 / 24h | Launch default. Then BYOK modal: paste your Gemini key for unlimited. |
| Public permalink | 10 / hour | Per IP, across all apps. Stops light scraping. |
| With BYOK | unlimited | Floom doesn’t cap; your provider does. |
| Self-host | unlimited | No limits enforced by Floom. Set your own in front of the container. |
| Tier | Concurrent | Notes |
|---|---|---|
| Free (Floom’s key) | 1 | One run at a time. Queue the next. Keeps the shared Gemini key fair. |
| BYOK | 3 | Three parallel runs per account once your own key is attached. |
| Self-host | unlimited | Bounded only by your host’s CPU / memory and Docker’s container cap. |
TBD · streaming output: websocket / SSE output size cap is not yet locked. Everything else on this page (memory, CPU, timeout, input/output, file upload, concurrency) is confirmed for launch.
Most questions get an answer within a few hours from the Floom team or a contributor.