For teams running Cursor, Claude Code, Codex, Gemini in real repos

Give AI coding agents
a local map before they edit.

AI agents can write code fast; knowing whether the PR is mergeable is the bottleneck.

Passing tests is not enough evidence that an AI-written PR is safe to merge. Roam gives your agent local code-graph facts before it edits, gates risky diffs before merge, and emits scoped evidence after the run — credential-free, zero network egress by default, your code never leaves your machine.

Free CLI · Apache 2.0 · 28 languages · 16 core agent tools · 243 total MCP tools · 7,731 PyPI installs/month (as of 2026-05-09)

Agentic code intelligence

Semantic reviewers read what the code does. Roam reads what it touches. Callers, clones, layers, tests, hot paths — the structural layer semantic reviewers can miss.

The Compiler · before the agent's first token

Your agent's first token already knows the answer

Roam ships a task compiler: it classifies your prompt into one of 23 intent procedures (deterministic — zero model calls), pre-executes the matching code-graph probes, and hands your agent the answers before its first model token. Callers, blame history, blast radius, the source around a cited bug line — already in the prompt, in a compact envelope, compiled in ~90 ms locally (warm).

$ pip install "roam-code[mcp]" && roam init
$ roam hooks claude --write
Wired roam compile+verify into Claude Code — use `claude` as always.
Metric (median/task)vanillacompileddelta
Agent turns (nav/comprehension)61−83%
Input tokens271K53K−80%
Cost$1.30$0.48−63%
Wall time−50%

Claude head-to-head vs vanilla, June 2026, 41 cells. Bug-fixing graded by a failing-test-transitions-to-passing oracle: 10/10 fixed in both arms at −13% cost. Replayed on 723 real prompts: 91% of envelopes ship pre-executed answers — the agent's first token can be the answer. Honest caveats attached: the two cells we once published as losses (trivial prompts, code generation) were attacked in v13.6 and re-measured — now a tie and a −26% win; every number keeps its method and Ns.

Prefer a dedicated CLI? The same loop ships as compile-codepip install compile-code && compile claude.

Maps · before the agent edits

How agents use Roam

Three steps: install once, hand the MCP server to your editor, and your coding agent gains 16 core structured questions to ask about the codebase. The free CLI gives you the same engine to run the same checks from your terminal or CI.

  1. 1 You install Roam locally. One command. The MCP server starts up alongside your editor or terminal.
  2. 2 Your AI agent asks structural questions. What else does this function affect? Where are the tests for this? Is this a clone of another implementation?
  3. 3 The agent edits with explicit risk facts. Blast radius, clone siblings, and affected tests are known before the edit instead of rediscovered through grep.

The five calls your agent makes most

roam understandMap an unfamiliar codebase before editing.
roam retrievePull the exact spans for the task at hand.
roam contextList the files and lines that matter.
roam preflightCheck what a change will break.
roam critiqueReview a patch against the graph.

Works with Claude Code, Cursor, Windsurf, VS Code, Codex, Gemini — and any MCP-aware editor.

The questions agents miss

Each row is one engineering question AI agents commonly skip because they can't see the answer. The CLI surface is organised around the questions — not around an encyclopaedic command list.

Codebase sight "What does this repo do? What should I read?" roam understand · roam map · roam tour · roam describe
Context retrieval "Pull the exact spans I need for this task." roam retrieve · roam context · roam search-semantic · roam agent-context
Change safety "What breaks if I edit this? Which tests run?" roam preflight · roam impact · roam affected-tests · roam diff
PR review "Did the AI miss a clone, a caller, a test?" roam critique · roam pr-analyze · roam pr-risk · roam clones
Architecture governance "Is the architecture drifting?" roam layers · roam architecture-drift · roam health · roam dark-matter · roam fitness
Refactor safety "Can I simulate this refactor first?" roam simulate · roam mutate · roam safe-delete · roam plan-refactor
Multi-agent coordination "Can multiple agents work on this graph in parallel?" roam fleet · roam partition · roam orchestrate · roam agent-plan
Evidence + compliance "Can we prove what was checked, signed, and gated?" roam attest · roam cga · roam audit-trail-export · roam --sarif

See it in action: eight concrete scenarios where AI ships a plausible patch and Roam catches the problem before merge. Or jump to the full command reference.

Gates · before it merges

What Roam catches

Across 22,000 developers, Faros AI's 2026 telemetry analysis reported AI-assisted teams saw more bugs per developer and more than 3x incidents per PR. The pattern is consistent: agents write plausible code faster than human reviewers can inspect its structural consequences. Roam catches three classes of structural consequence the agent and the reviewer both tend to miss. Source: Faros AI, 2026 telemetry analysis (exact figures: bugs/dev +54%, incidents/PR +242.7%; archive).

Blast-radius the agent didn't measure

Same failure class as the PocketOS incident, April 2026 — production database and three months of backups gone in nine seconds. Not the exact diff; the illustrative output below shows what Roam's blast-radius check would flag on a similar change. Source · archive.

An AI agent rewrites a cleanup_old_records() job. The diff looks fine. What it actually changed: the WHERE clause now matches every row.

$ git diff | roam critique
VERDICT: BLOCK  (1 high)
  cleanup_old_records  db/maintenance.py:84
  reaches: 3 entry points, 1 destructive op
  runtime: 1,247 calls/day in trace_ingest
  flag: DELETE without LIMIT

→ Nine seconds vs nine months of backups.

The clone the agent forgot to update

Same failure class as Amazon's Treadwell 90-day code-controls reset, March 2026 — senior signoff added on agent-generated changes after outages including one linked to an internal AI coding tool. Illustrative Roam output, not the exact diff. Source.

AI agents fix bugs by pattern-matching, then forget the other places the same pattern lives. Diff looks clean. Roam flags the unchanged copies:

$ git diff | roam critique
VERDICT: REVIEW  (clones-not-edited)
  order_service.py:142  [edited]
  billing/refunds.py:89  [UNCHANGED]
  admin/bulk_ops.py:201  [UNCHANGED]
  confidence: 0.94 (AST exact + identifier rename)

→ Senior signoff plus a structural diff is better than senior signoff alone.

The runtime-hot path the agent treated as cold

Shape: the diff-touches-more-than-the-reviewer-thinks pattern Faros's 22,000-developer study quantified above.

AI-written code touches more places than the reviewer sees. Roam weights blast-radius by production traffic to surface the hot paths:

$ git diff | roam critique --runtime
VERDICT: REVIEW  (runtime-hot path)
  serialize_user  api/v2/users.py:34
  trace ingest: 3.2M calls/day (top 0.1%)
  diff: response shape changed
  downstream: 4 mobile clients, 2 webhooks

→ The rate isn't fixed by fewer AI commits — by reviewing structural impact at machine speed.

Want to see what Roam would have caught on your last 5 PRs? Replay them locally — no email, no upload →

Roam does not replace your reviewer

Keep CodeRabbit, Greptile, Qodo, SonarQube, or CodeQL. Roam adds the structural layer they don't see: callers, clones, layers, tests, hot paths. Three layers, three jobs, three kinds of finding.

Three code-review layers compared by what they see.
Layer What it sees Examples
Semantic reviewers What the diff does — correctness, style, prose-level review CodeRabbit, Greptile, Qodo
Static analyzers Known rule and security patterns inside a function SonarQube, Semgrep, CodeQL
Roam What the change touches — callers, clones, layers, tests, hot paths Roam (local CLI + MCP + CI)

Full feature-by-feature breakdown — including local-vs-cloud, MCP exposure, attestations, and pricing — at roam-code.com/compare → Also pairs with Cursor / Claude Code / Codex / Gemini via MCP, and exports SARIF for GitHub / GitLab CI. See something wrong? hello@roam-code.com.

Evidence · after every run

Try it on your last 5 PRs

Every Roam run leaves a tamper-evident record on your machine — what the change touched, what it could break, what verified it. Point it at your merged PRs and get a structural report, run locally:

pip install roam-code && roam pr-replay --tier sample

No email, no upload — your code never leaves your machine. Want a full written audit, or these gates running as a CI bot for your team? See team options →

The CLI + MCP server are free forever (Apache 2.0). For teams that want gates on every PR and a shared audit trail, see pricing →

Start free · in 5 minutes

Local code graph in seconds. Free forever.

Roam indexes a typical 100k-LOC repo in seconds and exposes the result as deterministic local tools your agent can call before, during, and after every change. Your code, your control, your audit trail — evidence stays on your machine and verifies offline.

zeroAPI keys required
zeronetwork egress at analysis time
tamper-evidentHMAC-chained evidence packets
28language families
459GitHub stars
7,731PyPI installs / month

snapshot as of

pip install roam-code && roam init

Your first 5 minutes

  1. cd into any Git repo
  2. roam init — build the local graph (a typical 100k-LOC repo finishes in seconds)
  3. roam understand — guided architectural tour
  4. git diff | roam critique — structural review of your current changes
  5. roam mcp — start the MCP server so your agent can call the 16-tool core preset

More detail in the getting-started guide and the MCP usage guide.

Who Roam is for

Use Roam if AI agents write real PRs in your repo, your codebase has multiple services or modules, or you need review evidence you can hand to an auditor.
Probably skip if Tiny single-file repo, no AI-generated PRs, and no structural review pain yet. Come back when one of those changes.
Free forever The engine is Apache 2.0 and free for individuals, teams, and companies of any size. We charge for the team workflow: PR bot, dashboard, self-hosted.

Paste this into your agent's system prompt

Before editing this repo, run:
  roam understand     # map the codebase
  roam preflight <sym> # blast radius + tests + fitness

After editing, run:
  git diff | roam critique

Do not open a PR until Roam high-severity findings
are fixed or explained.

Works in Claude Code, Cursor, Windsurf, Codex, Gemini, and any MCP-aware editor. Full setup guide at /setup.

Apache 2.0 Free forever. GitHub · PyPI
Evidence that never leaves your machine Local SQLite, no telemetry, local by default (opt-in metrics-push is the only outbound surface) — and evidence packets that hash-verify offline. Your code stays on your machine; your audit trail lives in your repo. See the security page for our supply-chain posture and a comparison with hosted reviewers.
28 languages, 6 cross-language bridges Python · TypeScript · PHP · Go · Rust · Java · C# · Kotlin · Scala · SQL · Dart · 17 more. Bridges resolve Salesforce Apex → Aura, REST front-end → back-end routes, Django ORM, .proto stubs, Jinja/Django templates, env var → config.
Local audit trail Roam keeps local evidence of what was checked, so teams can show how AI-written code was reviewed. Tamper-evident log file plus signed records (in-toto v1, verifiable with cosign). Full framework-specific detail on the security page and the governance page; trust posture on the trust page.
We never train on your code Roam Review and Roam Cloud do not use your source, diffs, comments, or metrics to train, fine-tune, or evaluate any machine-learning model — ours, ours-via-third-party, or any third party's. Contractual commitment in the security policy; details in the procurement packet.

Common questions

How is Roam different from CodeRabbit, Greptile, or Qodo?

They review what the code does — semantics. Roam reviews what the code touches — structure: callers, layers, dependency cycles, copy-paste duplicates. Different layer, different findings; most teams keep their reviewer and add Roam alongside it. See the full comparison.

Will the CLI stay free?

Yes. Forever. Apache 2.0 — for individuals, teams, and companies of any size. The local engine is the point; we never charge for it.

Does any of my source code leave my machine?

No. The CLI runs entirely locally and only writes a SQLite file in your repo's .roam/ directory — no diff, no source, no identifiers are uploaded anywhere. That's the point: it works with the cloud agents your security team would otherwise have to block.

Why no analytics or trackers on this site?

Two reasons: every third-party script is attack surface, and we sell to teams that read Privacy policies — zero cookies, zero trackers is a stronger signal than any logo wall. See the receipt.

Does Roam fit into my CI?

Yes. roam --sarif health exports SARIF 2.1.0 (GitHub Code Scanning, GitLab, most CI read it natively); GitHub Actions templates ship with the package; roam critique exits 5 on any high-severity finding so a CI step can gate on it.

How long does it take to index a repo?

A 100k-line monorepo indexes in roughly 20–40 seconds on a laptop; incremental rebuilds after a PR's worth of changes are sub-second. Your agents and CI read the same .roam/ artefact.

What languages does Roam support?

28, via tree-sitter — Python, JS/TS, Go, Rust, Java, Kotlin, C/C++/C#, PHP, Ruby, Swift, SQL and more, plus framework bridges (Django, Salesforce, REST, protobuf, templates). Full list in the docs.

What audit-trail evidence does Roam produce?

When the run ledger and proof-bundle flow is enabled, Roam writes tamper-evident logs and verifiable evidence records locally. Useful as SOC 2 / ISO 42001 change-management evidence support; the framework mapping is yours to make, and Roam does not certify compliance.