Use this file to discover all available pages before exploring further.
Droid Exec is Factory’s headless execution mode designed for automation workflows. Unlike the interactive CLI, droid exec runs as a one-shot command that completes a task and exits, making it ideal for CI/CD pipelines, shell scripts, and batch processing.
Non-interactive single run that writes to stdout/stderr.
Default is spec-mode: the agent is only allowed to execute read-only operations.
Add --auto to enable edits and commands; risk tiers gate what can run.
CLI help (excerpt):
Usage: droid exec [options] [prompt]Execute a single command (non-interactive mode)Arguments: prompt The prompt to executeOptions: -o, --output-format <format> Output format (default: "text") --input-format <format> Input format: stream-jsonrpc for multi-turn sessions -f, --file <path> Read prompt from file --auto <level> Autonomy level: low|medium|high --skip-permissions-unsafe Skip ALL permission checks - allows all permissions (unsafe) -s, --session-id <id> Existing session to continue (requires a prompt) --fork <id> Fork an existing session and continue from it -m, --model <id> Model ID to use -r, --reasoning-effort <level> Reasoning effort (defaults per model) --spec-model <id> Model ID to use for spec mode --spec-reasoning-effort <level> Reasoning effort for spec mode --use-spec Start in spec mode --enabled-tools <ids> Enable specific tools (comma or space separated list) --disabled-tools <ids> Disable specific tools (comma or space separated list) --list-tools List available tools for the selected model and exit --cwd <path> Working directory path -w, --worktree [name] Run in a git worktree --worktree-dir <path> Directory for worktree creation --tag <spec> Session tag (name or JSON, repeatable) --log-group-id <id> Log group ID for filtering logs --append-system-prompt <text> Append custom text to end of system prompt --append-system-prompt-file <path> Append file contents to end of system prompt --mission Run in mission mode (multi-agent orchestration) --worker-model <id> Model for mission workers --worker-reasoning-effort <level> Reasoning effort for mission workers --validator-model <id> Model for mission validators --validator-reasoning-effort <level> Reasoning effort for mission validators -h, --help display help for command
Droid exec uses a tiered autonomy system to control what operations the agent can perform. By default, it runs in read-only mode, requiring explicit flags to enable modifications.
✅ Directory listing: ls, find (without -delete or -exec)
❌ No modifications to files or system
Use case: Safe for reviewing what changes would be made
# Analyze and plan refactoring without making changesdroid exec "Analyze the authentication system and create a detailed plan for migrating from session-based auth to OAuth2. List all files that would need changes and describe the modifications required."# Review code quality and generate reportdroid exec "Review the codebase for security vulnerabilities, performance issues, and code smells. Generate a prioritized list of improvements needed."# Understand project structuredroid exec "Analyze the project architecture and create a dependency graph showing how modules interact with each other."
Operations that may have significant side effects, but these side effects are typically harmless and straightforward to recover from.
Adds common development tasks to low-risk operations:
Commands that may have security implications such as data transfers between untrusted sources or execution of unknown code, or major side effects such as irreversible data loss or modifications of production systems/deployments.
Irreversible actions to production deployments, database migrations, or other sensitive operations
Commands that access or modify sensitive information like passwords or keys
❌ Still blocks: sudo rm -rf /, system-wide changes
Use case: CI/CD pipelines, automated deployments
# Full workflow automationdroid exec --auto high "fix bug, test, commit, and push to main"droid exec --auto high "deploy to staging after running tests"
DANGEROUS: This mode allows ALL operations without confirmation. Only use in completely isolated environments like Docker containers or throwaway VMs.
⚠️ Allows ALL operations without confirmation
⚠️ Can execute irreversible operations
Cannot be combined with —auto flags
Use case: Isolated environments
# In a disposable Docker container for CI testingdocker run --rm -v $(pwd):/workspace alpine:latest sh -c " apk add curl bash && curl -fsSL https://app.factory.ai/cli | sh && droid exec --skip-permissions-unsafe 'Install all system dependencies, modify system configs, run integration tests that require root access, and clean up test databases'"# In ephemeral GitHub Actions runner for rapid iteration# where the runner is destroyed after each jobdroid exec --skip-permissions-unsafe "Modify /etc/hosts for test domains, install custom kernel modules, run privileged container tests, and reset network interfaces"# In a temporary VM for security testingdroid exec --skip-permissions-unsafe "Run penetration testing tools, modify firewall rules, test privilege escalation scenarios, and generate security audit reports"
Human-readable output for direct consumption or logs:
$ droid exec --auto low "create a python file that prints 'hello world'"Perfect! I've created a Python file named `hello_world.py` in your home directory that prints 'hello world' when executed.
This is the lowest-level integration path for building your own interaction model around Droid. Your process can send turns, stream assistant output, handle permissions, update settings, manage MCP/tools, interrupt work, and resume or fork sessions.Each stdin line is one JSON-RPC request. Each stdout line is a JSON-RPC response, server request, or notification. A custom client typically:
Spawns droid exec with the project cwd and desired flags
Writes newline-delimited JSON-RPC requests with unique IDs
Starts with droid.initialize_session or droid.load_session
Sends turns with droid.add_user_message
Reads stdout line-by-line and matches responses by id
Handles droid.session_notification events for assistant text deltas, tool events, token usage, errors, and turn completion
Responds to server-to-client requests such as droid.request_permission and droid.ask_user
Calls other session methods to interrupt work, update settings, manage MCP servers/tools, inspect context, fork sessions, or compact history
Implements timeouts, process cleanup, and session persistence
You can build on top of raw stdin/stdout to create custom interaction flows such as:
Web, desktop, or IDE agent experiences with your own UX and controls
Chat or copiloting surfaces that route user actions into Droid turns
CI and workflow runners that execute Droid tasks and surface progress in build logs
Orchestrators that queue work, resume sessions, fork conversations, and persist results
Policy layers that approve, deny, transform, or audit tool permission requests
Bridges from Droid events into your own protocol, message bus, telemetry, or storage layer
For protocol reference and implementation patterns, see the low-level client and process transport in the TypeScript SDK.Prefer an SDK when possible:
TypeScript: @factory/droid-sdk for Node.js apps, streaming, multi-turn sessions, structured output, permissions, tool controls, and SDK-backed MCP tools
Python: droid-sdk for asyncio apps, streaming, direct client control, notifications, permissions, and typed event handling
For automated pipelines, you can also direct the agent to write specific artifacts:
droid exec --auto low "Analyze dependencies and write to deps.json"droid exec --auto low "Generate metrics report in CSV format to metrics.csv"
droid exec --cwd /home/runner/work/repo "Map internal packages and dump graphviz DOT to deps.dot"
Use -w, --worktree [name] to run the task inside an isolated git worktree on its own branch. This is useful for fanning out parallel droid exec jobs against the same repo without file conflicts:
droid exec --worktree codemod-a --auto medium "apply codemod A" &droid exec --worktree codemod-b --auto medium "apply codemod B" &wait
Clean worktrees are auto-removed on exit; dirty ones are preserved so you can review and push the work.
Forking lets you branch off an existing session without disturbing the original; the new run starts from the forked session’s history and is assigned a fresh session ID.
# Continue a session in-placedroid exec --session-id <session-id> "next steps"# Branch off a session into a new rundroid exec --fork <session-id> --auto low "try an alternative refactor"
Use --tag to attach searchable labels to a run. The flag is repeatable and accepts either a plain name or a JSON object for structured metadata. Pair it with --log-group-id to bucket logs from related runs together for easier filtering and aggregation downstream.
Use --append-system-prompt to append additional text to the end of the system prompt for a single run, or --append-system-prompt-file to append the contents of a file. Both flags can be combined and are useful for injecting project-specific guidance, style guides, or invariants without modifying global settings.
droid exec \ --append-system-prompt "Always prefer functional React components." \ --auto low "review src/components for class-based components"droid exec \ --append-system-prompt-file ./docs/style-guide.md \ --auto low "lint prose in README.md against the style guide"
Mission mode runs droid exec as a multi-agent orchestrator that plans work, delegates to worker agents, and validates results. Enable it with --mission and optionally select dedicated models and reasoning effort levels for the worker and validator roles.
droid exec --mission \ --worker-model claude-sonnet-4-5-20250929 \ --worker-reasoning-effort medium \ --validator-model claude-sonnet-4-5-20250929 \ --validator-reasoning-effort high \ --auto medium \ "ship the new billing webhook end-to-end"
The top-level -m, --model and -r, --reasoning-effort flags still apply to the orchestrator itself; the worker and validator overrides only affect the agents the orchestrator spawns.
# Process files in parallel (GNU xargs -P)find src -name "*.ts" -print0 | xargs -0 -P 4 -I {} \ droid exec --auto low "Refactor file: {} to use modern TS patterns"
Background job parallelization:
# Process multiple directories in parallel with job controlfor path in packages/ui packages/models apps/factory-app; do ( cd "$path" && droid exec --auto low "Run targeted analysis and write report.md" ) &donewait # Wait for all background jobs to complete
Chunked inputs:
# Split large file lists into manageable chunksgit diff --name-only origin/main...HEAD | split -l 50 - /tmp/files_for f in /tmp/files_*; do list=$(tr '\n' ' ' < "$f") droid exec --auto low "Review changed files: $list and write to review.json"donerm /tmp/files_* # Clean up temporary files
Workflow Automation (CI/CD):
# Dead code detection and cleanup suggestionsname: Code Cleanup Analysison: schedule: - cron: '0 1 * * 0' # Weekly on Sundays workflow_dispatch:jobs: cleanup-analysis: strategy: matrix: module: ['src/components', 'src/services', 'src/utils', 'src/hooks'] steps: - uses: actions/checkout@v4 - run: droid exec --cwd "${{ matrix.module }}" --auto low "Identify unused exports, dead code, and deprecated patterns. Generate cleanup recommendations in cleanup-report.md"
