Vessel

Open-source runtime · Chromium-first

Send a tool like you'd
send a spreadsheet.

The artifact format for AI-generated software: describe a tool, and the model hands you one self-contained .vessel — UI, logic, and data inside — that runs the instant you open it, with nothing to deploy or operate. Install the host once; any .vessel then opens by double-click, runs, and saves back into the same file.

Get the host → Run it yourself

Installs as a PWA — runs locally, works offline after the first load (no server). Promptless save on Chromium; Firefox & Safari run degraded (open + download-to-save). · Docs →

The spreadsheet model, for web tech

01

Install the engine once

The host is a small installable PWA. You set it up a single time — like installing a spreadsheet app.

02

The file carries everything

A .vessel is an OPC-style ZIP (think .xlsx). UI, backend, and data travel together.

03

Open, edit, save in place

Double-click to run. Changes write straight back into the file — no export step, no server, no account.

What's inside the box

ui

React, sandboxed

The bundle's interface renders in a sandboxed, opaque-origin iframe — isolated from the host and from your machine.

app

Python in WASM

An ordinary FastAPI backend runs in Pyodide (CPython compiled to WebAssembly). fetch is bridged straight to ASGI.

data

SQLite in the file

State lives in a real SQLite database — and that database travels inside the .vessel. The file is the document.

Ten example tools

Real .vessel files — each a FastAPI + SQLite backend and a self-contained UI, with full create / edit / delete. Download one and open it in the host.

Budget

unsigned

Local-first money — transactions, categories, a trend + forecast chart.

Download .vessel

Flashcards

unsigned

SM-2 spaced repetition — edit the deck, study, and rate.

Download .vessel

CSV Explorer

signed · Tabula Labs

Real SQL filter/sort over thousands of rows; import your own CSV.

Download .vessel

Invoice

signed · Ledgerleaf

A fully editable invoice template with live totals and print-to-PDF.

Download .vessel

Recipe Planner

unsigned

Recipes plus a weekly plan; a shopping list built from the plan.

Download .vessel

Habits

unsigned

A 21-day habit grid with streaks you tick off day by day.

Download .vessel

Personal CRM

unsigned

Contacts with a genuine “haven’t talked in 90 days” SQL query.

Download .vessel

Job Tracker

unsigned

A pipeline board: Applied → Screen → Onsite → Offer.

Download .vessel

Workout Log

unsigned

Sets, PRs, reusable routines, and a training-volume chart.

Download .vessel

Journal

unsigned

A dated journal with SQLite full-text search and match highlighting.

Download .vessel

Need the host first? Get it → · or read the source.

One theme system, every tool

Tools don't hardcode colors — they style with the host's --vessel-* tokens, so every tool follows the host's light/dark and chosen theme automatically. Switch them here and watch it re-theme live:

budget.vessel

The same tokens a bundle reads — see the authoring skill.

Build one with your AI

Authoring a .vessel has a few non-obvious rules — an async-only Python backend, a single-file UI, declared packages. Hand your AI agent the Vessel authoring skill and it produces valid bundles, correct manifest and all. 

Follow the Vessel authoring skill, then build me a .vessel tool:
https://getvessel.dev/skills/vessel-author/SKILL.md

Paste that into Claude or your agent. Or read the skill.

Run it yourself

Prefer not to depend on getvessel.dev? The host is a static app with no backend — build and serve it yourself and it runs identically (and offline). Same code, your origin. 

git clone https://github.com/apollo-orbit-dev/vessel.git
cd vessel
npm install
npm run build -w @vessel/host
npm run preview -w @vessel/host

Then open the printed http://localhost:4173/app/ in Chromium and install the PWA — localhost is a secure context, so file handling + install work. Full guide in the docs.

The safety claim

Opening a .vessel is no more dangerous than opening a web page.

Bundle code is boxed twice — a sandboxed iframe around the UI, a WASM sandbox around the Python — with default-deny network egress and a manifest allowlist. The host never hands its writable file handle to bundle code. Bundles can be Ed25519-signed so you can see who published them.