An open, recursive spec format — not a framework

Write the install once.
Any agent runs it on any machine.

A SEED is a markdown spec for installing your software — its dependencies, the steps to set it up, and read-only checks that prove it worked. Any AI coding agent reads it and installs on the host in front of it, adapting to the environment: apt or brew, the right version pins, the OS’s actual paths. No runtime, no SDK, no lock-in. What the agent shows you is what runs.

Read the spec → View on GitHub

$ plow install git@github.com:you/your-seed.git click to copy · this is what your users run

spec → install → running software

The SEED — a real SEED.md

# Purpose
> See README#Purpose — the smallest SEED.

## Dependencies
(none)

## Objects
TipSplitter — a bill, a headcount, a share.

## Actions
splits a bill N ways, rounding up.

## Verification
splitBill(10000, 4) === 25
splitBill(10000, 3) === 33.34

The install — agent reads top-down, shows every command

↓

The running system — installed, passing its own checks

These are the SEED’s own ## Verification checks, run for this demo — it isn’t verifying an install on your machine.

The format

It’s markdown. An agent reads it top-down.

A fixed grammar: a # Purpose H1, then four required H2s in order, then Feedback if you want install reports. The format is written in itself — an agent that’s read one SEED has read them all. No parser, no runtime to learn.

# Purpose

Purpose

One H1. The what and why, linking to the README pitch.

required

## Dependencies

Dependencies

Other SEEDs and system packages this install needs.

required

## Objects

Objects

The nouns of the system — the things that exist once it’s installed.

required

## Actions

Actions

The steps that set it up. The agent runs these, showing each command first.

required

## Verification

Verification

Read-only checks that prove the install worked.

required

## Feedback

Feedback

Opt-in install reports that flow back to improve the spec.

optional

Purpose and the four required H2s come first, in order. Optional sections follow as Feedback → Open Items → Non-Goals, and a root SEED opens with a ## Normative Language declaration (sub-SEEDs inherit it).

Why publish to the convention

OpenSeed gives you four capabilities.

Runs on any agent, any system — no lock-in.

One spec, every host. The agent picks apt or brew, the right pins, the correct paths for the OS it’s on. The format is a convention nobody owns — there’s no vendor between your spec and the machine. Your individual SEED is a repo you own and fork; the format it conforms to is open and ownerless. Two different things — neither one locks you in.

Claude CodeCodexOpenClawHermesGemini CLICursorAgy

linux ❯ apt-get install ffmpeg ✓
macos ❯ brew install ffmpeg     ✓
one spec → apt or brew, whichever the host has

OpenSeeds compose, recursively.

A SEED can depend on other SEEDs. The agent installs leaves-first, so complex deployments are just SEEDs that name other SEEDs — no orchestration layer. Each node is published and verified on its own, and every SEED you ship becomes a dependency someone else can build on.

seed-hostex-history-ingest
└─ seed-hermes-gbrain
   └─ seed-hermes
      └─ (leaves first)

Reviewable by construction.

Security in OpenSeed is review, not a sandbox. The convention requires a conforming agent to:

Show every command before running itthe spec mandates display-then-execute for all install shell, so a reviewer reads what runs
Keep secrets out of the specthe format bans literal keys, tokens, and userinfo, and requires presence-only probes during authoring
Audit a fresh clone before executing itclone-mode installs run a pre-execution exfiltration / backdoor checklist and abort on a high-confidence finding

These are obligations the convention places on the agent, enforced by review — not a promise a runtime can’t be bypassed.

Verifiable, not just installable.

Every SEED ends with ## Verification — read-only checks that confirm the install actually worked, not just that the steps ran. For CI or any non-agent caller, a SEED can ship a ref/verify.sh that runs a few structural checks and returns a plain exit code.

$ bash ref/verify.sh
tree conforms ✓  exit 0
installed ≠ works. Verification proves both — and anyone can fork the checks.

Compatible tooling

Works with Plow — a package manager built for OpenSeed.

An OpenSeed is just markdown — anyone can author, host, and install one by hand. Plow gives SEEDs a home: a one-line installer, and a registry to discover and fork SEEDs others have published.

One-line install

Curl the installer; Plow drops the OpenSeed skills into every agent on your machine.

Discover & fork

Browse a registry of published SEEDs — find one, fork it, build on it.

Specs that improve

Opt-in, anonymous install reports are coming — they’ll feed real-world install signal back into the spec so authors can tighten it.

$curl -fsSL plow.co/install.sh | bashclick to copy

Install reporting is opt-in and off unless a SEED declares it. The convention works without Plow; Plow just makes it effortless.

Write the install once.
Trust that any agent runs it.

Read the spec on GitHub → Get Plow

A community convention, shaped in the open. Open to all — propose a change.

Write the install once.Any agent runs it on any machine.

It’s markdown. An agent reads it top-down.

Purpose

Dependencies

Objects

Actions

Verification

Feedback

OpenSeed gives you four capabilities.

Runs on any agent, any system — no lock-in.

OpenSeeds compose, recursively.

Reviewable by construction.

Verifiable, not just installable.

Works with Plow — a package manager built for OpenSeed.

One-line install

Discover & fork

Specs that improve

Write the install once.Trust that any agent runs it.

Write the install once.
Any agent runs it on any machine.

Write the install once.
Trust that any agent runs it.