Coding agents are brilliant and undisciplined — they drift off-schema, hallucinate fields, and ship code nobody approved. RailCall puts a fail-closed contract between what the AI proposes and what executes — and hands your compliance team a per-run receipt proving your data never left the machine.
100 runs free on install · refill 1,000 for $10 flat · measured zero-socket execution
The Sovereign Rule · Zero-Drift Governance
Left unchecked, coding agents quietly decay a codebase: off-schema payloads, raw primitives, hallucinated CSS, fields nobody approved.
RailCall acts as a strict, fail-closed contract. The AI does the extraction, but RailCall forces it to assemble pre-audited, typed "Lego blocks" validated against JSON-Schema draft-07. If it tries to vibe the layout, RailCall rejects it.
[ AI PROPOSES ]
│
▼
[ CONTRACT + SCHEMA SWEEP ]
│ (draft-07 · additionalProperties: false)
▼
[ FAIL-CLOSED FILTER ]
│ (rejects off-contract inputs)
▼
[ GOVERNED RELEASE ]
(only audited legos are assembled)
Download the binary and run it offline. Bypass geo-blocked cloud wrappers and VPN requirements entirely.
Install free with 100 runs included. Refill 1,000 runs for a flat $10 via Stripe — no per-seat fees, no monthly bill, no surprises.
You supply the local CPU to run the AI. We charge a microscopic gateway routing fee — nothing for idle seats.
Built for everyone, not just SV
Indie developers and mid-sized agencies in LatAm, Eastern Europe, and Southeast Asia are routinely walled out of Western SaaS by restricted corporate cards, FX penalties, and rigid $25/month per-seat licensing.
RailCall flips the model: a single local binary that runs on your machine. You skip the monthly subscription entirely — start free with 100 runs, then refill 1,000 for a flat $10 whenever you need more.
The Breakeven Math
Legacy developer tools charge a flat monthly fee per user, whether that user runs one workflow or none. It's a tax on your headcount.
Because RailCall runs the heavy reasoning, extraction, and compiling directly on your laptop's CPU, our infrastructure cost per run is near zero. So your first 100 runs are free, and refills are a flat $10 for 1,000 — no subscription, ever.
Enterprise Data Sovereignty
In regulated work — finance, healthcare, defense — uploading source files to a third-party SaaS breaks your compliance perimeter. RailCall executes locally, keeping your data on your own SSD.
| Operational Vector | Legacy Cloud SaaS (wrappers) | The RailCall DevKit |
|---|---|---|
| Data residency | Uploaded to third-party databases | Stays 100% on your local SSD |
| AI layout governance | None — agents write arbitrary code | Contract-validated · fail-closed |
| Exfiltration evidence | Trust the vendor's word | Per-run lsof socket receipt |
The rare part isn't that RailCall runs locally — lots of tools do. The rare part is handing your CISO a measured, per-run receipt proving your data never opened an external socket.
Under HIPAA, GDPR, or defense rules you legally can't trust cloud wrappers. Everyone else's "secure AI" is a marketing promise. RailCall's is a measurement your compliance team can re-run.
Airlock measured per run via OS-level lsof"network_audit": {
"external_sockets_open": 0,
"loopback_sockets_open": 0,
"method": "lsof -nP -a -p <pid> -iTCP -iUDP
over pid + child tree",
"bind": "loopback_only"
},
"result": "ok",
"integrity_root": "sha256:8f454e46…"
Developer Portal
Install free and get 100 runs to start. When you need more, refill 1,000 runs for a flat $10 deposit — no subscription, no per-seat fees.
Install the local airlock and get 100 free runs, instantly. Everything compiles on your own machine — no signup, no credit card.
Downloads the CLI + companion daemon to ~/.railcall and provisions 100 free runs locally.
Burned through your free runs? Top off your account — $10 adds 1,000 runs, one-time via Stripe. Enter your email to check out.
Opens Stripe Checkout · $10 flat for 1,000 runs.
Status: the metering engine (per-run receipts) and Stripe Checkout both run today — install free for 100 runs, refill 1,000 for a flat $10. No subscriptions, no on-chain anything.
Enterprise procurement teams don't buy critical infrastructure from anonymous accounts. RailCall is built by operators who managed real-world scale, compliance, and capital.
No black box
This is the exact measurement the daemon runs on every execution — a process-scoped lsof sweep that fails closed if a single external socket is open. Full MCP setup (the claude_desktop_config.json block) is in the docs.
def lsof_socket_audit(pid): # -a ANDs the selectors. WITHOUT it, lsof returns # system-wide sockets and the audit is meaningless. out = subprocess.run( [LSOF, "-nP", "-a", "-p", str(pid), "-iTCP", "-iUDP"], capture_output=True, text=True, ).stdout external = [l for l in out.splitlines() if l and not is_loopback(l)] # 127.0.0.1 / ::1 only if external: raise AirlockBreach(external) # fail-closed: abort the run return {"external_sockets_open": 0, "bind": "loopback_only"}