BlockForge

Offline-first, token-safe website builder — built with BlockForge by AI.

Security by default

BlockForge focuses on predictable, sanitized output. No raw HTML soup, no risky script injection, and token-only styling where it matters.

No external scripts: the editor is a single HTML file.
No inline JavaScript in export: keeps CSP strict and predictable.
Sanitized text output: escapes HTML and strips control characters.
URL allowlist: http/https/mailto/tel only (unsafe URLs are blocked).
Token-safe styling: presets and design tokens instead of arbitrary CSS strings.

“If a setting can’t be exported safely and predictably, it doesn’t belong in the default toolkit.”
— BlockForge principle

See it in action

Open the builder, inspect block settings, and export a site to verify the output contract.

Visit BlockForge.dev