We started Retool with a simple mission: bring good software to everyone, because the gap between the software companies need and the software they can actually build used to be enormous.
Now, AI has collapsed the cost of creating software to near zero. For years, entire industries assumed that enabling more people to build meant removing code from the equation. But LLMs turned out to be extraordinarily good at writing code, and they write it faster than any human ever could. We’re living through the biggest expansion of software creation in history.
But in closing the gap between need and creation, we’ve created another gap: one between creation and secure operation. That’s where I think the next chapter of software goes.
Every enterprise right now is trying to build more, faster. And the proliferation of AI coding tools, agents, and copilots means everyone can become a builder. The entire industry is racing to produce, and the average quality of software is still pretty low.
Vendors are building as if creation is the bottleneck, but it never really was. We’ve opened the floodgates and found that more isn’t always better, especially if you can’t govern it. Code that can’t run in production isn’t software. It’s waste. And when you write code that runs in production without governance, you invite in that much more liability.
AI doesn’t write inherently bad code, but the speed and volume of what’s being produced overwhelm every process designed to keep it safe. Code review, security checks, and deployment gates were all built for human pace. None of it scales to AI pace.
This new code touches production data, interacts with real systems, and affects real outcomes. New builders might not know (or care about) your security model. They might not understand your compliance requirements. They’re probably not thinking about what happens when they leave and someone else has to maintain what they made.
How software gets built is changing faster than anyone expected, and that change is creating governance challenges most organizations aren’t ready for. If you can solve both of those, you fundamentally change how your business operates.
Retool was built before LLMs, and the experience made building software really fast for that time. But times are changing, and so are we.
At our London Summit, I announced that Retool is going open. We’re adopting React as the frontend for all Retool apps, and our new MCP server (now in beta for admin functions) allows you to build anywhere and run on Retool. This is the end of the walled garden era of building.
Today, generating software via LLM is, in fact, much faster (and often more fun!) than doing it the old way. Builders, not just developers, have come to expect a cleaner, simpler user experience than Retool’s traditional offering.
In the past, Retool has maintained its own frontend platform, including components and layout system. We use our own language—Toolscript—to serialize an app and document what a user builds in the visual canvas.
But it turns out LLMs…aren’t great at creating Toolscript. And, more importantly, all brittle abstraction layers are far too restrictive than modern building requires.
Instead of an LLM learning Toolscript, it writes in a language it’s incredibly good at and runs in Retool. Apps are better looking, more performant, and more accurately model prompt intent.
But the move to React opens up more possibilities beyond significantly better apps. In addition to building with Retool, with our new MCP server, you’ll be able to use tools such as Claude Code, Codex, and Cursor to generate beautiful, secure Retool apps from wherever you build. You can even import existing React code that we secure and run for you in Retool.
With this move, we’re meeting builders wherever work happens and helping more people turn that work into software.
This is a seismic change. These new connections need the right guardrails to prevent an explosion of subpar code in the places your business needs to keep running smoothly. It won’t be enough to engineer better LLM outputs, that’s a dead end. The safety and security of your code needs to happen at the platform level.
This is what we’re building into Retool—an intentional vetting layer between software and resources that every app, automation, and piece of LLM-generated code must pass through. You can think of it like the kernel of an operating system, all actions must go through it before accessing anything important.
Currently, most platforms enforce security at the app level. The app decides what data it can see and who can do what. That was mostly fine when humans wrote every app. But, do you really want your security living inside the thing the LLM just wrote? Probably not.
We’re moving permissions down a layer to live on top of the resources, not the app. Even if an LLM generates the most insecure app in the world, this governance layer will guarantee that the app can’t do anything it shouldn’t. That layer is underneath the app and configured by you, making anything you generate with an LLM in Retool secure by default. Anyone can build, and everything they build is safe.
So, code is free. AI is driving a massive surge in creation. And governance unlocks that velocity for real impact. What happens when you have a platform that can run unsafe code safely?
Software stops being a project and starts becoming a reflex.
It becomes elastic.
We’ve seen a shift like this before. Cloud made compute elastic. On-demand, scalable, there when you need it, gone when you don’t. Governance made it work for the enterprise.
Software is about to make the same leap. “Idea to app” is too small a frame. This is software-as-infrastructure that you spin up and down based on what the business needs, the same way cloud changed how we think about servers.
Someone has a problem. They express it. The software gets built. When the task is done, it dissolves. Or it crystallizes into something permanent because a thousand other people have the same problem, and now it runs all day across the organization.
When you have a governed platform where software is elastic and on-demand, something even more interesting starts to happen. Not just humans building tools. The platform itself generates software in response to business needs, fundamentally transforming how businesses operate.
Elastic software on an ungoverned platform is chaos. Elastic software on a governed platform is a superpower.
This marks a continuation of the Retool story: that a governed platform, open to any builder and any tool, is what makes good, elastic software possible. Code is free. Now someone has to make sure it works. That’s us.
Our MCP server is now in beta. Join the waitlist here.
Reader
