Ted launched Mog, a statically typed embedded programming language designed specifically for AI agents to write, on March 9, 2026. The language's complete specification fits in approximately 3,200 tokens, allowing it to be easily included in LLM context windows. Mog compiles to native machine code and implements capability-based security that prevents guest code from accessing system resources without explicit host permission.
Minimal Syntax Reduces AI Coding Errors
Mog's design deliberately restricts language features to minimize errors when LLMs generate code. The language eliminates operator precedence, requiring explicit parentheses for all non-associative operations like (a + b) * c. It prohibits implicit type coercion, limits generics support, and completely removes metaprogramming and macros. According to the creator, "LLMs don't care" about these restrictions, and "the less expressivity you trust them with, the better."
Capability-Based Security Model Enables Safe Dynamic Code
The language implements a strict capability-based security model where Mog programs cannot directly access syscalls, libc functions, or memory. Programs can only call functions explicitly provided by the host application, giving hosts precise control over which operations guest code can perform. This architecture addresses what the creator calls "a core AI agent security paradox": traditional sandboxing limits agent functionality, while unrestricted access creates security vulnerabilities. Mog's capability system allows session-level permission enforcement on dynamically generated code, with a core guarantee that programs cannot crash the host, corrupt state, or consume unauthorized resources.
Runtime Enables Self-Modification Without Restart
Mog compiles ahead-of-time to native machine code using a ported QBE compiler and runs without interpreter or JIT overhead. The runtime uses a stack inside a provided memory arena rather than the system stack, with guard pages preventing overflow. Cooperative interrupt polling allows hosts to limit execution time with approximately 10% performance impact on tight loops. The language supports async operations through adapted LLVM coroutine lowering.
A key feature enables agents to compile and load new plugins during execution without session interruption. For example, if a user says "always ask before deleting files," the agent can immediately compile and load that behavior change as a new capability constraint.
Open Source Implementation Targets Agent Ecosystems
The language is written in safe Rust for security auditing and released under the MIT license. It integrates into async event loops and has been tested with Bun. The roadmap includes expanding the standard library with JSON, CSV, SQLite, and HTTP support, plus an LLM library for agents to make model calls with token budgeting. Comprehensive documentation covers control flow, functions, collections, error handling, async programming, modules, tensor operations, and the embedding API.
Key Takeaways
- Mog's complete language specification fits in 3,200 tokens, designed specifically for LLM code generation with minimal syntax complexity
- Capability-based security prevents programs from accessing syscalls or memory directly, requiring explicit host-provided function calls for all operations
- Agents can compile and load new behavioral plugins during execution without restarting sessions
- The language compiles ahead-of-time to native code with cooperative interrupt polling that adds ~10% overhead for execution time limits
- Written in safe Rust and released as MIT-licensed open source with comprehensive documentation at moglang.org