Command Palette

Search for a command to run...

UnylyUnyly
Весь каталог

Comisai

БесплатноНе проверен

Security-first AI agent platform — connects AI agents to Discord, Telegram, Slack, WhatsApp, and more

GitHubEmbed

Описание

Security-first AI agent platform — connects AI agents to Discord, Telegram, Slack, WhatsApp, and more

README

Comis

Run AI agents you can constrain, inspect, and recover.
Open-source agent runtime for governed execution.

CI npm License GitHub Stars

Quick Start · Documentation · Capabilities · Contribute


Comis

Comis gives AI platform and security teams an Apache-2.0, self-hosted runtime for governed multi-agent workflows, with scoped authority, bounded spend, recoverable context, provenance-aware memory, and operational evidence.

Govern execution, memory, security, authority, and cost as one system. Formal workflows, recoverable context, provenance-aware memory, scoped authority, bounded spend, and operational evidence share one governance model.

It is also built for self-hosted operators and security-conscious builders moving persistent agents onto real tools and data.

The controls apply to agents executing through Comis-controlled paths.

Comis runs on infrastructure you control. Network access depends on the models, channels, tools, and media services you configure.

[!NOTE] Development status: Comis is under active development. APIs and configuration may change, and deployments should be evaluated carefully before use in critical environments. See Current limitations and the threat model.

Quick Start

One-line install

For a managed macOS or Linux host:

curl -fsSL --proto '=https' --tlsv1.2 https://comis.ai/install.sh | bash

This downloads and runs the installer immediately. The managed-host installer can install Node.js and host dependencies, initialize Comis data, and register the daemon with systemd or PM2. On Linux, it also attempts to provision Chromium and Xvfb by default and can create a dedicated comis user for a systemd service.

Additional options

To inspect the installer and preview its changes before running it:

curl -fsSL --proto '=https' --tlsv1.2 https://comis.ai/install.sh -o comis-install.sh
less comis-install.sh
bash comis-install.sh --dry-run
bash comis-install.sh

If Node.js 22.19+ is already installed, install directly from npm:

npm install --global comisai
comis init

Direct npm installation does not install host tools, create a service account, or register a system service. Use bash comis-install.sh --help to review managed-installer opt-outs and service choices.

Complete the setup wizard and start the daemon when prompted. If you choose to start it later, run comis daemon start. Then open http://127.0.0.1:4766, or connect a messaging channel during setup. Verify the daemon with:

curl http://127.0.0.1:4766/health

For containers and production hosts, see the installation guides. Linux with Bubblewrap is the recommended deployment target for isolated tool execution.

Why Comis

Comis does not compete on feature count alone. Its strength is one governance model across the agent lifecycle.

Capability What it provides
Formal multi-agent execution Typed DAGs coordinate sequential and parallel nodes with barriers, retries, budgets, approval nodes, debate, voting, refinement, and map-reduce; configured durable runs add checkpoints and node-boundary recovery.
Recoverable context by default Canonical messages and tool results remain available beneath summaries in the default DAG-backed context engine and can be recovered with ctx_search, ctx_inspect, and ctx_expand.
Provenance-aware memory and learning Learning combines source provenance, configurable corroboration, trust ceilings, outcome gates, correction-driven demotion, supersession, and usefulness feedback.
Security for adversarial models Comis treats model output and external content as untrusted, with scoped stores, capability gates, deny-by-origin controls, encrypted secrets, credential brokering, memory/input/output guards, and audit events.
Bounded spend and operational evidence Traces, trajectories, incident explanation, fleet and delivery health, recall/cache diagnostics, audit records, provider cost accounting, and opt-in spend ceilings connect enforcement to investigation.
Per-agent operational control Assign each agent its own model, memory/context scopes, tools, budgets, policies, configurable secret allowlist, and routing bindings across channels and APIs.
Architecture built to evolve safely Hexagonal ports and adapters, a composition root, Result discipline, strict schemas, typed events, dependency rules, targeted test-neighbor gates, cycle checks, security linting, and shrink-only architecture gates keep change contained.

Where Comis Fits

  • Governed research and analysis: coordinate parallel source gathering, synthesis, criticism, context recovery, provenance-aware memory, and a configured budget while retaining evidence for review.
  • Controlled operational investigation: collect read-only system evidence, correlate events, and produce an incident report with cost and audit records. Keep privileged remediation behind tested approval and isolation boundaries.
  • Routed support and knowledge operations: give specialized agents separate context, memory, tools, budgets, and routing while keeping the operator's control model consistent.

Capabilities

  • Messaging: Telegram, Discord, Slack, WhatsApp, Signal, iMessage, LINE, IRC, Email, and Microsoft Teams, with platform-specific media and interaction support.
  • Models, tools, and MCP: Cloud providers, local Ollama and LM Studio models, fallback chains, browser, files, web, media, scheduling, memory, infrastructure, MCP client integrations, and a permission-gated MCP server.
  • Media: Speech-to-text, text-to-speech, image and video analysis, image generation, and document extraction.
  • Automation: Cron, heartbeat monitoring, background work, sub-agents, and durable execution graphs.
  • Interfaces: Web dashboard, CLI, JSON-RPC, WebSocket, early Agent Client Protocol (ACP) bridge work, and experimental OpenAI-shaped HTTP endpoints.
  • Storage: Local SQLite stores with FTS5, optional vectors, session history, delivery queues, and encrypted-by-default secret storage.

Security and Deployment

Comis treats model output and external content as untrusted. The runtime includes AES-256-GCM encrypted secret storage by default, configurable per-agent secret allowlists, SSRF defenses, external-content wrapping, prompt-injection detection, memory-write validation, completed-response output guards, tool policy, and an audit trail persisted by default. Streaming consumers receive deltas before the final-response scan.

Isolation depends on the host:

  • Linux with Bubblewrap provides the strongest supported tool isolation.
  • macOS sandbox-exec is best-effort and does not provide the same boundary as Linux.
  • By default, the interactive terminal driver refuses to spawn without its jail; an explicit operator-only setting can bypass that jail. The ordinary exec tool can run directly on the host when its sandbox is disabled or unavailable. Disable exec or deploy with Bubblewrap where this risk is unacceptable.
  • The default agent tool-policy profile is full, and an empty secrets.allow list is unrestricted. Narrow both before accepting untrusted input.
  • Skill-declared permissions are advisory unless the same limits are enforced through runtime tool policy and deployment controls.
  • Approval requests are available on explicitly wired paths when approvals are enabled; configured rules and default modes are not yet a universal policy engine.

Read THREAT_MODEL.md before enabling shell, browser, network, or third-party integrations.

Current Limitations

  • Code extensions currently require source changes through ports, adapters, hooks, and tools. Prompt skills can be uploaded or imported, but Comis does not yet provide a stable third-party code-plugin ecosystem.
  • ACP support is early library-level bridge work. A daemon entrypoint and complete approval round-trip are not yet shipped.
  • Durable graphs support configured checkpoint recovery, but general exact replay remains incomplete.
  • Deterministic tests cover the core runtime extensively, but not every provider, channel, model, or deployment combination is validated live.
  • Comis is an enterprise-oriented foundation under active development. Evaluate identity integration, tenant isolation, availability, backup and restore, upgrades, and support before critical or regulated deployment.
  • APIs and configuration may change during active development; review release notes before upgrading.

Architecture

Comis is a pnpm/TypeScript monorepo organized around hexagonal ports and adapters. core owns contracts and domain rules; adapters implement them; the daemon composition root wires the running system.

Layer Packages
Foundations shared, core
Runtime infra, memory, agent, orchestrator, scheduler
Interfaces channels, gateway, cli, web
Capabilities skills
Operations and distribution observability, observability-otel, daemon, comis

Build and validate from source:

git clone https://github.com/comisai/comis.git
cd comis
pnpm install
pnpm validate

Start with the architecture guide, package guide, and repository engineering protocol.

Contributing

Contributors can start in any of these tracks:

  • Governance and security: threat scenarios, policy, secret brokering, approval behavior, memory validation, and adversarial tests.
  • Standards and interoperability: MCP authorization, ACP, A2A, OpenTelemetry semantics, and conformance fixtures.
  • Runtime reliability: graphs, recovery, context, memory, delivery, incident reconstruction, and cost enforcement.
  • Integrations and deployments: channels, providers, tools, hardened Linux profiles, containers, backup, and restore.
  • Operator experience and documentation: evidence views, provenance, budgets, approvals, failure explanation, tutorials, and accessibility.

Browse open issues or discuss a proposal in GitHub Discussions. Read CONTRIBUTING.md before opening a pull request; behavior changes follow test-first development and the full architecture and security validation gates.

If Comis is useful, star the repository to help other contributors discover it.

Community

Comis builds on prior work from pi-mono by Mario Zechner.

License

Comis is licensed under the Apache License 2.0. Commercial use, modification, redistribution, and private deployment are permitted under its terms.

from github.com/comisai/comis

Установить Comisai в Claude Desktop, Claude Code, Cursor

Рекомендуется · одна команда, все IDE
unyly install comisai

Ставит в Claude Desktop, Claude Code, Cursor и VS Code — сам разбирается с npx, uvx и сборкой из исходников.

Впервые? Поставь CLI: curl -fsSL https://unyly.org/install | sh

Или настроить вручную

Выполни в терминале:

claude mcp add comisai -- npx -y comisai

FAQ

Comisai MCP бесплатный?

Да, Comisai MCP бесплатный — установка в пару кликов через Unyly без оплаты.

Нужен ли API-ключ для Comisai?

Нет, Comisai работает без API-ключей и переменных окружения.

Comisai — hosted или self-hosted?

Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.

Как установить Comisai в Claude Desktop, Claude Code или Cursor?

Открой Comisai на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.

Похожие MCP

Compare Comisai with

Не уверен что выбрать?

Найди свой стек за 60 секунд

Автор?

Embed-бейдж для README

Похожее

Все в категории communication