-
-
Notifications
You must be signed in to change notification settings - Fork 17
Architecture
CortexPrism edited this page Jun 19, 2026
·
1 revision
CortexPrism is a single-process agentic harness written in TypeScript/Deno. It exposes a CLI, a REST API + WebSocket server, and a web UI. All state is persisted in SQLite databases using WAL mode via @libsql/client.
┌─────────────────────────────────────────────────────────────────┐
│ CortexPrism │
│ │
│ CLI (cortex chat / run / serve / ...) │
│ │ │
│ ▼ │
│ ┌─────────────────────────────────────────────┐ │
│ │ agent/loop.ts │ │
│ │ userMessage → [pipeline hooks] │ │
│ │ → [memory inject] → [MQM route] → LLM call │ │
│ │ → [tool parse] → [policy validate] │ │
│ │ → [LLM supervisor gate] → [execute] │ │
│ │ → [re-prompt loop] → response │ │
│ │ → [episodic write] → [reflection] │ │
│ └─────────────────────────────────────────────┘ │
│ │ │
│ ┌──────┼────────────────────────────────────────────┐ │
│ │ │ Subsystems │ │
│ │ memory/ tools/ sandbox/ security/ │ │
│ │ llm/ server/ scheduler/ voice/ │ │
│ │ codegraph/ computer-use/ plugins/ pipeline/ │ │
│ │ skills/ workflow/ channels/ triggers/ │ │
│ │ quartermaster/ model-quartermaster/ │ │
│ └───────────────────────────────────────────────────┘ │
│ │
│ SQLite databases (WAL mode) │
│ cortex.db · memory.db · lens.db · vault.db · plugins.db │
└─────────────────────────────────────────────────────────────────┘
| Component | Directory | Purpose |
|---|---|---|
| Agent Loop | src/agent/ |
Core turn processing, reflection, sub-agents, metacognition, soul |
| LLM Layer | src/llm/ |
24 provider adapters, model router, MQM |
| Memory System | src/memory/ |
5-tier memory: episodic, semantic, reflection, graph, skills |
| Tool System | src/tools/ |
Registry, executor, 43 built-in tools |
| Security | src/security/ |
Parallax policy validator, LLM supervisor, AES-256-GCM vault, CPL |
| HTTP Server | src/server/ |
REST API (200+ endpoints), WebSocket chat, embedded SPA Web UI |
| Sandbox | src/sandbox/ |
Docker/gVisor code execution, auto-fix loop |
| Scheduler | src/scheduler/ |
SQLite-persisted cron jobs |
| Plugins | src/plugins/ |
ESM/MCP/WASM plugin system with sandbox |
| Pipeline | src/pipeline/ |
10-stage hook middleware architecture |
| Voice | src/voice/ |
STT/TTS pipeline, VAD, audio streaming |
| Codegraph | src/codegraph/ |
Tree-sitter code intelligence, call graph, FTS5 symbol search |
| Computer Use | src/computer-use/ |
GUI automation via Xvfb + xdotool |
| Skills | src/skills/ |
Built-in skill definitions, SDK |
| Workflow | src/workflow/ |
Workflow engine with DAG execution |
| Channels | src/channels/ |
Channel adapters (Discord) |
| Triggers | src/triggers/ |
Webhook + filesystem event triggers |
| QM / MQM |
src/quartermaster/, src/model-quartermaster/
|
Tool orchestration + model selection learning |
| Observability | src/observability/ |
Prometheus metrics, OTLP export, Langfuse tracing |
| Remote |
src/remote/, src/hub/
|
Distributed Hub ↔ Node architecture |
| MCP | src/mcp/ |
Model Context Protocol server (stdio + HTTP) |
| Eval | src/eval/ |
Agent evaluation runner |
| TUI | src/tui/ |
Terminal UI |
The core of CortexPrism. agentTurn() handles one complete user→agent exchange:
- Pipeline hooks (pre-assess, pre-reason)
- Inject relevant memories into system prompt
- MQM model selection decision
- Persist user message
- Tool loop (up to 8 rounds):
- LLM call (streamed or complete)
- Parse tool calls from response
- Validate each tool call against policy
- LLM security supervisor review (for sensitive tools)
- Execute tools
- Format results and re-prompt
- Persist assistant response
- Write episodic memory (fire-and-forget)
- Run reflection if enabled (fire-and-forget)
- Pipeline hooks (post-output)
| Database | Purpose |
|---|---|
cortex.db |
Sessions, jobs, policies, nodes, services, agents, workspace config |
memory.db |
5-tier memory: episodic, semantic, reflection, graph, skills (procedural) |
lens.db |
Cortex Lens audit log — full activity timeline, metrics |
vault.db |
AES-256-GCM encrypted credential vault |
plugins.db |
Plugin registry with versions, permissions, and trust levels |
10 middleware hooks intercept the agent loop at key stages:
| Hook | Stage | Priority | Purpose |
|---|---|---|---|
@cortex/injection-guard |
pre-reason | 5 | Prompt injection detection |
@cortex/model-quartermaster |
pre-llm, post-llm | 5 | MQM intelligent model selection |
@cortex/quartermaster |
pre-tool, post-tool | 6 | Legacy tool orchestration learning |
@cortex/summarization |
pre-reason | 8 | Context compaction at 80K tokens |
@cortex/content-safety |
pre-output | 10 | Content filtering |
@cortex/loop-detection |
pre-tool | 12 | Per-file edit tracking |
@cortex/tool-output-sandbox |
post-tool | 15 | Large output capture |
@cortex/pre-completion-checklist |
post-reason | 20 | Build-Verify-Fix enforcement |
@cortex/audit-log |
post-output | 150 | Session/turn logging |
@cortex/cost-tracker |
post-tool, post-output | 200 | Token/cost metrics |
- Request Flow — Mermaid diagrams of the full request lifecycle
- Agent Loop — Deep dive into the agent turn processing
- Memory System — Memory architecture and retrieval
- Security — Security model and LLM supervisor
- Code Intelligence — Tree-sitter code analysis
- Computer Use — GUI automation
- Plugin System — Extensibility architecture
CortexPrism — Open-source agentic AI harness · MIT License · Built with Deno 2.x + TypeScript
- Agent Loop
- Metacognition
- Memory System
- Skills System
- Sub-Agents
- Built-in Tools
- Code Intelligence
- Code Sandbox
- Cross-Agent Context Protocol
- Prompt Lab
- PKM Assistant
- Voice Pipeline
- Computer Use
- Browser Tool
- Git & GitHub
- Scheduler & Jobs
- Dashboard
- Observability