The capability-secured, concurrent-native AI agent orchestration framework. Built in Go. 10 MB. 20 tools. 18 packages. Security as foundation. Concurrency as the runtime.
All 8 critical security issues from the independent security audit have been identified, fixed, and verified. The codebase now includes 220+ comprehensive tests across 8 core modules with zero data races detected under Go's -race flag.
- β Fix #1-4: Critical vulnerabilities remediated (glob patterns, shell injection, pipe error handling, test suite build)
- β Fix #5-8: Test coverage expanded (bus, learn, channel, e2e, dashboard, tui, cli)
- β
Zero Data Races: All tests pass under
go test -race - β Production Deployment: Safe for enterprise use with full capability-based security enforcement
See CHANGELOG.md for detailed fix entries | See DEVLOG.md for development timeline
Every major agent framework today has the same fatal flaw: security is an afterthought. OpenClaw gives agents full host access. Hermes already has CVEs. OpenHuman chains OAuth to everything. None of them were designed for the enterprise question every CISO is asking: "How do we deploy AI agents safely?"
AgentForge makes security the foundation, not a feature request.
| Feature | AgentForge | OpenClaw | Hermes | OpenHuman |
|---|---|---|---|---|
| Security Model | Capability-based tokens | Full host access | None structured | OAuth sprawl |
| Runtime | Go (10MB static binary) | Node.js (200MB+) | Python (venv/pip) | Rust (Tauri) |
| Concurrency | Goroutines (true parallel) | Event loop | Sync-only | Async |
| Memory | MeMex Zero RAG (md+git+FTS) | JSON files | Honcho user model | SQLite |
| Context Windows | Model-aware (1M for gpt-4.1) | Fixed | None | None |
| Offline | β Full offline | β Gateway required | Partial | β Desktop |
| Deployment | Binary + Docker + K8s | Node daemon | Python venv | Desktop app |
| Dashboard | SPA + htmx (real-time) | Electron (macOS only) | β | Tauri |
| DAG Editor | β Visual pipeline editor | β | β | β |
| Cost Tracking | β Per-agent, per-model | β | β | β |
| Fault Tolerance | Circuit breaker + fallback chain | β | β | β |
| Cron Job Scheduler | β Native Go, @every + cron | β | β | β |
| Multi-MCP Server | β N servers, toolFilter | Single static | β | β |
| Telegram Bot Integration | β Polling + bus bridge | β | β | β |
| Discord Bot Integration | β Gateway WS + reconnect | β | β | β |
| Self-Learning AI Agents | β Auto SKILL.md generation | β | β | β |
| Auto-Skill Generation | β Jaccard clustering | β | β | β |
# Homebrew (macOS)
brew install agentforge/tap/agentforge
# Go install
go install github.com/agentforge/agentforge/cmd/agentforge@latest
# Docker
docker run -p 8080:8080 -p 9090:9090 agentforge/agentforge:latest
# Download binary
curl -L https://github.com/agentforge/agentforge/releases/latest/download/agentforge-linux-amd64 -o agentforge
chmod +x agentforgeagentforge run
> status
Running. Bus: local.agentforge daemon --config config.yamlagentforge spawn my-agentEvery agent receives an HMAC-signed permission token at spawn β no ambient authority. Filesystem allowlists, domain allowlists, token budgets, timeout enforcement. Agents can only access what they're explicitly granted. CISO-ready on day one.
Goroutines are agents. Channels are communication. The Go runtime is the orchestration layer. 100K+ concurrent agents on a $10 VM. No async event-loop gymnastics.
Session compaction with per-model context budgets. The system knows gpt-4.1 gets 1M tokens, Claude Sonnet gets 200K, and local Ollama models get whatever you configure. No manual trimming. No lost context.
File I/O, web fetch, shell execution, image generation, video generation, music generation, diagram creation, memory search, web search, code review, deployment automation, API design, data analysis, browser automation, document processing, SEO analysis, security auditing, NLP pipeline, and MCP bridge β every tool runs with capability checks. Third-party tools execute in WASI sandboxes. Content-addressed. Capability-declared. No npm supply chain risk.
A native Go cron job scheduler built into the daemon β no external process, no sidecar. Supports standard cron-format expressions and @every shorthand (e.g. @every 5m, @every 1h30m). Pipelines can declare cron_trigger blocks that fire on schedule. The cron_schedule tool lets agents programmatically register, update, and remove cron triggers at runtime. Schedule state is persisted to MeMex memory so it survives daemon restarts. Combine with the CSP bus to fire pipeline DAGs, spawn agent fleets, or trigger any registered tool on a recurring schedule β all from a single 10 MB binary.
A configurable multi-MCP server that runs N independent MCP servers behind a single daemon. Each server gets its own transport (HTTP or stdio), its own toolFilter to expose a subset of the tool registry, and its own capability token scope. Manage all servers from the dashboard β add, remove, enable, disable, reconfigure β without restarting the daemon. Ship one server with the full 19-tool registry for internal agents, another with only memory_search + web_search for external clients, and a third over stdio for local IDE integration. All managed through internal/api/mcp/manager.go with zero-downtime hot-reload.
Native Telegram bot integration and Discord bot integration via internal/channel/. Telegram uses long-polling mode (no webhook infrastructure needed), Discord uses Gateway WebSocket with shard-aware connection management. Both adapters publish incoming messages to the CSP bus as structured events β agents subscribe naturally, no glue code. A bare WebSocket adapter (internal/channel/ws.go) serves as an extensible base for custom channel implementations. All adapters feature exponential backoff reconnect (1s β 2s β 4s β β¦ β 60s cap) with jitter to avoid thundering-herd restarts. Channel state is surfaced in the dashboard fleet modal alongside agent goroutines.
A self-learning AI agent pipeline in internal/learn/learn.go that watches agent executions, extracts successful interaction patterns, clusters them with Jaccard similarity, and β when confidence exceeds a configurable threshold β auto-generates a SKILL.md file registered in the skills marketplace. The three-stage pipeline (Observer β Extractor β Generator) runs continuously in the background. Patterns are deduplicated via Jaccard clustering against the existing skill corpus. Generated skills come with a confidence score, source citations (which agent sessions produced the pattern), and a trial flag. Agents can immediately use trial skills; admins promote them to production with one click in the dashboard. This is auto-skill generation β your agent fleet gets smarter the longer it runs.
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β AGENTFORGE DAEMON β
β β
β HTTP/gRPC β TUI (Bubble Tea) β Multi-MCP β Channels β
β :8080 β β :9090+ β TG | Discord β
β ββββββββββββ΄βββββββ¬βββββββββββββββ΄βββββββββββββββ΄βββββββββββββ β
β β Web Dashboard β Agent Fleet Modal β MCP Manager β β
β β SPA + htmx β Pipeline DAG Editorβ N Servers β β
β β Cost Tracking β Circuit Breakers β toolFilter each β β
β βββββββββββββββββββ΄ββββββββββββββββββββββ΄βββββββββββββββββββββ β
ββββββββ¬βββββββββββββββ¬ββββββββββββββ¬βββββββββββ¬βββββββββββββββββββ
β β β β
ββββββββββββββββΌββββββββββββββΌβββββββββββ
β β
ββββββββββΌβββββββββ β
β CSP BUS βββββ β Goroutines + channels
β (pub/sub topics)β Channel events published
β Cron triggers β here automatically
ββββββββββ¬βββββββββ
β
βββββββββββββββββββΌββββββββββββββββββββββ¬βββββββββββββββββββ
β β β β
βββββΌβββββββ βββββββΌβββββββ βββββββββββΌβββββββ ββββββββΌβββββββ
β ENGINE β β MEMORY β β SECURITY β β LEARN β
β Agents β β MeMex RAG β β Capability β β Observer β
β Pools β β Git + FTS β β Enforcement β β Extractor β
β DAGs β β Compaction β β WASM Sandbox β β Generator β
β Fleets β β Sync β β Circuit Brkr β β Jaccard Cl. β
βββββββββββββ βββββββββββββββ ββββββββββββββββββ βββββββββββββββ
β β β β
βββββββββββββββββββΌββββββββββββββββββββββΌββββββββββββββββ
β β
β β
ββββββββββββββββββββββΌββββββββββββββββββββββΌβββββββββββββββββββββ
β β β β
βββββΌβββββββ ββββββββββΌββββββββ ββββββββββΌβββββββ ββββββββββΌβββββββ
β LLM β β TOOL REGISTRY β β MULTI-MCP β β CHANNELS β
β Adapters β β 19 Tools β β N Servers β β Telegram β
β Fallback β β WASM Plugins β β HTTP + stdio β β Discord β
β Chain β β + cron_schdl β β toolFilter β β WebSocket β
ββββββββββββ ββββββββββββββββββ βββββββββββββββββ βββββββββββββββββ
β β
β βββββββββΌβββββββ
β β CRON β
β β Native Go β
β β @every + cron β
β β Pipeline trig β
βββββββββββββββββββββββββββββββββββββ€ Persistent β
βββββββββββββββββ
agentforge/
βββ cmd/
β βββ agentforge/ # Main daemon + CLI
β βββ agentctl/ # Admin CLI tool
βββ internal/
β βββ engine/ # Agent goroutine pool, DAG, subagent trees, fleet mgmt
β βββ bus/ # CSP message bus (pub/sub, request/reply)
β βββ memory/ # MeMex Zero RAG (git + SQLite + search + compaction)
β βββ security/ # Capability enforcement, WASM sandbox, circuit breaker
β βββ llm/ # LLM adapters (OpenAI, Ollama, Anthropic) + fallback chain
β βββ tool/ # Tool registry (19 built-in + cron_schedule) + WASM plugin loader
β βββ api/ # gRPC, REST, MCP server
β β βββ mcp/ # Multi-MCP manager (N servers, HTTP+stdio, toolFilter)
β βββ dashboard/ # Web dashboard (SPA + htmx, fleet modal, DAG editor)
β βββ tui/ # Terminal UI (Bubble Tea)
β βββ skills/ # Skills marketplace integration + discovery
β βββ cost/ # Per-agent, per-model cost tracking
β βββ config/ # Configuration management (50+ settings)
β βββ cron/ # Native Go cron scheduler (cron.go)
β β # Cron-format parsing, @every shorthand
β β # Pipeline cron triggers, cron_schedule tool
β βββ channel/ # Channel adapters (channel.go, ws.go)
β β # Telegram long-polling, Discord Gateway WS
β β # Exponential backoff reconnect with jitter
β β # CSP bus event bridge
β βββ learn/ # Self-learning engine (learn.go)
β # Observer β Extractor β Generator pipeline
β # Jaccard similarity clustering
β # Auto SKILL.md generation, confidence scoring
βββ pkg/
β βββ agentforge/ # Go SDK (embed AgentForge in your app)
β βββ capability/ # Capability token SDK
βββ plugins/ # WASM plugin SDK (Rust)
βββ deploy/ # Docker, K8s, systemd
βββ docs/ # Documentation
βββ ARCHITECTURE.md # Full architecture spec
βββ Makefile
βββ README.md
# config.yaml
daemon:
host: "0.0.0.0"
port: 8080
mcp_port: 9090
log_level: "info"
metrics: true
memory:
root: "$HOME/.agentforge/memory"
auto_commit: true
commit_interval: 30s
compaction:
enabled: true
strategy: "model-aware"
context_windows:
"gpt-4.1": 1000000
"gpt-4o": 128000
"claude-sonnet-4": 200000
"claude-opus-4": 200000
"ollama/*": 32768
reserve_ratio: 0.15
security:
capability_secret: "${AGENTFORGE_SECRET}"
default_token_budget: 1000000
default_timeout: 3600s
sandbox:
engine: "wasmtime"
max_memory_mb: 256
max_execution_ms: 30000
circuit_breaker:
failure_threshold: 5
recovery_timeout: 60s
half_open_max_requests: 3
llm:
default_provider: "openai"
models:
openai:
endpoint: "https://api.openai.com/v1"
api_key: "${OPENAI_API_KEY}"
model: "gpt-4.1"
timeout: 30s
anthropic:
endpoint: "https://api.anthropic.com/v1"
api_key: "${ANTHROPIC_API_KEY}"
model: "claude-sonnet-4-20250514"
timeout: 30s
ollama:
endpoint: "http://localhost:11434"
model: "gemma3:27b"
timeout: 120s
fallback_chain:
- "openai"
- "anthropic"
- "ollama"
tools:
registry:
- file_io
- web_fetch
- shell_exec
- image_generate
- video_generate
- music_generate
- diagram_maker
- memory_search
- web_search
- code_review
- deployment_automation
- api_design
- data_analysis
- browser_automation
- document_processing
- seo_analysis
- security_auditing
- nlp_pipeline
- mcp_bridge
- cron_schedule
marketplace:
enabled: true
skills_hub_url: "https://skillsmp.com"
cron:
enabled: true
location: "UTC"
persistence:
store: "memory" # Cron state persisted to MeMex store
triggers:
- name: "daily-digest"
schedule: "0 9 * * *"
pipeline: "morning_briefing"
- name: "heartbeat"
schedule: "@every 30m"
pipeline: "agent_heartbeat"
- name: "weekly-cleanup"
schedule: "0 2 * * 0"
pipeline: "memory_compaction"
mcp:
enabled: true
servers:
- name: "default"
transport: "http"
port: 9090
toolFilter: "*" # All tools exposed
capability_scope: "full"
- name: "external"
transport: "http"
port: 9091
toolFilter: # Restricted subset
- "memory_search"
- "web_search"
- "diagram_maker"
capability_scope: "readonly"
- name: "local-ide"
transport: "stdio"
toolFilter: "*"
capability_scope: "full"
channels:
telegram:
enabled: false
bot_token: "${TELEGRAM_BOT_TOKEN}"
mode: "polling" # Long-polling, no webhook needed
poll_interval: 2s
discord:
enabled: false
bot_token: "${DISCORD_BOT_TOKEN}"
mode: "gateway" # Gateway WebSocket with shard awareness
intents: # Gateway intents bitmask
- "guild_messages"
- "direct_messages"
shard_count: 1
reconnect:
strategy: "exponential_backoff"
initial: 1s
max: 60s
multiplier: 2.0
jitter: true
learning:
enabled: true
pipeline:
observer:
sample_rate: 1.0 # Observe all agent sessions
min_steps: 3 # Minimum steps to qualify as a pattern
extractor:
cluster_algorithm: "jaccard"
similarity_threshold: 0.7 # Jaccard threshold for clustering
max_clusters: 100
generator:
confidence_threshold: 0.8 # Auto-publish above this score
output_dir: "$HOME/.agentforge/skills/auto"
trial_mode: true # Generated skills start in trial mode
max_auto_skills: 50 # Cap on auto-generated skills
workers:
content_max_agents: 3
seo_max_agents: 1
social_max_agents: 2
cost_tracking:
enabled: true
alert_threshold_usd: 50.00
alert_interval: "24h"
export_csv: falsegit clone https://github.com/agentforge/agentforge.git
cd agentforge
make deps # go mod download
make build # compile
make test # run tests
make daemon # start daemon- Phase 1: Core daemon, agent goroutine pool, CSP bus, MeMex store, capability enforcement
- Phase 2: Departments, pipeline DAG, LLM adapters (OpenAI/Anthropic/Ollama), subagent trees, MCP server, Docker
- Phase 3: Web dashboard (SPA + htmx), fleet modal, DAG editor, circuit breaker, fallback chain, cost tracking
- Phase 4: WASM plugin SDK, 19-tool registry, skills marketplace integration, session compaction (model-aware context windows)
- Phase 4.5: Native cron job scheduler (cron-format + @every, pipeline triggers, cron_schedule tool), multi-MCP server (N configurable servers with HTTP/stdio transport and per-server toolFilter), channel adapters (Telegram bot integration via polling, Discord bot integration via Gateway WebSocket, bare WebSocket adapter with exponential backoff reconnect), self-learning engine (ObserverβExtractorβGenerator pipeline, Jaccard similarity clustering, auto-skill generation with confidence scoring)
- Phase 5: Launch (Show HN), community site, enterprise page, tutorials, SSO/RBAC, v1.0
AgentForge is more than a framework β it's a suite of open-source tools:
| Project | Repo | Description |
|---|---|---|
| Agent Skills | JPeetz/agent-skills | Highest-quality collection of cross-platform agent skills β 18+ production skills, twice-weekly releases |
| MeMex Zero RAG | JPeetz/MeMex-Zero-RAG | Local-first AI memory system β structured wiki, git-based persistence, full-text search |
| CodeFlow Β· AF Edition | JPeetz/codeflow-agentforge | Codebase & Obsidian vault visualization β dependency graphs, health scores, blast radius |
| SEO + GEO API | JPeetz/SEO-API | Dual-purpose SEO keyword research & geographic query API |
AgentForge is BUSL-1.1 licensed β free for any use except production SaaS hosting. Converts to Apache 2.0 after 4 years.
Built with Go. Secured by design. Deployed anywhere.
Website Β· Docs Β· Agent Skills Β· Discord Β· Blog