Captain 0.1.0-alpha.1
Pre-releaseCaptain 0.1.0-alpha.1
Captain's first public early-access release packages the release-grade core as
a self-hosted Rust daemon with durable sessions, guarded tool execution,
bounded memory, projects and automation, isolated agents, and authenticated
Control/API/channel surfaces.
Install
macOS, Linux, and VPS:
curl -fsSL https://github.com/Vivien83/captain/releases/download/v0.1.0-alpha.1/install.sh \
| CAPTAIN_VERSION=v0.1.0-alpha.1 bashDocker (linux/amd64 and linux/arm64):
docker pull ghcr.io/vivien83/captain-agent-os:v0.1.0-alpha.1The release also contains an x86_64-pc-windows-msvc CLI zip. Every host
archive has a SHA-256 sidecar and platform manifest; manifest.json covers all
five targets.
Highlights
- Conversations are durable, automatically named, and reopenable across Web
Control, TUI, CLI, API, and the frozen Desktop wrapper. - Detached tool work survives interruption as inspectable state. Independent
read-only operations may run concurrently; dependencies stay ordered. - Agent-as-service provisioning prepares authenticated ingress automatically
and reports exactly what remains before signed egress callbacks are ready. - Codex catalog updates are detected in the background, but model changes
always require an explicit decision and session strategy. - Approval gates, capability scopes, budgets, loop guards, snapshots, audit
chaining, runtime health, and bounded shutdown behavior constrain autonomy. - The public source tree is secret-scanned, stripped of maintainer-only paths
and history, and published with manual-only GitHub Actions. - Local release builds execute every macOS and Linux binary before packaging,
reject compiled-version drift, and verify macOS ad-hoc signatures.
Alpha notice
This is a prerelease. Keep backups, review granted capabilities, and do not use
it for critical workloads. macOS binaries are ad-hoc signed but not
Apple-notarized; the Windows CLI is not Authenticode-signed. Verify the
published SHA-256 sidecar and expect an explicit operating-system approval on
first launch.
Captain binds to loopback by default. For remote access, configure Captain
authentication and place it behind HTTPS; never expose an unauthenticated
daemon directly to the Internet.
The presentation site is intentionally not part of this public repository or
release.