[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-78110":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":10,"rankLanguage":10,"license":22,"archived":23,"fork":23,"defaultBranch":24,"hasWiki":25,"hasPages":25,"topics":26,"createdAt":10,"pushedAt":10,"updatedAt":27,"readmeContent":28,"aiSummary":29,"trendingCount":16,"starSnapshotCount":16,"syncStatus":30,"lastSyncTime":31,"discoverSource":32},78110,"centaur","paradigmxyz\u002Fcentaur","paradigmxyz","Multiplayer, self-hosted, secure agents.","https:\u002F\u002Fcentaur.run",null,"Python",755,126,4,28,0,8,47,424,37,10.31,"Other",false,"main",true,[],"2026-06-12 02:03:46","\u003Cimg width=\"1500\" height=\"500\" alt=\"image\" src=\"https:\u002F\u002Fgithub.com\u002Fuser-attachments\u002Fassets\u002Fcc85cdb1-5a72-4eb2-ba1b-2e0a8fbbf691\" \u002F>\n\n\u003Ch4 align=\"center\">\n    Shared AI agents for teams.\n\u003C\u002Fh4>\n\n\u003Cp align=\"center\">\n  Talk to an agent in Slack, give it your tools, and let it run real work in a sandbox.\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n  \u003Ca href=\"#features\">Features\u003C\u002Fa> •\n  \u003Ca href=\"#overview\">Overview\u003C\u002Fa> •\n  \u003Ca href=\"#getting-started\">Getting Started\u003C\u002Fa> •\n  \u003Ca href=\"#documentation\">Documentation\u003C\u002Fa>\n\u003C\u002Fp>\n\n## Features\n\n- **Slack-native agent conversations**: mention the bot in Slack and get progress plus final answers back in the thread.\n- **Real execution environment**: each conversation runs in an isolated Kubernetes sandbox with a shell, workspace, git, Python, Node.js, Bun, and common development tools.\n- **Bring your own harness**: run CLI-based agents such as Amp, Claude Code, Codex, or deployment-specific harnesses.\n- **Shared tools**: add Python tool plugins once and make them available to every agent conversation.\n- **Durable workflows**: run jobs that can sleep, resume, wait for events, start child agents, and survive service restarts.\n- **Credential boundaries**: agents can use approved services without receiving raw API keys in their environment.\n- **Replayable state**: messages, executions, events, and delivery state are stored so clients can reconnect without losing the result.\n- **Organization overlays**: layer in your own tools, workflows, personas, skills, and prompts without forking the base platform.\n\n...and a lot more.\n\n## Overview\n\nCentaur is a self-hosted agent platform for teams that want one shared agent instead of many one-off local setups.\n\n```text\n# 1. Ask from Slack.\n@centaur can you figure out why the billing tests are failing?\n\n# 2. Centaur assigns a sandbox for the thread.\n# The agent can inspect code, run commands, and call approved tools.\n\n# 3. Progress and the final answer are delivered back to Slack.\n```\n\nYou can also drive Centaur directly through the API:\n\n```text\nPOST \u002Fagent\u002Fspawn      # assign or reuse a sandbox\nPOST \u002Fagent\u002Fmessage    # store the user turn\nPOST \u002Fagent\u002Fexecute    # start the agent\nGET  \u002Fagent\u002Fthreads\u002F{thread_key}\u002Fevents\n```\n\nThe platform handles sandbox lifecycle, durable transcript storage, tool access, credential injection, workflow execution, and final delivery.\n\n## What Centaur Is Good For\n\n- investigating CI failures\n- answering questions with internal tools\n- summarizing Slack threads or customer context\n- running recurring checks and digests\n- coordinating multi-step operational workflows\n- giving agents access to a real repo and test environment\n- standardizing agent behavior across a team\n\n## How It Works\n\n```text\nSlack or API\n    |\n    v\nCentaur API\n    |\n    +-- Postgres durable state\n    +-- tool and workflow registry\n    +-- sandbox assignment\n    |\n    v\nKubernetes sandbox\n    |\n    +-- agent harness\n    +-- workspace and shell\n    +-- API-mediated tool calls\n    |\n    v\nControlled outbound access\n```\n\nThe main directories are:\n\n- [`services\u002Fapi`](services\u002Fapi\u002F) — control plane for agents, tools, workflows, auth, and durable state\n- [`services\u002Fslackbot`](services\u002Fslackbot\u002F) — Slack event handling and Slack delivery\n- [`services\u002Fsandbox`](services\u002Fsandbox\u002F) — agent container image and harness adapter\n- [iron-proxy](https:\u002F\u002Fdocs.iron.sh) ([service](services\u002Firon-proxy\u002F)) — controlled outbound access and credential injection\n- [`tools`](tools\u002F) — tool plugins\n- [`workflows`](workflows\u002F) — workflow plugins\n\n## Getting Started\n\nCentaur runs locally on Kubernetes. The expected local checkout path is:\n\n```bash\n\u002FUsers\u002Fmagelinskaas\u002Fparadigmxyz\u002Fcentaur\n```\n\nClone the repo and enter it:\n\n```bash\ngit clone \u003Crepo-url>\ncd centaur\n```\n\nInstall the local command runner:\n\n```bash\nbrew install just\n```\n\nFor a first-time local boot, Centaur needs these infrastructure secrets in your shell:\n\n```bash\nexport OP_SERVICE_ACCOUNT_TOKEN=...\nexport OP_VAULT=...\nexport SLACK_BOT_TOKEN=...\nexport SLACK_SIGNING_SECRET=...\nexport SLACKBOT_API_KEY=...\n```\n\nCreate the Slackbot app at [api.slack.com\u002Fapps](https:\u002F\u002Fapi.slack.com\u002Fapps).\nUse the app's Bot User OAuth Token for `SLACK_BOT_TOKEN` and its Signing Secret\nfor `SLACK_SIGNING_SECRET`.\n\nWhat they are for:\n\n- `OP_SERVICE_ACCOUNT_TOKEN`: lets [iron-proxy](https:\u002F\u002Fdocs.iron.sh) resolve 1Password-backed runtime secrets\n- `OP_VAULT`: the 1Password vault name or id to read from\n- `SLACK_BOT_TOKEN`: Slack bot token for the local Slackbot service\n- `SLACK_SIGNING_SECRET`: verifies incoming Slack requests\n- `SLACKBOT_API_KEY`: API key the Slackbot uses to call Centaur\n\nThen create local Kubernetes Secrets from those environment variables and boot the stack:\n\n```bash\njust bootstrap-secrets\njust up\n```\n\nAfter `just up` finishes, use Slack or the API examples in the [Developer Guide](AGENTS.md#e2e-testing-without-slack).\n\n## Tools\n\nTools are small Python plugins. A tool can wrap an internal service, public API, database, search endpoint, deployment system, or anything else an agent should be allowed to use.\n\n```text\ntools\u002Fmy_tool\u002F\n├── __init__.py\n├── client.py\n├── cli.py\n├── .env.example\n└── pyproject.toml\n```\n\nPublic methods on the client become tool endpoints. For example, `search()` becomes:\n\n```text\nPOST \u002Ftools\u002Fmy_tool\u002Fsearch\n```\n\n## Workflows\n\nWorkflows are Python functions with durable steps.\n\n```python\nWORKFLOW_NAME = \"daily_digest\"\n\nasync def handler(inp, ctx):\n    data = await ctx.step(\"collect\", lambda: collect_digest_data(inp))\n    summary = await ctx.run_agent(\"summarize\", text=f\"Summarize this: {data}\")\n    return {\"summary\": summary}\n```\n\nUse workflows when a task should run longer than one request, wait for something external, run on a schedule, or coordinate multiple agent turns.\n\n## Security Model\n\nCentaur is designed around practical isolation and auditability:\n\n- each conversation runs in a Kubernetes sandbox with a default-deny NetworkPolicy\n- sandboxes call tools through the Centaur API and reach the outside world only through a per-sandbox [iron-proxy](https:\u002F\u002Fdocs.iron.sh)\n- sandboxes only ever see placeholder strings for upstream credentials; real values are swapped in by iron-proxy only on outbound requests to the specific hosts and headers a secret is bound to\n- messages, executions, events, and delivery state are persisted\n- outbound activity can be audited\n\nSee [Security](docs\u002Fpages\u002Fsecurity.mdx) for the full threat model and the mechanisms behind each of these points, including known limitations like the shared credential vault.\n\n## Documentation\n\n- [Docs app](docs\u002F) — Vocs documentation source\n- [Quickstart](docs\u002Fpages\u002Fquickstart.mdx) — boot the local Kubernetes stack and run one agent turn\n- [Deploying in Production](docs\u002Fpages\u002Fdeploying-in-production.mdx) — production secrets, Slack, Helm, and verification\n- [Architecture](docs\u002Fpages\u002Farchitecture.mdx) — control plane, sandbox runtime, tools, workflows, and credential injection\n- [Developer Guide](AGENTS.md) — full local setup, architecture, API contracts, migrations, testing, and conventions\n- [Tools](tools\u002F) — built-in tool plugins\n- [Workflows](workflows\u002F) — external workflow plugins\n- [API service](services\u002Fapi\u002F) — FastAPI control plane\n- [Slackbot](services\u002Fslackbot\u002F) — Slack integration\n- [Sandbox](services\u002Fsandbox\u002F) — agent runtime image\n\n## Contributing\n\nBefore pushing changes, build and test the affected service locally:\n\n```bash\njust build-one \u003Cservice>\njust deploy\n```\n\nFor Python checks:\n\n```bash\nuv run ruff check .\nuv run ruff format .\nuv run pytest\n```\n\nSee the [Developer Guide](AGENTS.md) for code conventions and end-to-end testing instructions.\n\n## Acknowledgements\n\nCentaur builds on excellent open-source infrastructure, including [FastAPI](https:\u002F\u002Ffastapi.tiangolo.com\u002F), [Kubernetes](https:\u002F\u002Fkubernetes.io\u002F), [mitmproxy](https:\u002F\u002Fmitmproxy.org\u002F), and the agent harnesses teams choose to run inside the sandbox.\n","Centaur 是一个为团队设计的多人、自托管的安全代理平台。其核心功能包括通过Slack与代理进行原生对话，支持在隔离的Kubernetes沙盒环境中执行真实任务，允许用户引入自己的CLI基础代理如Amp或Claude Code，并能共享Python工具插件等。该平台还具备持久化工作流和凭证边界管理等功能，确保了安全性与灵活性。适用于需要调查CI失败原因、使用内部工具回答问题、运行定期检查及协调多步骤操作流程等场景，尤其适合希望统一团队内代理行为标准的企业。",2,"2026-06-11 03:56:28","CREATED_QUERY"]