agent_reel ✨🎞️
agent_reel turns local coding-agent activity into a projection-safe live reel.
agent activity, reduced to signal.
core shape:
- adapters observe codex, claude, mcp, shell, and telemetry surfaces
- events are normalized before storage
- redaction is applied before display
- story windows settle noisy streams into contextual bulletins
- highlight scoring prefers completion, failure, risk, novelty, and changed state
- the browser surface advances on its own; no scrolling, no controls, no cloud
the product is not a dashboard. it is a local broadcast layer.
install
happy path
the reel is served at:
http://127.0.0.1:7777/reel
after setup, the page requires no scrolling, clicking, refreshing, or human control. new agent activity becomes a sequence of display-safe bulletins that advance through time.
inputs
first-class inputs:
- codex
exec --json - codex app-server streams
- codex hooks
- claude code
--output-format stream-json - claude code hooks
- mcp JSON-RPC streams
- generic local telemetry
the daemon may discover active tools, but it is honest about capture limits.
already-running private TUI sessions are only observable when they expose a stream, hook,
app-server, telemetry surface, transcript, or were launched through an agent_reel shim.
safety boundary
raw prompts, secrets, absolute home paths, command output, and file diffs are not display material by default.
default posture:
- bind to
127.0.0.1 - no cloud
- no analytics
- no raw prompt display
- no raw command output display
- no raw diff display
- raw event storage off
- aggressive redaction on
- path hashing on
- non-loopback bind requires a display token
security invariants:
- redaction runs before store
- redaction runs before SSE
- query params cannot disable redaction
- raw-event quarantine is local-only
- uninstall restores edited config files
- hook helper never prints secrets
- adapter errors never panic the daemon
the reel is a view of agent activity, not an agent control plane.
quick ingest
start the daemon:
send a safe generic event:
open:
commands
agent-reel doctor
agent-reel init --auto
agent-reel init --codex
agent-reel init --claude
agent-reel serve
agent-reel open
agent-reel auth github
agent-reel auth status
agent-reel auth logout
agent-reel ingest --source generic < event.json
agent-reel ingest --source codex-jsonl < events.jsonl
agent-reel ingest --source claude-stream-json < events.jsonl
agent-reel codex active --sessions 2
agent-reel codex active --sessions 2 --watch
agent-reel codex import ~/.codex/sessions/2026/04/23/rollout-...jsonl
agent-reel codex stories --sessions 2
agent-reel claude stream < stream.jsonl
agent-reel claude active --sessions 2
agent-reel claude active --sessions 2 --watch
agent-reel claude import ~/.claude/projects/.../session.jsonl
agent-reel claude stories --sessions 2
agent-reel p2p init
agent-reel p2p join mainnet
agent-reel p2p discover github mosure --all --explain
agent-reel p2p share --feed workstation --visibility private
agent-reel p2p publish --dry-run --agents codex,claude --sessions 2
agent-reel p2p publish --dry-run --sessions 2 --per-story
agent-reel p2p publish --dry-run --summarizer codex-exec
agent-reel p2p publish --dry-run --summarizer claude-code
agent-reel p2p publish --dry-run --images --image-processor codex-exec
agent-reel p2p publish --dry-run --images --image-processor process --image-command ./summarize-image
agent-reel p2p publish --dry-run --images --image-processor http-endpoint --image-endpoint http://127.0.0.1:8787/summarize-image
agent-reel hook --source claude --event PreToolUse
agent-reel uninstall --restore-hooks
codex active reads ~/.codex/history.jsonl, selects the most recent distinct
session ids, finds their transcript JSONL files under ~/.codex/sessions, and
imports display-safe lifecycle/tool/file-change events through the normal
redaction path.
codex stories uses the same active-session discovery, but it does not post to
the daemon. it compiles selected transcripts into settled story summaries.
claude stream reads Claude Code --output-format stream-json JSONL from stdin
and posts display-safe events to the local daemon. claude active discovers the
newest transcript JSONL files under ~/.claude/projects and can watch appended
events. hook JSON from Claude Code can also be piped through agent-reel hook --source claude --event PreToolUse; failures are logged and fail open.
the hook helper reads stdin, posts to loopback, exits 0 on daemon failure, and never
blocks the agent unless explicitly installed as a policy hook. telemetry hooks are
fail-open.
github auth
native github auth is edge-mediated. the cli never needs a github client secret.
agent-reel auth github
the command binds a one-shot loopback callback, opens the edge github sign-in
URL in the browser, validates the returned state, and writes the resulting
github profile/session to ~/.agent_reel/auth/github.json with owner-only file
permissions.
useful variants:
agent-reel auth github --print-url
agent-reel auth github --no-browser
agent-reel auth github --edge https://edge.feed.aberration.technology
agent-reel auth github --callback-bind 127.0.0.1:0
the hosted browser shell uses the same edge authority. /network is the
interactive surface for github sign-in, private feed grants, and browser seed
material. projection routes stay story-only and do not become raw stream access
after sign-in.
story compiler
the display path is:
event -> story window -> settled story -> bulletin
low-context token streams, shell polling, session starts, and file reads are stored but not shown. a story settles on changed files, failed tools, failed turns, permission events, test signals, plan updates, or a final flush. summaries are deterministic and do not copy raw prompts, command output, or diffs.
p2p
p2p is opt-in. the local reel remains the default.
agent streams -> redaction -> story compiler -> signed story capsules -> p2p feed
the p2p publish layer accepts signed story capsules, not raw events. private feeds require subscription grants. public topic names hash feed ids and do not include handles, repo names, hostnames, or local usernames.
network participation is not a feed subscription. native peers may join the fabric, cache signed directory records, serve rendezvous/kad/provider lookups, or host browser handoff transports without receiving story capsules. a feed starts delivering only after an explicit follow/subscription grant path.
summarization is publisher-side. subscribers receive already-summarized capsules and do
not spend tokens or run external processors. the default p2p publisher uses a deterministic
feed rollup, so a noisy window becomes one small recap capsule. --per-story keeps one
capsule per settled story when an operator wants more detail.
external summarizers are opt-in and still pass through the same guardrails before signing:
deterministic
codex-exec
claude-code
process
http-endpoint
codex-exec and claude-code are built-in process profiles. custom processes,
HTTP endpoints, and in-process adapters receive only redacted story facts, never
raw prompts, raw command output, raw diffs, or absolute paths. their output is
guarded again before a capsule is signed.
headline images are also publisher-side and disabled by default. when enabled,
the image processor receives the settled headline, deck, lower-third, chips, and
style policy, then may return either a cached image reference or null. not
every headline needs art. image output is still guardrailed: no raw prompts,
readable code, command output, diffs, absolute paths, repo names, credentials,
or personal data. subscribers do not run image generation.
the projection UI is text-only by default. a viewer may opt in with
?images=on or local storage key agent_reel.images=enabled; ?images=off,
text=only, or text_only=true force text-only mode.
github routes
the hosted browser shell treats a single path segment as a github user lookup:
https://feed.aberration.technology/mosure
https://feed.aberration.technology/@mosure
https://feed.aberration.technology/mosure/*
https://feed.aberration.technology/mosure/workstation
https://feed.aberration.technology/mosure?all
https://feed.aberration.technology/mosure?streams=workstation,release
https://feed.aberration.technology/mosure?agents=codex,claude&kinds=turn.complete,test.fail&min_score=75
https://feed.aberration.technology/mosure/workstation?view=timeline
the path login is only a human-readable alias. the edge resolves it to the durable github numeric user id, then issues a signed discovery ticket containing the verified profile, visible feed records, bootstrap peers, rendezvous namespaces, provider keys, and a signed browser seed.
remote headlines render the publisher from the signed feed owner, not from raw
capsule text. the browser shows the cached github avatar and @login beside the
headline when the feed record or capsule carries a verified github publisher.
feed names are logical labels. one account may publish multiple logical feeds, and more than one node may announce the same logical feed name:
mosure/workstation
mosure/release
mosure/*
mosure/* means all visible settled story streams for that github identity. it
does not mean raw stream access.
the default route remains automated projection. interactive browsing is opt-in:
?view=timeline
?timeline=1
timeline mode is a vertical, scroll-snapped view over the selected user/feed.
it keeps a bounded ring buffer of recent settled story capsules and never
subscribes to private feeds without an explicit grant. /reel and the normal
deep links stay hands-free.
?all means all visible settled story streams:
story_only = true
raw_events = false
require_settled = true
privacy-weakening query params such as redact=off, raw=true, and diffs=true
are ignored by the route compiler.
waiting states are explicit:
resolving github identity
finding feeds on mainnet
dialing p2p peers
waiting for story capsules
the projection page does not show raw network errors. detailed failure state
belongs in /network/debug.
local api
GET /reel
GET /reel/{view}
GET /events.sse
GET /api/reel/snapshot
GET /api/bulletins
GET /api/events
GET /api/agents
GET /api/sessions
GET /api/adapters
GET /api/health
POST /ingest/codex/jsonl
POST /ingest/codex/hook
POST /ingest/claude/stream-json
POST /ingest/claude/hook
POST /ingest/mcp
POST /ingest/otel
POST /ingest/generic
edge api:
GET /auth/github
GET /callback/github
GET /resolve/github/{login}
GET /directory/github/{github_user_id}
GET /directory/feed/{feed_id}
GET /browser-seed
GET /avatar/github/{github_user_id}
POST /subscription/request
POST /subscription/approve
GET /network/snapshot
GET /healthz
GET /readyz
config
[]
= "127.0.0.1:7777"
= true
= 5000
[]
= "~/.agent_reel/events.db"
= "off"
= 7
= 100_000
[]
= "aggressive"
= true
= true
= false
= false
= false
[]
= "stage"
= "projection"
= true
= 14000
= 20000
= 30000
= 90
= 420
[]
= "settled"
= 65
= 70
= 300
= 4
[]
= "feed_rollup" # feed_rollup | per_story
= "deterministic" # deterministic | codex-exec | claude-code | process | http-endpoint
= 720
= 32
[]
= false
= "disabled" # disabled | codex-exec | claude-code | process | http-endpoint
= "best_judgement" # best_judgement | always_ask | never
= false
= ["/assets/headlines/", "/media/headlines/"]
[]
= "p2p-strict"
= false
= false
= false
[[]]
= "credential"
= "(?i)(password|credential|secret|token|api[_-]?key)"
= "mask"
[]
= false
= "agent-reel-mainnet"
= "local"
[]
= true
= true
= true
= true
= 20000
[]
= true
= false # fabric/routing participation does not imply follow
= true
[]
= true
= true
= true
= true
[]
= false
= true
= false
= "deterministic"
= false
[]
= true
= false
= true
[]
= "settled"
= false
= true
= 75
= 70
= 4
URI filters may narrow the view:
/reel?agents=codex,claude
/reel?kinds=turn.complete,tool.fail,permission.request
/reel?project=burn_dragon
/reel?layout=incident
/reel?density=ambient
/reel?since=30m
URI filters may not weaken privacy. ?redact=off is ignored unless the daemon is
started in explicit debug mode.
workspace map
agent_reel/
Cargo.toml
README.md
LICENSE-APACHE
LICENSE-MIT
deny.toml
justfile
xtask/
crates/
agent_reel/ public facade, stable types, extension traits
agent_reel_cli/ binary: agent-reel
agent_reel_core/ ids, time, event model, score model, typed errors
agent_reel_adapters/ codex, claude, mcp, otel, shim, process discovery
agent_reel_ingest/ HTTP ingest, JSONL ingest, hook helper protocol
agent_reel_redaction/ secret scanning, path masking, prompt/output policy
agent_reel_filter/ allow/deny rules, URI filters, project filters
agent_reel_highlight/ scoring, clustering, deduplication, recap generation
agent_reel_story/ story windows, settle rules, p2p-safe summaries
agent_reel_summarize/ feed rollups, guardrails, external processors
agent_reel_reel/ bulletin scheduler, dwell rules, urgent queue
agent_reel_store/ sqlite store, ring buffer, retention, raw-event policy
agent_reel_server/ axum routes, SSE, auth, embedded UI assets
agent_reel_views/ read models consumed by /api and UI
agent_reel_security/ display tokens, LAN mode, CORS, mutation safety
agent_reel_metrics/ counters, health, adapter lag, dropped events
agent_reel_install/ doctor, discovery, shims, hook merge/uninstall
agent_reel_identity/ provider-neutral identity model
agent_reel_identity_github/ github login/id/profile resolver
agent_reel_directory/ route parser, signed feed directory, tickets
agent_reel_p2p_proto/ signed feed profiles, story capsules, grants
agent_reel_p2p/ native publish/subscribe runtime boundary
agent_reel_auth/ provider-neutral identity model
agent_reel_auth_github/ github profile and device-flow boundary
agent_reel_social/ feed directory and follow request state
agent_reel_browser/ wasm/browser peer bootstrap boundary
agent_reel_p2p_browser/ browser route states and discovery view models
agent_reel_edge/ bootstrap, auth, directory, browser seed edge
agent_reel_deploy/ deployment templates and operator surfaces
agent_reel_testkit/ fake streams, fixtures, projector snapshots
agent_reel_ui/ self-contained HTML/CSS/TS broadcast client
roadmap
m0 - signal path:
- local server
- embedded
/reelpage - generic ingest endpoint
- canonical event model
- SSE stream
- one-card stage UI
m1 - codex / claude:
- codex
exec --jsonadapter - claude
stream-jsonadapter - basic hook helper
- redaction
- highlight scoring
- sqlite store
m2 - auto-init:
- doctor
- config discovery
- hook merge with backups
- shell shim install
- systemd or launchd service
- uninstall restore
m3 - broadcast UI:
- stage layout
- breaking layout
- ticker
- idle state
- recaps
- wall mode
- ambient mode
- projector snapshot tests
m4 - production safety:
- aggressive redaction suite
- display/admin token split
- raw quarantine
- retention policy
- adapter backpressure
- reconnect snapshots
m5 - story compiler:
- story windows
- settle conditions
- context scoring
- anti-spam policy
- p2p-safe capsule model
- publisher-side feed summaries
- modular guardrails and external summarizer processors
m6 - native p2p alpha:
- agent_reel_p2p_proto
- native p2p node boundary
- feed profiles
- public feed capsules
- snapshot request-response
m6.1 - username route model:
- remote user route parser
- privacy-preserving query compiler
- waiting-state browser view model
m6.2 - github identity resolver:
- github login to durable id model
- edge-mediated cli/browser github sign-in
- profile view and resolver trait
- signed discovery ticket
- fake github tests
m6.3 - directory records:
- feed directory entries
- stream descriptors
- signed browser seeds
- edge resolver API shape
m6.4 - native p2p discovery:
- github user directory announcements
- opaque github user topics
- provider-key fallback surface
- signed feed record discovery tests
m7 - protocol depth:
- codex app-server adapter
- mcp stream observer
- claude otel ingest
- adapter health cards
- schema generation
m8 - distribution:
- signed binaries
- homebrew tap
- nix flake
- cargo install path
- release checklist
- operator runbook
development
just check is a thin wrapper over the same command.