symbi 1.5.0

AI-native agent framework for building autonomous, policy-aware agents that can safely collaborate with humans, other agents, and large language models
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76

{
  "$schema": "https://context7.com/schema/context7.json",
  "url": "https://context7.com/thirdkeyai/symbiont",
  "public_key": "pk_Ehy7QXQTu2Keb0e5BNeyx",
  "projectTitle": "Symbiont",
  "description": "AI-native agent runtime with zero-trust security, policy-as-code, multi-tier sandboxing, webhook verification, markdown memory persistence, skill scanning, metrics collection, scheduling, channel adapters, and a declarative DSL. Part of the ThirdKey trust stack.",
  "folders": [
    "SKILL.md",
    "README.md",
    "docs/getting-started.md",
    "docs/dsl-guide.md",
    "docs/dsl-specification.md",
    "docs/api-reference.md",
    "docs/runtime-architecture.md",
    "docs/security-model.md",
    "docs/scheduling.md",
    "docs/http-input.md",
    "docs/native-execution-guide.md",
    "docs/repl-guide.md",
    "agents"
  ],
  "excludeFolders": [
    "**/target",
    "**/node_modules",
    "src",
    "crates",
    "docs/assets",
    "docs/_sass",
    "docs/_includes",
    "docs/_plugins",
    "docs/plans",
    "enterprise",
    "scripts",
    "docker",
    "tools",
    "examples"
  ],
  "excludeFiles": [
    "**/*.png",
    "**/*.jpg",
    "**/*.ico",
    "**/*.rs",
    "**/*.lock",
    "docs/*.de.md",
    "docs/*.es.md",
    "docs/*.ja.md",
    "docs/*.pt.md",
    "docs/*.zh-cn.md",
    "README.de.md",
    "README.es.md",
    "README.ja.md",
    "README.pt.md",
    "README.zh-cn.md",
    "CHANGELOG.md",
    "ROADMAP.md",
    "SECURITY.md",
    "CODE_OF_CONDUCT.md",
    "Cargo.toml",
    "Cargo.lock",
    "deny.toml",
    "Dockerfile",
    ".dockerignore",
    ".gitignore"
  ],
  "rules": [
    "Symbiont uses a declarative DSL for agent definitions — metadata, agent blocks, policy blocks, and with-clauses for memory/security/timeout configuration",
    "Zero-trust by default: all inputs are untrusted, explicit allow/deny policies required, multi-tier sandboxing (Docker → gVisor → Firecracker)",
    "Policy-as-code: security rules are declared inline with 'policy' blocks containing allow, deny, require, and audit directives",
    "Workspace crates: runtime (core engine with http-input, http-api, vector-db features), dsl (parser + compiler), channel-adapter (Slack/Teams/Mattermost), repl-core/repl-cli/repl-lsp (REPL tooling)",
    "Webhook verification: HmacVerifier and JwtVerifier with provider presets for GitHub, Stripe, Slack — constant-time signature comparison",
    "Markdown memory persistence: agent context stored as markdown files with daily logs, retention-based compaction, and atomic writes",
    "Skill scanning: 10 built-in ClawHavoc security rules detect pipe-to-shell, env file references, SOUL.md tampering, eval+fetch, base64-decode-exec, rm-rf, chmod-777",
    "Metrics collection: FileMetricsExporter (atomic JSON), CompositeExporter (fan-out), background MetricsCollector — runtime exposes /metrics/snapshot, /metrics/scheduler, /metrics/system endpoints",
    "SchemaPin integration for MCP tool schema verification; AgentPin integration for agent identity credentials (ES256 only)"
  ]
}