{"id":46260013,"url":"https://github.com/dojops/dojops","last_synced_at":"2026-04-01T19:02:26.698Z","repository":{"id":342027586,"uuid":"1172064086","full_name":"dojops/dojops","owner":"dojops","description":"⚡ AI Automation Engine","archived":false,"fork":false,"pushed_at":"2026-03-25T20:56:27.000Z","size":39567,"stargazers_count":16,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-03-25T21:14:05.065Z","etag":null,"topics":["agentic","ai","ai-agents","automation","cicd","continuous-integration","devops","devsecops","iac","mcp","piplines","security"],"latest_commit_sha":null,"homepage":"https://dojops.ai","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dojops.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"docs/agents.md","dco":null,"cla":null}},"created_at":"2026-03-03T22:53:44.000Z","updated_at":"2026-03-25T20:53:09.000Z","dependencies_parsed_at":"2026-03-10T07:05:01.183Z","dependency_job_id":null,"html_url":"https://github.com/dojops/dojops","commit_stats":null,"previous_names":["dojops/dojops"],"tags_count":17,"template":false,"template_full_name":null,"purl":"pkg:github/dojops/dojops","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dojops%2Fdojops","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dojops%2Fdojops/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dojops%2Fdojops/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dojops%2Fdojops/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dojops","download_url":"https://codeload.github.com/dojops/dojops/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dojops%2Fdojops/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31257014,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-31T18:32:52.363Z","status":"ssl_error","status_checked_at":"2026-03-31T18:32:51.507Z","response_time":111,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agentic","ai","ai-agents","automation","cicd","continuous-integration","devops","devsecops","iac","mcp","piplines","security"],"created_at":"2026-03-04T01:26:46.356Z","updated_at":"2026-04-01T19:02:26.686Z","avatar_url":"https://github.com/dojops.png","language":"TypeScript","readme":"\u003cp align=\"center\"\u003e\n \u003cimg src=\"packages/api/public/logo/official-dojops-logo.png\" alt=\"DojOps\" width=\"120\" /\u003e\n\u003c/p\u003e\n\n\u003ch1 align=\"center\"\u003eDojOps\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\n \u003cstrong\u003eAI-powered automation engine for infrastructure, CI/CD, and security.\u003c/strong\u003e\u003cbr /\u003e\n Describe what you need. DojOps generates it, validates it, and writes it safely.\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n \u003ca href=\"#quick-start\"\u003eQuick start\u003c/a\u003e \u0026nbsp;\u0026middot;\u0026nbsp;\n \u003ca href=\"#key-capabilities\"\u003eCapabilities\u003c/a\u003e \u0026nbsp;\u0026middot;\u0026nbsp;\n \u003ca href=\"https://doc.dojops.ai\"\u003eDocs\u003c/a\u003e \u0026nbsp;\u0026middot;\u0026nbsp;\n \u003ca href=\"https://hub.dojops.ai\"\u003eSkill hub\u003c/a\u003e \u0026nbsp;\u0026middot;\u0026nbsp;\n \u003ca href=\"https://dojops.ai\"\u003eWebsite\u003c/a\u003e \u0026nbsp;\u0026middot;\u0026nbsp;\n \u003ca href=\"#contributing\"\u003eContributing\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n \u003ca href=\"https://www.npmjs.com/package/@dojops/cli\"\u003e\u003cimg src=\"https://img.shields.io/npm/v/@dojops/cli?style=flat-square\u0026color=00e5ff\u0026label=version\" alt=\"npm version\" /\u003e\u003c/a\u003e\n \u003ca href=\"https://www.npmjs.com/package/@dojops/cli\"\u003e\u003cimg src=\"https://img.shields.io/npm/dm/@dojops/cli?style=flat-square\u0026color=00e5ff\u0026label=downloads\" alt=\"npm downloads\" /\u003e\u003c/a\u003e\n \u003ca href=\"https://github.com/dojops/dojops/actions/workflows/ci.yml\"\u003e\u003cimg src=\"https://img.shields.io/github/actions/workflow/status/dojops/dojops/ci.yml?branch=main\u0026style=flat-square\u0026label=CI\" alt=\"CI\" /\u003e\u003c/a\u003e\n \u003ca href=\"https://github.com/dojops/dojops\"\u003e\u003cimg src=\"https://img.shields.io/github/stars/dojops/dojops?style=flat-square\u0026color=eab308\" alt=\"GitHub stars\" /\u003e\u003c/a\u003e\n \u003ca href=\"https://github.com/dojops/dojops/blob/main/LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/github/license/dojops/dojops?style=flat-square\u0026color=blue\" alt=\"License\" /\u003e\u003c/a\u003e\n \u003cimg src=\"https://img.shields.io/badge/node-%3E%3D20-339933?style=flat-square\u0026logo=node.js\u0026logoColor=white\" alt=\"Node\" /\u003e\n \u003cimg src=\"https://img.shields.io/badge/typescript-5.4+-3178c6?style=flat-square\u0026logo=typescript\u0026logoColor=white\" alt=\"TypeScript\" /\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n \u003ca href=\"https://sonarcloud.io/summary/new_code?id=dojops_dojops\"\u003e\u003cimg src=\"https://sonarcloud.io/api/project_badges/measure?project=dojops_dojops\u0026metric=alert_status\" alt=\"Quality Gate Status\" /\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"assets/demo.svg\" alt=\"DojOps CLI Demo\" width=\"800\" /\u003e\n\u003c/p\u003e\n\n---\n\n## Why DojOps?\n\nWriting Terraform, Kubernetes, and CI/CD configs by hand is slow. Using an LLM to generate them is fast but risky: no schema enforcement, no execution controls, no audit trail. Compliance teams can't sign off on configs they can't verify.\n\nDojOps sits between you and your LLM provider. It constrains output to Zod schemas, validates configs with external tools (terraform validate, hadolint, kubectl dry-run), writes files through a sandbox with approval gates, and logs every action to a tamper-proof audit chain.\n\n```\nYou → DojOps CLI → Agent Router → Specialist Agent → LLM Provider\n ↓ ↓\n Skill Engine Schema Validation\n ↓ ↓\n Policy Engine → Sandbox → File Write → Audit Log\n```\n\n---\n\n## At a glance\n\n| | |\n| ------------------------ | ------------------------------------------------------------------------------------------------------------------ |\n| **32 specialist agents** | Terraform, Kubernetes, CI/CD, security, Docker, cloud, SRE, incident response, and more |\n| **38 built-in skills** | `.dops v2` manifests for GitHub Actions, Terraform, K8s, Helm, Docker, Nginx, Falco, Vault, Istio, EKS, and others |\n| **7 LLM providers** | OpenAI, Anthropic, Ollama (local), DeepSeek, Mistral, Google Gemini, GitHub Copilot |\n| **10 security scanners** | Trivy, Gitleaks, Checkov, Semgrep, Hadolint, ShellCheck, npm/pip audit, SBOM, license scan |\n| **12 packages** | Modular monorepo - CLI, API, runtime, planner, executor, scanner, core, SDK, and more |\n| **23 REST endpoints** | Full HTTP API with web dashboard, metrics, and token tracking |\n| **0 telemetry** | Nothing leaves your machine except requests to your chosen LLM provider |\n\n---\n\n## Quick start\n\n```bash\n# Install\nnpm i -g @dojops/cli\n\n# Configure your LLM provider\ndojops config\n\n# Generate your first config\ndojops \"Create a Kubernetes deployment for nginx with 3 replicas\"\n```\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eOther install methods\u003c/strong\u003e\u003c/summary\u003e\n\n```bash\n# Homebrew (macOS / Linux)\nbrew tap dojops/tap \u0026\u0026 brew install dojops\n\n# Shell script\ncurl -fsSL https://raw.githubusercontent.com/dojops/dojops/main/install.sh | sh\n\n# Docker\ndocker run --rm -it ghcr.io/dojops/dojops \"Create a Terraform config for S3\"\n```\n\n\u003c/details\u003e\n\nSee the [installation guide](https://doc.dojops.ai/getting-started/installation) for provider setup and configuration.\n\n---\n\n## How it works\n\n```bash\n# Describe what you need - the right skill and agent are selected automatically\ndojops \"Create a Terraform config for S3 with versioning\"\n\n# Break complex goals into dependency-aware task graphs\ndojops plan \"Set up CI/CD for a Node.js app with Docker deployment\"\n\n# Execute the plan with approval workflow\ndojops apply plan-abc123\n\n# Autonomous mode - plan, execute, verify, self-repair\ndojops auto \"Add Kubernetes HPA and PDB to my deployment\"\n\n# Scan for vulnerabilities before shipping\ndojops scan\n\n# Interactive chat session with agent routing\ndojops chat\n\n# Web dashboard + REST API\ndojops serve\n```\n\nYour prompt gets routed to the right specialist agent. The LLM output is locked to a Zod schema, validated by external tools, then written to disk through the sandbox. If something fails mid-plan, `dojops apply --resume` picks up where it left off.\n\n---\n\n## Key capabilities\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003e32 specialist agents\u003c/strong\u003e - automatic routing based on your prompt\u003c/summary\u003e\n\nEvery prompt is analyzed and routed to the best-fit agent. You don't pick agents manually - the router does it based on keyword matching and confidence scoring.\n\n| Agent | Domain | What it handles |\n| ------------------------ | -------------- | ---------------------------------------------------------------- |\n| ops-cortex | orchestration | Meta-agent that coordinates across domains |\n| terraform-specialist | infrastructure | Terraform configs, modules, state management |\n| kubernetes-specialist | containers | K8s manifests, deployments, services, RBAC |\n| cicd-specialist | CI/CD | GitHub Actions, GitLab CI, Jenkins pipelines |\n| security-auditor | security | Vulnerability assessment, compliance checks |\n| docker-specialist | containers | Dockerfiles, Compose, multi-stage builds |\n| cloud-architect | cloud | AWS, GCP, Azure architecture decisions |\n| gitops-specialist | gitops | ArgoCD, Flux, GitOps workflows |\n| sre-specialist | reliability | SLOs, error budgets, reliability patterns |\n| incident-response | incidents | Runbook generation, root cause analysis |\n| cost-optimizer | cost | Cloud spend analysis, right-sizing |\n| chaos-engineer | resilience | Chaos experiments, failure injection |\n| platform-engineer | platform | Internal developer platforms, golden paths |\n| container-security | security | Image scanning, runtime policies, admission control |\n| secret-management | secrets | Vault, sealed secrets, rotation policies |\n| api-security-specialist | API security | OWASP API Top 10, rate limiting, auth patterns |\n| policy-engine-specialist | policy | OPA, Gatekeeper, policy-as-code |\n| _+ 15 more_ | | Network, database, compliance, observability, shell, Python, ... |\n\nCreate custom agents with `dojops agents create` or drop a YAML file in `.dojops/agents/`.\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003e38 built-in skills\u003c/strong\u003e - validated config generation for real DevOps tools\u003c/summary\u003e\n\nEach skill is a `.dops v2` manifest with output guidance, best practices, and optional Context7 documentation. The runtime compiles a prompt from the skill definition and your input, sends it to the LLM, and validates the output.\n\n| Skill | Format | What it generates |\n| -------------- | ---------- | -------------------------------------------------------- |\n| github-actions | YAML | CI/CD workflows, validated by actionlint |\n| terraform | JSON | HCL configs, validated by terraform validate |\n| kubernetes | YAML | Deployments, services, RBAC, validated by kubeconform |\n| helm | YAML | Charts, values files, templates |\n| ansible | YAML | Playbooks, roles, inventories |\n| docker-compose | YAML | Multi-service compose files |\n| dockerfile | Dockerfile | Multi-stage builds, validated by hadolint |\n| nginx | conf | Server blocks, reverse proxy, TLS |\n| prometheus | YAML | Alert rules, recording rules, targets |\n| grafana | JSON | Dashboard definitions |\n| cloudformation | JSON | AWS CloudFormation stacks |\n| argocd | YAML | Applications, ApplicationSets, projects |\n| vault | JSON | Policies, secret engines, auth methods |\n| istio | YAML | VirtualServices, DestinationRules, AuthorizationPolicies |\n| falco | YAML | Runtime security rules, macros, exceptions |\n| eks | YAML | EKS cluster configs, node groups, add-ons |\n| cert-manager | YAML | ClusterIssuers, Certificates, ACME config |\n| opa-gatekeeper | YAML | ConstraintTemplates, Constraints, Rego policies |\n| flux | YAML | GitRepository, Kustomization, HelmRelease |\n| trivy-operator | YAML | VulnerabilityReports, ConfigAuditReports |\n| shell | sh/bash | Shell scripts, validated by ShellCheck |\n| python | py | Python automation scripts |\n| powershell | ps1 | PowerShell scripts for Windows automation |\n| packer | JSON | Machine image definitions, validated by packer validate |\n| _+ 10 more_ | | Pulumi, Kustomize, Crossplane, Terragrunt, Makefile, ... |\n\nWrite your own skills as `.dops v2` manifests and share them on the [DojOps Hub](https://hub.dojops.ai). Skills are auto-installed from the Hub when a prompt matches.\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003e7 LLM providers\u003c/strong\u003e - tiered model routing across all of them\u003c/summary\u003e\n\nDojOps works with any of these providers. You pick one, or let the tiered router select the right model based on task complexity.\n\n| Provider | Fast tier | Standard tier | Premium tier |\n| -------------- | ---------------- | ----------------- | ----------------- |\n| OpenAI | gpt-4o-mini | gpt-4o | o1 |\n| Anthropic | claude-haiku-4-5 | claude-sonnet-4-6 | claude-opus-4-6 |\n| Ollama (local) | llama3.2:3b | llama3.1:8b | llama3.1:70b |\n| DeepSeek | deepseek-chat | deepseek-chat | deepseek-reasoner |\n| Mistral | mistral-small | mistral-medium | mistral-large |\n| Google Gemini | gemini-2.0-flash | gemini-2.5-pro | gemini-2.5-pro |\n| GitHub Copilot | gpt-4o-mini | gpt-4o | o1 |\n\nSimple prompts (makefile, basic configs) get the fast tier. Complex prompts (multi-service architectures, security hardening) get the premium tier. Agent routing always uses the fast tier to keep costs low.\n\nOverride with `DOJOPS_MODEL=your-model` or `dojops config --model gpt-4o`.\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003e10 security scanners + auto-remediation\u003c/strong\u003e - catch issues before they ship\u003c/summary\u003e\n\nRun `dojops scan` to check your project. Scanners run in parallel and results are aggregated into a single report.\n\n| Scanner | What it checks |\n| ------------- | ------------------------------------------------ |\n| Trivy | Container images, filesystems, IaC misconfigs |\n| Gitleaks | Secrets, API keys, tokens in source code |\n| Checkov | Terraform, CloudFormation, K8s policy violations |\n| Semgrep | Custom SAST rules, code patterns |\n| Hadolint | Dockerfile best practices |\n| ShellCheck | Shell script correctness and portability |\n| npm audit | Node.js dependency vulnerabilities |\n| pip audit | Python dependency vulnerabilities |\n| Trivy SBOM | Software bill of materials generation |\n| Trivy License | License compliance scanning |\n\nUse `dojops scan --auto-fix` to generate a remediation plan with confidence-scored fix suggestions. Pass `--yes` to apply safe fixes automatically.\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eTask planning and execution\u003c/strong\u003e - decompose goals into dependency graphs\u003c/summary\u003e\n\n`dojops plan` breaks a complex goal into a directed acyclic graph of tasks. Each task is assigned to a specialist agent and a skill. Dependencies are tracked so tasks run in the right order, with parallel execution where possible.\n\n```bash\n$ dojops plan \"Set up CI/CD with Docker deployment\"\n\n Tasks (6):\n analyze-existing-ci [cicd-specialist]\n create-docker-build-action [docker-specialist] (after: analyze-existing-ci)\n create-cd-workflow [cicd-specialist] (after: create-docker-build-action)\n update-ci-workflow [cicd-specialist] (after: create-docker-build-action)\n create-docker-compose [docker-specialist]\n update-dockerfile [docker-specialist]\n\n Plan saved as plan-9219de4f\n To execute: dojops apply plan-9219de4f\n```\n\n`dojops apply` runs each task through the sandbox: generate → verify → approve → write → audit. If a task fails, fix the issue and run `dojops apply --resume` to continue from where it stopped.\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eAutonomous mode\u003c/strong\u003e - plan, execute, verify, and self-repair\u003c/summary\u003e\n\n`dojops auto` reads your project, plans changes, writes configs, runs verification, and self-repairs on failure in an iterative tool-use loop.\n\n```bash\n# Foreground - watch the agent work\ndojops auto \"Add Kubernetes HPA and PDB to my deployment\"\n\n# Background - check results later\ndojops auto --background \"Create a complete CI pipeline\"\ndojops auto runs abc123 # check status\n```\n\nThe agent loop runs until the plan succeeds or reaches the retry limit. Each iteration: generate → validate → if errors → re-prompt with error context → retry.\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eREST API and web dashboard\u003c/strong\u003e - 23 endpoints over HTTP\u003c/summary\u003e\n\n`dojops serve` starts an Express server with API key authentication, CORS, and optional TLS.\n\n| Method | Path | What it does |\n| ------ | --------------- | -------------------------------------------------------- |\n| GET | `/api/health` | Auth status + provider check |\n| POST | `/api/generate` | Agent-routed LLM generation |\n| POST | `/api/plan` | Goal decomposition + optional execution |\n| POST | `/api/debug-ci` | CI log diagnosis |\n| POST | `/api/diff` | Infrastructure diff analysis with risk scoring |\n| POST | `/api/scan` | Run security scanners |\n| POST | `/api/chat` | Chat message with agent routing |\n| POST | `/api/review` | DevSecOps code review pipeline |\n| POST | `/api/auto` | Autonomous agent (background: HTTP 202) |\n| GET | `/api/agents` | List all specialist agents |\n| GET | `/api/metrics` | Dashboard metrics (overview, security, audit, tokens) |\n| GET | `/api/history` | Execution history with audit verification |\n| | _+ 11 more_ | Sessions, chat CRUD, metrics breakdowns, auto run status |\n\nThe web dashboard at `http://localhost:3000` shows agent usage, scan findings, execution history, and token consumption. Protect it with `DOJOPS_API_KEY` or `dojops serve credentials`.\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eSecurity and audit\u003c/strong\u003e - sandbox, policy engine, hash-chained logs\u003c/summary\u003e\n\nEvery file write goes through the policy engine:\n\n| Layer | What it enforces |\n| ---------------- | ------------------------------------------------------------ |\n| Write scope | Only paths matching skill's `scope.write` globs are writable |\n| File size limits | Rejects outputs exceeding configured limits |\n| Approval gates | Interactive confirmation before destructive writes |\n| Backup on update | `.bak` file created before overwriting existing configs |\n| Timeout | Operations killed after configured timeout |\n| Env restrictions | Only allowed environment variables are accessible |\n\nEvery action is logged to `.dojops/audit.jsonl` as a hash-chained entry. Each record includes a SHA-256 hash of the previous record, making the chain tamper-evident. Verify integrity with `dojops history verify`.\n\nDiff risk classification scores changes heuristically (critical paths like Dockerfile, terraform state, and secrets get higher risk scores) and suggests reviewers.\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eMCP integration\u003c/strong\u003e - client and server\u003c/summary\u003e\n\n**As MCP client:** connect any [Model Context Protocol](https://modelcontextprotocol.io) server to add tools to the agent loop.\n\n```bash\n# Add an MCP server\ndojops mcp add my-server -- npx my-mcp-server\n\n# Tools are auto-discovered and available in generate/plan/auto\ndojops \"Use my-tool to check the deployment status\"\n```\n\n**As MCP server:** expose DojOps capabilities to external CLI agents (Claude Code, Gemini CLI, GitHub Copilot, OpenClaw).\n\n```bash\n# Start DojOps as an MCP server (stdio transport)\ndojops serve --mcp\n\n# Or run standalone\nnpx @dojops/mcp\n```\n\nExternal agents configure DojOps as a tool server:\n\n```json\n{ \"command\": \"dojops\", \"args\": [\"serve\", \"--mcp\"] }\n```\n\n9 tools are exposed: `generate`, `plan`, `scan`, `debug-ci`, `diff-analyze`, `chat`, `list-agents`, `list-skills`, `repo-scan`. Each proxies to a running `dojops serve` instance.\n\n\u003c/details\u003e\n\n---\n\n## What DojOps is not\n\nDojOps generates and validates infrastructure configs. It does not:\n\n- Replace your CI/CD system - it generates the configs for it\n- Manage cloud state - it writes Terraform files, it doesn't run `terraform apply`\n- Run in production as a service - it's a CLI and dev-time API server\n- Require an internet connection beyond your LLM provider - everything else is local\n\n---\n\n## Architecture\n\n```\n@dojops/cli CLI entry point, terminal UI (@clack/prompts)\n@dojops/api REST API (Express), web dashboard, 23 endpoints\n@dojops/skill-registry Skill registry, custom skill + agent discovery\n@dojops/planner Task graph decomposition, topological executor\n@dojops/executor Sandbox, policy engine, approval, audit log\n@dojops/runtime 38 built-in DevOps skills (.dops v2)\n@dojops/scanner 10 security scanners, auto-remediation\n@dojops/mcp MCP client + server, tool discovery, stdio transport\n@dojops/context Context7 documentation augmentation\n@dojops/session Chat session management, project memory\n@dojops/core LLM abstraction (7 providers), 32 specialist agents, tiered routing\n@dojops/sdk BaseSkill\u003cT\u003e, Zod validation, file utilities\n```\n\n```\ncli -\u003e api -\u003e skill-registry -\u003e runtime -\u003e core -\u003e sdk\n -\u003e planner -\u003e executor\n -\u003e scanner\n -\u003e mcp -\u003e core\n -\u003e context -\u003e core\n -\u003e session -\u003e core\n```\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eHow a prompt flows through the system\u003c/strong\u003e\u003c/summary\u003e\n\n| Step | Package | What happens |\n| --------------- | ---------------- | ---------------------------------------------------------------- |\n| 1. Parse | `cli` | Parse flags, detect subcommand (generate, plan, auto, scan, ...) |\n| 2. Route | `core` | `AgentRouter` matches prompt keywords to specialist agents |\n| 3. Skill match | `skill-registry` | SKILL_KEYWORDS map auto-selects the right `.dops` skill |\n| 4. Compile | `runtime` | `compilePromptV2()` merges skill template + user input + docs |\n| 5. Generate | `core` | LLM provider generates output, tiered model selection |\n| 6. Validate | `runtime` | Strip code fences, structural validation, external tool checks |\n| 7. Self-repair | `runtime` | If validation fails, re-prompt with errors (up to 2 retries) |\n| 8. Policy check | `executor` | Write scope, file size, timeout, environment restrictions |\n| 9. Approve | `cli` | Show diff preview, prompt for confirmation |\n| 10. Write | `executor` | Atomic write with `.bak` backup, restricted to allowed paths |\n| 11. Audit | `executor` | Hash-chained log entry in `.dojops/audit.jsonl` |\n\n\u003c/details\u003e\n\nSee [docs/architecture.md](docs/architecture.md) for the full design.\n\n---\n\n## Ecosystem\n\nDojOps is more than the CLI. The organization includes several companion projects:\n\n| Repository | What it is |\n| ------------------------------------------------------------------ | --------------------------------------------------------------------- |\n| [dojops](https://github.com/dojops/dojops) | Main monorepo - this repo |\n| [dojops-hub](https://github.com/dojops/dojops-hub) | Skill marketplace - publish, search, install `.dops` skills |\n| [dojops-super-agent](https://github.com/dojops/dojops-super-agent) | Autonomous agent - polls Jira/GitLab tickets, runs dojops, pushes PRs |\n| [dojops-connectors](https://github.com/dojops/dojops-connectors) | Connector SDK - GitHub, GitLab, Jira integrations |\n| [dojops-console](https://github.com/dojops/dojops-console) | Licensing portal - license management and billing dashboard |\n| [dojops-doc](https://github.com/dojops/dojops-doc) | Documentation site - [doc.dojops.ai](https://doc.dojops.ai) |\n| [dojops.ai](https://github.com/dojops/dojops.ai) | Marketing website - [dojops.ai](https://dojops.ai) |\n| [homebrew-tap](https://github.com/dojops/homebrew-tap) | Homebrew formula for macOS/Linux |\n\n---\n\n## Development\n\n```bash\ngit clone https://github.com/dojops/dojops.git\ncd dojops\npnpm install\npnpm build # Build all 12 packages via Turbo\npnpm test # Run 2,600+ tests\npnpm lint # ESLint across all packages\n\n# Per-package\npnpm --filter @dojops/core test\n\n# Run locally without global install\npnpm dojops -- \"Create a Terraform config for S3\"\n```\n\nRequires Node.js \u003e= 20 and pnpm \u003e= 8.\n\n---\n\n## Privacy\n\nDojOps does not collect telemetry. No project data leaves your machine except to your configured LLM provider. Generated configs, audit logs, and scan reports all stay in your local `.dojops/` directory.\n\nWhen you use Ollama, nothing leaves your machine at all.\n\n---\n\n## Contributing\n\nSee the [contributing guide](docs/contributing.md) for setup, coding standards, and how to add skills and agents.\n\n1. Fork the repository\n2. Create a feature branch (`git checkout -b feature/my-feature`)\n3. Make your changes with tests\n4. Run `pnpm test \u0026\u0026 pnpm lint`\n5. Submit a pull request\n\n---\n\n## License\n\n[MIT](LICENSE)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdojops%2Fdojops","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdojops%2Fdojops","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdojops%2Fdojops/lists"}