{"id":49046965,"url":"https://github.com/foobarto/glorbo","last_synced_at":"2026-04-27T03:01:09.424Z","repository":{"id":351762247,"uuid":"1210985728","full_name":"foobarto/glorbo","owner":"foobarto","description":"Self-hosted agent orchestration platform: AI agents as employees of a company, running in kernel-level sandboxes. Everything is markdown.","archived":false,"fork":false,"pushed_at":"2026-04-24T00:18:58.000Z","size":14936,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-24T02:32:38.916Z","etag":null,"topics":["agent-orchestration","ai-agents","bubblewrap","elixir","liveview","markdown-first","otp","phoenix","sandbox","self-hosted"],"latest_commit_sha":null,"homepage":"https://github.com/foobarto/glorbo","language":"Elixir","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/foobarto.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-04-15T00:45:34.000Z","updated_at":"2026-04-24T00:18:09.000Z","dependencies_parsed_at":null,"dependency_job_id":"5b4865e6-e7d3-4bbe-8eb2-352a1e9de3a0","html_url":"https://github.com/foobarto/glorbo","commit_stats":null,"previous_names":["foobarto/glorbo"],"tags_count":27,"template":false,"template_full_name":null,"purl":"pkg:github/foobarto/glorbo","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/foobarto%2Fglorbo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/foobarto%2Fglorbo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/foobarto%2Fglorbo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/foobarto%2Fglorbo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/foobarto","download_url":"https://codeload.github.com/foobarto/glorbo/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/foobarto%2Fglorbo/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32320683,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-26T23:26:28.701Z","status":"online","status_checked_at":"2026-04-27T02:00:06.769Z","response_time":128,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent-orchestration","ai-agents","bubblewrap","elixir","liveview","markdown-first","otp","phoenix","sandbox","self-hosted"],"created_at":"2026-04-19T18:01:58.750Z","updated_at":"2026-04-27T03:01:09.417Z","avatar_url":"https://github.com/foobarto.png","language":"Elixir","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"assets/logo.png\" alt=\"Glorbo\" width=\"560\"\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/foobarto/glorbo/actions/workflows/ci.yml\"\u003e\u003cimg alt=\"CI\" src=\"https://github.com/foobarto/glorbo/actions/workflows/ci.yml/badge.svg?branch=main\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/foobarto/glorbo/releases/latest\"\u003e\u003cimg alt=\"Release\" src=\"https://img.shields.io/github/v/release/foobarto/glorbo?include_prereleases\u0026sort=semver\"\u003e\u003c/a\u003e\n  \u003ca href=\"LICENSE\"\u003e\u003cimg alt=\"License: Apache 2.0\" src=\"https://img.shields.io/badge/license-Apache%202.0-blue.svg\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://elixir-lang.org\"\u003e\u003cimg alt=\"Elixir\" src=\"https://img.shields.io/badge/elixir-1.18.4-6E4A7E?logo=elixir\u0026logoColor=white\"\u003e\u003c/a\u003e\n  \u003ca href=\"SECURITY.md\"\u003e\u003cimg alt=\"Security Policy\" src=\"https://img.shields.io/badge/security-policy-informational\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n# Glorbo\n\n\u003e *Finally, a grumbo-compatible agent orchestrator. The fleeb juice is included.*\n\nGlorbo is a self-hosted agent orchestration platform that models companies as\nreal organisations — org charts, goals, budgets, governance, chat — and runs\nAI agents as employees inside kernel-level sandboxes.\n\n**Like Obsidian, but for your agents.** Everything is markdown. Everything is a\nfile. No cloud, no SaaS, no Kubernetes — just a folder, some `bwrap` sandboxes,\nand an Elixir process.\n\n```\n~/.glorbo/\n├── glorbo                    # Single binary. That's the app.\n├── glorbo.db                 # SQLite index. Rebuildable.\n└── companies/acme/\n    ├── company.md            # Mission, budget, settings\n    ├── agents/ceo/AGENT.md   # Identity, permissions, model\n    ├── channels/general.md   # Append-only chat logs\n    ├── projects/\u003cslug\u003e/tasks/\n    └── audit/2026-04.jsonl   # Append-only. Never modified.\n```\n\nBack up with `tar`. Version-control with `git`. Move with `scp`. Debug with\n`cat`.\n\n## Screenshots\n\n\u003ctable\u003e\n  \u003ctr\u003e\n    \u003ctd\u003e\u003cimg src=\"assets/screenshots/overview.png\" alt=\"Overview\" width=\"100%\"\u003e\u003c/td\u003e\n    \u003ctd\u003e\u003cimg src=\"assets/screenshots/company.png\" alt=\"Company\" width=\"100%\"\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd align=\"center\"\u003e\u003csub\u003e\u003ccode\u003e/companies\u003c/code\u003e\u003c/sub\u003e\u003c/td\u003e\n    \u003ctd align=\"center\"\u003e\u003csub\u003e\u003ccode\u003e/companies/\u0026lt;co\u0026gt;\u003c/code\u003e — rollups, roster, org chart\u003c/sub\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd\u003e\u003cimg src=\"assets/screenshots/kanban.png\" alt=\"Kanban\" width=\"100%\"\u003e\u003c/td\u003e\n    \u003ctd\u003e\u003cimg src=\"assets/screenshots/agent.png\" alt=\"Agent\" width=\"100%\"\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd align=\"center\"\u003e\u003csub\u003e\u003ccode\u003e/companies/\u0026lt;co\u0026gt;/kanban\u003c/code\u003e\u003c/sub\u003e\u003c/td\u003e\n    \u003ctd align=\"center\"\u003e\u003csub\u003e\u003ccode\u003e/companies/\u0026lt;co\u0026gt;/agents/\u0026lt;slug\u0026gt;\u003c/code\u003e\u003c/sub\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd\u003e\u003cimg src=\"assets/screenshots/inbox.png\" alt=\"Inbox\" width=\"100%\"\u003e\u003c/td\u003e\n    \u003ctd\u003e\u003cimg src=\"assets/screenshots/providers.png\" alt=\"Providers\" width=\"100%\"\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd align=\"center\"\u003e\u003csub\u003e\u003ccode\u003e/companies/\u0026lt;co\u0026gt;/inbox\u003c/code\u003e — unified approvals\u003c/sub\u003e\u003c/td\u003e\n    \u003ctd align=\"center\"\u003e\u003csub\u003e\u003ccode\u003e/providers\u003c/code\u003e — CLI + native registry\u003c/sub\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\nTerminal phosphor aesthetic — monospace, OKLCH tokens, lowercase-slash panel\nheaders. No JS framework, no CSS build step.\n\n## Features\n\n- **Filesystem-first.** Agents, tasks, chat, permissions, goals, and audit\n  logs are markdown + JSONL on disk. SQLite is a rebuildable index\n  (`glorbo reindex`).\n- **Kernel-sandboxed agents.** Every wake is a fresh `bwrap` process with\n  user/IPC/PID/net/UTS namespaces unshared and `--cap-drop ALL`. Nothing\n  escapes the bind-mount list.\n- **Two provider kinds.** CLI adapters for `claude`, `gemini`, `codex`,\n  `opencode`, `hermes`, `pi`, etc., plus native OpenAI-compatible endpoints\n  (`openai`, `openrouter`, drop-in LM Studio / Ollama / llama.cpp / LocalAI /\n  vLLM via `glorbo detect-providers` + `+ enable`). See GEP-32.\n- **Budget governance.** Per-agent AND per-company monthly budgets in\n  frontmatter; dispatch refuses at 100%, warns at 80%.\n- **Permission model.** Declared in `AGENT.md`, enforced at both the Elixir\n  router AND the kernel via bwrap mounts. No bind-mount → no access.\n- **Real-time dashboard.** Phoenix LiveView at\n  `http://127.0.0.1:4000`. Inotify repaints in under a second.\n- **Approval + audit trail.** Tasks can require Director approval. Every\n  decision writes a structured `YYYY-MM.jsonl` row.\n- **Task chain observability.** Every `assigned_to:` flip appends to the\n  task's `handoff_chain:` frontmatter; the `/companies/:co/tasks/:id/chain`\n  view reconstructs the full multi-agent route with drift detection\n  against the audit log (GEP-40).\n- **Peer-review gate, auto-dispatched.** Tasks flagged\n  `severity: major|critical` — or any task whose author opts in with\n  `peer_review_required: true` — route through the `critiqueops`\n  reviewer before Director approval can clear; the gate drops a\n  wake sentinel into the reviewer's inbox so the review actually\n  fires without manual intervention. Three-way verdict\n  (approve/revise/block) is append-only per task; `revise` rounds\n  the loop back to the original assignee with notes (GEP-41 +\n  GEP-42).\n- **Single Director write-channel.** Every filesystem mutation the\n  Director-facing LiveViews can make flows through `Glorbo.Actions.*`\n  modules with slug validation, atomic writes, threatmodel-appropriate\n  symlink guards, and audit emission before the `File.*` call lands\n  — enforced by a Credo ratchet that rejects raw writes under\n  `lib/glorbo_web/live/` (GEP-36).\n- **Optional git history.** `glorbo history init` opts the home\n  tree into a derivative git repo with a tracked-scope\n  `.gitignore` (durable state only; secrets, derived data, and\n  per-agent transport dirs excluded). Every host-side write\n  (Director or agent) lands as a kernel-committed commit with\n  actor provenance; manual filesystem edits flow through the\n  watcher fallback as `External` commits. CLI: `glorbo history\n  {status, log, show, diff, restore}` (GEP-33).\n- **Portable.** `glorbo backup | scp | glorbo restore` reproduces a working\n  install on a fresh host.\n\n## Quick Start\n\n### Prerequisites (Linux)\n\n- `bubblewrap` (`bwrap`), `passt` (for enforced `network: proxy`), `inotify-tools`.\n- Ubuntu 24.04 / Debian 13: an unconfined AppArmor profile for `/usr/bin/bwrap`\n  (template in `.github/workflows/ci.yml`).\n- Either a provider CLI on `$PATH` or a native credentials file (see below).\n\n`glorbo doctor` checks and, with `--fix`, repairs what it can.\n\n### Install\n\n**Homebrew (Linux x86_64 / aarch64):**\n\n```bash\nbrew tap foobarto/tap\nbrew install glorbo\nglorbo init\n```\n\n**Manual:**\n\n```bash\ncurl -L https://github.com/foobarto/glorbo/releases/latest/download/glorbo-linux-$(uname -m) \\\n  -o ~/.local/bin/glorbo\nchmod +x ~/.local/bin/glorbo\nglorbo init\n```\n\n**macOS** (Intel + Apple Silicon):\n\n```bash\nbrew tap foobarto/tap\nbrew install glorbo\nglorbo init\n```\n\nBoth Mach-O binaries are built by CI via Burrito's Zig-based cross-\ncompile from a Linux runner — no GHA macOS runners needed. On the\ntarget Mac, `bwrap` has no equivalent, so agents run unsandboxed\nwith a one-time `agent.sandbox_unavailable` audit per company\nboot; every other feature (dashboard, routing, scheduling, approval\ngates, MCP server, audit log) matches Linux. FSEvents powers the\nwatcher, and the Burrito binary bundles its own BEAM runtime.\n\n**Windows** — run the Linux binary inside\n[WSL2](https://learn.microsoft.com/en-us/windows/wsl/install). No native\nWindows port planned (bwrap / inotify / user namespaces).\n\n### Add a native provider\n\n```bash\nmkdir -p ~/.local/etc/glorbo/credentials \u0026\u0026 chmod 700 $_\ncat \u003e ~/.local/etc/glorbo/credentials/openai.toml \u003c\u003c'EOF'\napi_key = \"sk-...\"\nEOF\n```\n\nThen point an agent at `provider: openai` (or `openrouter`) in `AGENT.md`.\nThe native tool catalog is `read_file` / `write_file` / `edit_file` / `glob`\n/ `grep` / `bash` / `web_fetch`. See GEP-32 for the contract.\n\nOr auto-detect a local server:\n\n```bash\nglorbo detect-providers     # probes ollama, llama.cpp, LocalAI, vLLM, LM Studio\n```\n\n### Hire an agent\n\nEdit `~/.glorbo/companies/acme/agents/ceo/AGENT.md`:\n\n```markdown\n---\nkind: agent/v1\nslug: ceo\nrole: Chief Executive Officer\nprovider: claude-code     # or openai / openrouter / ...\nmodel: claude-sonnet-4-5\nnetwork: proxy            # none | proxy | open\nbudget:\n  monthly_usd: 100.00\nheartbeat: \"*/30 * * * *\"\npermissions:\n  - projects:read:*\n  - projects:write:*\n  - tasks:create:*\n  - agents:message:*\n  - chat:write:*\n---\n\nYou are the CEO of {{ company.name }}. Your mission: {{ company.mission }}.\n```\n\n### Start\n\n```bash\nglorbo up              # Detached daemon — dashboard at http://127.0.0.1:4000\nglorbo status\nglorbo logs acme ceo --follow\nglorbo down\n```\n\nTo run as a user-level systemd service that survives shell sessions:\n\n```bash\nglorbo install         # writes ~/.config/systemd/user/glorbo.service + enable --now\nsudo loginctl enable-linger \"$USER\"   # optional — survive logout\nglorbo uninstall       # disable + remove the unit (keeps ~/.glorbo intact)\n```\n\n## CLI Reference\n\n```\nglorbo init [--force] [--no-example]    Bootstrap ~/.glorbo/ and verify deps\nglorbo up | down | status | serve       Daemon lifecycle\nglorbo install [--force] [--no-start]   Install user-systemd service (Linux)\nglorbo uninstall                        Remove user-systemd service\nglorbo new company|agent|project|skill  Scaffold\nglorbo doctor [--fix]                   Verify host prerequisites\nglorbo detect-providers [--json]        Probe localhost for native providers\nglorbo validate [PATH]                  Check files against FileSpec (GEP-25)\nglorbo fmt [PATH] [--write]             Normalise frontmatter (GEP-25)\nglorbo reindex                          Rebuild SQLite index from filesystem\nglorbo backup | restore                 tar.gz roundtrip\nglorbo logs \u003cco\u003e [agent] [--follow]     Tail audit or stdout\nglorbo console                          iex --remsh into the running daemon\nglorbo help [\u003cverb\u003e]\n```\n\nThe built-in `glorbo harness` subcommand is the internal native-provider\nruntime invoked inside bwrap (GEP-32); Directors don't call it directly.\n\n## How It Works\n\n**Director + agents.** You are the Director. You own companies. Agents work\nfor you. The CEO agent is just the first employee.\n\n**Inbox / outbox.** Agents write to their `outbox/`; Glorbo routes via the\nElixir router (permission-checked, atomic) into the recipient's `inbox/` or\na channel file. Agents never touch each other's directories directly.\n\n**Execution.** An event (inbox item, heartbeat cron, channel mention) wakes\nan agent. Glorbo composes a `bwrap` argv from the agent's permissions +\nnetwork policy, invokes the provider CLI or `glorbo harness` inside the\nsandbox with the prompt on stdin, and reads the answer from\n`$GLORBO_REPLY_PATH` when the process exits. Native providers additionally\nemit `usage.json` for token accounting and per-tool audit events.\n\n**Sandboxing baseline:**\n\n```\n--die-with-parent --unshare-user-try --unshare-ipc --unshare-pid\n--unshare-uts --unshare-cgroup-try --new-session --cap-drop ALL\n```\n\nPlus workspace `rw`, outbox `rw`, inbox `ro`, per-permission mounts from\n`AGENT.md`, and provider credentials bind-mounted `ro` with the right env\nredirect (`CLAUDE_CONFIG_DIR`, `CODEX_HOME`,\n`GLORBO_NATIVE_CREDENTIALS_PATH`).\n\n**Network policy:**\n\n```\nnetwork: none    # --unshare-net (no egress possible)\nnetwork: proxy   # Linux: pasta-wrapped, only the Glorbo proxy port visible\nnetwork: open    # Inherits host netns\n```\n\n**Two-layer permissions.** The kernel layer is the bwrap mount list:\ndenied paths are simply not mounted. The Elixir router enforces the same\nrules as belt-and-braces for cross-directory transfers.\n\n## Tech Stack\n\n| Component | Technology |\n|-----------|------------|\n| Orchestration | Elixir / OTP |\n| Dashboard | Phoenix LiveView |\n| Agent Runtime | `bwrap(1)` + provider CLI OR `glorbo harness` |\n| LLMs | CLI (`claude`, `gemini`, `codex`, ...) or OpenAI-compatible endpoint |\n| Filesystem | `inotify` + `file_system` (FSEvents on macOS) |\n| Database | SQLite (via `ecto_sqlite3`) |\n| Config / Data | Markdown + YAML frontmatter |\n| Audit | JSONL files (append-only) |\n| Binary | Burrito + bundled ERTS |\n\n## Design Documents\n\n- **[docs/DESIGN.md](docs/DESIGN.md)** — full living architecture.\n- **[docs/geps/](docs/geps/)** — Glorbo Enhancement Proposals (numbered,\n  append-only design records). Start with\n  [GEP-1](docs/geps/0001-gep-purpose-and-guidelines.md),\n  [GEP-2](docs/geps/0002-architecture-overview.md), and the\n  [Zen of Glorbo](docs/geps/0011-zen-of-glorbo.md).\n- **[docs/architecture.md](docs/architecture.md)** — module map + graph\n  caveats (read before greping 200+ modules).\n- **[CHANGELOG.md](CHANGELOG.md)** — full release history.\n\n## Project Status\n\nPre-1.0. Latest release **v0.15.1** (2026-04-26). APIs, CLI flags, on-disk\nlayout, and SQLite schema may change between minor versions. See\n[CHANGELOG.md](CHANGELOG.md) for the full release trail; see\n[`docs/geps/`](docs/geps/) for which GEPs are Draft / Accepted /\nImplemented.\n\n## Contributing\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md). Security reports: [SECURITY.md](SECURITY.md).\n\nLocal dev loop:\n\n```bash\ngit clone https://github.com/foobarto/glorbo \u0026\u0026 cd glorbo\nmix setup           # deps + db + esbuild\nmix phx.server      # dashboard on :4000\nmix precommit       # format + compile-warn + credo + tests\n```\n\nRuntime is Elixir 1.18.4 / OTP 28.0 (pinned in `.tool-versions` —\n`mise install` picks them up).\n\n## License\n\n[Apache License 2.0](LICENSE)\n\n---\n\n\u003csub\u003e*You take the whole Glorbo. You put it on another machine. It's still a Glorbo. What part of this is complicated?*\u003c/sub\u003e\n\n\u003cimg src=\"assets/glorbo_tv.png\" alt=\"Glorbo and his pet robot watching Rick and Morty on TV — the show where Glorbo (the name) comes from\" width=\"100%\"\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffoobarto%2Fglorbo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffoobarto%2Fglorbo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffoobarto%2Fglorbo/lists"}