{"id":51321184,"url":"https://github.com/second-inc/second","last_synced_at":"2026-07-01T14:00:24.611Z","repository":{"id":358773271,"uuid":"1241541907","full_name":"Second-Inc/second","owner":"Second-Inc","description":"The factory for custom internal software, purpose-built for human2agent work.","archived":false,"fork":false,"pushed_at":"2026-06-30T16:27:07.000Z","size":4858,"stargazers_count":71,"open_issues_count":0,"forks_count":5,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-30T18:16:34.848Z","etag":null,"topics":["agent-management","agents","ai-agents","internal-tool","nextjs","on-prem","self-hosted","shadcn-ui","typescript"],"latest_commit_sha":null,"homepage":"https://docs.second.so","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Second-Inc.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-05-17T14:18:24.000Z","updated_at":"2026-06-30T16:34:12.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/Second-Inc/second","commit_stats":null,"previous_names":["second-inc/second"],"tags_count":8,"template":false,"template_full_name":null,"purl":"pkg:github/Second-Inc/second","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Second-Inc%2Fsecond","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Second-Inc%2Fsecond/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Second-Inc%2Fsecond/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Second-Inc%2Fsecond/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Second-Inc","download_url":"https://codeload.github.com/Second-Inc/second/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Second-Inc%2Fsecond/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":35009272,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-07-01T02:00:05.325Z","response_time":130,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent-management","agents","ai-agents","internal-tool","nextjs","on-prem","self-hosted","shadcn-ui","typescript"],"created_at":"2026-07-01T14:00:17.309Z","updated_at":"2026-07-01T14:00:24.595Z","avatar_url":"https://github.com/Second-Inc.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cpicture\u003e\n    \u003csource srcset=\"docs/assets/readme_cover.webp\" type=\"image/webp\"\u003e\n    \u003cimg src=\"docs/assets/readme_cover.jpg\" alt=\"Second — humans and agents, side by side\" width=\"100%\"\u003e\n  \u003c/picture\u003e\n\u003c/p\u003e\n\n\u003cdiv align=\"center\"\u003e\n\n\u003cbr\u003e\n\n\u003cpicture\u003e\n  \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"apps/web/public/favicon-dark.svg\"\u003e\n  \u003csource media=\"(prefers-color-scheme: light)\" srcset=\"apps/web/public/favicon-light.svg\"\u003e\n  \u003cimg alt=\"Second\" src=\"apps/web/public/favicon-light.svg\" width=\"56\" height=\"52\"\u003e\n\u003c/picture\u003e\n\n\u003ch1\u003eSecond\u003c/h1\u003e\n\n**Humans and agents, side by side.**\n\nSecond is a factory for custom internal software,\u003cbr\u003epurpose-built for human2agent work.\n\n\u003ca href=\"https://github.com/Second-Inc/second/actions\"\u003e\u003cimg src=\"https://img.shields.io/github/actions/workflow/status/Second-Inc/second/ci.yml?label=CI\" alt=\"CI\"\u003e\u003c/a\u003e\u0026nbsp;\u0026nbsp;\n\u003ca href=\"#quick-start\"\u003e\u003cimg src=\"https://img.shields.io/badge/Try_it-npx_@second--inc/cli-black.svg\" alt=\"Try it\"\u003e\u003c/a\u003e\n\n\u003ca href=\"#quick-start\"\u003e\u003cstrong\u003eQuick Start\u003c/strong\u003e\u003c/a\u003e · \u003ca href=\"https://docs.second.so\"\u003e\u003cstrong\u003eDocs\u003c/strong\u003e\u003c/a\u003e · \u003ca href=\"#security--governance\"\u003e\u003cstrong\u003eSecurity \u0026 Governance\u003c/strong\u003e\u003c/a\u003e · \u003ca href=\"#self-hosting\"\u003e\u003cstrong\u003eSelf-Hosting\u003c/strong\u003e\u003c/a\u003e\n\n\n\u003c/div\u003e\n\n## Quick Start\nRun Second locally:\n```bash\nnpx --yes @second-inc/cli\n```\n\n| Platform | Status |\n|:---|:---|\n| Apple Silicon Mac (M1-M5) | **Available now** |\n| Linux x64, Windows via WSL2 | Experimental |\n| Intel Mac, native Windows | Coming soon |\n\nBring your agent:\n\n\u003ctable\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"70\" align=\"center\"\u003e\n      \u003cimg src=\"apps/web/public/icons/claude-code.svg\" width=\"28\" height=\"28\" alt=\"Claude Code\"\u003e\n    \u003c/td\u003e\n    \u003ctd width=\"70\" align=\"center\"\u003e\n      \u003cimg src=\"apps/web/public/icons/codex.svg\" width=\"28\" height=\"28\" alt=\"Codex\"\u003e\n    \u003c/td\u003e\n    \u003ctd width=\"70\" align=\"center\"\u003e\n      \u003cimg src=\"apps/web/public/icons/opencode.svg\" width=\"28\" height=\"28\" alt=\"OpenCode\"\u003e\n    \u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd align=\"center\"\u003e✅\u003c/td\u003e\n    \u003ctd align=\"center\"\u003e✅\u003c/td\u003e\n    \u003ctd align=\"center\"\u003e\u003csub\u003eSoon\u003c/sub\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\n\u003cbr\u003e\n\n## What is Second?\n\nSecond is the infrastructure for human2agent work.\n\nInstead of managing agents in chat windows, **Second lets you orchestrate a team of agents inside custom apps you build around your team's actual needs.**\n\nFrom one prompt, Second builds complete apps **that treat agents as first-class citizens:** agents work inside the apps you build, right alongside your team. They read and write to the same real-time DB as your team does, and get generated, scoped tools to handle real workloads inside your apps.\n\nWe believe custom apps are the right abstraction for continuous work with a team of agents. Chat is great for one-off tasks, but shared state, queues and pipelines require real software where humans and agents can work on the same page.\n\n### How It Works\n\nSecond is a single workspace that creates production-ready apps.\n\n1. **You describe your app.** In a single prompt.\n2. **Second generates it.** The agents, scoped tools, and a beautiful UI, backed by a real-time DB.\n3. **Your team now works alongside agents** in the same shared custom software.\n\n\u003ctable align=\"center\" width=\"100%\" cellpadding=\"16\"\u003e\n  \u003ctr\u003e\n    \u003ctd align=\"center\"\u003e\n      \u003ch3\u003eExample: \u003cstrong\u003ecompetitor tracker app\u003c/strong\u003e built on Second\u003c/h3\u003e\n      \u003cp\u003eThis example features agents discovering new competitors, enriching them, and generating a weekly recap deck from all available information.\u003c/p\u003e\n      \u003cvideo src=\"https://github.com/user-attachments/assets/2116c633-48f3-415a-a047-a72f05da3166\" width=\"600\" controls\u003e\u003c/video\u003e\n      \u003cp\u003e\u003csub\u003eGitHub mobile app? \u003ca href=\"https://github.com/user-attachments/assets/2116c633-48f3-415a-a047-a72f05da3166\"\u003eClick here to watch the video →\u003c/a\u003e\u003c/sub\u003e\u003c/p\u003e\n      \u003cp\u003e•\u003c/p\u003e\n      \u003cp align=\"left\"\u003e\u003cstrong\u003eSecond is the most powerful way to build custom GUIs for agents.\u003c/strong\u003e\u003cbr\u003eProduction-ready software for your team, deployed in your VPC, built around your workflows.\u003c/p\u003e\n      \u003cbr\u003e\n    \u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\n## Second vs. Other Solutions\n\nMost platforms weren't built for multiplayer, async work with agents. They either treat agents as an afterthought bolted onto existing tools, or they're too opinionated and end up not fitting how your team actually works.\n\nSecond solves that: think Paperclip or Multica, but instead of pre-built software you get to build your own custom GUI for a team of agents, tailored to your company's needs.\n\n---\n\n## The Internal Platform Everyone Needs (and Builds)\n\nCompanies like **Ramp** and **Deel** have already figured out that teams are building amazing things internally with Claude, Codex, or Lovable- but most never reach production (security, governance, integrations, maintenance, agent access control...). To solve this, they built internal platforms for themselves.\n\n**Second lets every organization have that.**\n\nEvery app you build in Second gets a real-time DB, audit logs, RBAC, agent RBAC, and governance tools built into the workspace.\n\n\u003ctable\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"50%\" valign=\"top\"\u003e\n      \u003ch3 align=\"center\"\u003e👥 For Teams\u003c/h3\u003e\n      \u003cul\u003e\n        \u003cli\u003eBuild custom apps from a single prompt\u003c/li\u003e\n        \u003cli\u003eRun multiple agents in parallel across workflows\u003c/li\u003e\n        \u003cli\u003eReal-time collaborative UI with agents and humans on the same page\u003c/li\u003e\n        \u003cli\u003eNever blocked: integrations return mock data until connected\u003c/li\u003e\n      \u003c/ul\u003e\n    \u003c/td\u003e\n    \u003ctd width=\"50%\" valign=\"top\"\u003e\n      \u003ch3 align=\"center\"\u003e🛠️ For Platform Engineers\u003c/h3\u003e\n      \u003cul\u003e\n        \u003cli\u003eFine-grained access control per app, per agent, per integration\u003c/li\u003e\n        \u003cli\u003eOne-time workspace setup, unlimited apps\u003c/li\u003e\n        \u003cli\u003eFull governance: draft/review/publish lifecycle\u003c/li\u003e\n        \u003cli\u003eDeploy on your own k8s, air-gapped or on-prem\u003c/li\u003e\n      \u003c/ul\u003e\n    \u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\n\u003e [!TIP]\n\u003e **Enterprise deployment?** See [Enterprise Deployment and Security](https://docs.second.so/enterprise).\n\u003e\n\u003e Need help with security, SSO, deployment, cost management, runtime setup, and SLA support? Contact [sales@second.so](mailto:sales@second.so).\n\n---\n\n## Core Philosophy\n\n| Principle | What it means in Second |\n|:---|:---|\n| **Build the app, not just the agent.** | The durable artifact is working internal software: a focused UI, live data, team workflows, and agents that operate inside that product. |\n| **Agents are first-class citizens.** | Apps can include multiple named agents with roles, tools, data access, schedules, and visible run history. They are not bolted-on chat widgets. |\n| **Humans stay in command.** | Plans, agent configs, integration setup, and publishing go through explicit review. Agents can work freely only inside the boundaries you approved. |\n| **Small tools beat broad access.** | The builder creates scoped tools for the specific app and use case. Tools are tied to approved domains, collections, integration grants, and secret placeholders. |\n| **Integrations should self-build.** | Instead of starting with a giant MCP catalog or handing agents every connector, Second generates the narrow integration contract and human setup instructions the app actually needs. |\n| **Collaboration is the runtime.** | Agent-to-agent and agent-to-human work happens through the app's shared state, realtime updates, resumable streams, comments, approvals, and audit trail. |\n| **Generated software must still be real software.** | Draft and published snapshots are separated, source is persisted, builds are checked, data survives restarts, and production access follows the same tenant and permission model. |\n| **Local-first, on-prem-ready.** | Start on your machine. Deploy inside your cloud when the workflow matters. Your VPC, your auth provider, your secrets, your rules. |\n\n---\n\n## Features\n\n| Feature | \u0026nbsp; |\n|:---|:---|\n| **🔧 Prompt-to-App Generation** | Generate internal apps, data models, agents, tools, and setup instructions from one prompt |\n| **🤖 App Agents** | Each app gets its own first-class agents with roles, prompts, data access, and approved tools |\n| **🧰 Scoped Tool Generation** | Tools are generated per app and tied to explicit domains, collections, inputs, and integration grants |\n| **🔌 Self-Building Integrations** | Second creates connection requirements and human setup instructions only when the app needs them |\n| **🤹 Multi-Agent Orchestration** | Run specialized agents in parallel across foreground, background, scheduled, and async workflows |\n| **🔄 BYO Runtime** | Use Claude Code, Codex, OpenCode, or your own harness. Switch runtimes per app or message |\n| **⚡ Realtime Collaboration** | Live data, change streams, resumable streams, and optimistic updates keep teams and agents synced |\n| **👥 Multiplayer Sessions** | Talk with agents, invite teammates into sessions, and collaborate with shared context |\n| **🔒 Agent Permissions** | Agents run with approved tools, data, and integrations. Everything is scoped and audited |\n| **🛡️ Governance** | Draft, review, approve, and publish apps with agents and integrations under control |\n| **📋 Audit Logs** | Every agent action, tool call, data write, and access denial recorded and searchable |\n| **🏠 Self-Hosted / On-Prem** | Deploy on your own infrastructure. Your Kubernetes cluster, your VPC, your rules |\n| **🧠 Workspace Agents** | Create reusable agents with prompts, skills, models, and team visibility |\n| **📚 Workspace Skills** | Define instructions once, then attach them to agents across the workspace |\n| **⏲️ Scheduled Agent Jobs** | Agents run on a schedule for periodic research, monitoring, and background tasks |\n| **🚀 One-Command Setup** | From zero to running with `npx @second-inc/cli` |\n\n## Share and use pre-built apps\n\nDownload pre-built apps as ZIP files from our catalog, then click **Import App** to load one into your workspace.\n\nAvailable Apps (1):\n- [Polsia](https://github.com/Second-Inc/second-apps/releases/download/polsia-v1/Polsia.second-app.zip)\n\n![Import App button](docs/assets/import-app.png)\n\n## What You Can Build\n\n\u003ctable\u003e\n\u003ctr\u003e\n\u003ctd width=\"100%\" valign=\"top\"\u003e\n\n\u003cdiv align=\"center\"\u003e\n\n\u003ch3\u003e🎯 Lead Enrichment Pipeline\u003c/h3\u003e\n\n\u003csub\u003e**Flow:** 🤖 Scrape leads → 🤖 Enrich from LinkedIn + web → 🤖 Score and rank → 👤 Team reviews top leads\u003c/sub\u003e\u003cbr\u003e\n\u003csub\u003e**Tools:** HubSpot, LinkedIn, Web Search\u003c/sub\u003e\u003cbr\u003e\n\u003csub\u003e**Agents:** Scraper Agent, Enrichment Agent, Scoring Agent\u003c/sub\u003e\n\n\u003c/div\u003e\n\n\u003ctable align=\"center\" width=\"90%\" cellpadding=\"10\"\u003e\n  \u003ctr\u003e\n    \u003ctd colspan=\"3\"\u003e\u003cstrong\u003ePIPELINE\u003c/strong\u003e \u003cspan align=\"right\"\u003e47 leads ▼\u003c/span\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd\u003e\u003csub\u003eLead\u003c/sub\u003e\u003c/td\u003e\n    \u003ctd\u003e\u003csub\u003eScore\u003c/sub\u003e\u003c/td\u003e\n    \u003ctd\u003e\u003csub\u003eStatus\u003c/sub\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd\u003e\u003cstrong\u003eAcme Corp\u003c/strong\u003e\u003c/td\u003e\n    \u003ctd\u003e92/100\u003c/td\u003e\n    \u003ctd\u003e✅ Ready\u003cbr\u003e👤 \u003ccode\u003e[Call]\u003c/code\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd\u003e\u003cstrong\u003eNova Labs\u003c/strong\u003e\u003c/td\u003e\n    \u003ctd\u003e78/100\u003c/td\u003e\n    \u003ctd\u003e🤖 Enriching\u003cbr\u003e🤖 Score next\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd\u003e\u003cstrong\u003ePeak Inc\u003c/strong\u003e\u003c/td\u003e\n    \u003ctd\u003e--\u003c/td\u003e\n    \u003ctd\u003e🤖 Scraping...\u003cbr\u003e\u003csub\u003e3 sources\u003c/sub\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd colspan=\"3\"\u003e💬 \u003cstrong\u003eScoring Agent\u003c/strong\u003e\u003cbr\u003e\"Acme Corp: 200 employees, Series A, hiring 3 engineers. Score: 92. Ready for review.\"\u003cbr\u003e\u003cbr\u003e👤 \u003ccode\u003e[Accept]\u003c/code\u003e \u003ccode\u003e[Edit]\u003c/code\u003e \u003ccode\u003e[Skip]\u003c/code\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd width=\"100%\" valign=\"top\"\u003e\n\n\u003cdiv align=\"center\"\u003e\n\n\u003ch3\u003e📊 GTM War Room\u003c/h3\u003e\n\n\u003csub\u003e**Flow:** 🤖 Agent pulls weekly metrics → 👤 PMM reviews positioning → 👤 Sales adds field notes → 🤖 Agent generates battlecard\u003c/sub\u003e\u003cbr\u003e\n\u003csub\u003e**Tools:** HubSpot, Slack, Google Docs, Analytics\u003c/sub\u003e\u003cbr\u003e\n\u003csub\u003e**Agents:** Metrics Agent, Battlecard Agent\u003c/sub\u003e\n\n\u003c/div\u003e\n\n\u003ctable align=\"center\" width=\"90%\" cellpadding=\"10\"\u003e\n  \u003ctr\u003e\n    \u003ctd colspan=\"2\"\u003e\u003cstrong\u003eGTM WAR ROOM\u003c/strong\u003e\u003c/td\u003e\n    \u003ctd align=\"right\"\u003e\u003csub\u003eWeek 21 ▼\u003c/sub\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"36\" align=\"center\"\u003e📈\u003c/td\u003e\n    \u003ctd colspan=\"2\"\u003e\u003cstrong\u003eTHIS WEEK\u003c/strong\u003e\u003cbr\u003ePipeline: $320k (+14%)\u003cbr\u003eWin rate: 38% (up from 31%)\u003cbr\u003eLost to competitor: 3 deals\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"36\" align=\"center\"\u003e👤\u003c/td\u003e\n    \u003ctd colspan=\"2\"\u003e\u003cstrong\u003ePMM added positioning note\u003c/strong\u003e\u003cbr\u003e\"Emphasize self-hosted angle vs. Acme's cloud-only offer\"\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"36\" align=\"center\"\u003e👤\u003c/td\u003e\n    \u003ctd colspan=\"2\"\u003e\u003cstrong\u003eSales added field note\u003c/strong\u003e\u003cbr\u003e\"Acme offering 40% discounts to win back churned accounts\"\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd width=\"36\" align=\"center\"\u003e🤖\u003c/td\u003e\n    \u003ctd colspan=\"2\"\u003e\u003cstrong\u003eBattlecard Agent\u003c/strong\u003e\u003cbr\u003e\"Updated battlecard with new field intel. 2 new objection handlers added.\"\u003cbr\u003e\u003cbr\u003e👤 \u003ccode\u003e[Review card]\u003c/code\u003e \u003ccode\u003e[Push to Docs]\u003c/code\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/table\u003e\n\nAnd many more:\n\n| Use Case | What It Does | Tools | Agents |\n|:---|:---|:---|:---|\n| **Competitor Research Dashboard** | Monitor competitor changes, review and flag important updates, compile reports, and share research | Web Search, Google Alerts, Drive | Research Agent, Alert Agent, Report Agent |\n| **Content Curation Pipeline** | Fetch videos, select clips, cut and upload assets, and route finished content for approval | YouTube API, Clipping Service, Google Drive | Curator Agent, Clip Agent |\n| **Social Media Ops** | Draft posts, schedule across platforms, track engagement, repurpose top performers | Twitter/X, LinkedIn, Buffer | Content Agent, Scheduling Agent, Analytics Agent |\n| **Recruiting Pipeline** | Source candidates, screen resumes, schedule interviews, track pipeline | LinkedIn, ATS, Google Calendar, Gmail | Sourcing Agent, Screening Agent, Scheduling Agent |\n| **Customer Success** | Pull data from CRMs and support tools, surface churn risk, draft outreach | HubSpot, Intercom, Slack | Insights Agent, Churn Agent, Outreach Agent |\n| **Invoice \u0026 Expense Tracking** | Collect invoices from email, extract data, match to POs, flag discrepancies | Gmail, Google Drive, Accounting API | Extraction Agent, Matching Agent, Approval Agent |\n| **Compliance Monitoring** | Scan for policy violations, flag issues, route to approvers | Internal APIs, Slack, Jira | Compliance Agent, Triage Agent, Routing Agent |\n| **Internal Knowledge Base** | Continuously index docs, summarize updates, answer team questions | Notion, Confluence, Slack | Indexing Agent, Summary Agent, Q\u0026A Agent |\n| **Founder's Daily Brief** | Aggregate metrics, news, emails, and calendar into one morning summary | Gmail, Google Calendar, Analytics, Web Search | Metrics Agent, News Agent, Brief Agent |\n| **PR \u0026 Media Monitoring** | Track brand mentions, analyze sentiment, draft responses, alert on crises | Web Search, Twitter/X, Slack, Google Docs | Monitor Agent, Sentiment Agent, Response Agent |\n| **Product Feedback Loop** | Collect feedback from support tickets, reviews, and calls, cluster themes, surface to PM | Intercom, G2, Gong, Slack | Collection Agent, Clustering Agent, Summary Agent |\n| **Vendor \u0026 Contract Management** | Track renewal dates, compare pricing, flag expiring contracts, draft RFPs | Gmail, Notion, Slack | Tracker Agent, Comparison Agent, Draft Agent |\n| **SEO Content Pipeline** | Research keywords, generate briefs, draft articles, track rankings | Ahrefs, Web Search, Notion, Analytics | Research Agent, Brief Agent, Writer Agent |\n| **Security Alert Triage** | Ingest alerts from multiple tools, deduplicate, prioritize, assign to on-call | PagerDuty, Slack, Jira, SIEM API | Ingestion Agent, Triage Agent, Assignment Agent |\n| **Meeting Follow-ups** | Record action items from meetings, assign owners, send follow-up emails, track completion | Google Calendar, Gong, Gmail, Notion | Notes Agent, Follow-up Agent, Tracker Agent |\n\n---\n\n## Why Second is Special\n\n**Second generates dynamic, agent-native software.** For each app:\n\n- **Scoped tools created per app, for every agent.** Agents can never do things you don't want them to do.\n- **Second is true self-building software.** It generates the integrations, connection instructions, and scoped tools.\n- **Agents never see secrets.** Secrets are injected server-side.\n- **`agents.json`: governed policy as code.** Each app has an `agents.json`. Changes require admin approval via hash verification.\n- **Draft and published are fully separated.** Builders iterate freely with mock data. Published apps only run the last approved config.\n\nOn top of that, Second handles the hard parts:\n\n| Capability | \u0026nbsp; |\n|:---|:---|\n| **🤹 Multi-agent orchestration** | Multiple specialized agents per app, coordinated through shared app state |\n| **⏲️ Long-running async work** | Scheduled jobs, periodic research, background runs, and resumable streams |\n| **🗃️ Live data persistence** | Realtime DB with Change Streams; app data survives restarts and user churn |\n| **🧾 Governance and auditability** | Review flows, access checks, integration approvals, and searchable audit events |\n\n---\n\n## Security \u0026 Governance\n\nSecond is designed for enterprise teams that need complete control over what humans and agents can access and do.\n\n**Zero-trust architecture for agents.** No agent is granted implicit access to anything. Every capability, every data collection, every integration must be explicitly declared, scoped, and approved before an agent can act.\n\n| Feature | Description |\n|:---|:---|\n| **Agent access control** | Capabilities defined in `agents.json`: approved collections, allowed tools, integration scopes. Changes require admin approval via cryptographic hash verification. Secrets injected server-side; agents never see credentials. |\n| **Role-based access control** | Workspace roles (owner, admin, member) with granular permissions: `integrations:manage`, `members:invite`, `audit:read`. App-level roles for creators and collaborators. |\n| **Approval flows** | Draft/review/publish lifecycle. Platform engineers approve apps, agent configs, and integration grants before anything goes live. |\n| **Domain-locked tools** | Custom HTTP tools locked to declared domains. Private IP access rejected. Agents with org tools such as HubSpot and Slack are blocked from internet access. |\n| **Audit logs** | Every action recorded: app changes, agent tool calls, data writes, access denials, integration usage. Secrets are never stored, only hashes and metadata. |\n| **Workspace isolation** | Complete tenant isolation. Every query scoped to `workspaceId`. Cross-workspace access returns `404`, not `403`, to prevent resource enumeration. |\n| **Subprocess hardening** | Infrastructure secrets scrubbed from agent subprocess environments. Linux deployments use `bubblewrap` sandboxing. CLI runtimes get allowlisted env + private per-app HOME. |\n\n### `agents.json`: Agent Policy as Code\n\nEvery app's agent capabilities are declared, version-controlled, and approved:\n\n```json\n{\n  \"agents\": [\n    {\n      \"id\": \"lead-enricher\",\n      \"name\": \"Lead Enricher\",\n      \"description\": \"Enriches leads with public company data\",\n      \"systemPrompt\": \"You are a lead enrichment agent...\",\n      \"dataCollections\": [\"leads\"],\n      \"tools\": [\n        { \"type\": \"builtin\", \"name\": \"WebSearch\", \"enabled\": true },\n        {\n          \"type\": \"custom\",\n          \"name\": \"hubspot_fetch_contacts\",\n          \"integration\": { \"domain\": \"hubapi.com\" },\n          \"endpoint\": {\n            \"method\": \"GET\",\n            \"url\": \"https://api.hubapi.com/crm/v3/objects/contacts\",\n            \"headers\": { \"Authorization\": \"Bearer {{secrets.HUBSPOT_PRIVATE_APP_TOKEN}}\" }\n          }\n        }\n      ]\n    }\n  ]\n}\n```\n\n\u003ctable\u003e\n\u003ctr\u003e\u003ctd\u003e\n\n- Secrets are resolved server-side via `{{secrets.*}}` templates, never embedded in config\n- Any change to `agents.json` **clears existing approval**, preventing silent config drift\n- Published apps use the **last approved hash** only, while draft changes stay sandboxed\n\n\u003c/td\u003e\u003c/tr\u003e\n\u003c/table\u003e\n\n## Self-Hosting\n\nSecond runs on your infrastructure: your Kubernetes cluster, your VPC, your rules.\n\nFor full environment setup, see the [self-hosting docs](https://docs.second.so/self-hosting).\n\n\u003e [!TIP]\n\u003e Need help with security, SSO, deployment, cost management, runtime setup, or SLA support? Contact [sales@second.so](mailto:sales@second.so).\n\n### Production Requirements\n\n| Component | Requirement |\n|:---|:---|\n| **MongoDB 8.0+** | Replica set (required for Change Streams) |\n| **Redis 7+** | Stream resumption, pub/sub, OAuth state |\n| **Auth provider** | External auth (WorkOS or custom) for `SECOND_AUTH_MODE=external` |\n| **HTTPS** | Reverse proxy with TLS termination |\n| **Agent runtime credentials** | Claude: `ANTHROPIC_API_KEY` or Bedrock (`CLAUDE_CODE_USE_BEDROCK=1` with `AWS_BEARER_TOKEN_BEDROCK`, `AWS_ACCESS_KEY_ID` / `AWS_SECRET_ACCESS_KEY`, or `AWS_PROFILE`); Codex: `CODEX_API_KEY` or `OPENAI_API_KEY` |\n\n\u003cbr\u003e\n\n## Architecture\n\n```\n+------------------------------------------------------------------------------+\n| Browser                                                                      |\n| App UI, chat, generated app iframe                                           |\n+-----------------------------------+------------------------------------------+\n                                    |\n                                    | REST + SSE\n                                    v\n+------------------------------------------------------------------------------+\n| Web (Next.js)                                                                |\n| Public entrypoint, auth, workspace guards, API routes, reviews               |\n| Tool execution, secret resolution, app data, auditability                    |\n+------------------+--------------------------+--------------------------+------+\n                   |                          |                          |\n                   | private HTTP + SSE       | persistent state         | replay + events\n                   | internal auth            | Change Streams           | OAuth state + locks\n                   v                          v                          v\n+---------------------------+     +---------------------------+     +------------------+\n| Worker (Hono)             |     | MongoDB Replica Set       |     | Redis            |\n| Claude Code, Codex        |     | workspaces, apps, runs    |     | stream replay    |\n| OpenCode, app agents      |     | app_data, audit logs      |     | workspace pubsub |\n+-------------+-------------+     | integration metadata      |     +------------------+\n              |                   +---------------------------+\n              |\n              | internal callbacks\n              | /api/internal/*\n              v\n+------------------------------------------------------------------------------+\n| Web-owned governed layer                                                     |\n| Tool calls, app-data writes, approvals, tenant boundaries                    |\n| Secrets stay server-side before reaching external systems                    |\n+-----------------------------------+------------------------------------------+\n                                    |\n                                    | server-side tools\n                                    v\n+------------------------------------------------------------------------------+\n| External systems                                                             |\n| OAuth providers, APIs, internal services                                     |\n+------------------------------------------------------------------------------+\n```\n\nAgents run in the Worker. App-data writes, tool calls, secret resolution, and audit trails go through the Web layer, so the Worker can run agents without becoming the source of truth for permissions or data.\n\n\u003cbr\u003e\n\n## CLI\n\nRun Second locally with one command:\n\n```bash\nnpx --yes @second-inc/cli\n```\n\n| Platform | Status |\n|:---|:---|\n| Apple Silicon Mac (M1-M5) | **Available now** |\n| Linux x64, Windows via WSL2 | Experimental |\n| Intel Mac, native Windows | Coming soon |\n\n\u003cdetails\u003e\n\u003csummary\u003e\u0026nbsp;\u0026nbsp;\u003cstrong\u003eCLI Commands\u003c/strong\u003e\u003c/summary\u003e\n\u003cbr\u003e\n\n```bash\nnpx --yes @second-inc/cli                      # Start Second\nnpx --yes @second-inc/cli stop                 # Stop all services\nnpx --yes @second-inc/cli reset                # Stop + delete all data\nnpx --yes @second-inc/cli --port 4000          # Custom port\nnpx --yes @second-inc/cli --disable-telemetry  # No analytics\n```\n\n\u003c/details\u003e\n\n### Windows via WSL2\n\nSecond does not currently run from native Windows PowerShell or Command Prompt. On Windows, run it through WSL2:\n\n1. Open PowerShell as Administrator.\n2. Install Ubuntu on WSL2:\n\n```powershell\nwsl --install -d Ubuntu\n```\n\n3. Restart Windows if prompted.\n4. Open Ubuntu from Windows Terminal or the Start menu.\n5. Create the Ubuntu username/password when prompted.\n6. In Ubuntu, install Node.js 20+ and npm.\n7. Start Second from the Ubuntu terminal:\n\n```bash\nnpx --yes @second-inc/cli\n```\n\n\u003cdetails\u003e\n\u003csummary\u003e\u0026nbsp;\u0026nbsp;\u003cstrong\u003eDevelopment from Source\u003c/strong\u003e\u003c/summary\u003e\n\u003cbr\u003e\n\n**Prerequisites:** Node.js 20+, npm 10+, Docker Desktop\n\nThis starts MongoDB + Redis in Docker, and the web + worker processes on your host. Open the URL printed by the script or check `.second-dev.txt`.\n\n```bash\ngit clone https://github.com/Second-Inc/second.git\ncd second\nnpm run dev\n```\n\n\u003c/details\u003e\n\n\u003cbr\u003e\n\n## Contributing\n\nWe welcome contributions. See [CONTRIBUTING.md](CONTRIBUTING.md) and the\n[docs](https://docs.second.so) for architecture details and development setup.\nReport security issues privately; see [SECURITY.md](SECURITY.md).\n\n\u003cbr\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003csub\u003eSecond is licensed under the \u003ca href=\"LICENSE\"\u003eApache License 2.0\u003c/a\u003e.\u003c/sub\u003e\n\u003c/p\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsecond-inc%2Fsecond","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsecond-inc%2Fsecond","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsecond-inc%2Fsecond/lists"}