https://github.com/tjamescouch/org

LLM sandbox
https://github.com/tjamescouch/org

ai-agent ai-orchestration bun cli-tool developer-tools gpt-oss llm local-llm multi-agent open-source patch-review sandboxing typescript

Last synced: 4 months ago
JSON representation

LLM sandbox

• Host: GitHub
• URL: https://github.com/tjamescouch/org
• Owner: tjamescouch
• License: mit
• Created: 2025-08-09T05:29:58.000Z (11 months ago)
• Default Branch: main
• Last Pushed: 2026-02-07T16:45:40.000Z (4 months ago)
• Last Synced: 2026-02-08T00:58:40.293Z (4 months ago)
• Topics: ai-agent, ai-orchestration, bun, cli-tool, developer-tools, gpt-oss, llm, local-llm, multi-agent, open-source, patch-review, sandboxing, typescript
• Language: TypeScript
• Homepage:
• Size: 2.45 MB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 10
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE
  • Security: SECURITY.md

Awesome Lists containing this project

README

          
![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)

# org

_Agentic dev helpers that can "do things" in your repo while you watch, review, and approve every change._

- ✏️ **Conversational**: give a task, the agent plans and executes.

- 🤝 **Collaborative**: works as part of a multi-agent setup, coordinating steps and maintaining a conversation between the agents.

- 🧰 **Tools**: `sh`, `apply_patch`, etc. 100% auditable.

- 🔒 **Safe-by-default**: denylist for dangerous paths; *every* change turns into a patch you review before it lands.

- 🧪 **Deterministic runs**: all stdout/stderr, artifacts, and a git patch are saved under `.org/runs/` for inspection or CI upload.

- 🛡️ **Optional containerized sandbox**: run steps inside a Podman container with no network by default (quickstart config allows egress to the host LLM at 192.168.5.2:11434).

> Security note. org is safe-by-default but not a hardened sandbox. For a stronger boundary, run it in the provided VM profile (Lima on Apple Silicon, VirtualBox on Intel). See [SECURITY](SECURITY.md) for hardening.

## Vision

Developers and operators deserve AI teammates they can **trust, understand, and control**. Most tools either go fully automated (opaque, risky) or stay passive (just suggest, never act). This project takes a different stance:

* **Dev + DevOps, one CLI**: A single agentic workflow that works for both coding and operations. Write code, run infra, and patch your repo — all inside the same safe loop.

* **Multi-agent as a first-class feature**: Collaboration isn't a bolt-on. Agents can coordinate, debate, and hand off tasks, while you oversee and approve every change.

* **Sandbox + patch review**: Every command runs in isolation. Every file change is surfaced as a patch. Nothing merges until you say so.

* **Safety as a value, not a feature**: Guardrails, glob-based policies, and human-in-the-loop review make it impossible for an agent to "go rogue" in your repo.

* **Composable workflows**: Use it solo as a powerful dev helper, or spin up multiple agents to cover testing, ops, and review simultaneously.

The vision is simple: **an agent CLI that feels like a real teammate — fast, opinionated, and safe.**

## Quick Start

### macOS (Apple Silicon: M1/M2/M3) — Lima backend

```sh

# 1) Install via Homebrew (CLI + VM helpers)

brew tap tjamescouch/org

brew install org lima socket_vmnet

# 2) One shot: create + provision the VM and attach when ready

orgctl quickstart

```

### Running

```sh

org

You > @@alice write "Hello World" to a file `hello-world.txt`

```

> Tip for contributors who installed an older brew orgctl: prefer the repo copy during development with PATH="$PWD:$PATH" or run ./orgctl ….

When the tool wants to touch the filesystem, it first produces a **patch**. You can read, approve, or reject it. After approval, the agent continues.

All artifacts for each run land in `.org/runs//` with comprehensive logs and the final patch.

[![asciicast](https://asciinema.org/a/741256.svg)](https://asciinema.org/a/741256)

## Installation

See [INSTALLATION.md](docs/INSTALLATION.md) for complete setup instructions.

## Documentation

- **[Installation Guide](docs/INSTALLATION.md)** - Setup for macOS and Linux not including VM setup.

- **[VM Configuration](docs/VM_CONFIGURATION.md)** — Lima/VirtualBox setup, security model, and troubleshooting.

- **[Configuration](docs/CONFIGURATION.md)** - LLM settings, environment variables, and options

- **[Usage Guide](docs/USAGE.md)** - CLI options, examples, and common workflows

- **[Architecture](docs/ARCHITECTURE.md)** - How it works under the hood

- **[Troubleshooting](docs/TROUBLESHOOTING.md)** - Common issues and solutions

- **[Testing](docs/TESTING.md)** - Running and writing tests

- **[Architectural Review](docs/ARCHITECTURAL_REVIEW.md)** - org according to org

## License

MIT



![GitHub all releases](https://img.shields.io/github/downloads/tjamescouch/org/total)

![v0.11.0](https://img.shields.io/github/downloads/tjamescouch/org/v1.1.0/total)