Project

kodo-bot

0.0
No release in over 3 years
kodo-botapiguy/kodoHomepageDocumentationSource CodeBug TrackerWiki
An open-source, security-first AI agent framework in Ruby with capability-based permissions, sandboxed skills, and a layered prompt system.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
 Popularity
Downloads
862
Stars
0
Forks
0
Watchers
0
 Releases
Current version
0.2.3
Total releases
6
First release
1980-01-02
Latest release
1980-01-02
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2026-02-21
Reverse Dependencies
0

 Dependencies

Runtime

ruby_llm
~> 1.2
zeitwerk
~> 2.6
 Project Readme

πŸ₯ Kodo

Kodo (ιΌ“ε‹•, "heartbeat") is an open-source, security-first AI agent framework written in Ruby. It runs locally on your hardware and communicates through the messaging platforms you already use.

Unlike cloud-hosted AI assistants, Kodo keeps your data on your machine, enforces capability-based permissions on every action, and gives you full control over what your agent can and cannot do.

Status: Early development β€” foundation is working, security layer is next.

Quick Start

Prerequisites

Setup

git clone https://github.com/apiguy/kodo.git
cd kodo
bundle install

# Initialize Kodo's home directory
ruby bin/kodo init

# Set your LLM API key (pick any provider)
export ANTHROPIC_API_KEY="sk-ant-..."
# or: export OPENAI_API_KEY="sk-..."
# or: just run Ollama locally β€” no key needed

# Set up Telegram
export TELEGRAM_BOT_TOKEN="123456:ABC-DEF..."

# Enable Telegram and set your model in the config
# Edit ~/.kodo/config.yml

# Start Kodo
ruby bin/kodo start

Now message your bot on Telegram. Kodo is alive.

CLI Chat (no Telegram needed)

export ANTHROPIC_API_KEY="sk-ant-..."  # or any provider key
ruby bin/kodo chat

Commands

kodo start      Start the Kodo daemon
kodo chat       Chat with Kodo directly in the terminal
kodo memories   List what Kodo remembers about you
kodo status     Show daemon status
kodo init       Create default config in ~/.kodo/
kodo version    Show version
kodo help       Show help

How It Works

Kodo runs a heartbeat loop β€” a periodic cycle that polls your messaging channels for new messages, processes them through an LLM, and sends responses back. This heartbeat is what makes Kodo an agent rather than a chatbot: it runs continuously, can notice things, and will eventually take proactive action on your behalf.

Your Phone (Telegram) ←→ Telegram API ←→ Kodo Daemon ←→ Anthropic Claude
                                              β”‚
                                         Memory Store
                                        (conversations,
                                         audit trail)

Architecture

See ARCHITECTURE.md for the full system design, component details, and roadmap.

Configuration

Kodo stores its config and data in ~/.kodo/:

~/.kodo/
β”œβ”€β”€ config.yml              # LLM provider and channel settings
β”œβ”€β”€ persona.md              # Agent personality and tone (make Kodo yours)
β”œβ”€β”€ user.md                 # Tell Kodo about yourself
β”œβ”€β”€ pulse.md                # What to notice during idle beats
β”œβ”€β”€ origin.md               # First-run onboarding conversation
└── memory/
    β”œβ”€β”€ conversations/      # Chat history (per-conversation JSON)
    β”œβ”€β”€ knowledge/          # Long-term remembered facts (JSONL)
    └── audit/              # Daily audit logs (JSONL)

Prompt Files

Kodo's personality is defined by plain Markdown files, not code. Edit them to make the agent yours:

  • persona.md β€” How Kodo talks. Tone, style, opinions. "Respond like a senior engineer doing code review" is more useful than "be helpful."
  • user.md β€” Who you are. Name, role, timezone, current projects. Helps Kodo give contextual answers.
  • pulse.md β€” What Kodo should pay attention to during idle heartbeat cycles. "Remind me about standup at 9:45am" or "summarize unread messages if more than 5 accumulate."
  • origin.md β€” Runs on first conversation only. Kodo introduces itself and helps you set up.

These files are advisory β€” they shape behavior but cannot override Kodo's hardcoded security invariants (no data exfiltration, no prompt injection compliance, no impersonation).

Secrets (API keys, bot tokens) are never stored in config files. Instead, config references environment variable names using the _env suffix convention:

llm:
  api_key_env: ANTHROPIC_API_KEY  # reads $ANTHROPIC_API_KEY at runtime

Security

Kodo is being built security-first:

  • Encrypted memory β€” conversation history and knowledge encrypted at rest (AES-256-GCM)
  • Sensitive data redaction β€” regex + LLM-assisted detection scrubs secrets before writing to disk
  • Audit trail β€” every action logged with what triggered it
  • Layered prompt security β€” hardcoded invariants cannot be overridden by user-editable files

Planned:

  • Capability-based permissions β€” skills declare what they need, you grant scoped access
  • Sandboxed skill execution β€” skills run in isolated processes
  • Signed skills β€” cryptographic verification before loading any skill

License

MIT

Links