Skillget

agience-core

mcp
Security Audit
Warn
Health Pass
  • License — License: NOASSERTION
  • Description — Repository has a description
  • Active repo — Last push 0 days ago
  • Community trust — 36 GitHub stars
Code Warn
  • Code scan incomplete — No supported source files were scanned during light audit
Permissions Pass
  • Permissions — No dangerous permissions requested
Purpose
This tool acts as an operating system for AI workflows, managing structured data objects called "artifacts" with built-in identity tracking and version control. It functions as both an MCP server and client to help organizations audit and trust AI-generated outputs.

Security Assessment
Overall Risk: Medium. The project acts as a truth substrate for AI data, meaning it inherently handles and structures potentially sensitive information. It is designed to make network requests, acting as an MCP client connecting to external vendor servers like GitHub and Slack. However, the automated code scan was unable to examine the actual source files. Because of this blind spot, we cannot definitively rule out hardcoded secrets or verify exactly how scoped API keys and permissions are managed under the hood. No dangerous permissions were explicitly requested in the configurations checked.

Quality Assessment
The project appears to be actively developed and maintained, with its last code push occurring today. It has a small but growing community, indicated by 36 GitHub stars. While the repository features a highly detailed and professional description, the licensing status is marked as "NOASSERTION." This means the project lacks a clearly defined standard license, which could create legal uncertainty or usage restrictions for commercial applications.

Verdict
Use with caution — the active maintenance and structural focus on human-in-the-loop security are promising, but the incomplete code scan and unasserted license require manual verification before handling sensitive workflows.
SUMMARY

The operating system that AI workflows trust. Structure messy inputs. Establish identity. Track provenance. Build the durable data layer your AI workflows need to be trusted, reusable, and auditable.

README.md

Agience

The operating system that AI workflows trust.

Agience is the truth substrate for AI-generated knowledge: typed artifacts with stable identities, commit history, explicit provenance, and scoped authority. Not chat history. Not files. Structured objects that agents and humans read and write through the same layer.

Humans look at Cards. Agents look at Artifacts. The same data, the same provenance chain — the interface adapts to the consumer.

Why Agience

AI generates output. It doesn't create trust. Any LLM can produce summaries, drafts, and decisions at scale — but without identity and provenance, those outputs have no chain of custody and no reason for anyone downstream to build on them.

Agience is what turns AI output into something an organization can actually rely on. When an agent ingests a transcript, the result is a set of typed artifact objects — decisions, actions, constraints — committed into versioned collections under human review. The same object a human edits in the UI is the object an agent reads over MCP. Accountability follows from the architecture, not from policies or prompts.

Core Properties

Artifacts, not files.
Every object — document, transcript, agent config, MCP server registration, collection entry — is an artifact. Typed content, structured context, stable ID, full version history, and a record of what produced it.

Human-in-the-loop is structural.
Approval gates are first-class operators in any workflow, not a policy layer you bolt on later. The architecture enforces the boundary; it does not rely on prompts.

MCP-native throughout.
Agience is both an MCP server (exposing tools to VS Code, Claude Desktop, Cursor, or any compatible client) and an MCP client (consuming GitHub, Slack, filesystem, and other vendor MCP servers).

Trust is declared, not assumed.
Scoped API keys define exactly what each agent or server can read, write, or invoke. Identity comes from the auth token, never the request body. Delegated operations carry a record of who authorized them.

Provenance is infrastructure.
Like a filesystem journal, provenance in Agience is structural. Committed artifacts carry records of what produced them, from what inputs, under whose authority. Not a premium feature — a consequence of how the system is built.

Composable agent servers.
The platform ships with eight purpose-built MCP servers covering ingestion, retrieval, reasoning, output, networking, security, governance, and finance. Each is a standalone FastMCP service. Deploy the ones you need, replace the ones you don't.

The OS Analogy

OS Concept Agience
File records / inodes Artifacts
Windows / explorer views Cards (UI layer)
File extensions MIME content types
Working directory Workspace
Published filesystem Collection
Save / publish Commit
Kernel services Core platform
Peripheral drivers Agent persona servers
Third-party applications External MCP servers
Processes / jobs Agents / transforms
System calls MCP tool calls
Filesystem indexer OpenSearch
Capability-based access Scoped API keys
Change journal Provenance chain

What Ships Today

  • Artifact model — typed, versioned objects with stable IDs, full history, and graph relationships
  • ArangoDB architecture — all artifact storage in ArangoDB; workspaces for ephemeral drafts, collections for committed versions
  • Commit flow — explicit workspace → collection promotion; nothing published silently
  • Hybrid search — BM25 + kNN vector search with RRF fusion, aperture filtering, and per-token semantic modifiers
  • Multi-provider OAuth2 — Google, Microsoft Entra, Auth0, custom OIDC, username/password; RS256 JWT + scoped API keys
  • MCP server — 11 tools at /mcp; advertised via /.well-known/mcp.json; works in VS Code, Claude Desktop, Cursor
  • Agentic chat loop — chat artifacts with an 8-tool surface and multi-turn LLM loop
  • Live stream ingestion — OBS → SRS → real-time AWS Transcribe; transcript artifacts committed on stream end
  • S3/CloudFront media handling — direct browser-to-S3 presigned upload, signed CDN delivery, orphan cleanup
  • Eight agent persona servers — Astra (ingestion), Jarvis (retrieval), Verso (reasoning), Aria (output), Nexus (comms), Atlas (governance), Seraph (security), Ophan (finance)

See ROADMAP.md for the full capability inventory and what's coming next.

Getting Started

Hosted

Sign up at agience.ai — no setup required.

Self-hosted (Docker)

# clone and start everything
git clone https://github.com/Agience/agience-core-working.git
cd agience-core-working
cp .env.example .env          # fill in OPENAI_API_KEY and OAuth credentials
.\agience dev -f --build      # Windows
./agience dev -f --build      # Linux / macOS

Full setup guide: docs/getting-started/self-hosting.md

Connect via MCP

// .vscode/mcp.json
{
  "servers": {
    "agience": {
      "url": "https://your-instance/mcp",
      "headers": { "Authorization": "Bearer YOUR_API_KEY" }
    }
  }
}

Full MCP setup guide: docs/mcp/client-setup.md

Architecture

  ┌─────────────────────────────────────┐
  │  Presentation (React / Vite)        │  Cards, grid, windows, navigation
  └─────────────────────────────────────┘
                    │ registry
  ┌─────────────────────────────────────┐
  │  Handlers (MCP Servers)             │  Type-specific viewers, tools, prompts
  │  Aria · Astra · Atlas · Jarvis      │  Served as ui:// MCP resources
  │  Nexus · Ophan · Seraph · Verso     │  Each a standalone FastMCP process
  └─────────────────────────────────────┘
                    │ MCP
  ┌─────────────────────────────────────┐
  │  Core (FastAPI)                     │  Type-agnostic platform services
  │  Auth · Artifacts · Workspaces      │  ArangoDB · OpenSearch
  │  Collections · Search · MCP infra  │  S3 · JWT · Scoped API keys
  └─────────────────────────────────────┘

Architecture spec: .dev/features/layered-architecture.md

Repo layout

backend/        FastAPI Core — type-agnostic platform services
frontend/       React + Vite + Tailwind UI
servers/        First-party MCP persona servers
servers/_host/  Unified Docker mount for all personas
types/          Builtin MIME type definitions
hosts/          Desktop companion relay runtime
docker/         Compose files and Caddy config
docs/           Public-facing documentation
.dev/           Internal specs, architecture, audits

Documentation
Platform Overview What ships and how it fits together
Self-Hosting Guide Deploy on your own infrastructure
MCP Setup Connect VS Code, Claude Desktop, Cursor
Search Query Language +required, ~semantic, type:, tag: operators
MCP Overview Full MCP server and client architecture
ROADMAP.md Shipped and in-progress capabilities
CONTRIBUTING.md Contribution guidelines and CLA

Contributing

Bug reports, documentation improvements, new agent tools, and thoughtful feature proposals are welcome.

  1. Read CONTRIBUTING.md and CLA.md
  2. Open an issue before writing code for new features
  3. Security issues → [email protected] (do not open a public issue)

License

Agience Core is licensed under the GNU Affero General Public License v3.0 (AGPL-3.0-only).

  • Free use: open-source and AGPL-compliant deployments, including network-accessible services that share source
  • Commercial license required: proprietary/closed-source use, managed services without source disclosure, OEM/embedded distribution, white-label use

See LICENSE.md.

Reviews (0)

No results found