Arkloop
Health Warn
- License — License: NOASSERTION
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Low visibility — Only 5 GitHub stars
Code Warn
- process.env — Environment variable access in bin/check-no-org.mjs
- network request — Outbound network request in compose.yaml
Permissions Pass
- Permissions — No dangerous permissions requested
This project is an open-source, design-focused AI agent platform. It provides a desktop application for managing and running AI agents with multi-model routing, persistent memory, and isolated code execution capabilities.
Security Assessment
The overall security risk is rated as Medium. The tool natively handles sensitive operations, including executing code within isolated environments like Docker containers or microVMs, and routes user conversations to external AI APIs. The automated scan flagged outbound network requests within its configuration files. While it does not request dangerous system permissions and no hardcoded secrets were found, the application relies on environment variables for configuration. The stated "Prompt Injection Protection" would require a deeper manual code review to verify its effectiveness, given the inherent risks of executing AI-generated code.
Quality Assessment
The repository is very new and actively maintained, with recent pushes occurring just days ago. However, community trust and visibility are currently very low, with only 5 GitHub stars. Furthermore, the license is marked as "NOASSERTION" by GitHub, and the README references a custom "Arkloop License," meaning the exact open-source terms and usage restrictions are unclear without manual inspection. The project is explicitly labeled as an "Early Access" Alpha release, meaning users should expect potential bugs, data loss, and incomplete features.
Verdict
Use with caution — it handles sensitive tasks like code execution, but its early alpha status, unclear licensing, and low community adoption mean it is not yet suitable for critical or production environments.
干净、强大、属于你的 AI Agent 平台 --AI agents, without the clutter.
Open-source / Clean / Powerful — Your AI Agent Platform
Early Access — Arkloop is currently in early public access; all releases are Alpha. You may encounter bugs, data loss, API changes, or incomplete features. We are iterating rapidly, but stability has not been fully validated. If you are willing to use it at this stage and provide feedback, we greatly appreciate it.
Arkloop is a design-focused open-source AI agent platform. Multi-model routing, sandboxed execution, persistent memory — a clean desktop app, ready out of the box.
Download
Download the latest version from GitHub Releases, supporting macOS, Linux, and Windows.
The desktop app bundles the full runtime — no Docker, no configuration. Just open and use. Automatic updates via GitHub Releases.
Contributing
We welcome contributions of all kinds.
Even if you're not a developer, just a regular user — if anything feels off while using it, even a bit of spacing, a color, a tiny detail, or a big-picture direction — please open an issue. We take every UX detail seriously, and your feedback makes the experience better for everyone.
See CONTRIBUTING.md for commit conventions and development workflow.
If you can, give us a Star
Features
Arkloop does what other AI chat tools do — multi-model support, tool calling, code execution, memory — but we focus on doing it cleanly:
- Multi-Model Routing — OpenAI, Anthropic, and any compatible API; priority-based automatic routing with rate limit handling
- Sandboxed Execution — Code runs in Firecracker microVMs or Docker containers with strict resource limits
- Persistent Memory — System constraints, long-term facts, and session context preserved across conversations
- Prompt Injection Protection — Semantic-level scanning that detects and blocks injection attacks
- Channel Integration — Telegram integration with media handling and group context
- Custom Personas — Independent system prompts, tool sets, and behavior configs; Lua scripting supported
- MCP / ACP — Model Context Protocol and Agent Communication Protocol support
- Skill Ecosystem — Import skills from ClawHub, compatible with OpenClaw SKILL.md format
Full documentation at docs.
Architecture
| Service | Stack | Role |
|---|---|---|
| API | Go | Authentication, RBAC, resource management, audit logging |
| Gateway | Go | Reverse proxy, rate limiting, risk scoring |
| Worker | Go | Job execution, LLM routing, tool dispatch, agent loop |
| Sandbox | Go | Code execution isolation |
| Desktop | Electron + Go | Native desktop app with embedded sidecar |
| Web | React / TypeScript | User interface |
| Console | React / TypeScript | Admin dashboard |
Infrastructure: PostgreSQL, Redis, SeaweedFS (or filesystem), OpenViking (vector memory).
Development
bin/ci-local quick # Quick local CI
bin/ci-local integration # Go integration tests
bin/ci-local full # Full check
Self-Hosting
The self-hosting deployment path is still in development. While included in the current release, availability is not guaranteed. We are not focusing on this during the Alpha phase. We plan to provide full server deployment support once the desktop version stabilizes.
Contributors
Security
To report vulnerabilities, please email [email protected] instead of opening a public issue. See SECURITY.md for our disclosure policy.
License
Licensed under the Arkloop License, a modified Apache License 2.0 with additional conditions:
- Multi-tenant restriction — Source code may not be used to operate a multi-tenant SaaS without written authorization.
- Brand protection — LOGO and copyright information in the frontend components must not be removed or modified.
Reviews (0)
Sign in to leave a review.
Leave a reviewNo results found