Skip to content

nimbus-agent/Nimbus

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2,360 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Nimbus

Cross-service incident context in under 100 ms. Consent-gated automation. Your credentials never leave the machine.

A local-first, HITL-gated AI agent over your dev tools — it builds a private index of your work across 80+ services and answers questions and runs multi-step workflows entirely on your machine.

CI License: AGPL-3.0 Docs Discussions

Install · Docs · Watch the 90-second cast · Architecture


Note

Nimbus is a headless Gateway + CLI (plus a VS Code extension and a browser web clipper). It runs on your machine and talks to ~80 cloud services through first-party MCP connectors. Nothing about your data — the index, your credentials, the audit log — leaves your box.

What it does

Three things, in one query:

  • Incident response — PagerDuty alert → deploy → commit → author, correlated locally.
  • CVE / code exposure — indexed code search across every connected repo, with no fan-out network calls.
  • Data lineage — Tableau → Looker → dbt → Airflow → the renamed column.

Three load-bearing words

  • local — the SQLite index, the Vault, and the audit log all live on your machine. The cloud is a connector, not the source of truth.
  • consent-gated — every destructive or outbound action is intercepted by a human-in-the-loop gate before it runs. It lives in the executor, not the prompt, so it can't be jailbroken away.
  • MCP — every connector speaks the Model Context Protocol. The engine never calls a cloud API directly.

Quickstart

1. Install (per-user, no admin/sudo required):

macOS / Linux
curl -fsSL https://github.com/nimbus-agent/Nimbus/releases/latest/download/install.sh -o /tmp/nimbus-install.sh
# inspect it first if you like:  less /tmp/nimbus-install.sh
bash /tmp/nimbus-install.sh
nimbus --version
Windows (PowerShell, no admin)
irm https://github.com/nimbus-agent/Nimbus/releases/latest/download/install.ps1 | Invoke-Expression
# open a new PowerShell window:
nimbus --version

Every release artefact is GPG-signed (key 5A20457CCD8B53FFAA945240886ADA6B487CAB6E) with a SHA-256 manifest and build-provenance attestations — see Verify your download. Homebrew and Scoop taps are also available (see the install guide).

2. Connect a service — the fastest path is a token-based connector like GitHub:

nimbus connector auth github --token <your_PAT>
nimbus connector sync github

(OAuth services — Google Drive, Gmail, Slack, … — use nimbus connector add <service>, which opens your browser. See Connect a service.)

3. Ask:

nimbus ask "what PRs did I open in the last 7 days?"

Run it fully offline

Nimbus needs an LLM, but it does not require a cloud one. Point it at a local model and nothing — not even prompts — leaves the machine:

# ~/.config/nimbus/nimbus.toml
[llm]
prefer_local = true
local_model  = "llama3.1"     # served by Ollama on http://127.0.0.1:11434

See Local & air-gapped LLM setup.

How it works

80+ cloud services ─▶ first-party MCP connectors ─▶ local SQLite index (+ embeddings)
                                                          │
                              your question ─▶ engine ─▶ HITL consent gate ─▶ action
                                                          │
                                       CLI · VS Code · web clipper · (desktop, coming)

A headless Bun Gateway maintains the private index and runs the agent; clients talk to it only over local JSON-RPC IPC. Credentials live in the OS keystore (DPAPI / Keychain / libsecret) — never in logs, config, or IPC. Full design: Architecture.

Connectors

80+ first-party MCP connectors across Google, Microsoft, GitHub/GitLab, Slack, Jira, Notion, plus observability, CI/CD, security/quality, feature-flags, GitOps, data/BI, deploy, finance, and support tools. Browse the full roster in the connector docs; building your own is covered in CONTRIBUTING.

Security & trust

  • Human-in-the-loop consent on every outbound/destructive action (structural, not a prompt).
  • No plaintext credentials — OS Vault only.
  • Signed, reproducible releases — GPG manifests, SBOM (CycloneDX), build-provenance attestations.
  • Audited — see the security model & disclosure policy.

Found a vulnerability? See SECURITY.md.

Community & contributing

License

Dual-licensed by design: AGPL-3.0 for the gateway, CLI, and MCP connectors; MIT for the separately-published @nimbus-dev/sdk and @nimbus-dev/client npm packages so extensions and integrations stay unencumbered.

About

On-call intelligence for DevOps and platform teams. Local-first AI agent over your tools — HITL-gated, MCP-native, AGPL-3.0.

Topics

Resources

License

Code of conduct

Contributing

Security policy

Stars

2 stars

Watchers

0 watching

Forks

Packages

 
 
 

Contributors