skelmBuild secure, agentic, long-running workflows in TypeScript

Default-deny permissions · Multi-backend agents · MCP-native · Self-hosted

🔒

Default-Deny Security

Every agent step declares allowed tools, executables, MCP servers, network egress, and filesystem roots.

⚡

Workflows are real .ts modules — refactor, test, type-check, version like any other code.

🧩

Opencode, ACP (Copilot, Claude Code, Gemini), OpenAI, Anthropic, Pi — provider SPI for custom ones.

🌐

Model Context Protocol servers are first-class registry citizens, lifecycle-managed by the gateway.

🔄

Hosts workflows over HTTP + SSE, drives the scheduler, owns the trust boundary.

💾

SQLite by default; Postgres + vault drivers for production. No managed cloud, no telemetry.