Website | Documentation | Issues | License: MIT
A voice-first AI assistant with authorized camera vision, bounded browser actions, launch-only desktop integration, persistent memory, governed learning experiments, and scheduled tasks. No framework. Open source.
curl -fsSL https://appatalks.github.io/eva-agent/get-eva.sh | bashThen launch:
evaEva is also added to your system application menu (GNOME, KDE, etc.), so you can search for "Eva" in your app launcher.
Or clone and run manually:
git clone https://github.com/appatalks/eva-agent.git
cd eva-agent
./install.sh # install dependencies
cd standalone && npm install && npm run dist
./dist/'Eva Standalone-5.4.0.AppImage'Prereqs: Node.js 24+ and Python 3.12+. GitHub Copilot CLI plus
copilot auth login is required only for cloud egress mode; LM Studio local
operation does not require Copilot CLI.
| Camera vision | Webcam presence sensing, face-detection auto-wake, and on-demand one-frame vision with an Electron-native one-use authorization and fresh-frame receipt |
| Browser agent | Isolated Playwright DOM/vision loop with DNS-pinned public egress, native launch authorization, per-action approval, and verified outcomes |
| Desktop agent | Launch-only containment for curated root-owned GUI binaries; pointer, keyboard, shell, arguments, and window helpers remain broker-disabled |
| Voice interface | Full-screen voice orb, wake/barge-in, TTS (OpenAI, Polly, Bark, browser) |
| Signal messaging | Send-only delivery for configured trusted alerts via signal-cli; model text cannot dispatch messages |
| Persistent memory | Canonical local SQLite with optional consent-aware Kusto/ADX projection, default-off shadow/hybrid claim recall, and human-approved evidence-linked consolidation proposals |
| Verified artifacts | Session-scoped immutable identities, SHA-256-verified downloads, and no server-side file opening |
| Safe skill learning | Default-off local shadow pipeline records verified outcomes, proposes restricted immutable candidates, and evaluates them deterministically without activation |
| Legacy skill drafts | Existing provider-backed draft suggestion is separately gated by strict default-off EVA_LEGACY_SKILL_AUTO_LEARN; it grants no activation authority |
| Cron scheduler | Standard cron expressions, recurring prompts, morning briefings, alerts |
| Subagent parallelism | Spawn up to 4 concurrent ACP tasks, results via notifications |
| Multi-provider | OpenAI, Google Gemini, GitHub Copilot, lm-studio (local) |
| Doctor diagnostics | Structured readiness probe for every subsystem with actionable fixes |
| MCP ecosystem | Azure, GitHub, and Kusto integrations; desktop-control MCP servers are release-disabled |
| Cognitive layer | Eva + Reviewer dual-agent pipeline with configurable models |
| Explicit egress policy | Cloud, local-network, or air-gapped offline operation with fail-closed routing |
Select Eva (AIG) in the model dropdown for the full experience.
For persistent memory, point Settings > MCP at an Azure Data Explorer cluster, or use the default local SQLite backend (zero setup). For semantic recall, add an OpenAI key in Settings > Auth (falls back to keyword matching without one).
For Signal notifications, install signal-cli and link it to your Signal account (signal-cli link -n "Eva"). Enter sender and recipient numbers in Settings > Auth.
Import skills from text, URLs, GitHub repos, or files in Settings. Eva normalizes them into her format and stores them through the active memory backend (canonical SQLite by default, with optional ADX projection). Reviewed active skills may be matched into later context.
Eva Standalone creates a random bridge bearer token for every launch. Electron's
main process injects it only into requests sent from Eva's trusted window to the
exact local /v1/* bridge origin. The token is not exposed to renderer scripts,
preload APIs, model prompts, ACP, MCP children, or process arguments.
Set EVA_EGRESS_MODE before launch:
cloud(default): configured providers, ACP, and approved MCP servers are available.local-network: SQLite plus LM Studio on a validated loopback/private address; public providers, ACP, ADX, web imports, and cloud vision are blocked.offline: SQLite plus loopback LM Studio only; public and LAN network requests are blocked.
Invalid non-empty values fail startup. In restricted modes, select Eva (AIG) or LM Studio; AIG is forced through the configured local model. ACP terminal execution is disabled until it is mediated by the capability broker.
Manual bridge clients must supply EVA_BRIDGE_TOKEN and send it as a bearer
token. EVA_ALLOW_UNAUTHENTICATED_LOOPBACK=1 is a development-only escape hatch
and is refused on non-loopback binds. Never expose an unauthenticated bridge to a
LAN or the internet.
- README-2.md: architecture, MCP, ACP, Standalone deployment, roadmap
- standalone/README.md: AppImage build and runtime
- Website: features, comparison, install guide
