Skip to content

appatalks/eva-agent

Repository files navigation

Eva AI Assistant

screenshot

Website | Documentation | Issues | License: MIT

A voice-first AI assistant with authorized camera vision, bounded browser actions, launch-only desktop integration, persistent memory, governed learning experiments, and scheduled tasks. No framework. Open source.

Quick install

curl -fsSL https://appatalks.github.io/eva-agent/get-eva.sh | bash

Then launch:

eva

Eva is also added to your system application menu (GNOME, KDE, etc.), so you can search for "Eva" in your app launcher.

Or clone and run manually:

git clone https://github.com/appatalks/eva-agent.git
cd eva-agent
./install.sh            # install dependencies
cd standalone && npm install && npm run dist
./dist/'Eva Standalone-5.4.0.AppImage'

Prereqs: Node.js 24+ and Python 3.12+. GitHub Copilot CLI plus copilot auth login is required only for cloud egress mode; LM Studio local operation does not require Copilot CLI.

Features

Camera vision Webcam presence sensing, face-detection auto-wake, and on-demand one-frame vision with an Electron-native one-use authorization and fresh-frame receipt
Browser agent Isolated Playwright DOM/vision loop with DNS-pinned public egress, native launch authorization, per-action approval, and verified outcomes
Desktop agent Launch-only containment for curated root-owned GUI binaries; pointer, keyboard, shell, arguments, and window helpers remain broker-disabled
Voice interface Full-screen voice orb, wake/barge-in, TTS (OpenAI, Polly, Bark, browser)
Signal messaging Send-only delivery for configured trusted alerts via signal-cli; model text cannot dispatch messages
Persistent memory Canonical local SQLite with optional consent-aware Kusto/ADX projection, default-off shadow/hybrid claim recall, and human-approved evidence-linked consolidation proposals
Verified artifacts Session-scoped immutable identities, SHA-256-verified downloads, and no server-side file opening
Safe skill learning Default-off local shadow pipeline records verified outcomes, proposes restricted immutable candidates, and evaluates them deterministically without activation
Legacy skill drafts Existing provider-backed draft suggestion is separately gated by strict default-off EVA_LEGACY_SKILL_AUTO_LEARN; it grants no activation authority
Cron scheduler Standard cron expressions, recurring prompts, morning briefings, alerts
Subagent parallelism Spawn up to 4 concurrent ACP tasks, results via notifications
Multi-provider OpenAI, Google Gemini, GitHub Copilot, lm-studio (local)
Doctor diagnostics Structured readiness probe for every subsystem with actionable fixes
MCP ecosystem Azure, GitHub, and Kusto integrations; desktop-control MCP servers are release-disabled
Cognitive layer Eva + Reviewer dual-agent pipeline with configurable models
Explicit egress policy Cloud, local-network, or air-gapped offline operation with fail-closed routing

Get started

Select Eva (AIG) in the model dropdown for the full experience.

For persistent memory, point Settings > MCP at an Azure Data Explorer cluster, or use the default local SQLite backend (zero setup). For semantic recall, add an OpenAI key in Settings > Auth (falls back to keyword matching without one).

For Signal notifications, install signal-cli and link it to your Signal account (signal-cli link -n "Eva"). Enter sender and recipient numbers in Settings > Auth.

Import skills from text, URLs, GitHub repos, or files in Settings. Eva normalizes them into her format and stores them through the active memory backend (canonical SQLite by default, with optional ADX projection). Reviewed active skills may be matched into later context.

Security and egress modes

Eva Standalone creates a random bridge bearer token for every launch. Electron's main process injects it only into requests sent from Eva's trusted window to the exact local /v1/* bridge origin. The token is not exposed to renderer scripts, preload APIs, model prompts, ACP, MCP children, or process arguments.

Set EVA_EGRESS_MODE before launch:

  • cloud (default): configured providers, ACP, and approved MCP servers are available.
  • local-network: SQLite plus LM Studio on a validated loopback/private address; public providers, ACP, ADX, web imports, and cloud vision are blocked.
  • offline: SQLite plus loopback LM Studio only; public and LAN network requests are blocked.

Invalid non-empty values fail startup. In restricted modes, select Eva (AIG) or LM Studio; AIG is forced through the configured local model. ACP terminal execution is disabled until it is mediated by the capability broker.

Manual bridge clients must supply EVA_BRIDGE_TOKEN and send it as a bearer token. EVA_ALLOW_UNAUTHENTICATED_LOOPBACK=1 is a development-only escape hatch and is refused on non-loopback binds. Never expose an unauthenticated bridge to a LAN or the internet.

Documentation

About

Eva - Is your AI. The future is now.

Topics

Resources

License

Stars

27 stars

Watchers

1 watching

Forks

Contributors