The meta-harness for AI agents β a harness that builds other harnesses.
Like ruflo is the meta-harness for Claude, this is the meta-harness for AI agents themselves: a system whose job is to produce focused, vertical, branded agent harnesses that run on any host. Pick primitives, pick content, supply identity β ship a npm-publishable harness with your own npx <name> CLI, MCP server, memory, learning loop, and witness-signed releases.
Open the Studio β npm β coming soon Tests β 563 passing CI β 16 jobs License MIT
# Browser β zero install. Live now. open https://ruvnet.github.io/agent-harness-generator/ # OR β terminal scaffold npx create-agent-harness my-bot --template vertical:coding --host claude-code cd my-bot && npx . --help
That's it. You now own an npm-publishable AI agent harness with your name on it, your branding, your agents, your MCP server, your memory, and an npx <your-name> command. It runs on Claude Code, Codex, pi.dev, Hermes, OpenClaw, or RVM β pick one or all. Nothing leaves your browser or your machine.
One line: A meta-harness β a marketplace plugin + CLI that scaffolds your own focused, vertical AI agent harnesses with their own
npx <name>command, MCP server, memory, learning loop, and brand β that run unchanged on Claude Code, Codex, pi.dev, Hermes, OpenClaw, and RVM.
What's a meta-harness? A harness is a runtime that orchestrates AI agents (memory + routing + hooks + MCP + claims). A meta-harness is the level above: a harness whose product is OTHER harnesses. agent-harness-generator emits self-contained, npm-publishable harnesses you OWN β same kernel, your branding, your agents, your marketplace presence. The kernel updates flow to your harness via
@ruflo/kernelnpm peer; the content stays yours.
One paragraph: Ruflo bundles primitives (MCP server, hooks, memory bridge, swarm coordinator, intelligence pipeline, claims, routing) WITH opinionated content (60+ agents, 30+ skills, 33 plugins).
agent-harness-generatorfactors those apart. You pick the primitives, pick the content, supply a name + brand, and out comes a brand-new npm-publishable harness with its own CLI, MCP registration, memory namespace, and marketplace identity β running on the host of your choice.
A 100% client-side Studio (in the spirit of ruflo's goal UI) that turns any GitHub repo β or a blank slate β into a governed, branded, multi-host AI agent harness. Recommend agents, skills, commands, MCP tools, and policy; preview the live file tree; download a signed-ready, npm-publishable .zip. Nothing leaves your browser. Desktop- and mobile-friendly, deployable to GitHub Pages.
Open the Studio design ADR-020β024
Embeddings recommend Β· rules generate Β· tests prove parity.
| Tab | What it does |
|---|---|
| Repo β Harness | Paste a GitHub URL β deterministic repo analysis β archetype scoring β an editable harness plan (agents, skills, commands, MCP mode, risk policy, confidence). No repo code is ever executed. Semantic engine: Lexical (default, deterministic) or optional in-browser MiniLM embeddings (Transformers.js, WebGPU/WASM). |
| Create harness | Branded-runtime builder: 16 quick-start verticals, composable agents/skills/commands, kernel options, and the Primitives panel (CLI Β· MCP Β· memory Β· learning Β· witness Β· release gates). Live file tree + <name>.zip, byte-compatible with create-agent-harness. |
| Skill / Agent / Command | Author or pick a single artifact β a Claude-ready SKILL.md folder (YAML frontmatter) you drop straight into Claude desktop or claude.ai. |
| Verify | Drop a generated .zip β unzipped and checked in-browser (structure Β· kernel dep Β· host wiring Β· unresolved vars Β· MCP policy Β· secrets). Nothing uploaded. |
Repo β Harness Author a Claude skill/agent/command In-browser Verify
MCP is included as a first-class adapter surface, not the core identity. It is modular, gated, and default-deny (ADR-022):
- Modes:
offΒ·local(stdio) Β·remote(Streamable HTTP + auth). - Emits
src/mcp/{server,tools,resources,prompts,policy,audit}.ts(+auth.tsremote) and a scannable.harness/mcp-policy.json. - Safe defaults: default-deny, no network/shell/file-write, approve-dangerous, 30 s timeout, 8 calls/turn, audit on.
harness mcp-scan <path>β "npm audit for agent tools": static-only scan (never executes) flagging shell/network grants, missing audit/timeouts, wildcard permissions, unguarded secrets, and unpinned deps. Exit 1 on any HIGH.
CLI Repo β Harness (ADR-026) β the deeper, local counterpart to the Studio's importer:
harness analyze-repo . # local, analysis-only β repo-profile.json + harness-plan.json harness analyze-repo . --embed # opt-in deterministic embeddings via @ruvector/ruvllm (offline; lexical fallback) harness analyze-repo . --scaffold my-harness # materialise the recommended harness
No repository code is executed; inferred build/test commands are emitted as trust: inferred Β· execution: disabled.
cd apps/web-ui npm install npm run dev # local Studio npm test # 48 generator unit tests npm run e2e # Playwright desktop + mobile (zero console errors) npm run bench # generator hot-path micro-bench (sub-100ΞΌs/op)
Source + rationale: apps/web-ui/ Β· ADRs 020 Β· 021 Β· 022 Β· 023 Β· 024 Β· 025.
One canonical catalog (templates/catalog.def.mjs) feeds the CLI templates, the catalog.json the template-catalog Rust crate validates, and the Studio gallery β so UI, CLI, and core never drift.
npx create-agent-harness --list # browse the catalog
npx create-agent-harness my-bot --template vertical:coding| Category | Templates |
|---|---|
| Starter / Operations | minimal, vertical:devops |
| Engineering | vertical:coding, vertical:ai |
| Knowledge | vertical:research, vertical:ruview (ruvector), vertical:education (mastery-based tutoring, iter 80) |
| Finance / Professional | vertical:trading, vertical:legal, vertical:health |
| Customer / Growth | vertical:support, vertical:crm, vertical:marketing, vertical:advertising, vertical:sales (B2B pipeline, iter 87) |
| Business / Frontier | vertical:business, vertical:agentics, vertical:exotic |
Each generated vertical ships bespoke domain agents (with system prompts), skills, commands, and guarded per-host settings. The 11 generated dirs come from the definition; minimal, devops, trading, support, legal, and research are curated by hand and never clobbered by the generator.
Latest vertical β vertical:education (iter 80): a tutoring pod (tutor β explainer β quiz-master β grader) over per-learner mastery memory. Pedagogy invariants are policy: abstain-not-hallucinate floor, no teaching on unmastered prereqs, hidden rubrics. Two commands: teach-next (run a teaching cycle) and mastery-report (summarise the learner's map). MCP namespaces mastery_log + curriculum; everything else default-deny.
# 50ms scaffold β validate β cleanup, no network, exits 0 if healthy node examples/quickstart/quickstart.mjs # Try every supported host (claude-code | codex | pi-dev | hermes | openclaw | rvm) node examples/quickstart/quickstart.mjs --host=codex # 20ms two-instance federation handshake demo node examples/federation/federation.mjs
See examples/ and docs/ARCHITECTURE.md for the layered map.
Production-ready release pipeline. Full CI matrix green: 16 jobs across Rust Γγ°γ€ 3 OS + WASM Γγ°γ€ 3 OS + Node 20+22 Γγ°γ€ 3 OS + Bench + pack+install Γγ°γ€ 3 OS + CI-passed aggregator. The release flow is a single command (node scripts/release.mjs <bump> --push) that bumps 15 sources atomically, runs all gates, and tags. See ADR-019 for the architectural lockdown.
| Layer | Status | Where |
|---|---|---|
| Kernel (Rust + WASM + NAPI-RS) | Shipped | crates/kernel/ β 7 subsystems |
@ruflo/kernel runtime resolver |
Shipped | packages/kernel-js/ |
| 6 host adapters | Shipped | claude-code / codex / pi-dev / hermes / openclaw / rvm |
create-agent-harness CLI |
Shipped | scaffold + 15 harness subcommands (see row below) |
| 6 Codex skills | Shipped | create / publish / validate / secrets / verify-witness / upgrade-harness |
| Claude marketplace plugin | Shipped + schema-validated | .claude-plugin/plugin.json |
| Witness signing (Ed25519) | Shipped + tamper-tested | ADR-011 |
| MCP tool dispatch | Shipped + integration-tested | 11 end-to-end cases |
| Federation transport | Shipped + runnable demo | examples/federation/ |
| Release pipeline (6 primitives + 1 orchestrator) | Shipped | ADR-019 |
| CI matrix (16 jobs across Rust + WASM + Node + Bench + pack+install) | Green | .github/workflows/ci.yml |
| Security (cargo-audit + cargo-deny + npm-audit + CodeQL + audit-deps aggregate) | Green | .github/workflows/security.yml |
| Publish pipeline (GCP WIF + 2 gates + 11 packages + IPFS pin) | Wired + tested | .github/workflows/publish.yml |
| Test suite | 563/563 | 66 test files |
15 harness subcommands |
Shipped | sign Β· verify Β· doctor Β· federate Β· secrets Β· validate Β· mcp Β· publish Β· upgrade Β· completions Β· sbom Β· audit Β· mcp-scan Β· analyze-repo Β· diag (ADR-027) |
| Agent Harness Studio (live Pages) | Shipped | https://ruvnet.github.io/agent-harness-generator/ β 100% client-side |
| Perf-regression gate (host-bench-baseline) | Wired + baselined | packages/bench/host-baseline.json β 50% threshold |
| SBOM (SPDX-2.3) | Wired | scripts/sbom.mjs β CI artifact |
| Day-to-day | Wall time | Command |
|---|---|---|
| Did I break anything? | <1s | node scripts/healthcheck.mjs |
| Is the deployed Studio alive? | ~1s | node scripts/healthcheck.mjs --probe-pages |
| Is THIS local kernel compatible with this harness? | <100ms | harness diag <path> |
| Same, for a CI script | <100ms | harness diag <path> --json |
| File a support ticket β bundle everything the maintainer needs | <100ms | harness diag <path> --bundle > bundle.json |
| Is this scaffolded harness release-ready? | <1s | harness validate <path> |
| Is this branch release-ready? | ~30s | node scripts/preflight.mjs |
| Preview the v0.1.0 GH release body | ~1s | node scripts/release-notes.mjs --version=0.1.0 |
| Same, tweet-length summary | ~1s | node scripts/release-notes.mjs --version=0.1.0 --summary |
| Cut a release | ~60s | node scripts/release.mjs patch --push |
You <- harness AUTHOR (uses the meta-harness)
|
v
agent-harness-generator <- THE META-HARNESS
(this repo: scaffolds, signs, publishes harnesses)
|
v
Your harness (npm package) <- THE HARNESS YOU SHIP
|
v
Your users
|
v
npx <your-name> <- Identity (rename + brand)
|
v
<your-harness> <- Content (your agents/skills/plugins/prompts)
|
v
@ruflo/kernel <- Kernel (shared primitives, Rust + WASM + NAPI-RS)
|
v
Host adapter <- Per-host abstraction
(Claude Code / Codex / pi.dev / Hermes / OpenClaw / RVM)
|
v
LLM providers
Read top-down: you (the harness author) operate the meta-harness. The meta-harness produces your harness. Your harness is what users install. They never see the meta-harness layer β only the brand and CLI you ship.
The kernel is Rust source code compiled to two targets: WebAssembly (primary, cross-platform) and per-platform native binaries via NAPI-RS (escape hatch for hot Node paths). At load time, @ruflo/kernel prefers the native package for the current platform and falls back to wasm.
Working precedent: @ruvector/emergent-time@0.1.0 β 55 KB wasm-opt'd module shipping today through exactly this Rust β wasm-pack β npm pipeline.
| Host | Integration shape | Notes |
|---|---|---|
| Claude Code | MCP server + 5-handler-type hooks + 3-scope settings | Ruflo-native target; richest hook surface |
| OpenAI Codex | MCP via ~/.codex/config.toml [mcp_servers.*] tables |
TOML not JSON; no first-class hooks |
| pi.dev | Pi extension (TypeScript via pi install npm:...) |
No MCP by design β adapter uses pi.registerTool() |
| Hermes Agent | MCP-supported runtime (optional-mcps/) |
Adapter scrubs <think> + stray <tool_call> per issue #741 |
| OpenClaw | MCP via ~/.openclaw/openclaw.json + workspace skills |
Personal AI assistant gateway with built-in multi-platform messaging (WhatsApp/Telegram/Slack/Discord) |
| RVM | Bare-metal microhypervisor (AArch64) with capability tokens + hash-chained witness | Hardware-isolated deployment for federated / multi-tenant / untrusted-peer scenarios (ADR-018) |
See ADR-004 β Host integration model.
| Concern | Where | What it does |
|---|---|---|
| CI | ci.yml |
Rust 3-platform matrix (fmt + clippy -D warnings + test + doc), wasm build + wasm-tools validate + 500 KB size budget, Node 20/22 Γγ°γ€ 3-platform tests |
| Publish gate | publish.yml |
GCP Workload Identity Federation auth β Secret Manager fetches NPM_TOKEN β smoke test β npm publish --provenance (SLSA L2) |
| Security | security.yml |
cargo-audit, cargo-deny, npm-audit, CodeQL, weekly cron |
| Smoke | smoke.mjs |
Kernel loads, kernelInfo().version matches package.json, mcpValidate accepts/rejects correctly |
| Provenance | ADR-011 | Ed25519-signed witness manifest, byte-deterministic across CI runners (wasm enables this) |
git clone https://github.com/ruvnet/agent-harness-generator cd agent-harness-generator # Rust workspace cargo test --workspace cargo clippy --workspace --all-targets -- -D warnings # WASM build npm run build:wasm # TypeScript + smoke npm install npm run build npm run smoke
See CONTRIBUTING.md for the full developer workflow.
Start here: docs/adrs/INDEX.md
Highlights:
- ADR-001 Goals & non-goals β what this is and isn't
- ADR-002 Kernel boundary β Rust + WASM + NAPI-RS
- ADR-002a Publishing pipeline β Cargo workspace + wasm-pack + napi build
- ADR-003 Generator architecture β
create-vite-style templates + AST-aware rename - ADR-004 Host integration β adapter contract per host
- ADR-006 Memory + learning β
@ruvector/emergent-time@0.1.0integration - ADR-009 Anti-slop β derived trust tiers
- ADR-011 Witness + provenance β signed manifests
- ruflo β the meta-harness this generator factors apart
- ruvector β vector + agentic database (memory backend)
- @ruvector/emergent-time β memory-decay clock the kernel uses
- NAPI-RS β Rust β Node bindings used for the native target
MIT β see LICENSE.
Keywords: agent harness, agent harness generator, AI agent scaffolding, MCP server, Claude Code plugin, Codex plugin, pi.dev extension, hermes agent, multi-agent framework, agentic AI, agentic workflow, autonomous agents, agent orchestration, vertical AI harness, agent CLI generator, npm create agent, npx scaffold, Rust WASM kernel, NAPI-RS, wasm-bindgen, wasm-pack, agent memory, ReasoningBank, HNSW, emergent time, agent provenance, witness manifest, plugin marketplace, IPFS registry, drift detection, anti-slop, TDD, self-evolving agent, federated agents, swarm intelligence, GCP Workload Identity Federation, Secret Manager, SLSA provenance, npm provenance