FlowOS
Autonomous research in the browser β Jarvis, sandboxed execution, real web data.
FlowOS is an open-source AI workspace where Jarvis chats with you, decides when to run deep web research, and executes a sandboxed research agent inside E2B. Results land in the chat as structured reports β with optional live desktop streaming when you use the desktop template.
If you want a Manus-class loop (search β open results β read pages β synthesize), the agent uses Python + BeautifulSoup over HTTP inside the sandbox β fast boots, no browser gymnastics for the default terminal path.
| Capability | Detail |
|---|---|
| Jarvis | Gemini-powered intent: chit-chat vs. kick off a research run |
| Research agent | Plan β wide parallel search β fetch or Playwright Chromium (JS sites, session profile, screenshot + Gemini vision) β Python in sandbox β synthesis |
| Sandboxes | E2B terminal (default) or custom desktop template + stream |
| Persistence | Supabase for runs, Jarvis messages, vault hooks |
| Projects | Saved instructions + reference context, injected into Jarvis and each research run (Manus-style workspace) |
| UI | Dashboard chat, runs history, HTML export for reports |
Gemini usage: Jarvis uses one gemini-2.0-flash call per chat turn (not tied to app credits). A research run charges one credit only after the run row is stored; it then uses Gemini for an upfront plan, about one decision call per agent step (with limited retries if JSON parsing fails), optional think / vision (screenshot + analyze), and sometimes a final report pass. Research POST returns 503 if GEMINI_API_KEY is missing so credits are not spent on a doomed run.
Web search: Each search / wide_search step calls hosted SERP APIs first when SERPAPI_API_KEY, BRAVE_SEARCH_API_KEY, or GOOGLE_CSE_* is set (keys never enter E2B), then HTML scraping (Google β Bing β DuckDuckGo) inside the sandbox if results are thin, then fetches up to two result pages for text. For production reliability on Vercel, configure at least one SERP provider.
flowchart LR
subgraph client [Browser]
Chat[Chat UI]
Runs[Runs / Results]
end
subgraph next [Next.js]
API_Jarvis["/api/jarvis"]
API_Sandbox["/api/sandbox"]
end
subgraph cloud [External]
Gemini[Google Gemini]
E2B[E2B Sandboxes]
SB[(Supabase)]
end
Chat --> API_Jarvis
Chat --> API_Sandbox
API_Jarvis --> Gemini
API_Jarvis --> SB
API_Sandbox --> E2B
API_Sandbox --> SB
E2B --> Gemini
Requirements: Node 20+, npm, accounts for Supabase, Google AI Studio (Gemini), E2B.
git clone https://github.com/alexbieber/Flow-OS.git
cd Flow-OS
npm install
# macOS/Linux:
cp .env.example .env.local
# Windows PowerShell:
Copy-Item .env.example .env.local
npm run devOpen http://localhost:3000.
Create .env.local (never commit secrets):
| Variable | Purpose |
|---|---|
GEMINI_API_KEY |
Google Generative AI (Jarvis + agent) |
SERPAPI_API_KEY |
(Optional) SerpAPI for reliable web search from the server |
BRAVE_SEARCH_API_KEY |
(Optional) Brave Search API |
GOOGLE_CSE_API_KEY + GOOGLE_CSE_CX |
(Optional) Google Programmable Search (JSON API) |
E2B_API_KEY |
E2B sandbox create / commands |
NEXT_PUBLIC_SUPABASE_URL |
Supabase project URL |
NEXT_PUBLIC_SUPABASE_ANON_KEY |
Supabase anon key |
SUPABASE_SERVICE_ROLE_KEY |
Server-side Supabase (API routes) |
Run these files in the Supabase SQL editor, in order:
supabase/schema.sqlsupabase/sql/jarvis_messages_session_id.sqlsupabase/sql/user_credits.sqlsupabase/sql/flowos_projects.sqlsupabase/sql/manus_parity_foundation.sql
Feature dependencies:
Projectsrequiresflowos_projects.Credits(/api/credits, research spending) requiresuser_credits.Session chat(/api/jarvis,/api/sessions) requiresjarvis_messages.session_id.Runs / Vault / base messagescome fromschema.sql.Connectors/Schedules/Trust/Skills/CollabAPIs requiremanus_parity_foundation.sql.
| Surface | Route | Notes |
|---|---|---|
| Connectors | /connectors |
Connect Google Drive, Gmail, Slack, Notion, MCP stubs |
| Skills | /skills |
Reusable prompt packs β open in chat |
| Schedules | /schedules |
Create recurring tasks, Run now triggers research |
| Trust | /trust |
Policy + audit event log |
| Benchmarks | /benchmarks |
Quality gates on your completed runs |
| Artifacts | POST /api/artifacts |
Slides, data-viz brief, email draft from a report |
- Create OAuth credentials in Google Cloud Console (Web application).
- Add redirect URI:
https://<your-domain>/api/connectors/oauth/callback(andhttp://localhost:3000/...for local dev). - Set
GOOGLE_OAUTH_CLIENT_ID,GOOGLE_OAUTH_CLIENT_SECRET, andNEXT_PUBLIC_APP_URLin.env.local. - Connect at
/connectorsβ live file/subject snippets are injected into research runs.
- Vercel Cron calls
GET /api/cron/scheduleshourly (vercel.json). - Set
CRON_SECRETin Vercel env; the route requiresAuthorization: Bearer <CRON_SECRET>. - Due tasks (
enabled+next_run_at <= now) enqueue research runs automatically. - Local test:
curl -H "Authorization: Bearer $CRON_SECRET" http://localhost:3000/api/cron/schedules
- On Projects, expand Share & collaborate to invite by email (existing FlowOS account) or user UUID.
- Collaborators see shared projects in the list and can Open in chat with full project context injected into runs.
- Create a Slack app with OAuth redirect:
/api/connectors/oauth/callback. - Bot scopes:
channels:read,channels:history,groups:read. - Set
SLACK_CLIENT_IDandSLACK_CLIENT_SECRETin.env.local.
When a scheduled research run finishes, FlowOS emails the account owner (if RESEND_API_KEY and their Supabase auth email are set). Configure NOTIFY_FROM_EMAIL for your sending domain.
For noVNC / Chrome workflows, build the template from the repo root:
- Workflow:
.github/workflows/build-template.yml(manual dispatch) - Dockerfile:
e2b.Dockerfile - Set
E2B_ACCESS_TOKEN(orE2B_API_KEY, depending on CLI version) in GitHub Actions secrets
Wire the built template ID in sandbox code when using the desktop SDK path.
| Command | Description |
|---|---|
npm run dev |
Next.js dev (Turbopack) |
npm run build |
Production build |
npm run start |
Start production server |
npm run lint |
ESLint |
npm run typecheck |
TypeScript check (tsc --noEmit) |
Before opening a PR, run:
npm run lint
npm run typecheck
npm run buildManual happy-path verification:
- Sign in from
/login(Google or email link) and confirm redirect back to the intended route. - Create a project in
/projects, then edit and delete it. - Click Open in chat from a project and confirm chat URL includes
?project=.... - Refresh and confirm project list + sessions load without 401 loops.
- Run one research task from chat and verify credits/session endpoints remain healthy.
src/app/ # App Router β dashboard, chat, API routes
lib/research/ # Research agent loop + prompts
lib/sandbox/ # E2B terminal (and related helpers)
lib/ai/ # Gemini helpers
supabase/ # SQL schema & migrations
Issues and PRs are welcome. See CONTRIBUTING.md for guidelines.
MIT β see LICENSE. Free for commercial and personal use; attribution appreciated.
Built with Next.js, React, Supabase, Gemini, and E2B.