Skip to content

josephfung/curia

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3,762 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Curia

An open-source Digital Office of the CEO — communications, scheduling, research, and knowledge work with governance-first architecture.

Version: 0.40.1 License: MIT Node >= 24 TypeScript ESM OpenSSF Scorecard OpenSSF Best Practices

Website · Documentation · Contributing · Security


What Is Curia?

CEOs of knowledge-work companies are buried in digital operations — email, scheduling, research, information processing. The traditional answer is an executive assistant, but the cycle is brutal: hire, invest six months training, watch the institutional knowledge walk out the door when they leave.

Curia is a coordinator and team of specialist agents that handle your communications, scheduling, research, and knowledge work — running continuously on your own server, with institutional memory that compounds over time and never walks out the door. Define agents in YAML, extend with custom skills, connect any channel.

Every action is logged. Every decision is traceable. Every agent stays in its lane.

Typical Agent Framework Curia
Security model "Trust the agent" Hard-enforced layer separation — channel adapters physically cannot invoke tools
Self-modification Agents can edit their own prompts, tools, and code at runtime Agents cannot modify themselves — new skills, agents, and prompts always require human approval
Audit trail Console.log Append-only Postgres with causal tracing across every event
Institutional memory Conversation history + flat files (lost or stale across restarts) Knowledge graph + entity memory + temporal decay (survives restarts, ages gracefully)
Error handling Retry and hope Error budgets, state continuity, pattern detection — agents resume, not restart
Agent coordination Agents work in isolation The Bullpen — structured, auditable, threaded inter-agent discussions
Multi-channel Many channels, often without consistent security boundaries Email, Signal, CLI, HTTP API — every channel shares the same security model and audit trail
Autonomy All or nothing Five configurable bands — from advisory-only to fully independent, with intent drift detection

Architecture

Five layers connected by a message bus — four domain layers with hard security boundaries, plus a System layer for trusted cross-cutting infrastructure. No layer can call another directly. Every event is audited.

Curia Architecture — 5 layers connected by message bus

Full architecture guide →


What It Looks Like

Agents are defined in YAML. No code required for simple agents:

name: expense-tracker
description: Tracks and categorizes expenses from receipts and emails

system_prompt: |
  You are an expense tracking assistant for a CEO.
  Extract amounts, vendors, categories, and dates from receipts.

pinned_skills:
  - email-parser
  - spreadsheet-writer

memory:
  scopes: [expenses, vendors, budgets]

schedule:
  - cron: "0 9 * * 1"
    task: "Generate weekly expense summary"

error_budget:
  max_turns: 20
  max_cost_usd: 1.00

Need custom logic? Add a TypeScript handler — same config, plus hooks for onTask, onSkillResult, and beforeRespond.

Skills come in two flavours (local handlers and MCP servers) behind a single interface. Agents discover new skills automatically; sensitive skills require your approval on first use.

Agents → · Skills → · Channels → · Security →


Quickstart

Operator install (image)

Prerequisites: Docker (with the Compose plugin), curl, and an Anthropic API key. No Node or pnpm required.

mkdir curia && cd curia
curl -fsSL https://github.com/josephfung/curia/releases/latest/download/install.sh -o install.sh
# Review the script, then:
bash install.sh

The installer pulls the published image, generates secrets, runs migrations inside the container, and prints your bootstrap secret. Curia will be running at http://localhost:3000.

By default it installs the latest release — both the config files and the image come from it. To pin a specific version, prefix the run with CURIA_VERSION (this pins the config and the image together):

CURIA_VERSION=v0.40.1 bash install.sh

Save the bootstrap secret to a password manager and use it on the login page to create your account.

To update: Back up your database first, then pull and restart. Migrations apply automatically on boot; re-running when already up to date is a safe no-op.

# 1. Back up the database (custom-format dump, restorable with pg_restore)
docker compose exec -T postgres pg_dump -U curia -Fc curia > curia-backup-$(date +%Y%m%d).dump

# 2. Pull new images and restart — the app migrates the schema on startup
docker compose pull && docker compose up -d

If an update misbehaves, restore the backup: stop the app, restore in place (--clean --if-exists drops and recreates objects), then bring the stack back up.

docker compose stop curia
docker compose exec -T postgres pg_restore -U curia -d curia --clean --if-exists < curia-backup-YYYYMMDD.dump
docker compose up -d

Developer install (source)

For contributing or hacking on the code. Requires Node >= 24, pnpm, and Docker (with the Compose plugin) for the Postgres container.

git clone https://github.com/josephfung/curia.git
cd curia
pnpm run setup

→ Full installation guide
(channels, production deploy, configuration reference)

Verifying release artifacts

Every published release is signed with cosign (keyless, via GitHub OIDC — no long-lived signing key). The SBOM, source tarball, and the install bundle's SHA256SUMS manifest each ship with a .sigstore bundle, verifiable against GitHub's OIDC issuer:

gh release download vX.Y.Z --dir verify && cd verify

cosign verify-blob --bundle sbom.spdx.json.sigstore \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  --certificate-identity-regexp '^https://github.com/josephfung/curia/.github/workflows/release.yml@' \
  sbom.spdx.json

The install bundle (install.sh, docker-compose*.yml, env.example, Caddyfile, setup-common.sh) is covered by one signed manifest — verify it, then check the files against it:

cosign verify-blob --bundle SHA256SUMS.sigstore \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  --certificate-identity-regexp '^https://github.com/josephfung/curia/.github/workflows/release.yml@' \
  SHA256SUMS && sha256sum -c SHA256SUMS

cosign verify-blob prints Verified OK on success and exits non-zero on failure — the && above ensures a failed signature check stops before sha256sum -c (which only checks hashes, not authenticity) can print a misleading pass. If either command fails, do not trust the downloaded assets.


Contributing

Curia is in early development and welcomes contributions — including AI-assisted ones.

  • Read the Contributing Guide for dev setup, code standards, and how to add channels, skills, and agents
  • Read CLAUDE.md for repo-level conventions (if you're using Claude Code, these load automatically)
  • See GOVERNANCE.md for project roles, maintainers, and how decisions are made
  • Check open issues — look for good first issue labels
  • Report security vulnerabilities via SECURITY.md — not public issues

We evaluate code quality, not authorship. AI-generated contributions are held to the same review standards as human-written code. See the AI contributions policy for details.


License

MIT

About

An open-source Digital Office of the CEO. Communications, scheduling, research, and knowledge work with governance-first architecture.

Topics

Resources

License

Code of conduct

Contributing

Security policy

Stars

7 stars

Watchers

1 watching

Forks

Packages

 
 
 

Contributors