Agentic orchestrator for parallel coding agents — plans tasks, spawns agents, and autonomously handles CI fixes, merge conflicts, and code reviews.
Go to file
prateek 66005c05c5
feat: implement comprehensive security audit and secret leak prevention (#67)
* feat: implement comprehensive security audit and secret leak prevention

## Changes

### Security Infrastructure
- Add Gitleaks configuration (.gitleaks.toml) for secret scanning
- Add pre-commit hook via Husky to block secret commits
- Add GitHub Actions security workflow (gitleaks, dependency review, npm audit)
- Update .gitignore to exclude secret files and credentials

### Documentation
- Create SECURITY.md with security policy and best practices
- Create README.md with project overview and security section
- Create docs/DEVELOPMENT.md with developer guide
- Create docs/SECURITY-AUDIT-SUMMARY.md with full audit report

### Dependencies
- Add husky@^9.1.7 for git hooks

## Audit Results

-  Current codebase: 0 secrets found (1.47 MB scanned)
- ⚠️ Git history: 1 historical secret (OpenClaw token, documented in SECURITY.md)
-  All test files use dummy values
-  All example configs use environment variables

## Security Features

1. **Pre-commit Hook**: Scans staged files, blocks secrets before commit
2. **CI/CD Pipeline**: Scans full git history on every push/PR
3. **Automated Scanning**: Weekly scheduled scans for new vulnerabilities
4. **Comprehensive Docs**: Security policy, best practices, developer guide

## Testing

```bash
# Scan current files
gitleaks detect --no-git

# Test pre-commit hook
echo "token=ghp_fake" > test.txt
git add test.txt
git commit -m "test"  # Should be blocked
```

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* fix: make dependency-review job non-blocking

The dependency-review action requires GitHub Advanced Security which may
not be available on all repositories. Adding continue-on-error to prevent
workflow failure when this feature is unavailable.

The check will still run and provide useful information when available,
but won't block the PR if the repository doesn't have Advanced Security.

* feat: add workflow_dispatch trigger to security workflow

Allows manual triggering of security scans for testing and re-running.

* fix: address Cursor Bugbot security review comments

Fixes all high, medium, and low severity issues identified by Cursor Bugbot:

**High Severity:**
- Redact OpenClaw token from documentation (replace with 1af5c4f...872)
- Fix pre-commit hook to FAIL (exit 1) when gitleaks is not installed
  - Previously silently skipped scanning (exit 0) providing false sense of security
- Fix bashism in pre-commit hook: replace &> with > /dev/null 2>&1 (POSIX compliant)

**Medium Severity:**
- Remove overly broad gitignore patterns (*.sql, *.db, *.sqlite)
  - These would block legitimate SQL migration files and database schemas
  - Keep focus on actual credential files only

**Low Severity:**
- Remove author email (samvit@hotmail.com) from audit documentation

All issues now resolved. Pre-commit hook will properly block commits when
gitleaks is missing, ensuring consistent secret scanning enforcement.

* fix: comment out dependency-review job requiring Dependency graph

The dependency-review GitHub Action requires 'Dependency graph' to be
enabled in repository settings. Since this feature may not be available
or configured on all repositories, commenting out this job to prevent
workflow failures.

To re-enable:
1. Go to Settings > Code security and analysis
2. Enable 'Dependency graph'
3. Uncomment the dependency-review job in this workflow

The npm-audit job provides similar dependency vulnerability scanning
and doesn't require special GitHub features.

* feat: re-enable dependency-review job after Dependency graph enabled

Now that Dependency graph is enabled in repo settings, uncomment the
dependency-review job to scan PRs for vulnerable dependencies.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

---------

Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-16 10:33:50 +05:30
.changeset feat: publish to npm under @composio scope (#32) 2026-02-15 04:28:57 +05:30
.cursor feat: publish to npm under @composio scope (#32) 2026-02-15 04:28:57 +05:30
.github/workflows feat: implement comprehensive security audit and secret leak prevention (#67) 2026-02-16 10:33:50 +05:30
.husky feat: implement comprehensive security audit and secret leak prevention (#67) 2026-02-16 10:33:50 +05:30
artifacts feat: publish to npm under @composio scope (#32) 2026-02-15 04:28:57 +05:30
docs feat: implement comprehensive security audit and secret leak prevention (#67) 2026-02-16 10:33:50 +05:30
packages refactor: replace magic strings with constants for status enums (#64) 2026-02-16 08:53:17 +05:30
scripts feat: add agent-orchestrator (ao) as a self-hosting project 2026-02-13 15:44:17 +05:30
.gitignore feat: implement comprehensive security audit and secret leak prevention (#67) 2026-02-16 10:33:50 +05:30
.gitleaks.toml feat: implement comprehensive security audit and secret leak prevention (#67) 2026-02-16 10:33:50 +05:30
.npmrc feat: publish to npm under @composio scope (#32) 2026-02-15 04:28:57 +05:30
.prettierignore chore: add ESLint, Prettier, CI workflow, and comprehensive CLAUDE.md conventions 2026-02-13 18:01:52 +05:30
.prettierrc chore: add ESLint, Prettier, CI workflow, and comprehensive CLAUDE.md conventions 2026-02-13 18:01:52 +05:30
CLAUDE.md fix: prevent "Leave Site?" dialog on session pages (#47) 2026-02-15 19:39:53 +05:30
CLAUDE.orchestrator.md fix: address all review comments, lint/format, bugbot issues 2026-02-13 18:42:45 +05:30
DASHBOARD_FIXES_SUMMARY.md fix: resolve dashboard GitHub API rate limiting and PR enrichment (#37) 2026-02-15 04:14:54 +05:30
LICENSE feat: publish to npm under @composio scope (#32) 2026-02-15 04:28:57 +05:30
README.md feat: implement comprehensive security audit and secret leak prevention (#67) 2026-02-16 10:33:50 +05:30
SECURITY.md feat: implement comprehensive security audit and secret leak prevention (#67) 2026-02-16 10:33:50 +05:30
agent-orchestrator.yaml Wire xterm.js terminal embed into web dashboard (#29) 2026-02-15 01:37:07 +05:30
agent-orchestrator.yaml.example feat: layered prompt system for agent sessions (#27) 2026-02-14 20:07:13 +05:30
eslint.config.js feat: implement DirectTerminal with XDA clipboard support (#55) 2026-02-16 04:34:15 +05:30
package.json feat: implement comprehensive security audit and secret leak prevention (#67) 2026-02-16 10:33:50 +05:30
pnpm-lock.yaml feat: implement comprehensive security audit and secret leak prevention (#67) 2026-02-16 10:33:50 +05:30
pnpm-workspace.yaml feat: scaffold TypeScript monorepo with all plugin interfaces 2026-02-13 17:02:42 +05:30
tsconfig.base.json feat: scaffold TypeScript monorepo with all plugin interfaces 2026-02-13 17:02:42 +05:30

README.md

Agent Orchestrator

Open-source system for orchestrating parallel AI coding agents. Agent-agnostic, runtime-agnostic, tracker-agnostic.

Core principle: Push, not pull. Spawn agents, walk away, get notified when your judgment is needed.

Features

  • 8 plugin slots — Runtime (tmux, docker, k8s), Agent (Claude Code, Codex, Aider), Workspace (worktree, clone), Tracker (GitHub, Linear), SCM (GitHub), Notifier (desktop, Slack), Terminal (iTerm2, web), Lifecycle (core)
  • Agent-agnostic — Works with Claude Code, Codex, Aider, Goose, or custom agents
  • Runtime-agnostic — Run in tmux (local), Docker, Kubernetes, SSH, or E2B
  • Tracker-agnostic — GitHub Issues, Linear, Jira (extensible)
  • Auto-reactions — CI failures, review comments, merge conflicts → auto-handled
  • Push notifications — Desktop, Slack, Discord, Webhook, Email
  • Web dashboard — Real-time session monitoring with SSE
  • TypeScript — Strict types, ESM modules, Zod validation

Quick Start

# Install dependencies
pnpm install

# Build all packages
pnpm build

# Copy and configure
cp agent-orchestrator.yaml.example agent-orchestrator.yaml
# Edit agent-orchestrator.yaml with your settings (see Configuration section)

# Start the web dashboard
cd packages/web
pnpm dev

# Or use the CLI
pnpm --filter @composio/ao-cli build
./packages/cli/bin/ao.js start

Configuration

Agent Orchestrator reads agent-orchestrator.yaml from your working directory.

Minimal Example

# Paths
dataDir: ~/.agent-orchestrator
worktreeDir: ~/.worktrees
port: 3000

# Projects
projects:
  my-app:
    repo: org/my-app
    path: ~/my-app
    defaultBranch: main

Using Secrets Securely

⚠️ NEVER commit real secrets to git!

Use environment variables for all tokens and API keys:

notifiers:
  slack:
    plugin: slack
    webhookUrl: ${SLACK_WEBHOOK_URL}  # Reference env var

projects:
  my-app:
    tracker:
      plugin: linear
      apiKey: ${LINEAR_API_KEY}  # Reference env var

Then set in your shell:

export SLACK_WEBHOOK_URL="https://hooks.slack.com/services/..."
export LINEAR_API_KEY="lin_api_..."
export GITHUB_TOKEN="ghp_..."

See SECURITY.md for best practices.

Full Example

See agent-orchestrator.yaml.example for all options.

Commands

# Development
pnpm install          # Install dependencies
pnpm build            # Build all packages
pnpm dev              # Start web dashboard (dev mode)
pnpm test             # Run tests

# Code quality
pnpm lint             # Check linting
pnpm lint:fix         # Auto-fix linting
pnpm format           # Format with Prettier
pnpm typecheck        # TypeScript type checking

# Package management
pnpm clean            # Clean build artifacts

Architecture

Plugin Slots

Every abstraction is swappable:

Slot Interface Default Plugins
Runtime Runtime tmux, process, docker, kubernetes, ssh, e2b
Agent Agent claude-code, codex, aider, goose, opencode
Workspace Workspace worktree, clone
Tracker Tracker github, linear
SCM SCM github
Notifier Notifier desktop, slack, composio, webhook
Terminal Terminal iterm2, web
Lifecycle (core)

All interfaces defined in packages/core/src/types.ts.

Directory Structure

packages/
  core/          — @composio/ao-core (types, config, services)
  cli/           — @composio/ao-cli (the `ao` command)
  web/           — @composio/ao-web (Next.js dashboard)
  plugins/
    runtime-{tmux,process,docker,kubernetes,ssh,e2b}/
    agent-{claude-code,codex,aider,goose,opencode}/
    workspace-{worktree,clone}/
    tracker-{github,linear}/
    scm-github/
    notifier-{desktop,slack,composio,webhook}/
    terminal-{iterm2,web}/
  integration-tests/

Security

🔒 This repository uses automated secret scanning to prevent accidental commits of API keys, tokens, and other secrets.

For Developers

  • Pre-commit hook — Scans staged files before every commit
  • CI pipeline — Scans full git history on every push/PR
  • Gitleaks — Industry-standard secret detection

Before committing:

# Scan current files
gitleaks detect --no-git

# Scan staged files (automatic in pre-commit hook)
gitleaks protect --staged

For Users

  • Use environment variables for all secrets
  • Never hardcode tokens in config files
  • Store agent-orchestrator.yaml securely (it's in .gitignore)
  • Rotate tokens regularly

See SECURITY.md for detailed security practices and how to report vulnerabilities.

Required Secrets

Depending on which features you use, you may need:

Service Environment Variable Where to Get
GitHub GITHUB_TOKEN https://github.com/settings/tokens
Linear LINEAR_API_KEY https://linear.app/settings/api
Slack SLACK_WEBHOOK_URL https://api.slack.com/messaging/webhooks
Anthropic ANTHROPIC_API_KEY https://console.anthropic.com/

Contributing

  1. Fork the repository
  2. Create a feature branch
  3. Make your changes
  4. Run tests: pnpm test
  5. Run linting: pnpm lint && pnpm typecheck
  6. Commit (pre-commit hook will scan for secrets)
  7. Open a pull request

See CLAUDE.md for code conventions and architecture details.

License

MIT — see LICENSE file.

Responsible Disclosure

If you discover a security vulnerability, please report it to security@composio.dev. See SECURITY.md for details.

Tech Stack

  • TypeScript (ESM modules, strict mode)
  • Node 20+
  • pnpm workspaces
  • Next.js 15 (App Router) + Tailwind
  • Commander.js CLI
  • YAML + Zod config
  • Server-Sent Events for real-time
  • ESLint + Prettier
  • vitest for testing

Resources