Armorer
Enrichment pendingLocal control plane for running AI agents with sandboxes, approvals, guardrails, credentials, and runtime health.
GraphCanon updated today · GitHub synced today
Verify the decision
Maintenance and security
Full trust report- Maintenance
- Very active (0d since push)
- As of today
- Provenance
- Not a fork · Organization account
- As of today
- Security (OSV)
- No lockfile
- As of today
Public GitHub metadata and optional OSV scans. Signals, not a guarantee. Trust methodology.
Install
npm install Armorer npmSimilar tools
Same-category neighbours. No typed graph edges are catalogued for this tool yet.
Evidence and technical details
Sourced facts, taxonomy, compatibility claims, README excerpt, and machine-readable endpoints.
Overview
Local control plane for running AI agents with sandboxes, approvals, guardrails, credentials, and runtime health.
Capability facts
- Deploy
- Self-host
Source: dockerfile:Dockerfile · Jul 15, 2026
- Docker
- Dockerfile present
Source: dockerfile:Dockerfile · Jul 15, 2026
- CLI
- CLI entrypoint
Source: package.json:bin|scripts · Jul 15, 2026
- MCP server
- No MCP server detected
Source: repo_scan · Jul 15, 2026
- Languages
- typescript, javascript
Source: github.language+package.json · Jul 15, 2026
Categories
Compatibility
Sourced claims from the README excerpt - not unsourced marketing copy.
Source: README excerpt (regex_v1, Jul 15, 2026)
appliance image. Users do not need Python, Node.js, pnpm, Rust, or a sourceSource link
Source: README excerpt (regex_v1, Jul 15, 2026)
appliance image. Users do not need Python, Node.js, pnpm, Rust, or a sourceSource link
Tags
README
Armorer
Local control plane for AI agents
Run native Armorer Flue agents with local sandboxes, guided setup, credential handling, guardrails, approvals, jobs, logs, and runtime health in one place.
Run any agent. Securely. Local-first by default.
Experimental release candidate: Armorer is under active development. The current release train is intended for early testers who are comfortable with local agent runtimes, Docker/Colima, and rapidly evolving setup flows.
Website · Install · Docs for humans · Issues
Star ArmorerLabs/Armorer if you want safer local agent runtimes to exist.
One Command
curl -fsSL https://armorerlabs.com/install | sh
Then open the local UI and install supported agents through Armorer.
The default installer uses the native armorer launcher and a pinned local
appliance image. Users do not need Python, Node.js, pnpm, Rust, or a source
checkout.
armorer status
armorer doctor
armorer logs --follow
Develop
curl -fsSL https://armorerlabs.com/install | sh -s -- --dev
Or run the workspace manually:
corepack enable
pnpm install --frozen-lockfile
pnpm build
pnpm test
pnpm typecheck
pnpm --filter armorer-ui-selfhost build
Source/development runs also need Rust/Cargo for the native Armorer gateway.
pnpm dev, pnpm start, and pnpm build run a gateway preflight that uses
the packaged gateway when available or builds crates/armorer-gateway locally.
Proprietary extensions are distributed as authenticated appliance images, not source inside this repository. See Private distributions.
Start the self-hosted UI from source:
pnpm dev -- --hostname 0.0.0.0 --port 3099
Then open http://127.0.0.1:3099.
Use the CLI directly from the workspace:
pnpm armorer -- list
pnpm armorer -- core status
pnpm armorer -- install armorer-agent --alias signal-native --yes --skip-scan
pnpm armorer -- jobs list
Armorer also supports native Armorer-managed agents and Vault-backed connected apps from the same CLI:
pnpm armorer -- install armorer-agent --alias signal-native --yes --skip-scan
pnpm armorer -- connections list
pnpm armorer -- linear customer-sync list
For docker build GPG signature failures or proxy issues during agent installation, see the Troubleshooting guide.
Use Your Agent
Set up Armorer from https://github.com/ArmorerLabs/Armorer on this machine.
Follow AGENTS.md and the repository instructions.
Install Armorer, verify Docker, start the local UI, then help me create and configure an Armorer Flue agent.
Do not report success until the Armorer CLI works, the UI is reachable, and runtime health checks pass.
Why Armorer
| Running agents directly | Running agents through Armorer Labs |
|---|---|
| Each agent has its own setup path | One local control plane |
| Credentials are easy to scatter | Guided credential handling |
| Risky actions are hard to review | Human approvals and guardrails |
| Logs live wherever the agent puts them | Jobs, runtime status, and audit trails |
| Local networking gets messy | Local-first with optional private remote access |
What Exists Today
- Local agent runtime and UI.
- Docker sandbox orchestration for installed agents.
- Guided setup for providers, models, credentials, channels, and skills.
- Native Armorer Flue agents as the supported agent runtime.
- Armorer Agent chat runs with durable Flue-backed run state and live workstream visibility.
- Vault-backed connected apps with explicit per-agent grants.
- Linear CRM/c
For agents
This page has a .md twin and JSON over the API.