nexus-agents
Integrates with arXiv as one of 9 research discovery sources for the research system, enabling literature review, state-of-the-art analysis, and auto-cataloging of academic papers.
Provides sandboxing capabilities for security through Docker/policy-based isolation, enabling secure execution of AI-generated code and workflows.
Enables GitHub issue tracking and PR review capabilities, allowing the system to analyze codebases, review pull requests, and integrate with GitHub workflows.
Provides GitLab issue tracking integration similar to GitHub, supporting repository analysis and issue management within GitLab projects.
Routes tasks to Google's Gemini CLI for long-context and multimodal AI capabilities as part of the intelligent routing system to multiple AI providers.
Integrates with OpenAI's Codex CLI and Codex MCP for code generation and reasoning tasks, plus supports custom OpenAI-compatible endpoints through the opencode adapter.
Connects to Semantic Scholar as one of 9 research discovery sources, enabling academic research, paper analysis, and knowledge synthesis for the research system.
Nexus Agents
Autonomic control plane for AI coding agents — one entry point, adversarial review, tamper-evident hash-chained audit, human-gated closed-loop tuning (autonomous demotion, earned promotion)
Why Nexus Agents?
Nexus-agents is an autonomic control plane for your AI coding agents — Claude Code, Codex, Gemini, and OpenCode. The agents are the data plane: they do the engineering. Nexus-agents is the control plane: it admits work through one entry point, reviews it adversarially before it ships, records every action in a tamper-evident event log, and closes the loop by tuning where the next task goes based on what actually worked.
Borrowing the vocabulary of autonomic computing: the system runs a MAPE-K loop — Monitor, Analyze, Plan, Execute over a shared Knowledge base — so that operating your agent fleet is, as much as the evidence allows, self-managing rather than hand-driven.
The control-plane mapping
Each classic control-plane role maps to a shipped nexus-agents component — the metaphor is load-bearing, not decoration:
Control-plane role | nexus-agents component | What it does |
Scheduler |
| One entry point picks (and optionally runs) the right strategy for a goal |
Admission control | gates ( | Adversarial review and quality gates decide what is allowed to ship |
Event log |
| Append-only, tamper-evident record of every decision |
Data plane | engineering CLIs | Claude Code, Codex, Gemini, OpenCode do the file edits, tests, PRs |
The MAPE-K loop
┌────────── Monitor ──────────┐ OutcomeStore · AuditTrail · swarm-health
│ ▼ adapter circuit-breaker signals
Execute ◀── Plan ◀── Analyze ◀───┘ LinUCB + TOPSIS scoring, consensus
│ │ MetaOrchestrator strategy choice
│ └── route the next task ──────────────────────────────────────┐
▼ │
run the strategy ── adversarial review ── audit ── feed outcome back ──────┘
shared Knowledge: OutcomeStore + memory backends + audit logSelf-* capabilities
Autonomic systems are described by their self-* properties. Each row below maps to a loop that exists in the codebase today — nothing here is aspirational, and the authority each loop carries is bounded by ADR-0017's authority ladder (observe → suggest → advisory → enforce):
Self-* property | What it means here | Implementing loop (shipped) |
Self-configuring | Detects environment and wires itself in |
|
Self-healing | Routes around failing dependencies automatically | Adapter circuit-breaker + swarm-health demotion ( |
Self-optimizing | Learns where the next task should go | Closed-loop |
Self-protecting | Constrains what untrusted input and tools can do | Trust-tiered input handling, ClawGuard access policies (audit/enforce), Docker/policy sandboxing ( |
Honesty note: these loops sit at different rungs of the authority ladder. The self-tuning demotion is
enforcebut bounded (capped, auto-decaying, demotion-only); learned selection and other promotions are still earned per-loop against an evidence threshold plus ratification, not flipped on by default. See ADR-0017.
What it gives you:
Adversarial PR review —
pr_reviewruns 5 voter roles (architect, security, devex, catfish, scope_steward) with a 4-point verification gate. On the v5 evaluation set: 100% bug-catch on a focused synthetic dataset (n=10) and a 50% raw false-positive rate; manual triage reclassified one of two inspected FP cases as a real finding the dataset had mislabeled. These are directional small-n figures, not measured rates. Full numbers and guardrails: docs/research/pr-review-experiment-results-v5.mdDrift-detected charter —
CLAUDE.md+governance:check+ blocking CI gates fail the build when documented rules drift from registered behavior (model registry, MCP tools, expert types, skills)Tamper-evident audit trail — every tool call, every voter decision, every routing choice flows through
AuditTrailwith structured logging and hash-chained append-only storage; integrity is verifiable via theverify_audit_chainMCP tool (tamper-evident, not tamper-proof — see the audit hash-chain threat model)Closed-loop routing —
OutcomeStorefeeds production telemetry back into LinUCB + TOPSIS scoring so the system actually learns from what shipped vs what regressed. A second, bounded loop runs by default: asignal.swarm_unhealthy(adapter circuit-breaker / swarm-health) applies a small, capped, auto-decaying routing demotion viaTuneAdjustmentStore— demotion-only, never zeroes a CLI, every adjustment audited, opt-out withNEXUS_TUNE_ENFORCE=falseMulti-voter consensus —
consensus_voteruns a default 7-role panel (architect, security, devex, ai_ml, pm, catfish, scope_steward;--quickuses 3). Six strategy names (five distinct:higher_orderis an alias ofopinion_wise, #514): simple/super-majority, unanimous, higher-order Bayesian, opinion-wise, proof-of-learning
You: "Review this PR / orchestrate this task / vote on this proposal"
↓
Control plane: admit → schedule/route → adversarial review → audit → learn from outcome
↓
Data plane (agents): Claude Code · Codex · Gemini · OpenCode
↓
Code: actual edits, tests, PRs, issuesWhat this is NOT:
Not another autonomous coding agent. OpenHands, SWE-agent, AutoGen, Devin, Factory — those are the data plane. Nexus-agents is the control plane above them. Use whichever agents fit; we admit, review, audit, and route their work
Not a chat framework. Nothing here orchestrates conversations. It orchestrates real CLI tool invocations with real file I/O and outcome tracking
Not a model API proxy. The value is the admission gates, the audit, and the closed-loop tuning. Routing is a consequence of the control-plane work, not the product
Not fully autonomous. "Autonomic" means self-managing within bounds, not unsupervised. Every loop's authority is capped by the authority ladder (ADR-0017); promotions to higher authority are earned against evidence and human ratification, never flipped on by default
Related MCP server: memorix
Where nexus-agents sits in your stack
Human / IDE / CLI
(Claude Code, Cursor, VS Code, terminal)
│ MCP Protocol
▼
┌─────────────────────────────────────────────────────┐
│ CONTROL PLANE — what nexus-agents provides │
│ │
│ Scheduler: run / MetaOrchestrator │
│ Admission control: PR review · consensus · gates │
│ Event log: tamper-evident hash-chained audit │
│ Closed-loop self-tuning (MAPE-K) │
│ │
│ 47 MCP tools · multi-stage CompositeRouter │
└────────────────────────┬────────────────────────────┘
│
▼ delegates execution to
┌─────────────────────────────────────────────────────┐
│ DATA PLANE — the agents that do the actual work │
│ │
│ Claude Code · Codex · Gemini · OpenCode │
└────────────────────────┬────────────────────────────┘
│
▼ produces
Code, tests, PRs, issuesThe control plane is the layer that catches the mistakes data-plane agents would otherwise make — bad code shipped, rules drifting from intent, audit gaps, telemetry-free routing — and routes the next task based on what actually worked the last time.
Quick Start (2 minutes)
1. Install
npm install -g nexus-agentsOr as a Claude Code plugin (single-command install from the official marketplace):
/plugin install nexus-agentsSee docs/getting-started/PLUGIN_INSTALL.md for plugin-specific setup, or llms-install.md for the short install guide an AI agent can follow.
2. Verify
nexus-agents doctorPrints a health table — Node version, configured CLIs (claude / codex / gemini / opencode), API keys missing vs present. Read-only; safe to run any time.
3. See what success looks like (60-second smoke task — no API keys needed)
nexus-agents vote --quick --proposal "Use SQLite over JSON files for the outcome store"You should see:
Nexus Agents Consensus Vote
============================
Collecting votes from 3 agents (timeout: 60s each)...
Proposal: Use SQLite over JSON files for the outcome store
Votes
✓ Software Architect: APPROVE (86%)
✓ Security Engineer: APPROVE (74%)
✓ Scope Steward: APPROVE (91%)
Summary
Approve: 3
Reject: 0
Abstain: 0
Approval: 100.0%
Threshold: simple_majority
Result: APPROVED
Completed in ~30sThree voter roles deliberate via whichever local CLIs you have (Claude, Codex, Gemini) — no API keys required. Per-voter reasoning is recorded; the terminal prints the verdict. Mixed outcomes (some approve / some reject) and graceful error handling are demonstrated on the project site hero with a real 7-voter run.
4. Wire into your editor
nexus-agents setup # Auto-configures MCP server in Claude Code, Cursor, etc.Restart your editor. The 47 MCP tools (orchestrate, consensus_vote, research_synthesize, verify_audit_chain, …) become available to whatever agent you're already using.
What setup configures
By default, setup writes/updates up to seven things in your environment. Each can be skipped with the corresponding --skip-* flag if you don't want it.
Configured | Where written | Opt-out flag |
MCP server registration (Claude) |
|
|
Project rules |
|
|
Session hooks |
|
|
OpenCode MCP config |
|
|
Gemini MCP config |
|
|
Codex MCP config |
|
|
Project config file |
|
|
Run with --interactive (the default) for a per-step confirm flow, or --no-interactive to accept all defaults.
5. Standalone usage (no editor required)
export ANTHROPIC_API_KEY=your-key
nexus-agents orchestrate "Explain the architecture of this codebase"Security: In default MCP mode, the server communicates only via stdio with the parent process (no network exposure). The REST API (opt-in) auto-generates an API key on first start. For network-exposed deployments, set
NEXUS_AUTH_ENABLED=true. See SECURITY.md.
Capabilities
Category | Details |
Adversarial PR Review |
|
Consensus Voting | 6 strategies: simple_majority, supermajority, unanimous, higher_order (Bayesian correlation-aware), opinion_wise, proof_of_learning |
Drift-Detected Charter |
|
Audit Trail | Structured logging for every tool call, voter decision, and routing choice. Tamper-evident hash-chained append-only storage (tamper-evident, not tamper-proof — see threat model); integrity verifiable via |
Closed-Loop Telemetry |
|
Security Pipeline | Sandboxing (Docker/policy), trust-tiered input handling, SARIF parsing, red-team patterns, ClawGuard access policies (audit/enforce) |
Multi-Expert Orchestration | 12 built-in expert types coordinated by Orchestrator. Roles bind prompt + tools + memory |
Development Pipeline | Research → Plan → Vote → Decompose → Implement → QA → Security. Three modes: autonomous, harness (caller implements), dry-run |
Memory & Learning | 5 user-facing backends (session, belief, agentic, adaptive, typed). Cross-session persistence feeds routing decisions |
Research System | 9 discovery sources (arXiv, GitHub, Semantic Scholar, etc). Auto-catalog, quality scoring, synthesis into topic clusters |
Graph Workflows | DAG-based workflow execution with checkpoint/resume, state reduction, and event hooks |
47 MCP Tools | Agent management, workflow execution, research, memory, codebase intelligence, repo analysis, consensus, operations |
Available Experts
Expert | Specialization |
Code | Implementation, debugging, optimization |
Architecture | System design, patterns, scalability |
Security | Vulnerability analysis, secure coding |
Testing | Test strategies, coverage, test generation |
QA | Acceptance criteria, regression checks |
Documentation | Technical writing, API docs |
DevOps | CI/CD, deployment, infrastructure |
Research | Literature review, state-of-the-art analysis |
PM | Product management, requirements, priorities |
UX | User experience, usability, accessibility |
Infrastructure | Server management, bare metal, networking |
Data Viz | Charts, dashboards, visual data presentation |
Supported CLIs & Providers
Nexus-agents routes tasks through 5 CLI adapters, each connecting to major AI providers:
CLI | Provider | Best For |
claude | Anthropic (Claude) | Complex reasoning, analysis |
gemini | Google (Gemini) | Long context, multimodal |
codex | OpenAI (Codex CLI) | Code generation, reasoning |
codex-mcp | OpenAI (Codex MCP) | MCP-native Codex integration |
opencode | Custom OpenAI-compat | Custom endpoints, local models |
CLI Commands
nexus-agents # Start MCP server (default)
nexus-agents doctor # Check installation health
nexus-agents setup # Configure Claude CLI integration
nexus-agents orchestrate "..." # Run task with experts
nexus-agents vote "proposal" # Multi-agent consensus voting
nexus-agents review <pr-url> # Review a GitHub PR
nexus-agents expert list # List available experts
nexus-agents workflow list # List workflow templates
nexus-agents config init # Generate config file
nexus-agents init --portable # Create workspace-local .nexus-agents/ for sandboxes
nexus-agents init --portable --mcp-config # Also emit .mcp.json wiring Claude Code to it
nexus-agents init --portable --install --mcp-config # …and install the binary into the workspace
nexus-agents fitness-audit # Run fitness score audit
nexus-agents research query # Query research registry
nexus-agents --help # Full command listSee docs/ENTRYPOINTS.md for the complete CLI reference (28+ commands).
MCP Tools
When running as an MCP server, the following tools are available. Start with run — the default entry point: give it a goal and the MetaOrchestrator picks (and, with execute: true, runs) the right strategy. The other pipeline tools are advanced force-strategy paths for pinning a specific one.
Tool | Description |
| Task orchestration with Orchestrator coordination |
| Create a specialized expert agent |
| Run a task through a previously-created expert (by expertId) |
| Run a linear workflow template (use |
| Pick the best-fit existing model for a task (no registry change) |
| Inventory of expert ROLES for |
| Inventory of multi-step TEMPLATES for |
| Multi-model consensus voting on proposals |
| Query research registry (status, overlap, stats, search) |
| Add an arXiv PAPER to the registry (for non-paper sources use |
| Add a NON-PAPER source (repo/tool/blog) — for arXiv papers use |
| Discover papers/repos from external sources |
| Analyze registry for gaps, trends, coverage |
| Review auto-cataloged research references |
| Synthesize registry into topic clusters with themes |
| Transient OSS project search (license, stars, last-commit) via GitHub |
| Look up a vendor's signing infrastructure (GPG keys, URL patterns, signature shape) |
| Diff two YAML/JSON feeds: coverage + per-field axes |
| Query across all memory backends |
| Memory system statistics dashboard |
| Write to typed memory backends |
| Multi-CLI performance weather report |
| Triage GitHub issues with trust classification |
| Run a DAG workflow with per-node checkpoints + audit trail (linear → |
| Execute AI software factory spec pipeline |
| Draft YAML for a NEW model entry (for picking existing models use |
| Query execution traces for observability |
| Query the structured task-state log for a task ID |
| Read result of an async-mode dispatch by jobId (#3042 / #2631) |
| List async-mode jobs across all tools — cross-session discovery (#3046 / #2631) |
| Mark an async-mode job as cancelled — idempotent (#3042 Stage 1b) |
| CI infrastructure health — composes GitHub status + recent-runs activity (#3076) |
| Verify hash chain of a FileAuditStorage audit log directory |
| Analyze GitHub repository structure |
| Generate security scanning pipeline for a repo |
| TypeScript-compiler-API AST symbols from a SINGLE file (functions/classes/types) |
| Cross-file search over declared symbol NAMES (declarations only, not usages) |
| Structural usage/call-site search for a symbol via ast-grep (calls, member calls, new, imports, references) — the "where is X used" gap |
| Full dev pipeline: research, plan, vote, implement, QA |
| Execute a pipeline plugin by name with typed input |
| Multi-voter PR review with verification gate (experimental) |
| Per-axis tradeoff vote for build-vs-buy / supply-chain decisions |
| Threshold-gated observability loop — surfaces routing/tech-debt/bug/security signals from outcome+fitness data; files candidate issues |
| Run the QA quality gate (typecheck/lint/tests/build/security) over a project dir; returns structured pass/fail verdict + feedback |
| SUGGEST-ONLY: candidate pipeline tasks from research_discover findings for review — files/executes nothing (#1715) |
| Probe all model-discovery transports (OpenRouter API + opencode/claude/codex/gemini CLIs) and report per-transport health — validates the CLIs/APIs are reachable (#3406) |
| Default entry point — give a goal, MetaOrchestrator picks the strategy; returns the routing decision (execute:false, read-only) or runs it inline (execute:true; dev-pipeline+pipeline+research+consensus wired) (#3548) |
Configuration
Environment Variables:
Variable | Description |
| Claude API key |
| OpenAI API key |
| Gemini API key |
| Log level (debug/info/warn/error) |
Generate config file:
nexus-agents config init # Creates nexus-agents.yamlDocumentation
Topic | Link |
Full CLI Reference | |
Architecture | |
Contributing | |
Coding Standards | |
Quick Start Guide |
Development
git clone https://github.com/nexus-substrate/nexus-agents.git
cd nexus-agents
pnpm install
pnpm build
pnpm testRequirements: Node.js 22.x LTS, pnpm 9.x
Contributing
Fork the repository
Create a feature branch (
git checkout -b feat/amazing-feature)Commit with conventional commits (
feat(scope): add feature)Open a Pull Request
See CONTRIBUTING.md for details.
License
MIT - See LICENSE
Built with Claude Code
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/nexus-substrate/nexus-agents'
If you have feedback or need assistance with the MCP directory API, please join our Discord server