kuma
Integrates ESLint for linting via the static_analysis tool, parsing output into structured results.
Provides tools for viewing commit history and diffs, and includes safety measures like blocking dangerous git commands such as git push --force.
Integrates with npm for package management detection in project conventions and blocks dangerous npm publish commands.
Supports pnpm via workspace detection in monorepo awareness features.
Integrates Prettier for code formatting checks via the static_analysis tool.
Integrates Ruff for Python linting via the static_analysis tool.
Runs TypeScript static analysis (type checking) via the static_analysis tool and provides LSP-based queries with regex fallback.
Supports Yarn via workspace detection in monorepo awareness features.
Kuma
Zero-setup safety & context runtime for AI coding agents — v2.2.2
Works with 13 AI coding agents — Claude Code, Cursor, Windsurf, GitHub Copilot Editor, Cline, Aider, Antigravity CLI, OpenCode, Codex CLI, Qwen Code, Kiro, OpenClaw, CodeWhale — and any MCP-compatible client.
No manual config needed. Just run npx @plumpslabs/kuma init.
Quick Start
# Generate config files for ALL supported AI agents
npx @plumpslabs/kuma init --all
# Or generate for specific agents
npx @plumpslabs/kuma init --cursor --claude --aider
# See all options
npx @plumpslabs/kuma init --helpOr add Kuma MCP server manually to any MCP client:
{
"mcpServers": {
"kuma": {
"command": "npx",
"args": ["-y", "@plumpslabs/kuma"]
}
}
}Related MCP server: Code Executor MCP Server
Unified Tool Router (10 Groups)
Kuma consolidates 46+ individual operations into 10 grouped tools. AI agents scan 10 groups instead of 46 tools — simpler, faster, less context.
Group | Actions | What it does |
🔵 |
| Call first every session — load context, detect stack, show tree |
🟢 |
| During active coding — search, read, safe edit, create files, LSP queries |
🟡 |
| After every edit — run tests, code review, static analysis |
🔴 |
| Safety & risk — anti-patterns, health score, pre-exec check, policy enforcement, impact analysis, dependency guard, snapshots, audit trail |
🟣 |
| Codebase understanding — query knowledge graph, navigate flows, Mermaid diagrams, auto-investigate, architecture guard, experience patterns, intent paths |
🧠 |
| Persist/retrieve context — session memory, keyword search, persist knowledge, decisions (ADR), auto-context engine, self-heal graph |
📊 |
| Session review — on-track detection, stats dashboard, code health, session replay, activity heat map, AI learning, predictive next, confidence score, project DNA |
⏳ |
| Code history — symbol evolution timeline, commit log, structured diffs |
🔒 |
| Multi-agent coordination — file-level locks, lock listing, stale cleanup |
⚙️ |
| Maintenance — failure knowledge base, semantic compression, shadow execution simulation, collective VPS sync, marketplace templates |
# Full workflow example
kuma_init({ action: "init" }) # Load project context
kuma_core({ action: "grep", query: "handleAuth" }) # Find code
kuma_core({ action: "edit", filePath: "auth.ts", edits: [...] }) # Edit safely
kuma_safety({ action: "guard", goal: "refactor auth" }) # Safety check
kuma_verify({ action: "test" }) # Verify didn't break
kuma_analytics({ action: "reflect" }) # Reflect on progressSupported Agents
kuma init generates native config files for 13 AI coding agents — no manual hunting for file formats:
# | Agent | Generated Files | Approach |
1 | Claude Code |
| Fallback instructions (plugin via |
2 | Cursor |
| Rule file with YAML frontmatter ( |
3 | Windsurf |
| Static rules file |
4 | GitHub Copilot Editor |
| AGENTS.md + Skill file |
5 | Cline |
| Rule file with |
6 | Aider |
| Convention file referenced via |
7 | Antigravity CLI |
| Skill + MCP config |
8 | OpenCode |
| Plugin config JSON |
9 | Codex CLI (OpenAI) |
| AGENTS.md + MCP server in TOML |
10 | Qwen Code |
| AGENTS.md + MCP server in JSON |
11 | Kiro |
| Steering file with YAML frontmatter |
12 | OpenClaw |
| Skill (loaded on demand) |
13 | CodeWhale |
| Skill + MCP server config |
AGENTS.mdis a merged file shared by Codex CLI, Qwen Code, and GitHub Copilot Editor — one file, no conflicts.
Features
🔍 Context & Understanding
Feature | Tool / Action | Description |
Smart Grep |
| Regex code search with context lines, caching, and |
Smart File Picker |
| Read files with chunking strategies: |
Project Structure |
| Tree view of project layout with depth control, folder-only mode, patterns |
Project Conventions |
| Auto-detect framework, test runner, package manager, monorepo workspaces |
LSP Query |
| Go-to-definition, find references, type info, rename symbols via TypeScript Language Server. Falls back to regex when LSP unavailable. |
Code Time Machine |
| Track how a function evolved over time — git blame + commit analysis + design decisions |
Git Log |
| Structured commit history with file filtering |
Git Diff |
| Structured diff with staged/unstaged, ref ranges, context control |
🧠 Knowledge Graph (SQLite)
Everything in Kuma is backed by a SQLite knowledge graph — auto-built, auto-healed, queryable:
Feature | Tool / Action | Description |
Graph Query |
| Query nodes/edges/stats. FTS5 full-text search with graceful fallback |
AI Navigation |
| Answer "How does login work?" — returns the full call chain |
Autonomous Investigation |
| Given a problem, auto-discovers the relevant code path + bottleneck |
Mermaid Diagrams |
| Generate architecture, sequence, impact, ownership, heatmap diagrams |
Living Architecture |
| Auto-detect architecture (clean/layered/hexagonal/MVC), detect violations |
Experience Graph |
| Learn from past sessions — suggests next tools based on success patterns |
Intent Graph |
| Organize by intent, not dependency — suggests optimal paths for a goal |
Self-Healing |
| Auto-detect stale nodes, repair via git history or content hash. Cascading edge cleanup |
✏️ Execution — Make Changes Safely
Feature | Tool / Action | Description |
Precise Diff Editor |
| Search-and-replace with exact → whitespace → fuzzy fallback. Auto-backup before every edit. Dry-run preview, versioned rollback, batch edits (up to 10) |
Batch File Writer |
| Create up to 15 files in one call. Path validation before writing |
Static Analysis |
| Run ESLint / TypeScript / Prettier / Ruff — structured output |
Code Reviewer |
| Senior-level static analysis. Focus modes: correctness, conventions, security, performance, over-engineering detection |
🧠 Memory
Feature | Tool / Action | Description |
Session Memory |
| Session state tracker — modified files, unresolved failures, tool history |
Memory Search |
| Keyword search across tool calls, memory files, errors, dependency graph |
Persist Knowledge |
| Save decisions, glossary, architecture notes to |
Decision Memory |
| ADR-style decision recording: context → options → rationale → outcome |
Context Engine |
| Auto-inject relevant context — finds files related to a goal via graph distance + recency + failure history |
🛡️ Safety — Stay on Track
Feature | Tool / Action | Description |
Safety Guard |
| Anti-pattern detection (script patching, bash grep), tool loops, drift (edits without tests) |
Safety Score |
| Aggregate 0-100 health score across 9 dimensions: git status, backups, LSP, tests, loops, etc. |
Safety Policy |
| Policy file ( |
Risk Prediction |
| Before editing — shows references, test files, API routes affected |
Dependency Guard |
| Before adding packages — checks existing deps, suggests native JS alternatives |
Context Snapshots |
| Save/restore project state before risky operations |
Safety Audit |
| Every tool call recorded in SQLite. Queryable trail with override logging |
Safety Check |
| Pre-execution safety check — validates path, policy, dangerous commands |
📊 Analytics & Reflection
Feature | Tool / Action | Description |
Reflection |
| On-track/off-track detection, drift warnings, next action suggestion |
Behavior Analytics |
| Session stats — tool calls, edits, test runs, rollbacks, loops prevented |
Code Health Dashboard |
| Project-level health — bug density, test pass rate, rollback rate, fragility scoring |
Session Replay |
| Replay what AI did in a previous session as a human-readable narrative |
Activity Heat Map |
| Show which parts of the codebase AI works on most |
AI Learning |
| Auto-prioritize high-usage patterns in the knowledge graph |
Predictive AI |
| Predict what file/tool AI needs next based on current context |
Confidence Engine |
| Estimate how confident AI should be — factors: files read, refs checked, graph completeness |
Project DNA |
| One-page project fingerprint — architecture, coding style, coupling, risk areas, trends |
⏳ History & Time Machine
Feature | Tool / Action | Description |
Symbol Timeline |
| "Why does login work this way?" — traces a function's evolution across commits with design decisions |
Commit Log |
| Structured commit history with file filter |
Git Diff |
| Staged/unstaged/ref-range diffs with configurable context |
🔒 Multi-Agent
Feature | Tool / Action | Description |
File Locking |
| Prevent multiple AI agents from editing the same file simultaneously |
Lock Management |
| See active locks, clean stale ones |
⚙️ Advanced
Feature | Tool / Action | Description |
Failure Knowledge Base |
| Every failure saved — type, symbol, solution. Proactive warnings for repeat patterns |
Semantic Compression |
| Compress large codebases into a semantic graph (type signatures + deps — no boilerplate) |
Shadow Execution |
| Simulate changes before applying — virtual typecheck, test prediction, risk assessment |
Collective Intelligence |
| Sync anonymized patterns to your own VPS — learn from multiple projects |
Knowledge Marketplace |
| Install pre-built graph templates for popular frameworks |
Kuma's Promise
Kuma is built for one thing: making sure AI agents don't break your project.
Every tool in Kuma has a safety net built-in — not as an afterthought, but as a core design principle:
# | When this happens... | Kuma does this... |
1 | LSP server is not installed | Falls back to regex — never hard fails |
2 | An edit breaks something | Rollback to any version — versioned backups, dry-run preview, version list |
3 | AI loops on a test failure | Circuit breaker stops it — prevents infinite retries after 3 identical failures |
4 | A file path doesn't resolve | Shows where it looked — CWD vs project root with resolved paths |
5 | A command is dangerous | Blocks it — |
6 | AI keeps repeating the same tool | Tool-loop detection — flags if same tool called 4+ times in last 10 calls |
7 | You need to undo an edit | Versioned rollback — |
8 | A diff doesn't match | Fuzzy fallback — exact → whitespace-normalized → fuzzy match with configurable threshold |
9 | AI needs to understand complex code | Knowledge graph — SQLite-backed, auto-built, queryable, self-healing |
10 | AI is about to break architecture | Architecture guard — detects layer violations, suggests correct dependency direction |
11 | AI has no context for a goal | Auto-context engine — finds relevant files via graph distance + recency + failure history |
12 | AI needs to know confidence | Confidence engine — 0-100 score based on context completeness |
13 | AI wants to know a file's history | Code time machine — shows why code is the way it is via git blame + commit analysis |
14 | Multiple agents edit the same file | File lock — prevents conflicts, clean stale locks |
Most tools make AI smarter. Kuma makes AI not break things.
Safety
Feature | What it does |
Sandboxed | All file operations locked to project directory. Path traversal blocked. System dirs protected. |
Auto-backup |
|
Circuit breaker | Stops after 3 identical failures. Prevents AI loops. |
Timeout | All commands have configurable timeout (max 180s). Process tree kill on timeout. |
Command whitelist | Only |
Dangerous pattern blocking |
|
LSP graceful degradation | When TypeScript Language Server is not installed, LSP tools fall back to regex instead of hard failing. |
Multi-agent lock | File-level locks prevent multiple AI agents from editing the same file simultaneously. |
Safety score | Aggregate 0-100 score across 9 dimensions: git status, backups, LSP, tests, modified files, loops, failures, conventions, goal. |
Safety policy |
|
Risk prediction | Before editing a symbol — shows 42 references in 15 files, 7 test files, 3 API routes. |
Dependency guard | When AI installs a new package — checks existing deps, suggests native alternatives. |
Safety audit | Every tool call recorded in SQLite. Queryable trail with override logging. |
What Makes Kuma Unique
Router groups — 46+ operations consolidated into 10 grouped tools. AI scans 10 groups instead of 46 tools.
Knowledge Graph (SQLite) — Built-in SQLite database via
sql.js(pure WASM, zero native build). Tracks nodes (functions, files, API routes, tests) + edges (calls, imports, defines, tests) + experience patterns + sessions. FTS5 full-text search with graceful fallback.Self-healing graph — Automatically detects stale nodes, repairs via git history or content hash fingerprinting.
Safety is default, not optional — Rollback, circuit breaker, sandbox, timeout, dangerous pattern blocking are built into every tool.
Graceful degradation — When dependencies are missing (LSP, linters, FTS5), Kuma falls back instead of crashing.
Over-engineering detection —
code_reviewerwithfocus: "over-engineering"catches unnecessary abstractions.Drift detection —
kuma_guardcatches edits without tests, tool-call loops, unresolved failures.Impact prediction —
kuma_risktells you how many files reference a symbol before you change it.Auto-context engine — Given a goal, finds relevant files via graph distance + recency + failure history.
Code time machine — Shows why code is the way it is: "Because commit e4f5g6h migrated from sessions to JWT for mobile support."
Mermaid diagrams — Auto-generated architecture, sequence, impact, ownership, and heatmap diagrams from the knowledge graph.
Architecture guard — Detects layer violations (Handler → Database when it should be Handler → Service → Repository).
Confidence engine — 0-100 score estimating how confident AI should be about a change.
Shadow execution — Simulate changes before applying: virtual typecheck, test prediction, risk assessment.
Failure knowledge base — Every failure saved and becomes a learning. Proactive warnings.
Dependency guard — Before adding npm packages, checks for native JS alternatives and existing similar packages.
Persistent memory — Knowledge survives across sessions via
.kuma/memories/+.kuma/kuma.db.Monorepo awareness — Detects workspaces, scans
apps/*,packages/*,services/*, and pnpm/yarn/npm workspaces.Collective intelligence — Anonymized pattern sharing across projects via your own VPS. Zero source code leakage.
Knowledge marketplace — Pre-built graph templates for Laravel, Spring Boot, Django, Gin, Axum, Next.js, Express.js, and more.
Storage Layout
.kuma/
├── kuma.db # SQLite database (knowledge graph, sessions, experiences, safety audit)
├── init.md # Behavioral rules for AI agents (auto-generated)
├── config.json # Per-project config (collective endpoint, autoSync, etc.)
├── memory.json # Session state (modified files, failures, tool history)
├── policy.yml # Safety policy (never_touch, require_review, block_commands)
├── .instance-id # Anonymous instance ID for collective sync
└── memories/ # Persistent knowledge files
├── architecture.md
├── conventions.md
├── decisions.md
├── glossary.md
└── known-issues.md
.kuma/backups/ # Versioned backups from precise_diff_editor
└── <timestamp>/ # One backup snapshot per edit
└── <relative-file-path>🔄 Self-Healing
Kuma automatically detects and repairs issues in the knowledge graph:
# Check for stale entries
kuma_memory({ action: "heal", healAction: "check" })
# Auto-heal — remove stale nodes/edges
kuma_memory({ action: "heal" })Feature | Description |
Content Hash | Detects files that changed since last scan (MD5 of head + tail + size) |
All-Node Scan | Scans all node types: |
Git-Aware Repair | Uses |
Cascading Edges | Stale node edges get weight reduced to near-zero |
Incremental Heal | Batch processing — repairs only the affected subgraph, not full scan |
Auto-Heal Hook | Runs automatically during graph queries — no manual action needed |
🛡️ Safety AI Layer
The Safety layer sits between AI agents and the filesystem. Every tool call goes through: policy check, path validation, audit logging.
Features
Feature | Description |
Safety Audit | Every tool call recorded in SQLite ( |
Safety Proxy |
|
Risk Assessment | Path validation, policy checks, dangerous command detection. |
Override Logging | Safety bypasses are logged with reasons — audit trail stays clean. |
Safety Score | 0-100 aggregate health score across 9 dimensions. |
Usage
# Query audit trail (20 most recent entries)
kuma_safety({ action: "audit", limit: 20 })
# Audit statistics
kuma_safety({ action: "stats" })
# Full safety check before execution
kuma_safety({ action: "check", actionCheck: "edit", filePath: "config.ts" })
# Safety Score
kuma_safety({ action: "score" })
# Bypass safety (logged with reason)
kuma_safety({ action: "override", tool: "precise_diff_editor", reason: "trusted edit" })🐻 Kolektif — Collective Intelligence
Kolektif allows Kuma instances across different projects to share anonymized patterns. Data is sent to your own VPS server — not to a public server.
Architecture
Project A (Laptop) ──────┐
├──► Your VPS (Hono + better-sqlite3)
Project B (Laptop) ──────┘ Port 3001Data sent (safe):
errorType: "type_error" / "build_error" — generic categorytools: ["smart_grep", "lsp_query"] — tool names onlylanguage: "typescript" — programming languagecount,successRate— anonymous numbers
Data NEVER sent:
❌ Source code
❌ File names / function names
❌ Raw error messages
❌ Git history / commit messages
❌ User identity
Quick Deploy (VPS)
Requires a VPS (1GB RAM is enough) with Node.js 18+.
# 1. Clone repo
ssh user@vps-ip
git clone https://github.com/plumpslabs/kuma.git kolektif
cd kolektif/server
# 2. Install + build
npm install
npx tsc
# 3. Start via PM2
pm2 start dist/index.js --name kuma-server
pm2 save
# 4. Open firewall
sudo ufw allow 3001/tcpOr use the one-command deploy script:
ssh user@vps-ip 'bash -s' < server/deploy.shClient Setup
Set the environment variable on your laptop:
export KUMA_COLLECTIVE_URL=http://<vps-ip>:3001Or via .kuma/config.json:
{
"collective": {
"url": "http://<vps-ip>:3001",
"autoSync": true,
"syncIntervalMinutes": 60
}
}API Endpoints
Method | Endpoint | Description |
|
| Health check |
|
| Submit anonymized patterns |
|
| Get global patterns by language |
|
| Dashboard statistics |
Trigger — Manual via AI
Sync is manually triggered by the AI agent calling the Kuma tool. There is no background scheduler — the AI decides when to sync based on context.
# Sync patterns to your VPS (sends + receives)
kuma_advanced({ action: "collective", collectiveAction: "sync" })
# Preview what data would be sent (safe preview)
kuma_advanced({ action: "collective", collectiveAction: "export" })
# Discover local patterns without sending
kuma_advanced({ action: "collective" })💡 The
autoSyncflag in config tells the AI to remember syncing periodically — but the actual call is always made by the AI agent, not by a timer.
📦 Knowledge Marketplace
Marketplace provides pre-built knowledge graph templates for popular frameworks. Installing a template means Kuma instantly understands the framework's structure without having to learn from scratch.
Usage
# List all templates
kuma_advanced({ action: "marketplace" })
# Install Laravel template — Kuma instantly understands Laravel MVC
kuma_advanced({ action: "marketplace", marketplaceAction: "install", template: "graph:laravel" })Available Templates
🔷 TypeScript / JavaScript
Template | Framework | Knows | Nodes | Edges |
| Hono | Middleware chain, RPC mode, typed routes, HonoX, JSX middleware | 35 | 90 |
| Fastify | Plugin system, hooks lifecycle, schema validation, encapsulation | 40 | 100 |
| Elysia (Bun) | Plugin system, Eden Treaty, schema validation, state/derive pattern | 28 | 70 |
| Next.js App Router | App Router, Server Components, layout structure, route groups | 45 | 120 |
| Next.js Pages Router | Pages Router, getServerSideProps, API routes, ISR pattern | 38 | 95 |
| Remix | Loaders, actions, forms pattern, nested routes, resource routes | 32 | 80 |
| Express.js | Middleware chain, route handlers, error patterns, app structure | 30 | 85 |
⚛️ React Ecosystem
Template | Library | Knows | Nodes | Edges |
| TanStack Query | Query/mutation pattern, cache invalidation, optimistic updates, infinite queries | 36 | 88 |
| TanStack Router | File-based routing, loaders, search params, route guards, devtools | 30 | 75 |
| TanStack Table | Column definitions, sorting, filtering, pagination, row selection | 22 | 55 |
| Zustand | Store pattern, middleware (persist, devtools, immer), subscribe, slice pattern | 18 | 42 |
| shadcn/ui | Component structure, Radix primitives, tailwind classes, registry pattern | 50 | 130 |
🗄️ Database (JS/TS)
Template | ORM | Knows | Nodes | Edges |
| Prisma | Schema models, relations, migrations, client queries, middleware hooks | 35 | 85 |
| Drizzle | Schema definition, relations, SQL-like queries, migrations, Drizzle Kit | 30 | 72 |
Other Languages
Template | Framework | Knows | Nodes | Edges |
| Laravel (PHP) | Controllers, Services, Repositories, Middleware, Blade, Eloquent | 50 | 140 |
| Spring Boot (Java) | Controllers, Services, JPA Repositories, Entities, Config | 55 | 150 |
| Django (Python) | Views, Models, Serializers, URLs, Admin | 40 | 110 |
| Gin (Go) | Handlers, Services, Repositories, Middleware, Models | 25 | 65 |
| Axum (Rust) | Handlers, Extractors, Services, Repositories, State | 20 | 55 |
⚠️
@kuma-templates/*packages do not exist on npmjs yet. All built-in templates are generated from Kuma's source code directly — no npm install needed. The npm path exists for future community-published templates.
🍵 Pair with Matcha
Kuma keeps AI agents safe. Matcha keeps AI agents deliberate.
Matcha is an engineering philosophy ruleset that enforces deliberate thinking before, during, and after coding:
5W1H Gate — Why are we doing this? Is there a simpler path?
Reuse Before Write — Never write what already exists
Clean Finish — No temp, no debug, no unused code
Where Kuma provides runtime safety (rollback, circuit breaker, sandbox), Matcha provides session discipline (planning gate, cleanup scan, intensity levels).
# Try them together
npx @plumpslabs/matcha init # Install matcha philosophy
npx @plumpslabs/kuma init --all # Install kuma safety toolsBoth tools are designed to complement each other — Kuma handles the "can't break things" layer while Matcha handles the "think before you act" layer.
Contributing
See CONTRIBUTING.md for detailed guidelines.
License
Made with 🐻 for AI agents everywhere
This server cannot be installed
Maintenance
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/plumpslabs/kuma'
If you have feedback or need assistance with the MCP directory API, please join our Discord server