OMK Agent Harness Mono Repo
July 2, 2026 · View on GitHub
OMK
OMK//CONTROL — provider-neutral multi-agent control plane for coding workflows.
Models execute. OMK routes, verifies, measures, and controls.
New issues and PRs from new contributors are auto-closed by default. Maintainers review auto-closed issues daily. See CONTRIBUTING.md.
OMK Agent Harness Mono Repo
This is the home of the omk agent harness project including our self extensible coding agent.
- open-multi-agent-kit: Interactive coding agent CLI
- omk-agent-core: Agent runtime with tool calling and state management
- omk-ai: Unified multi-provider LLM API (OpenAI, Anthropic, Google, …)
To learn more about omk:
- Visit omk.dev, the project website with demos
- Read the documentation, but you can also ask the agent to explain itself
OMK//CONTROL TUI
The OMK//CONTROL startup surface is the default operator view. The header reads omk v<package.version> · OMK//CONTROL, using the published open-multi-agent-kit package version as the single source of truth.
The default dark TUI theme uses the omk-control-grid-dark Night City palette and keeps the control sidebar focused on route, evidence, loop, MCP, runtime, skills, and context budget state.
Release v0.90.3
This release removes the jailbreak subsystem that had shipped in the 0.90.x line and fixes a CI-only visual-QA test.
| Area | What changed |
|---|---|
| Safety | Removed the cross-provider jailbreak/godmode payload toolkit (omk jailbreak command, --jailbreak-* flags, jailbreak-extension, agents/jailbreak, utils/jailbreak, types/jailbreak, and the fuzzing/routing/encoding/multiturn/modules attack modules). It is not a legitimate OMK feature. |
| Safety | Retained defensive GOD Mode resistance in the system prompt and the context-file sanitization marker. |
| Tests | The 96-column control-panel visual-QA test now runs its live-render assertion unconditionally and only compares the gitignored .omo/ artifact when present, so CI checkouts pass. |
GitHub-focused release notes live in .github/RELEASE_NOTES_v0.90.3.md. The GitHub release workflow also extracts the canonical release body from packages/coding-agent/CHANGELOG.md.
Share your OSS coding agent sessions
If you use OMK or other coding agents for open source work, publish sanitized sessions from .omk/agent/sessions.
Public OSS session data helps improve coding agents with real-world tasks, tool use, failures, and fixes instead of toy benchmarks.
All Packages
| Package | Description |
|---|---|
| omk-ai | Unified multi-provider LLM API (OpenAI, Anthropic, Google, etc.) |
| omk-agent-core | Agent runtime with tool calling and state management |
| open-multi-agent-kit | Interactive coding agent CLI |
| omk-tui | Terminal UI library with differential rendering |
For Slack/chat automation and workflow integrations, use OMK extensions and MCP servers.
Adaptorch MCP integration
AdaptOrch MCP is a separate, proprietary reliability-kernel service (not part of
this monorepo) that OMK can route orchestration tasks through: topology-aware DAG routing, multi-model
synthesis, and consistency verification. It is versioned 0.1.0 — an MVP stage — with a public-ready free
Starter tier and paid Pro/Team tiers, and is backed by a published paper
(arXiv:2602.16873).
The adaptorch and adaptorch-prod MCP servers plus the adaptorch-route and adaptorch-synthesize skills
ship in OMK's default omk-core-verified execution preset, so they are available from the first prompt of a
default session without extra setup. Actually invoking AdaptOrch (e.g. adaptorch_run) still requires an
ADAPTORCH_CONTROL_PLANE_TOKEN (a dev token is auto-set for a local control plane at 127.0.0.1:8000) and
follows normal task-routing rules rather than firing on every message.
This is distinct from packages/adaptorch-wpl in this monorepo, an experimental, design-stage Work Packet
Loop package that is not yet wired into the open-multi-agent-kit CLI — see that package's own README for its
current status.
Permissions & Containerization
OMK does not include a built-in permission system for restricting filesystem, process, network, or credential access. By default, it runs with the permissions of the user and process that launched it.
If you need stronger boundaries, containerize or sandbox OMK. See packages/coding-agent/docs/containerization.md for three patterns:
- OpenShell: run the whole
omkprocess in a policy-controlled sandbox. - Gondolin extension: keep
omkand provider auth on the host while routing built-in tools and!commands into a local Linux micro-VM. - Plain Docker: run the whole
omkprocess in a local container for simple isolation.
Contributing
See CONTRIBUTING.md for contribution guidelines and AGENTS.md for project-specific rules (for both humans and agents).
Development
npm install --ignore-scripts # Install all dependencies without running lifecycle scripts
npm run build # Build all packages
npm run check # Lint, format, and type check
./test.sh # Run tests (skips LLM-dependent tests without API keys)
./omk-test.sh # Run OMK from sources (can be run from any directory)
Supply-chain hardening
We treat npm dependency changes as reviewed code changes.
- Direct external dependencies are pinned to exact versions. Internal workspace packages remain version-ranged.
.npmrcsetssave-exact=trueandmin-release-age=2to avoid same-day dependency releases during npm resolution.package-lock.jsonis the dependency ground truth. Pre-commit blocks accidental lockfile commits unlessOMK_ALLOW_LOCKFILE_CHANGE=1is set.npm run checkverifies pinned direct deps, native TypeScript import compatibility, and the generated coding-agent shrinkwrap.- The published CLI package includes
packages/coding-agent/npm-shrinkwrap.json, generated from the root lockfile, to pin transitive deps for npm users. - Release smoke tests use
npm run release:localto build, pack, and create isolated npm and Bun installs outside the repo before tagging a release. - Local release installs, documented npm installs, and
omk update --selfuse--ignore-scriptswhere supported. - CI installs with
npm ci --ignore-scripts, and a scheduled GitHub workflow runsnpm audit --omit=devplusnpm audit signatures --omit=dev. - Shrinkwrap generation has an explicit allowlist for dependency lifecycle scripts; new lifecycle-script deps fail checks until reviewed.
License
MIT