The Armored AI Agent
Visual. Transparent. Secure.
CachiBot is a visual AI agent platform with full transparency. Named after the Venezuelan cachicamo (armadillo), it's built to be armored, auditable, and yours to control.
Most AI agent tools run in terminals where you can't see what's happening. That's a security nightmare.
The problem with CLI-based agents:
- You can't see what the agent is doing in real-time
- No visibility into running tasks or jobs
- No way to monitor multiple bots simultaneously
- Actions happen in a black box
CachiBot gives you full visibility:
- Watch your bots work in real-time through the dashboard
- See every task, job, and chat in a clean interface
- Monitor connections to Telegram, Discord, and other platforms
- Approve or reject actions before they execute
- Full audit trail of everything your bots do
- Visual Dashboard — See all your bots, their status, and activity at a glance
- Real-time Monitoring — Watch tasks and jobs execute with live updates
- Multi-Bot Management — Create and manage multiple specialized bots
- Platform Connections — Connect bots to Telegram, Discord, and more
- Knowledge Base — Upload documents to give bots specialized knowledge
- Secure Sandbox — Code runs in isolated environment with restricted imports
- Approval Flow — Visual approval for risky operations before they execute
- Multi-Provider — Kimi K2.5, Claude, OpenAI, and more
pip install cachibot# For Moonshot/Kimi (default)
export MOONSHOT_API_KEY="your-api-key"
# Or for Claude
export ANTHROPIC_API_KEY="your-api-key"
# Or for OpenAI
export OPENAI_API_KEY="your-api-key"cachibot serverOpen http://localhost:6392 in your browser. The frontend is bundled and served automatically.
# Start the dashboard server
cachibot server
# Run a single task
cachibot "list all Python files"
# Interactive mode
cachibot
# Use a specific model
cachibot --model anthropic/claude-sonnet-4-20250514 "explain this code"
# Short alias works too
cachi server┌─────────────────────────────────────────────────────────────────┐
│ CachiBot │
├─────────────────────────────────────────────────────────────────┤
│ │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ React Dashboard │ │
│ │ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌────────┐ │ │
│ │ │ Bots │ │ Chats │ │ Jobs │ │ Tasks │ │ │
│ │ └──────────┘ └──────────┘ └──────────┘ └────────┘ │ │
│ │ ┌──────────┐ ┌──────────┐ ┌──────────────────────┐ │ │
│ │ │ Settings │ │Knowledge │ │ Connections │ │ │
│ │ └──────────┘ └──────────┘ └──────────────────────┘ │ │
│ └────────────────────────┬────────────────────────────────┘ │
│ │ WebSocket / REST │
│ ┌────────────────────────▼────────────────────────────────┐ │
│ │ FastAPI Backend │ │
│ │ ┌──────────┐ ┌──────────┐ ┌──────────────────────┐ │ │
│ │ │Prompture │ │ Tools │ │ Sandbox Executor │ │ │
│ │ │ Agent │ │ Registry │ │ (Isolated Python) │ │ │
│ │ └──────────┘ └──────────┘ └──────────────────────┘ │ │
│ └────────────────────────┬────────────────────────────────┘ │
│ │ │
│ ┌────────────────────────▼────────────────────────────────┐ │
│ │ LLM Providers (via Prompture) │ │
│ │ Moonshot │ Claude │ OpenAI │ Ollama │ Groq │ │
│ └──────────────────────────────────────────────────────────┘ │
│ │ │
│ ┌────────────────────────▼────────────────────────────────┐ │
│ │ Platform Connections │ │
│ │ Telegram │ Discord │ (more coming) │ │
│ └──────────────────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────────────────────┘
CachiBot is built with security as a core principle:
The biggest security risk with AI agents is not knowing what they're doing. CachiBot solves this by making everything visible:
- See every action before it executes
- Approve or reject risky operations
- Full audit trail of all bot activity
- Real-time monitoring of running tasks
Python code runs in a sandboxed environment:
- Import Restrictions — Only safe modules allowed (json, math, datetime, etc.)
- Path Restrictions — Can only access files in the workspace
- Execution Timeout — Code killed after timeout (default: 30s)
- Risk Analysis — AST-based detection of dangerous operations
These are never allowed regardless of configuration:
subprocess,os.system,ctypessocket,ssl, raw network accessimportlib,eval,exec(dynamic code)pickle,marshal(unsafe serialization)
| Provider | Model | Environment Variable |
|---|---|---|
| Moonshot | moonshot/kimi-k2.5 |
MOONSHOT_API_KEY |
| Claude | anthropic/claude-sonnet-4-20250514 |
ANTHROPIC_API_KEY |
| OpenAI | openai/gpt-4o |
OPENAI_API_KEY |
| Ollama | ollama/llama3.1:8b |
(local, no key) |
| Groq | groq/llama-3.1-70b |
GROQ_API_KEY |
Contributions are welcome!
# Clone the repo
git clone https://github.com/jhd3197/CachiBot.git
cd CachiBot
# Install backend in development mode
pip install -e ".[dev]"
# Install frontend dependencies
cd frontend && npm install
# Start backend (dev)
cachibot server --reload
# Start frontend dev server (in another terminal)
cd frontend && npm run dev
# Run tests
pytest
# Lint
ruff check src/
cd frontend && npm run lintMIT License - see LICENSE for details.
- Built with Prompture for structured LLM interaction
- Named after the Venezuelan cachicamo (armadillo)
Made with care by Juan Denis