curo1305
c0c0156468
Introduces a standalone plugin system where every integration lives as an independent Python script in ~/.pyra/plugins/, not hardcoded in core. Plugin framework (src/pyra/plugins/): - base.py: Tool dataclass, PyraPlugin Protocol, BasePlugin helper - loader.py: importlib-based discovery; one bad plugin never crashes pyra - registry.py: singleton aggregating tools, slash commands, system prompts - executor.py: approval gate — scans args, prompts y/N, scans result, logs - install.py: copies bundled_plugins/ to ~/.pyra/plugins/ on install Chat integration: - AI tool-use loop (litellm function calling, up to 10 iterations) - Plugin system prompt additions injected per session - Plugin slash commands merged with static commands CLI additions: - pyra plugin list/install/enable/disable/setup - pyra daemon start/stop/status/restart/install/uninstall (stubs for 2.4) Config: PluginConfig + DaemonConfig added to PyraConfig (backwards-compatible) Bootstrap: ~/.pyra/plugins/ and ~/.pyra/logs/ created on startup Security: tool args and results always injection-scanned; plugin dirs validated with assert_safe_path() before loading (symlink protection) Tests: 37 new tests (loader, registry, executor, plugin isolation security) 161 total, all passing. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Pyra
A personal AI assistant CLI with vault-first security. Combines multi-provider AI chat with long-term memory and (coming) automation skills.
Quick Start
pip install -e . # or: pipx install .
pyra setup # choose your AI provider
pyra chat # start talking
Providers
Local (no API key needed):
- LM Studio —
http://localhost:1234 - Ollama —
http://localhost:11434 - llama.cpp server —
http://localhost:8080
Cloud:
- Anthropic (Claude), OpenAI (GPT), Google (Gemini), DeepSeek, Qwen
Commands
| Command | Description |
|---|---|
pyra setup |
Run the provider setup wizard |
pyra chat |
Start interactive chat |
pyra memory list |
List memory files |
pyra memory read <name> |
Read a memory file |
pyra memory write <name> <content> |
Write a memory file |
pyra memory append <name> <content> |
Append to a memory file |
In-chat slash commands
| Command | Description |
|---|---|
/help |
Show available commands |
/memory list |
List memory files |
/clear |
Clear conversation history |
/quit or /exit |
Exit Pyra |
Security
- API keys live in
~/.pyra/vault/— the AI cannot read this directory config.yamlnever contains credentials — only provider ID, model name, and base URL- Prompt injection scanner — warns on suspicious AI output, logs to
~/.pyra/security.log - Path sandboxing — the AI can only reference memory files by name; traversal is blocked
Memory
Pyra reads your memory files at the start of each session and injects them as context.
Files are plain Markdown stored in ~/.pyra/memory/:
~/.pyra/memory/
├── user/profile.md ← who you are
├── context/ ← ongoing projects
└── knowledge/ ← general notes
~/.pyra/ Directory
~/.pyra/
├── config.yaml ← provider + model (no secrets)
├── security.log ← injection event log
├── memory/ ← AI-readable long-term memory
├── skills/ ← automation scripts (Stage 2)
└── vault/ ← secure, AI-inaccessible storage
└── secrets/api_keys.json
Roadmap
- Stage 1 (now): Core CLI, multi-provider chat, memory, vault security
- Stage 2: Skills — shell/PowerShell/Python automations with user approval gates
- Stage 3: Vault encryption with
age - Stage 4: Security audit sub-agent
- Stage 5: Web UI, embedding-based memory search