MaxKB
by 1Panel-dev
Overview
MaxKB (Max Knowledge Brain) is an enterprise-grade intelligent agent platform designed to lower the technical barrier and deployment costs of AI implementation, helping businesses quickly integrate mainstream large language models, build proprietary knowledge bases, and offer a progressive upgrade path from RAG to complex workflow automation and advanced agents for various application scenarios like smart customer service and office assistants.
Installation
docker run -d --name=maxkb --restart=always -p 8080:8080 -v ~/.maxkb:/opt/maxkb registry.fit2cloud.com/maxkb/maxkbEnvironment Variables
- DJANGO_SETTINGS_MODULE
- DEBUG
- TIME_ZONE
- DB_HOST
- DB_PORT
- DB_NAME
- DB_USER
- DB_PASSWORD
- REDIS_HOST
- REDIS_PORT
- REDIS_PASSWORD
- MAXKB_ADMIN_PATH
- MAXKB_CHAT_PATH
- EMBEDDING_MODEL_NAME
- EMBEDDING_MODEL_PATH
- SANDBOX_BANNED_HOSTS
- SANDBOX_ALLOW_DL_PATHS
- SANDBOX_ALLOW_SUBPROCESS
- SANDBOX_ALLOW_SYSCALL
- DEFAULT_PASSWORD
- X_PACK_ENABLE
- X_PACK_LICENSE_PATH
- X_PACK_PUBLIC_KEY
- OPENAI_API_KEY
- OPENAI_API_BASE
- OLLAMA_API_BASE
- TENCENTCLOUD_SECRET_ID
- TENCENTCLOUD_SECRET_KEY
Security Notes
The system includes a `ToolExecutor.exec_code` function that executes arbitrary Python code strings within a C-level sandbox (`installer/sandbox.c`). While efforts are made to restrict network access, subprocess creation, and syscalls within the sandbox, executing arbitrary code is a critical security risk due to the potential for bypasses or vulnerabilities in the sandbox implementation itself. The system correctly implements URL validation (e.g., `is_private_ip`, `validate_url`) to mitigate Server-Side Request Forgery (SSRF) and uses XSS protection for Markdown rendering. Sensitive credentials for LLM providers are intended to be encrypted and stored, which is a good practice, but the core execution model remains high-risk.
Similar Servers
trigger.dev
A platform for building and executing reliable, scalable background tasks and complex workflows, supporting various runtimes (Node.js, Python, Bun), including advanced AI agent orchestration, event-driven processing, and real-time data handling.
Context-Engine
Self-improving code search and context engine for IDEs and AI agents, providing hybrid semantic/lexical search, symbol graph navigation, and persistent memory.
concierge
A framework for building and serving agentic workflows, enabling autonomous agents to interact with application services through structured stages and tasks.
neurolink
NeuroLink is a comprehensive AI toolkit that unifies multiple AI providers, offers advanced orchestration, real-time services, and a Human-in-the-Loop safety system, allowing modular enhancement of AI models through an extensible MCP-compliant middleware and tool ecosystem.