agents
by inkeep
Overview
The Inkeep Agents project is a comprehensive framework and SDK for building, managing, and running AI agents. This specific 'MCP Server' component (integrated within the Management API) provides a machine-readable API for managing agent configurations, tools, data components, and other project resources.
Installation
pnpm dev:apisEnvironment Variables
- ENVIRONMENT
- LOG_LEVEL
- PUBLIC_INKEEP_AGENTS_MANAGE_API_URL
- INKEEP_AGENTS_MANAGE_API_URL
- INKEEP_AGENTS_MANAGE_API_BYPASS_SECRET
- PUBLIC_INKEEP_AGENTS_RUN_API_URL
- PUBLIC_INKEEP_AGENTS_RUN_API_BYPASS_SECRET
- PUBLIC_NANGO_CONNECT_BASE_URL
- PUBLIC_NANGO_SERVER_URL
- NANGO_SERVER_URL
- NANGO_SECRET_KEY
- PUBLIC_SIGNOZ_URL
- SIGNOZ_URL
- SIGNOZ_API_KEY
- DATABASE_URL
- INKEEP_AGENTS_JWT_SIGNING_SECRET
- ANTHROPIC_API_KEY
- OPENAI_API_KEY
- GOOGLE_GENERATIVE_AI_API_KEY
- OTEL_EXPORTER_OTLP_TRACES_ENDPOINT
- OTEL_EXPORTER_OTLP_TRACES_HEADERS
- INKEEP_AGENTS_MANAGE_UI_USERNAME
- INKEEP_AGENTS_MANAGE_UI_PASSWORD
- POSTGRES_DB
- POSTGRES_USER
- POSTGRES_PASSWORD
- DEBUG
- LANGFUSE_SECRET_KEY
- LANGFUSE_PUBLIC_KEY
- LANGFUSE_BASEURL
- LANGFUSE_ENABLED
- PORT
- BETTER_AUTH_SECRET
- AUTH0_DOMAIN
- AUTH0_CLIENT_ID
- AUTH0_CLIENT_SECRET
- AUTH0_AUDIENCE
- AUTH0_CALLBACK_URL
- GOOGLE_CLIENT_ID
- GOOGLE_CLIENT_SECRET
- COMPOSIO_API_KEY
Security Notes
The project extensively uses Zod for input validation, which is a strong positive. However, it incorporates direct execution of user-provided JavaScript code within sandboxed environments (Vercel Sandbox, Native Sandbox for function tools), which is an inherently high-risk operation. While efforts for isolation are present (e.g., Vercel Sandbox, child_process isolation attempts in NativeSandboxExecutor), any flaw in this sandbox could lead to severe compromise. Development environment defaults include hardcoded weak passwords (e.g., 'password' for Postgres) and explicitly insecure JWT secrets, which are critical risks if deployed to production without modification. Extensive use of environment variables requires careful secret management in deployment to prevent leakage.
Similar Servers
trigger.dev
Local development and AI agent interface for Trigger.dev workflows, enabling Python script execution and managing tasks, runs, and deployments.
mcp-use
A full-stack framework for building Model Context Protocol (MCP) servers, MCP clients, and AI agents in both Python and TypeScript, supporting interactive UI widgets and robust debugging.
volcano-sdk
A TypeScript SDK for building multi-provider AI agents that chain LLM reasoning with external tools and orchestrate multi-agent workflows.
AgentUp
AgentUp is an infrastructure framework for developing, deploying, and managing production-ready AI agents, providing Docker-like consistency, security, and extensibility.