Stacy

A trust-first control plane for assigning, supervising, and auditing local AI agents.

Stacy gives operators a local cockpit for running Codex, Claude, and other CLI agents with visible ownership, live logs, budgets, approvals, workspace isolation, and stop controls. It is built for the moment when a chat window is not enough and you need to know: who is working, what changed, what it cost, what is risky, and how to stop it.

Quick Start

Run Stacy from npm:

npx stacy-cli@latest onboard --yes
npx stacy-cli@latest run

Open http://localhost:3100.

The npm package is stacy-cli; it exposes the stacy command when installed. Inside a cloned repository, use the workspace shortcut:

pnpm stacy onboard --yes
pnpm stacy run

Prerequisites:

• Node.js 20 or newer
• A local Codex, Claude, or other supported CLI login for the agents you want to run
• pnpm 9 or newer for repository development

Stacy does not ship shared Codex or Claude credentials. Each operator connects their own local account on their own machine.

Why Stacy

AI agents are useful, but they become hard to trust when their work is invisible. Stacy turns autonomous work into an auditable operating surface:

• every agent has an owner, role, budget, permissions, and adapter config
• every task has status, assignment, run history, logs, and review state
• every run can be watched, inspected, retried, cancelled, or killed
• every risky action can be put behind an approval gate
• every workspace can be isolated with a git worktree

The product should feel like an agent operations cockpit: part project board, part runtime console, part audit log.

What You Get

Area	What Stacy provides
Agent operations	Create Codex, Claude, Cursor, Gemini, OpenCode, Pi, and gateway-backed agents with roles and permissions.
Task execution	Assign issues to agents, track run state, inspect transcripts, and cancel work in progress.
Trust controls	Approval gates, stop controls, budget limits, cost visibility, and risk surfaces.
Local-first runtime	User-owned local CLI credentials, local API/UI, embedded Postgres, and Docker/self-hosting paths.
Workspace safety	Git worktree isolation per task, workspace lifecycle tracking, and recovery for stalled work.
Auditability	Run timelines, logs, cost records, comments, approvals, and activity history.
Operations	Backup, restore, upgrade checks, release smoke tests, and self-hosted operations docs.

Core Workflow

1. Create a company.
2. Connect a project or workspace.
3. Connect the user's local Codex or Claude account.
4. Add an agent with role, model, budget, and permissions.
5. Create or import a task.
6. Assign the task to an agent.
7. Watch the live run, logs, cost, and risk state.
8. Cancel, approve, review, or mark the task done.

How It Works

Stacy CLI / Web UI
        |
Local API + Auth
        |
Postgres domain model
        |
Outbox + run queue
        |
Run orchestrator
        |
Workspace / environment lease
        |
Agent adapter
        |
Codex / Claude / Cursor / Gemini / OpenCode / Pi

Stacy keeps the control plane separate from the agent runtime. The control plane stores durable task, run, cost, approval, and log records. Adapters translate Stacy assignments into CLI execution for the user's own local agent accounts.

Comparison

This is a practical positioning map, not a scoreboard. Stacy is focused on trustworthy local agent execution rather than chat-only collaboration or fully managed cloud workers.

Capability	Stacy	Multi-agent chat tools	Cloud agent platforms	CI automation	Project-management tools
Local-first operation	Yes	Sometimes	Usually no	Sometimes	N/A
User-owned Codex/Claude CLI login	Yes	Rarely	Usually no	N/A	N/A
Live agent run logs	Yes	Limited	Yes	Yes	No
Human approval gates	Yes	Sometimes	Sometimes	Yes	Manual only
Cost and risk surface	Yes	Limited	Varies	Limited	No
Git worktree isolation	Yes	Rarely	Varies	Usually repo checkout based	No
Kill switch / cancel controls	Yes	Limited	Varies	Yes	No
Task ownership and review state	Yes	Limited	Varies	No	Yes
Self-hosting path	Yes	Varies	Varies	Yes	Varies

Supported Agent Adapters

Stacy is designed around adapter contracts. The current local adapter family includes:

• Codex local
• Claude local
• Cursor local
• Gemini local
• OpenCode local
• Pi local
• OpenClaw gateway

Adapters use the user's local environment. If a CLI needs authentication, the user signs in with that provider's own login flow before assigning work.

Trust And Safety Model

Stacy's first product promise is not maximum autonomy. It is dependable autonomy that operators can understand and interrupt.

• Credential boundary: Stacy does not bundle shared model-provider credentials.
• Workspace boundary: agent work can run in isolated git worktrees.
• Approval boundary: risky steps can require explicit human approval.
• Cost boundary: agent, task, project, and run costs are visible.
• Secret boundary: secrets are scoped and redacted from logs where possible.
• Operational boundary: live runs can be cancelled and failed runs remain inspectable.

Local Development

Install dependencies and start the app:

pnpm install
pnpm dev

Useful commands:

pnpm stacy onboard --yes
pnpm stacy doctor --repair --yes
pnpm stacy db:backup
pnpm stacy upgrade:check
pnpm test:run
pnpm typecheck

Release and public-package checks:

pnpm smoke:stacy-cli-npm -- --version <published-version> --expected-core <published-version>
pnpm release:phase5-gate -- --strict-live

Documentation

• Quickstart
• What is Stacy?
• Architecture
• Self-hosted operations
• Public CLI packaging
• Phase 5 release notes
• Releases

Repository Status

The public npm entrypoint is:

npx stacy-cli@latest onboard --yes

The exact npx stacy onboard package name is not the supported public path because the stacy package name is not available on npm.

Maintainer

Stacy is maintained by Arpan Mondal.

License

Stacy is released under the MIT license. See LICENSE.