openloomi
mcp
Uyari
Health Uyari
- License — License: Apache-2.0
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Low visibility — Only 7 GitHub stars
Code Uyari
- process.env — Environment variable access in apps/marketing/app/home-client.jsx
Permissions Gecti
- Permissions — No dangerous permissions requested
Purpose
Alloomi is an AI-driven workspace that monitors business communications (like Slack and email), orchestrates tasks autonomously, and acts as a proactive digital assistant.
Security Assessment
The overall risk is rated as Medium. The tool does not execute raw shell commands or contain hardcoded secrets, and it requests no explicitly dangerous permissions. However, it routinely makes outbound network requests to external services and relies heavily on environment variables to manage sensitive data. These requests are primarily located in its authentication and Discord integration routes, which involve exchanging OAuth tokens. Given the tool's core purpose, it inherently handles highly sensitive user data such as emails, calendar events, and chat logs. You must carefully review how you configure your environment variables to ensure secrets and user data are secured.
Quality Assessment
The project is actively maintained, with repository activity as recent as today. It uses the permissive and standard Apache-2.0 license. However, it currently has very low community visibility with only 5 GitHub stars. This means it has not been broadly tested or vetted by the open-source community, which lowers the general trust level.
Verdict
Use with caution: the codebase is active and properly licensed, but its early-stage maturity and deep access to sensitive communication data warrant a thorough internal security review before deploying.
Alloomi is an AI-driven workspace that monitors business communications (like Slack and email), orchestrates tasks autonomously, and acts as a proactive digital assistant.
Security Assessment
The overall risk is rated as Medium. The tool does not execute raw shell commands or contain hardcoded secrets, and it requests no explicitly dangerous permissions. However, it routinely makes outbound network requests to external services and relies heavily on environment variables to manage sensitive data. These requests are primarily located in its authentication and Discord integration routes, which involve exchanging OAuth tokens. Given the tool's core purpose, it inherently handles highly sensitive user data such as emails, calendar events, and chat logs. You must carefully review how you configure your environment variables to ensure secrets and user data are secured.
Quality Assessment
The project is actively maintained, with repository activity as recent as today. It uses the permissive and standard Apache-2.0 license. However, it currently has very low community visibility with only 5 GitHub stars. This means it has not been broadly tested or vetted by the open-source community, which lowers the general trust level.
Verdict
Use with caution: the codebase is active and properly licensed, but its early-stage maturity and deep access to sensitive communication data warrant a thorough internal security review before deploying.
Alloomi is your proactive AI workspace as your work partner.
README.md
Your AI Mates that Remembers All Work Details.
What is Alloomi?
Alloomi is an open-source AI workspace that runs on your desktop. It connects to the tools you already use — messaging apps, email, calendar, documents, project trackers — and builds a working memory of your people, projects, and decisions.
Download to Try
Features
| Capability | What it does | |
|---|---|---|
| 🔌 | 18 Platform Connectors | Telegram, WhatsApp, WeChat, DingTalk, Feishu, Gmail, Google Calendar, Outlook, Google Docs, X/Twitter, Instagram, LinkedIn, Facebook Messenger, Jira, HubSpot, Asana, iMessage, QQ, RSS — messages, emails, calendar events, documents, and project updates flow in continuously |
| 🧠 | Working Memory | Short → mid → long-term memory with a progressive forgetting engine — scores by access frequency, recency, and importance, summarizes and archives over time, recalls context from months ago |
| 📄 | Document Skills | Create and edit DOCX, XLSX, PPTX, PDF — with formulas, formatting, tracked changes, OCR, and merge/split |
| ⏰ | Automation | Scheduled jobs with cron expressions, intervals, or one-time triggers — agent-driven execution with timeout recovery and history |
| 🖥️ | Desktop App | Native app for Windows, macOS, Linux via Tauri — local-first storage with IndexedDB + SQLite, AES-256 encryption, no data leaves your machine |
Quick Start
git clone https://github.com/melandlabs/alloomi.git
cd alloomi
cp apps/web/.env.example apps/web/.env
# Set your AI provider keys in .env:
# ANTHROPIC_API_KEY=sk-ant-...
# LLM_API_KEY=sk-...
pnpm install
pnpm tauri:dev
Requires Node.js 22+ and pnpm 9+.
Project Structure
alloomi/
├── apps/web/ # Desktop app (Tauri + Next.js)
├── packages/
│ ├── ai/ # Agent, memory, RAG, model routing
│ ├── integrations/ # 18 platform connectors
│ ├── insights/ # EventRank scoring, focus classification
│ ├── agent/ # Multi-provider agent SDK
│ ├── storage/ # Local + cloud storage
│ └── search/ # Brave Search integration
└── skills/ # PDF, DOCX, XLSX, PPTX, browser automation, web search
Screenshots
 |
 |
 |
 |
Security
- Local-first: data stored on your machine via IndexedDB + SQLite
- AES-256 encryption for stored data
- No training on your data — ever
- Hardware-isolated processing, no public gateways
Feedback
This is early-stage software. We're looking for people who'll actually install it, connect their tools, and tell us what's broken.
- GitHub Issues — bugs, install problems, feature requests
- Discord — discussion, questions, help
- Email — anything else
Contributing
See CONTRIBUTING.md. Look for good first issue labels.
License
Yorumlar (0)
Yorum birakmak icin giris yap.
Yorum birakSonuc bulunamadi