中文简体 | Español | Português | 日本語 | Deutsch
Symbi is a Rust-native, zero-trust agent framework for building autonomous, policy-aware AI agents. It fixes the biggest flaws in existing frameworks like LangChain and AutoGPT by focusing on:
- Security-first: cryptographic audit trails, enforced policies, and sandboxing.
- Zero trust: all inputs are treated as untrusted by default.
- Enterprise-grade compliance: designed for regulated industries (HIPAA, SOC2, finance).
Symbiont agents collaborate safely with humans, tools, and LLMs — without sacrificing security or performance.
| Feature | Symbiont | LangChain | AutoGPT |
|---|---|---|---|
| Language | Rust (safety, performance) | Python | Python |
| Security | Zero-trust, cryptographic audit | Minimal | None |
| Policy Engine | Built-in DSL | Limited | None |
| Deployment | REPL, Docker, HTTP API | Python scripts | CLI hacks |
| Audit Trails | Cryptographic logs | No | No |
- Docker (recommended) or Rust 1.88+
- Qdrant vector database (for semantic search)
# Parse an agent DSL file
docker run --rm -v $(pwd):/workspace ghcr.io/thirdkeyai/symbi:latest dsl parse /workspace/agent.dsl
# Run MCP Server
docker run --rm -p 8080:8080 ghcr.io/thirdkeyai/symbi:latest mcp
# Interactive development shell
docker run --rm -it -v $(pwd):/workspace ghcr.io/thirdkeyai/symbi:latest bash# Build dev environment
docker build -t symbi:latest .
docker run --rm -it -v $(pwd):/workspace symbi:latest bash
# Build unified binary
cargo build --release
# Run REPL
cargo run -- repl
# Parse DSL & run MCP
cargo run -- dsl parse my_agent.dsl
cargo run -- mcp --port 8080- ✅ DSL Grammar – Define agents declaratively with built-in security policies.
- ✅ Agent Runtime – Task scheduling, resource management, and lifecycle control.
- 🔒 Sandboxing – Tier-1 Docker isolation for agent execution.
- 🔒 SchemaPin Security – Cryptographic verification of tools and schemas.
- 🔒 Secrets Management – HashiCorp Vault / OpenBao integration, AES-256-GCM encrypted storage.
- 📊 RAG Engine – Vector search (Qdrant) with hybrid semantic + keyword retrieval.
- 🧩 MCP Integration – Native support for Model Context Protocol tools.
- 📡 Optional HTTP API – Feature-gated REST interface for external integration.
metadata {
version = "1.0.0"
author = "Your Name"
description = "Data analysis agent"
}
agent analyze_data(input: DataSet) -> Result {
capabilities = ["data_analysis", "visualization"]
policy data_privacy {
allow: read(input) if input.anonymized == true
deny: store(input) if input.contains_pii == true
audit: all_operations
}
with memory = "persistent", requires = "approval" {
if (llm_check_safety(input)) {
result = analyze(input);
return result;
} else {
return reject("Safety check failed");
}
}
}
- Zero Trust – all agent inputs are untrusted by default.
- Sandboxed Execution – Docker-based containment for processes.
- Audit Logging – Cryptographically tamper-evident logs.
- Secrets Control – Vault/OpenBao backends, encrypted local storage, agent namespaces.
-
Development & Automation
- Secure code generation & refactoring.
- AI agent deployment with enforced policies.
- Knowledge management with semantic search.
-
Enterprise & Regulated Industries
- Healthcare (HIPAA-compliant processing).
- Finance (audit-ready workflows).
- Government (classified context handling).
- Legal (confidential document analysis).
- Community Edition: MIT License
- Enterprise Edition: Commercial license required
Contact ThirdKey for enterprise licensing.
Symbiont enables secure collaboration between AI agents and humans through intelligent policy enforcement, cryptographic verification, and comprehensive audit trails.
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}