Air-Gap Container
Docker + seccomp + Linux namespaces. No network egress by default. Runs in closed subnets. Container has no DNS resolution.
Adam mirrors your organization. Every department. Every level. Every decision.
Strategic intelligence. Sovereign decisions. Audit-grade answers.
Operational excellence. Workflow automation. Multi-agent orchestration.
Daily productivity. Domain expertise. Native Arabic. Instant answers.
From Docker container to Generation Core. Each layer has one purpose, one file, and a specific permission.
Docker + seccomp + Linux namespaces. No network egress by default. Runs in closed subnets. Container has no DNS resolution.
Outbound filtering at application level. You specify allowed IPs. Everything else is blocked. SSH and DNS are filtered too.
4 laws: Justice, Learning, Survival, Creativity. Weighted constraints, not soft suggestions. Threshold 0.55. Below → action blocked.
anti-prompt-injection + WAF. Detects "ignore previous instructions" and refuses. 6 protection layers.
IP filtering. DNS rebinding protection. No private IP ranges. Blocks AWS metadata (169.254.169.254).
Python execution with restricted __builtins__ (22 functions only). No import. No subprocess. No file system access.
4 layers: Hot cache + FTS5 + Qdrant + Skills. Remembers 90 days. Context never lost.
Headroom AI compression. Fits 100K tokens into 8K window without loss. Manages context length dynamically.
32 tools in 7 groups. Each tool has a permission level. shell.dangerous = always-ask. file.read = auto-allow.
Plugin protocol. Adds new tools without code changes. Add SAP connector → appears as native tool.
4 LLM providers + auto-fallback. Ollama, OpenAI, Anthropic, OpenRouter. If one down, another takes over.
Gemma 4 + custom LoRA. 2,317 training conversations. QLoRA fine-tuning. Understands Egyptian Arabic + MSA + jargon.
Each tool has a permission level. Cannot exceed its parent layer.
5 tools: ls, cat, df, ps, touch, mkdir, cp in workspace. Sandbox-isolated.
6 tools: read, write, delete, download, disk space. 3 permission modes per file type.
5 tools via Playwright: open, fetch, click, type, read. Full browser automation.
5 tools: click, move, scroll, drag, type, press. Always-ask permission by default.
3 tools: screenshot, clipboard read/write, window control.
5 tools: notebook, knowledge search, vector search, hybrid search, RAG pipeline.
3 tools: MCP server execution, subagent management, workflow execution.
In-memory cache. milliseconds. For most-used data.
Full-text search. milliseconds. For keyword matching.
Vector database. For semantic search. Embedding-based. 90-day history.
Learned skills. Auto-generated by Adam from repeated interactions.
Full security audit report available on GitHub. 50 issues found, 46 fixed.
19 permission categories. 3 modes: auto-allow, once, always-ask. Logged in audit log.
Multi-tenant. Each organization isolated. No cross-tenant data. No anonymous access.
Every action logged. Persistent storage. No loss on restart. Auditable.
Docker + seccomp + Linux namespaces. No network egress. Full process isolation.
Justice, Learning, Survival, Creativity. weighted constraints. threshold 0.55. Not removable.
Telegram, WhatsApp, Web Widget, Voice, CLI, REST API, WebSocket, SSE Stream — everything you need to reach your team or customers.