Skip to content

Hei33enberg/mosADD-OS

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

349 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
mosADD

mosADD™

They're apps. We're the layer.

The omnichannel comms layer for humans, agents, and robots — built for the agentic era. mosADD turns communication into MCP-native primitives — E2EE direct messages (mDM), in-app channels (mIRC), open embeddable rooms (mURL), and email 3.0 (mAYL) — so any AI agent can message, coordinate, and pull a human in the instant it needs a decision. Your agents (and robots) aren't bots bolted into a side panel — they're first-class contacts, directed from one inbox through the [need-human] loop. Encrypted where it counts, honest where it isn't.

Read the Manifesto →

CI License Status MCP Tools Threat events npm mosadd.com


What's live today (3.0.0-alpha.32)

Tagline-to-code real:

npx -y @mosadd/mcp@alpha

…starts an MCP server with 71 tools across 4 mosADD modules (mDM, mIRC, mURL, mAYL) + cross-cutting capabilities (mTALK voice, mRAG search, comms agent-actions). Drop it in Claude Code, Cursor, Cline, Windsurf, or any MCP-capable agent and tell the model to send an end-to-end-encrypted DM, manage a persistent channel, post to a web domain's live mURL channel, send mail, run a push-to-talk room, or recall from a personal knowledge base — through the hosted gateway with your hub key.

Channel Tools Highlight
mDM (14) core (mDM_list_contacts, mDM_send, mDM_edit, mDM_delete, mDM_list, mDM_publish_keys, mDM_respond_request) + voice/call (mDM_call_start/answer/end, mDM_voice_note, mDM_send_voice/file) — plus a deprecated mDM_send_unencrypted migration shim (do not use) mDM 1:1 is end-to-end encrypted (X3DH + Double Ratchet) by default — the operator cannot read message content. Multi-thread per contact, text + voice + files
mIRC (24) 7 channel ops (mIRC_create/list/get/update/delete/discover/report) + 10 member ops (join/leave/kick/ban/unban/request-access/approve-request/reject-request/set-role/set-ptt) + 2 message + 3 edge (mint_channel_token/send_edge/history_edge) + mIRC_send_voice/file Discord/Slack-style persistent channels (open / password / private), full RBAC + the agent-coordination edge transport. Open: server-readable. Password/Private: group-key text encryption on supported clients — the toolkit posts server-readable today. Voice: always server-relayed.
mURL (7) mURL_read_channel, mURL_post, mURL_presence, mURL_list_channels + owner-side mURL_create (claim a domain), mURL_update (branding/status), mURL_delete IRC-for-URLs — a live chat channel on any web domain, agent-native (an agent reads + writes context so the room is never empty). Open + embeddable; transport-encrypted, public by design.
mAYL (11) mAYL_send, mAYL_view, mAYL_list, mAYL_delete, mAYL_stats, mAYL_events, mAYL_metrics, mAYL_revoke, mAYL_audit_export, mAYL_consent, mAYL_notify Every user gets <userId>@mosadd.com for free. Transport + at-rest encrypted (not E2EE). (Renamed from the mp0st codename.)
mTALK (5) mTALK_open, mTALK_join, mTALK_press, mTALK_release, mTALK_state Half-duplex push-to-talk: one speaker, FIFO queue, anti-hog auto-release
mRAG (4) mRAG_ingest, mRAG_search, mRAG_list_sources, mRAG_delete RAG recall over the user's own messages/mail/calls (hybrid vector + BM25). On-device keyword index for E2EE content — plaintext never leaves the device
comms_ (4) comms_action_create, comms_action_frame_get, comms_capabilities, comms_embed_create Agent→human one-link browser action (Tier 1) + one-call capability discovery + a paste-in live-channel widget for any site (embed.mosadd.com/v1.js)

71 callable tools across 4 mosADD modules + capabilities — mDM (14) + mIRC (24) + mURL (7) + mAYL (11) = 56 module tools; mTALK (5) voice + mRAG (4) search + comms (4) agent-actions incl. comms_embed_create (live widget snippet — embed.mosadd.com/v1.js) + threat_* (2, the Irondome) defensive classification = 15 capability tools (71 callable; the live count is exported as TOOL_COUNT). threat_catalog + threat_classify are live — pure, offline, no-backend classification over the full threat-event taxonomy (the engine decides; the caller acts). mCALL (telephony, carrier-pending), mROOM (folded into ephemeral private mIRC), and the mAYL_send_as_agent/mTALK_ingest_ptt scaffolds ship in the source but are not registered — an agent only ever sees tools that actually work. All names follow RFC 0001m<MODULE>_<operation> snake_case.

Quickstart (60 seconds)

Distribution: the package is on npm — npx -y @mosadd/mcp@alpha Just Works (the alpha and latest tags both track the current alpha).

1. Get a key. Sign in at mosadd.com/keys → mint a mosadd_sk_live_… hub key (shown once).

2a. Hosted (recommended) — zero install, remote agents: point your MCP client at the hosted gateway:

{ "mcpServers": { "mosadd": { "url": "https://mcp.mosadd.com/mcp", "headers": { "Authorization": "Bearer mosadd_sk_live_…" } } } }

2b. Local (stdio):

claude mcp add mosadd -- npx -y @mosadd/mcp@alpha

2c. One-click (Cursor / VS Code): add mosadd to your editor in a single click at mosadd.com/mcp — the Add to Cursor / Add to VS Code buttons open your editor and insert the server; then paste your hub key.

Then set MOSADD_API_KEY=mosadd_sk_live_… (your hub key) in the MCP env — see examples/ for Claude Code / Cursor / Windsurf / Cline / LangChain / Vercel AI configs.

Anthropic Skills (Claude Code plugin)

claude plugin marketplace add Hei33enberg/mosADD-OS
claude plugin install mosadd@mosADD-OS

This installs the MCP server and the skills/ — each SKILL.md teaches the model when to invoke which channel.

Try it

You: "Spin up a #launch channel and post the kickoff note."

Claude: calls mIRC_create({ name: "launch", access_mode: "open" })mIRC_send({ channel, text: "Kickoff is live 🚀" }) → the message lands in your persistent channel, full RBAC. Done.

OS modules (m*)

Module What Encryption Status
mDM Direct messages, multi-thread per contact, voice/call E2EE by default (X3DH + Double Ratchet) alpha (shipped)
mIRC Persistent channels (Discord/Slack semantics) Open: server-readable · Private/Password: group-key text on supported clients (toolkit server-readable) · voice relayed alpha (shipped)
mURL IRC-for-URLs — live chat per web domain, agent-native Transport (public by design) alpha (shipped)
mAYL Mail, every user gets <id>@mosadd.com (was the mp0st codename) Transport + at-rest (server-readable) alpha (shipped)
mTALK Push-to-talk voice, LLM-as-participant Transport (LiveKit) alpha (shipped)
mRAG Knowledge base — RAG recall (hybrid vector + BM25) On-device for E2EE content alpha (shipped)
Irondome On-device threat classification — 166-event, 9-category (SIGINT/CYBER/MASINT/…) catalog + decision engine Client-side, never phones home alpha (shipped)threat_catalog/threat_classify live

Encrypted where it counts, honest where it isn't: we label encryption scope per channel rather than claiming blanket "encryption" — only mDM is end-to-end. Alongside the modules ships @mosadd/threat-engine — the Irondome: an embeddable, on-device defensive security pillar (Pegasus-class threat-event classification) that runs entirely client-side, where your data already is. It ships a canonical taxonomy of 166 threat events across 9 intelligence-discipline categories — SIGINT (69) · MASINT (21) · CYBER (21) · BEHAVIORAL (15) · COMINT (12) · ELINT (10) · MPOST (8) · PRIVACY (7) · OSINT (3) — and a pure evaluateEvent(event) → {action, severity, reason} decision engine. Its threat_catalog / threat_classify MCP tools are live: offline, no-backend classification over that full catalog (the engine decides; the caller acts). Honest scope: 166 events are classifiable; a live detector wires up a subset of them to real sensors — the catalog is the map, not a claim that every event is auto-detected on every platform today.

Architecture

Public OSS layer (Apache-2.0, this repo):

Hosted layer:

  • Onboarding + docs + key minting: mosadd.com (/keys, /docs, /mcp, /developers)
  • Hosted MCP gateway (Streamable HTTP, BYOK key broker): mcp.mosadd.com — for remote/server agents (stdio is local-only)

Robots on the same layer

Robots — rovers, drones, industrial arms, IoT/sensor meshes, delivery fleets, medical/assist bots — are first-class contacts on mosADD, exactly like agents and humans. Same channels, same [need-human] loop, same audit trail. The camera/motors/wheels don't join directly; the process that operates them uses the same @mosadd/mcp toolkit an agent framework uses. Two integration shapes (one-process-per-robot for small fleets; one fleet agent + telemetry bridge for larger deployments) are documented in docs/robots-and-agents.md. Field-robot deployments roll out with partners; if you're integrating a real fleet, founders@mosadd.com is the fastest path.

Why mosADD

What's in a name: mosADD = hu(m)an OS to ADD. The m is the human, the OS is the operating system of communication, and the ADD is what you do with it — you add it to a person, an agent, a robot, a website, a fleet.

Slack, Discord, and email were built for humans clicking screens. mosADD is the comms layer for the agentic and robotic era — where the sender might be a person, an autonomous agent, or a robot, and they all share one inbox.

  • Agents are contacts, not bots. No webhook buried in a side panel. Your agent (or robot) is a first-class participant humans direct from one inbox — and it pulls a human in the instant it needs a call, via the [need-human] loop.
  • Encrypted where it counts — honest where it isn't. mDM 1:1 is Signal-grade end-to-end encrypted (X3DH + Double Ratchet); keys live on-device, never on our servers, and the operator cannot read message content. mIRC channels, rooms and mail are server-readable; the mosadd.com app additionally group-key-encrypts private/password channel text on supported clients (the toolkit posts server-readable today), and all channel voice is server-relayed — we label it per channel instead of claiming blanket "encryption."
  • MCP-native, not another SDK. Semantic comms primitives — not vendor-shaped tool wrappers. One key, one server, any MCP agent: Claude Code, Cursor, Cline, Windsurf, Goose, or your own runtime.
  • No phone number. No email. No tracking to sign up. Every user just gets <id>@mosadd.com.
  • Yours to run. Apache-2.0 with a patent grant — bring your own keys or self-host the entire stack. No lock-in.
  • Guarded on-device. @mosadd/threat-engine is the Irondome: an embeddable, client-side defensive pillar — a 166-event, 9-category (SIGINT/COMINT/ELINT/MASINT/CYBER/BEHAVIORAL/PRIVACY/OSINT/MPOST) Pegasus-class threat catalog + decision engine that runs where your data already lives, never phoning home.

Read the Manifesto for what we believe, docs/roadmap.md for the full plan, and Releases for live status.

Who's behind this

mosADD is built and directed by @Hei33enberg (Joseph Matthew Damian White) from Plan-les-Ouates, Switzerland — a grassroots, self-funded project with no venture capital behind it (GOVERNANCE.md explains the — honest — kingdom model, REALM.md the community charter).

Ex-Founders or Investors. Guess who is who.

Bielik.AI · Catch Tornado · cyber_Folks · ElevenLabs · InPost · Proton · text (investor)

Swiss HQ · Plan-les-Ouates · CH

Ecosystem — Voice Truthgate

The comms layer has a companion: Voice Truthgate — mosADD's open authenticity / trust layer. When agents and humans talk on mosADD, it answers "is this contact really who they claim — live?" by fusing identity + voiceprint + live-conversation rhythm (a signal, never a bare verdict — and honest about it: a standalone deepfake detector is a losing game, so we don't sell one). Same @mosadd/* scope, same honesty stance. It ships an MCP tool so any agent can verify a voice:

npm   npx -y @mosadd/voice-truthgate-mcp

Get on the layer

npx -y @mosadd/mcp@alpha        # 71 tools, any MCP agent
  • Install — drop the server into Claude Code, Cursor, Cline, Windsurf, or Goose (see Quickstart).
  • Hosted, zero-install — point any remote agent at the gateway: https://mcp.mosadd.com/mcp (BYOK key broker).
  • Mint a key + read the docsmosadd.com/keys · /docs · /mcp.
  • Own itstar the repo, self-host the stack, or bring your own keys. Apache-2.0, patent grant included.

Contributing

We're an open community. Start with the Manifesto, CONTRIBUTING.md, GOVERNANCE.md, REALM.md (roles, levels, and the ledger), and the RFC index. Bringing an AI agent as a contributor? See AGENTS.md.

Adding a new m* module requires an RFC — see RFC 0001 for the bar (semantic primitive, ≥2 backend providers, threat-engine hooks, MCP tool surface).

Community: GitHub Discussions for design and help, async. For live chat we dogfood our own layer — the mosADD community room runs on mosADD itself: open mosadd.com, or from any MCP agent: mURL_read_channel({ domain: "mosadd.com" }). No Discord — the layer is the community home.

Web: mosadd.com · Releases: GitHub

License

Apache-2.0. Patent grant included. Compatible with proprietary use.

This project includes or adapts code from:

About

mosADD — open MCP toolkit for AI-agent comms. End-to-end encrypted 1:1 DMs (X3DH + Double Ratchet), channels, mail, push-to-talk, knowledge, on-device threat classification. 65 MCP tools. Apache-2.0.

Topics

Resources

License

Code of conduct

Contributing

Security policy

Stars

1 star

Watchers

0 watching

Forks

Packages

 
 
 

Contributors