Triggerfish

Appearance

TriggerfishSecure AI Agents

Deterministic policy enforcement below the LLM layer. Every channel. No exceptions.

Get Started
View on GitHub
🔒

Security Below the LLM

Deterministic, sub-LLM policy enforcement. Pure code hooks that the AI cannot bypass, override, or influence. Same input always produces the same decision.

💬

Every Channel You Use

Telegram, Slack, Discord, WhatsApp, Email, WebChat, CLI — all with per-channel classification and automatic taint tracking.

🔨

Build Anything

Agent execution environment with a write/run/fix feedback loop. Self-authoring skills. The Reef marketplace for discovering and sharing capabilities.

🤖

Any LLM Provider

Anthropic (Claude Pro/Max OAuth), OpenAI, Google Gemini, local models via Ollama, OpenRouter. Automatic failover chains.

🎯

Proactive by Default

Cron jobs, triggers, and webhooks. Your agent checks in, monitors, and acts autonomously — within strict policy boundaries.

🌐

Open Source

MIT licensed. Security-critical components fully open for audit. Don't trust us — verify the code.

Install in one command

bash
curl -sSL https://raw.githubusercontent.com/greghavens/triggerfish/master/scripts/install.sh | bash
powershell
irm https://raw.githubusercontent.com/greghavens/triggerfish/master/scripts/install.ps1 | iex

This installs the runtime, compiles Triggerfish, runs the setup wizard, and starts the background daemon.

How It Works 

                          The Reef
                       (Skill Marketplace)
                              |
   Telegram  Slack  Discord  WhatsApp  WebChat  Email  CLI
      |        |       |        |         |       |     |
      +--------+-------+--------+---------+-------+-----+
                              |
                        Channel Router
                     (classification gate)
                              |
                        Gateway Server
                     (WebSocket control plane)
                              |
                  +-----------+-----------+
                  |                       |
            Policy Engine            Agent Loop
           (deterministic)          (LLM provider)
                  |                       |
            +-----+-----+          +-----+-----+
            |     |     |          |     |     |
          Hooks Taint  Audit    Claude  GPT  Gemini
                Track   Log    OAuth   API   API

Every message passes through deterministic policy hooks before and after the LLM sees it. The AI requests actions — the policy layer decides. Learn more about the architecture.

Released under the MIT License.

Copyright 2025 Triggerfish Contributors