Show HN: Federated app store for self-hosted AI agents (Apache-2.0)

github.com

2 points by brandon-bennett 5 hours ago

Self-hosted app store for AI agents. Federated discovery, container isolation, run on your infrastructure.

The problem: most organizations either build every agent in-house or send their data to third-party servers.

You wouldn't build your own email client or maps app - you'd download one. AI agents should work the same way. I spent a year building the infrastructure to make that possible: discover agents built by others, run them on your infrastructure (private cloud, on-premises, or local) without sending your data to third-party servers.

Key architecture:

- Federated Git-based index (fork-based ownership, no gatekeepers)

- Container isolation + egress proxy (you configure which URLs agents can access)

- Credential injection (API keys configured on host, not in agent images)

- Model abstraction (works with Ollama local, cloud APIs, or hybrid)

- Hash-chained audit logs

The platform works. The agent index is mostly empty, but someone has to build the rails so the trains can run.

Apache-2.0 open source. Pre-release but functional.

GitHub: https://github.com/agentsystems/agentsystems

Docs: https://docs.agentsystems.ai

Looking for:

- Agent builders to publish to the index

- Security researchers to review the architecture

- Organizations that need self-hosted AI infrastructure

brandon-bennett 5 hours ago

Aloha HN! Author here.

Origin story:

I built this after repeatedly seeing the same problem: companies wanted to use specialized AI agents (document processing, compliance checks, data analysis) but couldn't justify either: (1) building everything in-house - expensive and creates unmaintainable internal tools, or (2) sending sensitive data to third-party SaaS platforms.

The same pattern kept repeating: they needed "an app store for agents" that worked like Docker Hub but with security isolation baked in.

The interesting technical choice:

I wanted this to be fully open with no gatekeepers - no accounts, nothing to signup for, and as decentralized as possible. So I came up with a federated Git-based index. Instead of a centralized marketplace, agent metadata lives in a GitHub repo. Developers fork it, add their agent to `developers/their-username/`, and submit a PR. Automated validation checks that the folder name matches the fork owner (GitHub-authenticated namespace ownership). No manual approval needed. The entire system operates without gatekeepers - fully forkable if you disagree with the index maintainers.

Current state & what I need:

Pre-release and functional. The platform works, but the agent index is mostly empty since we're just getting started. I'm looking for:

1. Agent builders - If you've built agents for internal use, consider publishing them. The SDK makes it straightforward.

2. Security researchers - I want this architecture stress-tested. Found a hole? I'll credit you and fix it.

3. Organizations with data governance requirements - If you need self-hosted AI infrastructure, let's talk about your use case.

Tech stack:

- Control plane: FastAPI, PostgreSQL, Docker SDK

- UI: React, TypeScript, Zustand

- SDK: Python, Typer

- Agents: Any language (FastAPI template provided)

Happy to answer questions about the architecture, federated index mechanics, or security model. Critiques are welcome too - that's why I'm posting early.