A lightweight local-LLM terminal agent (llama.cpp / ollama).
Project description
falamus
An agent framework for LLMs (llama.cpp / ollama / …) with a set of built-in tools and MCP support.
Install
pip install . # from source (Python 3.9+)
falamus --set-provider # choose the model source (see Configuration)
falamus # run in a working directory
Built-in tools
- Files —
read_file/write_file/append_file/edit_file/list_dir - Shell —
run_command(one-off), and an opt-in persistent interactive shell (shell_open/shell_input/shell_close; see Safety) - Images —
view_image - Coordination —
spawn_subagent(delegate a step),deliver(return a result),memo(private notes)
Use external MCP servers (MCP client)
Add any MCP server; its tools appear in the agent's toolbox as <server>__<tool>:
falamus --add-mcp <name> -- <command> # e.g. --add-mcp time -- mcp-server-time
falamus --list-mcp
falamus --remove-mcp <name>
Stored in ~/.config/falamus/mcp_servers.json (standard mcpServers shape). An
external tool call is confirmed each time.
Configuration
falamus --set-provider # model source: a LOCAL server (llama.cpp/ollama) or a CLOUD backend
falamus --config # interactive settings menu
Run as an MCP server
falamus --mcp # MCP over stdio (the client spawns it — no port, no daemon)
- One connection = one session. The caller may tune safe params (depth, iteration caps, thinking) but not capability/security ones (shell, allowed paths, working directory, model) — those are fixed by your local config.
- Dangerous actions are routed to the caller for confirmation (or auto-approved within the fixed config); the destructive blacklist always applies; every tool call is written to an audit log.
- For a remote caller, wrap it in SSH (stdio carries across machines — still no port).
Safety
falamus is not sandboxed: it runs shell commands and edits files with your own privileges. The destructive-command blacklist, confirmations and path-allowlist are guardrails, not a sandbox — run it in a trusted directory on a trusted task.
- The persistent interactive shell is off by default (POSIX only). On Windows it is unavailable and stays silently off; enabling it there just prints a warning.
- Exposing an MCP server lets the caller read any file you can — expose it only to a trusted caller.
License
MIT — see LICENSE.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file falamus-1.0.2.tar.gz.
File metadata
- Download URL: falamus-1.0.2.tar.gz
- Upload date:
- Size: 120.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b44c233a263d65dea1bcdc1a5d6327db08937048255ba32881061f668592073f
|
|
| MD5 |
5be747f5327a3e2361b1cf75d9613672
|
|
| BLAKE2b-256 |
17d178f1949f09c0dc9639138f14b68c04e5e9a3746cc42c6dda1295aad3ebac
|
File details
Details for the file falamus-1.0.2-py3-none-any.whl.
File metadata
- Download URL: falamus-1.0.2-py3-none-any.whl
- Upload date:
- Size: 138.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1623689042f1d189b1512deb2d44868c0939f5e4642e7b2b7154dec6784c691e
|
|
| MD5 |
709407b5dc0df39c7ac75dd22a2796b2
|
|
| BLAKE2b-256 |
ed81a4cc8fdb2f5e6078f4f15936564883cbce65161de039995e8e452859d7d5
|