HydraLab — an offline-first local research workbench
Project description
HydraLab
An offline-first research workbench — read, annotate, cite, write, and run research agents, entirely on your own machine.
HydraLab is a local-first, co-scientist-grade research environment. You open a project folder and everything a research workflow needs lives inside it: papers, annotations, notes, citations, claims, evidence links, saved chats, tasks, drafts, and orchestrated agent runs — all backed by readable files and a per-project SQLite database on your disk. Your data never leaves your machine without an explicit action from you.
It is not a fork of VS Code, Theia, Obsidian, Zotero, or any co-scientist project. HydraLab builds on proven open-source libraries and adapts their best ideas through its own architecture and contracts.
Why HydraLab
Most research tools make you choose: a reference manager or an editor or a chat window or an agent framework — each with its own silo, and most of them phoning home. HydraLab is one workbench where those pieces share a single local data model, and where the trust boundary is drawn in your favor:
- Local and private by default. Papers, notes, indexes, and chats live on your machine. An enforced offline-only mode hard-blocks network egress entirely. No telemetry, ever.
- Honest by construction. Retrieval is extractive: it quotes indexed passages verbatim with exact locators (page, section, character offset) and will never fabricate a citation it cannot ground.
- Agents behind gates, not hype. Assistant recipes and closed-loop autonomy exist — but every run is staged, traceable, risk-classified, and routed through approvals, a Review Inbox, and an append-only audit ledger.
- A real workbench, not a demo. Every panel in the dockable workspace is wired to a live backend. Reading, annotating, citing, writing, chatting, searching, and organizing happen in one place, against one project.
Features
The workbench
- VS Code–style dockable workspace (FlexLayout): drag, split, close, and rearrange panels; named layouts persist per project; a command palette drives keyboard-first navigation.
- Error-isolated panels — a crash in one panel never takes down the workspace.
- CodeMirror 6 Markdown editor with wikilinks, backlinks, callouts, and live preview.
- PDF.js reader with a research annotation layer: text-layer selection highlights are stored in normalized page coordinates, so annotations survive re-render, zoom, and window resizes.
Research intelligence
- Source discovery across scholarly APIs — OpenAlex, Crossref, arXiv, and more.
- Document ingestion via Docling plus a permissive light extractor, fed through an async ingestion queue into a local search index.
- Grounded, extractive retrieval that returns passages with exact locators (page, section, char offset) and never invents a reference.
- A citations / claims / evidence graph: BibTeX, CSL-JSON, and RIS import & export; APA and IEEE rendering; confidence-based duplicate detection; and source merging with referential-integrity repair.
- A knowledge graph connecting notes, sources, claims, and tasks across the project.
Assistant & agents
- Per-project named chats with bring-your-own-key providers (OpenAI, OpenRouter) and a token budget.
- MCP tool support (HTTP transport) so the assistant can operate real project tooling.
- Orchestrated research recipes: literature review, paper critique with related-work analysis, and idea generation with ranking.
- Every agent run is staged and traceable, gated by approvals and a Review Inbox — nothing lands in your project without your sign-off.
- A skills registry and a project-local assistant context file (
HYDRA.md).
Autonomy, done responsibly
- Closed-loop autonomy layer with policy gates, a risk classifier, human-in-the-loop safety checkpoints, and an append-only audit ledger.
- Sandboxed experiment execution and a reproducibility & evaluation ledger.
- Real-time collaborative editing (Yjs) with a durable, replayable update log.
- Responsive mobile/tablet layouts and a Tauri desktop shell.
Tech stack
| Layer | Stack |
|---|---|
| Frontend | React 19 · TypeScript · Vite · FlexLayout · CodeMirror 6 · PDF.js |
| Backend | Python 3.11+ · FastAPI · SQLModel · async SQLite (aiosqlite) · Alembic |
| Storage | Per-project SQLite + readable project files; secrets in the OS keychain |
| Desktop | Tauri v2 |
| Extension | Chrome MV3 |
| Tooling | JS managed by Bun, Python by uv |
Getting started
HydraLab runs on macOS, Linux, and Windows. Any install below gives you the hydralab command — it starts the local backend, serves the bundled web UI, and prints a http://127.0.0.1:<port> URL to open in your browser.
pipx — every platform (recommended)
pipx installs HydraLab into its own isolated environment and puts hydralab on your PATH. Requires Python 3.11+.
pipx install hydralab
hydralab --project-root /path/to/your/research-project
Plain pip install hydralab works too if you'd rather manage the environment yourself. On Windows, py -m pipx install hydralab then hydralab --project-root C:\path\to\your\research-project.
Homebrew — macOS and Linux
brew install M1Vj/hydralab/hydralab
hydralab --project-root /path/to/your/research-project
The first Homebrew install compiles a few native dependencies, so it can take a few minutes.
From source (for development)
Prerequisites: macOS, Linux, or Windows — Python 3.11+ with uv, and Bun 1.x. (Optional: a Rust toolchain for the Tauri desktop shell.)
git clone https://github.com/M1Vj/HydraLab.git
cd HydraLab
uv sync # backend (Python) environment
bun install # frontend workspace
Then run the backend and frontend, each in its own terminal:
# 1) Backend — binds 127.0.0.1, auto-selects a port in 8765–8799
cd backend
uv run python -m hydra.serve --project-root /path/to/your/research-project
# 2) Frontend — Vite dev server on http://127.0.0.1:5173
bun run dev
Then open http://127.0.0.1:5173.
(optional) To enable the browser-automation feature:
uv sync --extra browser
uv run playwright install chromium
Development
uv run --project backend pytest backend/tests -q # backend test suite
bun test apps/web/src # web unit tests
bun run typecheck # TypeScript type check
bun run build # production frontend build
The repository runs a clean CI pipeline on macOS, Linux, and Windows, and carries a large test suite spanning the backend and the web app; the four commands above are the local gate for every change.
Privacy & trust
HydraLab treats privacy as an architectural property, not a settings page.
- Offline-first, with teeth. All indexing, reading, and storage happen locally. The enforced offline-only mode hard-blocks network egress — it is not a soft toggle.
- Every byte of egress is consent-gated. Provider API calls, source downloads, and browser-context sharing each require an explicit action. Nothing is sent in the background.
- Untrusted content is data, never instructions. Page content, PDFs, and imported documents can never silently trigger a fetch or a write — a deliberate defense against prompt-injection through documents you merely read.
- Secrets live in the OS keychain only. API keys are write-only from the UI; they are never exported, never logged, and never stored in the project.
- No fabricated sources. Extractive retrieval quotes indexed passages verbatim with locators. If it cannot ground a claim, it does not cite one.
- No telemetry. HydraLab sends nothing about you, your projects, or your usage anywhere.
Roadmap
HydraLab was built in three phase groups, all implemented on the default branch:
- Research Workbench — the local workspace: reading, annotating, citing, writing, searching, chatting, and organizing.
- Assistant / Co-Scientist — orchestrated assistant workflows, MCP tools, research recipes, approvals, and traceable agent runs.
- Full Autonomy — closed-loop autonomy safety, sandboxed experiments, the reproducibility ledger, real-time collaboration, mobile/tablet layouts, and the packaged macOS app scaffold.
Current status — 1.0, cross-platform. HydraLab runs on macOS, Linux, and Windows, and installs from PyPI (pipx install hydralab) on all three or from Homebrew on macOS and Linux. The Tauri desktop bundles (dmg, NSIS, deb/AppImage) are built but not yet code-signed or notarized, and MCP currently runs over the HTTP transport only. Sandboxed experiment execution uses macOS Seatbelt or Linux bwrap where available and degrades to a recorded best-effort tier otherwise.
Phase 4 (planned, not yet implemented): open-platform interoperability and a HydraLab MCP server.
Contributing
Contributions are welcome. Before you start:
- Read
CONTRIBUTING.mdfor workflow, style, and the verification gate. - Report vulnerabilities privately per
SECURITY.md. - All participation is governed by the
CODE_OF_CONDUCT.md.
License
HydraLab is released under the MIT License.
Third-party dependencies keep their own licenses — every dependency, its SPDX license, bundling role, and distribution impact is tracked in ATTRIBUTION.md. A bundle license gate enforces that no strong-copyleft (AGPL/GPL) dependency ships in any distributable build.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file hydralab-1.0.0.tar.gz.
File metadata
- Download URL: hydralab-1.0.0.tar.gz
- Upload date:
- Size: 2.0 MB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
844e620412d2fb337d804733b011f1df065ee6ee0a6959f8dc0077e322f6ba49
|
|
| MD5 |
ea3e7f06efad4fb06f0444dbddad2011
|
|
| BLAKE2b-256 |
59039c810fc6253b1f7b6ea55e7c1ef7504e0ed3031ab132f803b92df39733ff
|
Provenance
The following attestation bundles were made for hydralab-1.0.0.tar.gz:
Publisher:
release.yml on M1Vj/HydraLab
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
hydralab-1.0.0.tar.gz -
Subject digest:
844e620412d2fb337d804733b011f1df065ee6ee0a6959f8dc0077e322f6ba49 - Sigstore transparency entry: 2054581057
- Sigstore integration time:
-
Permalink:
M1Vj/HydraLab@5adf24c5be6547353ee6abd8abb49e3c894654e2 -
Branch / Tag:
refs/tags/v1.0.0 - Owner: https://github.com/M1Vj
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@5adf24c5be6547353ee6abd8abb49e3c894654e2 -
Trigger Event:
push
-
Statement type:
File details
Details for the file hydralab-1.0.0-py3-none-any.whl.
File metadata
- Download URL: hydralab-1.0.0-py3-none-any.whl
- Upload date:
- Size: 1.5 MB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
098ef6b0724e2a6711c2404584b69e8f429ba004399309de548bb65af96aa294
|
|
| MD5 |
4e96291b61fb749dbe8466e2d89bc61f
|
|
| BLAKE2b-256 |
e373fcf2d4cfbc3f3f5c65729715f5ad4e2586dbf7ddff9e98f4ba57f65e2d9c
|
Provenance
The following attestation bundles were made for hydralab-1.0.0-py3-none-any.whl:
Publisher:
release.yml on M1Vj/HydraLab
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
hydralab-1.0.0-py3-none-any.whl -
Subject digest:
098ef6b0724e2a6711c2404584b69e8f429ba004399309de548bb65af96aa294 - Sigstore transparency entry: 2054581444
- Sigstore integration time:
-
Permalink:
M1Vj/HydraLab@5adf24c5be6547353ee6abd8abb49e3c894654e2 -
Branch / Tag:
refs/tags/v1.0.0 - Owner: https://github.com/M1Vj
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@5adf24c5be6547353ee6abd8abb49e3c894654e2 -
Trigger Event:
push
-
Statement type: