romek 0.3.0

Romek - AI Agent session management SDK

Romek

Persistent auth for AI agents. Works on any site, today.

No website integration required. No OAuth adoption needed. Just secure session management that works.

Quick Start • LangChain • n8n • How It Works • Roadmap

---

The Problem

# What every agent developer does today
cookies = {"session_id": "abc123..."}  # Hardcoded. Breaks constantly. Security nightmare.

Sessions expire. Cookies leak into git history. No audit trail. No access control.

The Solution

from romek import Vault

vault = Vault()
cookies = vault.get_session("linkedin.com")  # Encrypted. Scoped. Audited.

pip install romek

Works on sites as they exist today. No website changes. No OAuth adoption. No waiting for the ecosystem.

---

See It In Action

Agent automatically authenticates using stored session—no manual login, no hardcoded cookies.

---

How It Works

1. Log into any site in Chrome (you probably already are)
2. Run romek grab <domain> — cookies are encrypted and stored locally
3. Your agent retrieves them securely on-demand

No extension required. No copy-paste. One command.

---

Quick Start

pip install romek
romek grab linkedin.com

That's it. Your LinkedIn session is now stored in an encrypted vault.

The grab command reads cookies directly from Chrome—no extension needed, no manual export.

from romek import Vault

vault = Vault()
cookies = vault.get_session("linkedin.com")

# Use with requests, Playwright, or any HTTP library
import requests
response = requests.get("https://linkedin.com/feed", cookies=cookies)

Works with any site you're logged into:

romek grab github.com
romek grab notion.so
romek grab twitter.com

---

Multiple Chrome Profiles

If you use multiple Chrome profiles, specify which one to grab from:

romek grab linkedin.com --profile "Profile 1"
romek grab github.com --profile "Work"

To find your profile names:

# Mac
ls ~/Library/Application\ Support/Google/Chrome/

# Linux
ls ~/.config/google-chrome/

# Windows
dir %LOCALAPPDATA%\Google\Chrome\User Data\

Default profile is used if no --profile flag is specified.

---

☁️ Remote Servers (VPS / Headless / Docker)

Running n8n or scripts on a server without Chrome? Sync your local session:

On your local machine:

romek grab linkedin.com
romek export

Copy to server:

scp ~/.romek/vault-export.enc user@your-server:~/

On your server:

pip install romek
romek import ~/vault-export.enc

Your server can now access your authenticated sessions.

---

Why Romek?

Without Romek	With Romek
Hardcoded cookies in code	Encrypted vault storage
Sessions in git history	Secrets separate from code
Any code can access anything	Scoped access per agent
No idea what accessed what	Full audit logging
Sessions break silently	Expiration notifications

---

LangChain Integration

from langchain_openai import ChatOpenAI
from langchain.agents import initialize_agent, AgentType
from romek.langchain import get_romek_tools

tools = get_romek_tools(
    agent_name="sales-bot",
    vault_password="your-vault-password"  # Password auto-retrieved from system keyring if not provided
)

llm = ChatOpenAI(model="gpt-4", temperature=0)
agent = initialize_agent(
    tools=tools,
    llm=llm,
    agent=AgentType.ZERO_SHOT_REACT_DESCRIPTION,
    verbose=True
)

# Agent automatically uses stored sessions
response = agent.run("Get my LinkedIn notifications")

Available tools:

• authenticated_request — Make HTTP requests with stored session cookies
• get_session_cookies — Retrieve cookies for custom requests

---

n8n Integration

Use Romek in your n8n workflows with our community node.

npm install n8n-nodes-romek

The node lets you:

• Store and retrieve session cookies in n8n workflows
• Use authenticated sessions with HTTP Request nodes
• Build automation flows that require login

📦 View on npm | GitHub

---

Playwright Integration

from playwright.sync_api import sync_playwright
from romek import Vault

vault = Vault()
cookies = vault.get_session("github.com")

with sync_playwright() as p:
    browser = p.chromium.launch()
    context = browser.new_context()
    context.add_cookies(cookies)
    
    page = context.new_page()
    page.goto("https://github.com/notifications")
    # Already authenticated!

---

CLI Reference

Command	Description
romek grab <domain>	Grab cookies from Chrome
romek grab <domain> --profile "Name"	Grab from specific Chrome profile
romek list	List all stored sessions
romek delete <domain>	Delete a stored session
romek refresh <domain>	Re-grab cookies for a domain
romek export	Export vault for remote server
romek import <file>	Import vault on remote server
romek version	Show current version
romek status	Check vault health and stats

---

Security

• AES-256 encryption with PBKDF2 key derivation (100k iterations)
• Ed25519 keypairs for agent identity
• Scoped access — agents only access approved domains
• Audit logging — every access logged with timestamp
• SQLite storage — encrypted database at ~/.romek/vault.db

---

Roadmap

• Chrome extension for cookie export (replaced by grab command)
• Encrypted local vault
• Direct Chrome cookie extraction (romek grab)
• Playwright integration
• LangChain integration
• n8n integration — n8n-nodes-romek
• Firefox extension
• Selenium examples
• Cloud vault sync

---

Examples

Working demos available in the examples/ folder.

GitHub Agent Demo

Setup:

# 1. Create the agent
romek create-agent github-agent --scopes github.com

# 2. Grab cookies from Chrome
romek grab github.com

# 3. Your session is now stored and ready to use

Run:

PYTHONPATH=. python examples/github_agent.py

---

Contributing

PRs welcome. Check out the issues for feature requests.

---

License

MIT

⭐ Star us if Romek helps your agents authenticate!