能力标签

🔌 MCP 🤖 Agent 🔄 工作流 🐳 Docker 💻 CLI 🧠 Claude ✨ GPT

⚙️

Agent工作流

协同AI工作流

基于 Go · 无代码搭建完整 AI 自动化流程

英文名：coop

⭐ 18 Stars 🍴 2 Forks 💻 Go 📄 MIT 🏷 AI 8.0分

8.0AI 综合评分

aillmsandboxgo

⬇ 下载源码 ZIP ⚙️ 配置说明 📺 TG 频道

✦ AI Skill Hub 推荐

AI Skill Hub 强烈推荐：协同AI工作流是一款优质的Agent工作流。AI 综合评分 8.0 分，在同类工具中表现稳健。如果你正在寻找可靠的Agent工作流解决方案，这是一个值得深入了解的选择。

📚 深度解析

协同AI工作流是一套完整的 AI Agent 自动化工作流方案。随着 AI 能力的不断提升，基于 Agent 的自动化工作流正在成为提升个人和团队效率的核心方式。区别于传统的 RPA 自动化（模拟鼠标键盘操作），AI Agent 工作流通过理解任务意图、动态规划执行路径，能够处理更复杂的非结构化任务。

协同AI工作流工作流的设计遵循"最小配置，最大复用"原则：核心逻辑已经封装好，用户只需配置自己的 API Key 和业务参数即可快速上手。工作流内置错误处理和重试机制，在网络波动或 API 限速等情况下仍能稳定运行，适合作为生产环境的自动化基础设施。

在实际部署时，建议先在测试环境中运行 3-5 次，验证各个环节的输出结果符合预期，再部署到生产环境。AI Skill Hub 评分 8.0 分，是同类 Agent 工作流中的精选推荐。

📋 工具概览

协同AI工作流是一套完整的 AI Agent 自动化工作流方案。通过可视化的节点编排，将复杂的多步骤任务拆解为清晰的自动化流程，实现全程无人值守的智能处理。支持与数百种外部服务和 API 无缝集成，适合构建数据处理管线、业务自动化和 AI 辅助决策系统。

GitHub Stars

⭐ 18

开发语言

支持平台

Windows / macOS / Linux（跨平台）

维护状态

轻量级项目，按需更新

开源协议

MIT

AI 综合评分

8.0 分

工具类型

Agent工作流

Forks

📖 中文文档

以下内容由 AI Skill Hub 根据项目信息自动整理，如需查看完整原始文档请访问底部「原始来源」。

📌 核心特色

可视化 Agent 工作流编排，无需编写复杂代码
支持多步骤自动化任务链，实现全流程无人值守
与外部 API、数据库和第三方服务无缝集成
内置错误处理与自动重试机制，保障稳定运行
提供可复用的自动化模板，快速在同类场景部署

🎯 主要使用场景

自动化日常重复性工作，将精力集中于创造性任务
构建数据采集 → 处理 → 输出的完整自动化管线
实现跨平台、跨系统的数据流转和业务协同

以下安装命令基于项目开发语言和类型自动生成，实际以官方 README 为准。

安装命令

# 方式一：go install（推荐）
go install github.com/AndrewDryga/coop@latest

# 方式二：从源码编译
git clone https://github.com/AndrewDryga/coop
cd coop
go build -o coop .

# 方式三：下载预编译二进制
# 访问 Releases 页面下载对应平台二进制文件
# https://github.com/AndrewDryga/coop/releases

📋 安装步骤说明

访问 GitHub 仓库获取工作流文件
在对应平台（Dify / Flowise / Make 等）中找到「导入工作流」功能
上传工作流文件
按照提示配置必要的环境变量和 API Key
运行测试确认流程正常后投入使用

以下用法示例由 AI Skill Hub 整理，涵盖最常见的使用场景。

常用命令 / 代码示例

# 查看帮助
coop --help

# 基本运行
coop [options] <input>

# 详细使用说明请查阅文档
# https://github.com/AndrewDryga/coop

以下配置示例基于典型使用场景生成，具体参数请参照官方文档调整。

配置示例

# coop 配置说明
# 查看配置选项
coop --config-example > config.yml

# 常见配置项
# output_dir: ./output
# log_level: info
# workers: 4

# 环境变量（覆盖配置文件）
export COOP_CONFIG="/path/to/config.yml"

📑 README 深度解析真实文档完整度 77/100 查看 GitHub 原文 →

以下内容由系统直接从 GitHub README 解析整理，保留代码块、表格与列表结构。

简介

Install

curl -fsSL https://raw.githubusercontent.com/AndrewDryga/coop/main/install.sh | sh

Downloads the prebuilt coop binary for your OS/arch into ~/.local/bin — no Go, no clone. If a container runtime is present, the installer also builds the sandbox image and runs coop doctor; otherwise do that once yourself:

coop build && coop doctor

Requirements: a container runtime — Apple container (macOS 26+), Docker, or Podman, auto-detected. coop itself is a single static binary with no other dependencies.

Staying current: coop update self-updates the binary and rebuilds the box image fresh, pulling the latest agent CLIs and ACP adapters (they ship features often) plus a newer base. (Re-running the install one-liner still works.)

<details><summary>Other ways to install</summary>

go install github.com/AndrewDryga/coop@latest                              # with Go
git clone https://github.com/AndrewDryga/coop && cd coop && make install   # from source

</details>

<details><summary>Verifying a download</summary>

install.sh verifies automatically: when cosign is on your PATH it checks checksums.txt's keyless Sigstore signature (so the checksum file itself is trusted, not just internally consistent) and aborts on failure; otherwise it compares the archive's SHA-256 and prints that the signature was not verified. To verify by hand, set VER and ASSET for your platform — e.g. VER=v0.1.0 ASSET=coop_0.1.0_darwin_arm64.tar.gz:

```bash base="https://github.com/AndrewDryga/coop/releases/download/$VER" curl -fsSLO "$base/$ASSET" curl -fsSLO "$base/checksums.txt" curl -fsSLO "$base/checksums.txt.bundle"

^ installs the binary, and (if a runtime is present) builds the box + runs coop doctor

cd ~/code/your-repo # 1. any git repo coop doctor # 2. prove isolation holds (builds the box first if needed) coop login claude # 3. authenticate once (token persists; paste-code, no browser needed) coop claude # 4. a sandboxed agent, brakes off, your secrets shadowed coop fork feature claude # 5. or hand off a branch: agent works in a throwaway clone… coop fork review feature # …you review the diff… coop fork merge feature # …and land it (rebased onto your branch, signed if you sign) ```

If coop doctor says the image isn't built, run coop build once. Stuck on any step? See Troubleshooting.

`Dockerfile.agent` — a per-project image

coop init --stack asdf   # writes an asdf Dockerfile.agent (from .tool-versions)
coop build               # builds it, tagged coop-<repo-name> — its own image

A repo with its own Dockerfile.agent gets its own image tag, so projects never collide, and every coop, coop loop, coop fork, coop acp in that repo uses it. The scaffolded one is the asdf image — it bakes in the exact .tool-versions toolchain (versions live there, not in the Dockerfile). For anything more exotic, hand-write a Dockerfile.agent (see the box contract below). When the agent needs a new system package, add it to the RUN line and coop build again — the dependency graduates into the image instead of being installed each run. If you change Dockerfile.agent or .tool-versions but forget to rebuild, coop notices on the next run and reminds you to coop build (it records the image's inputs at build time).

<details><summary>The box contract (build any base)</summary>

An image is a valid agent box when:

It runs as a non-root user — Claude Code refuses --dangerously-skip-permissions as root.
That user's home is /home/node — the agents/ auth mounts land at $HOME/.claude, $HOME/.codex, $HOME/.gemini. (Different base? Set COOP_HOME_IN_BOX=/home/<user>.)
claude, codex, gemini are on PATH (so it needs Node) — plus the ACP adapters if you want coop acp.
git config --system --add safe.directory '*' — git works on the host-owned bind mount (which lives at the repo's real path, not a fixed /workspace).

coop sets the working directory itself, so no WORKDIR is required. A skeleton:

FROM <your-language-base>
RUN <install your toolchain> \
 && npm install -g @anthropic-ai/claude-code@latest @openai/codex@latest @google/gemini-cli@latest \
      @agentclientprotocol/claude-agent-acp@latest @agentclientprotocol/codex-acp@latest \
 && git config --system --add safe.directory '*' \
 && id -u node >/dev/null 2>&1 || useradd -m -u 1000 -s /bin/bash node
USER node

(If the base lacks Node, install it first — the asdf template uses NodeSource.) </details>

<details><summary>Reusing an existing devcontainer</summary>

If a repo already has a .devcontainer/, reuse its image as your base and add the agent layer on top:

```dockerfile FROM your-devcontainer-image # the team's source of truth for the env RUN npm install -g @anthropic-ai/claude-code@latest @openai/codex@latest @google/gemini-cli@latest \ @agentclientprotocol/claude-agent-acp@latest @agentclientprotocol/codex-acp@latest \ && git config --system --add safe.directory '*' USER <the devcontainer's non-root user>

Quickstart

cd ~/code/some-repo

coop claude           # sandboxed Claude — no permission prompts, secrets shadowed
coop codex            # same box, Codex instead
coop gemini           # ...or Gemini
coop fusion           # a council: one model leads, the other two advise, then it synthesizes
coop shell            # a shell in the box, to look around
coop run -- npm test  # run any command in the box

Point it at a repo and go. Each agent launches with its own "don't stop to ask" flags (--dangerously-skip-permissions, --dangerously-bypass-approvals-and-sandbox, --yolo), all inside the same sandbox. The worst an off-the-rails agent can do is trash one repo you can restore from git.

Anything after the agent name is passed through to it, on top of those flags — so coop claude --continue resumes Claude's last session, still sandboxed. (Codex is the exception: its -p is --profile, not a prompt, so run a one-shot prompt with coop codex exec "…" and use -p only to pick a profile.)

Agents & config

One box, three agents. Each reads its config and credentials from ~/.config/coop/agents/<name>/, mounted into the box at ~/.claude, ~/.codex, and ~/.gemini. That directory lives outside any repo, so credentials never land in git — edit those files on the host and they take effect in the box. Only the active profile is mounted, so a running agent sees just the account it's using, not the whole vault.

Each run mounts only the launched agent's credentials: coop claude mounts ~/.claude (and that agent's API key from the env file), never the Codex or Gemini ones. The exceptions are the modes where the lead is explicitly told to call its peers — coop fusion and coop <agent> --consult (and forks) — which also mount the authenticated peers so they can be consulted read-only. Raw runs (coop run, coop shell) and maintenance runs (the merge gate, coop doctor) mount no agent credentials at all. coop login <agent> mounts only the agent being signed in.

Blast radius. That profile dir is mounted read-write — the agent must write its session history, and OAuth refresh rewrites the token in place. So a prompt-injected agent can (a) read its own credentials and try to exfiltrate them — set COOP_EGRESS=none to cut the box off the network — and (b) write config its CLI auto-loads next launch (e.g. a settings.json hook), which then runs in future boxes for that profile. (b) stays inside the container — not a host escape — but it's a durable foothold. A fuller fix (copy credentials into an ephemeral in-box location, persist nothing host-side) is planned; for now, COOP_EGRESS=none covers the exfil half.

`.tool-versions` — zero config

If your repo pins versions in a .tool-versions (asdf), the base box provisions that toolchain at runtime — resolved from the working dir up the tree, or ~/.tool-versions — and caches it in a shared volume. So a repo with just a .tool-versions (no Dockerfile.agent, no scaffolding) gets its toolchain with zero setup:

cd ~/code/phoenix-app   # has a .tool-versions
coop claude             # provisions elixir/erlang/node/… from it, then runs the agent

The first install of a new toolchain can be slow (e.g. Erlang compiles), then it's reused across runs and repos. Set COOP_NO_ASDF=1 (in agents/env) to skip provisioning from .tool-versions; coop still repairs a stale persisted Node shim when needed so the agent CLIs keep running. For a baked, fully-reproducible image instead, coop init --stack asdf scaffolds an asdf Dockerfile.agent that installs the same .tool-versions at build time.

Configuration

Set via environment variables, or ~/.config/coop/coop.conf (KEY=VALUE lines, same names — the environment wins over the file). Toggles default on; set 0/false to turn them off.

Box & runtime

Var	Default
`COOP_RUNTIME`	auto	`container` / `docker` / `podman`
`COOP_IMAGE`	(auto)	force a specific image (overrides `Dockerfile.agent` detection)
`COOP_BASE_IMAGE`	`coop-box`	the shared base image tag
`COOP_AGENT_PACKAGES`	(latest)	pin the global agent + ACP npm specs for a reproducible `coop build`
`COOP_REPO`	(git toplevel)	the repo to operate on, overriding cwd detection
`COOP_WORKDIR`	(real path)	where the repo mounts in the box
`COOP_HOME_IN_BOX`	`/home/node`	where auth + instructions mount in the box
`COOP_RUN_ARGS`	—	extra args passed straight to the container runtime
`COOP_PIDS`	`4096`	box pids-limit (fork-bomb cap); `0`/`unlimited`/empty turns it off
`COOP_MEMORY` · `COOP_CPUS`	—	box memory / CPU caps (e.g. `4g`, `2`); unset by default
`COOP_NO_NEW_PRIVILEGES`	`1`	`--security-opt no-new-privileges` on the box
`COOP_EGRESS`	`open`	`none` cuts the box off the network (`--network none`) — no outbound, so a prompt-injected agent can't exfiltrate the repo, secrets, or its credentials. Breaks installs / the model API, so it's opt-in; the default keeps full outbound.
`COOP_NO_ASDF`	(off)	skip runtime `.tool-versions` provisioning; stale Node shim repair still runs
`COOP_NETWORK` · `COOP_CACHE`	`1`	join the services network · mount the cache volume
`COOP_AUTO_UP`	`1`	auto-start sibling services (`compose up`) before every box when a `compose.agent.yml` is present, so any mode (agent, fusion, acp, loop, fork) can reach them; `0` to manage them with `coop up`/`coop down` yourself
`COOP_SERVICES_NET`	(auto)	services network to join (let a fleet share one db)

The resource/privilege caps (COOP_PIDS / COOP_MEMORY / COOP_CPUS / COOP_NO_NEW_PRIVILEGES) apply on docker and podman; Apple's container CLI differs, so they're skipped there for now. On docker/podman the box also runs with all Linux capabilities dropped (--cap-drop ALL) — the agent workloads need none, and it keeps root-in-container (a repo Dockerfile.agent that does USER root) from holding CAP_DAC_OVERRIDE / CAP_NET_RAW / CAP_MKNOD and friends.

Agents & config

Var	Default
`COOP_CONFIG_DIR`	`~/.config/coop/agents`	per-agent auth + settings folder
`COOP_<AGENT>_CMD` (e.g. `COOP_CLAUDE_CMD`)	autonomous default	override an agent's base command
`COOP_FUSION_GOVERNOR`	`codex`	default leader for `coop fusion`
`COOP_CONSULT_TIMEOUT`	`1800`	per-peer `coop-consult` timeout in seconds; a peer that doesn't answer in time is skipped so the lead synthesizes from whoever did
`COOP_MCP_FILE`	`<config>/mcp.json`	the one MCP source of truth
`COOP_SHELL`	`bash`	the shell `coop shell` opens

Forks & loop

Var	Default
`COOP_GATE`	—	gate re-run in the box before a fork merge lands (e.g. `make check`)
`COOP_EDITOR`	(detected)	editor for `coop fork review --open`
`COOP_REVIEW_CMD`	—	full override for `coop fork review` (`sh -c`)
`COOP_LOOP_CMD`	—	override the loop's per-iteration command
`COOP_PREFLIGHT`	`0`	run a cleanup pass (log/tasks/decisions) before `coop loop` (like `--preflight`)

Command-valued settings — COOP_GATE, COOP_LOOP_CMD, COOP_RUN_ARGS, and the COOP_<AGENT>_CMD overrides — are split into argv with shell quoting (single/double quotes group, \ escapes), but no shell runs them (no globbing or $VAR). So quotes group as you'd expect — COOP_GATE='bash -lc "make check && make lint"' is three args, not five — but a bare &&/|/$VAR is a literal argument: wrap those in bash -lc "…". (COOP_REVIEW_CMD is the exception — it is run via sh -c.)

Command reference

Every command runs against the repo in your current directory. -h/--help works on any of them.

Run an agent

Command	What it does
`coop claude` · `codex` · `gemini` `[args]`	a sandboxed agent — its autonomous flags, plus any args you add
`coop fusion [agent]`	a [governed council](#fusion-a-governed-council): that agent leads, the other two advise
`coop <agent> --consult`	[opt-in second opinion](#second-opinions---consult) — may ask authed peers on hard calls
`coop run -- <cmd>`	run any command in the box (raw — none of coop's agent flags)
`coop shell`	a shell in the box, to look around
`coop acp [agent\\|fusion]`	run as an [ACP](#drive-it-from-zed-acp) agent over stdio (for Zed)
`coop login <agent>`	[authenticate](#authentication) an agent (token persists in the config dir)

Forks — hand off work like a PR (details)

Command	What it does
`coop fork <name> [agent] [--new]`	open or re-enter a [secrets-free fork](#forks-hand-off-work-like-a-pr) + run an agent (re-entry resumes the session; `--new` resets)
`coop fork <name> <agent> --loop --tasks <path> [-d]`	loop a tasks file unattended in the fork (`-d`/`--detach` backgrounds it)
`coop fork ls`	list this repo's forks: agent, branch, state, tasks done/total, change size, last activity
`coop fork review <name> [--tool\\|--open]`	brief + diff; `--tool` = your `git difftool`, `--open` = your editor
`coop fork merge <name> [--all] [--yes]`	rebase the fork onto your branch and land it (`--all` = the whole fleet; `--yes` confirms non-interactively)
`coop fork rm <name> [--force]`	discard a fork (refuses unmerged/dirty work without `--force`)
`coop fork open <name>` · `path <name>`	open the fork in your editor · print its filesystem path
`coop fork <name> acp [agent]`	drive the fork's [sandboxed agent from Zed](#drive-a-fork-from-zed-acp) over ACP
`coop fork logs [name] [-f]` · `stop <name>`	tail a loop log (no name = all) · stop a detached loop

Run unattended (details)

Command	What it does
`coop loop [agent] [--preflight] [--debug-on-fail]`	work [`.agent/TASKS.md`](#the-loop) unattended until done, then audit (`claude` default; `codex`/`gemini` too); `--preflight` tidies the `.agent/` state first (opt-in); `--debug-on-fail` opens a box shell on an iteration failure
`coop fork <name> <agent> --loop --tasks <path>`	loop [one fork](#a-fleet) on a tasks file (`-d` detaches)
`coop fleet init` · `up` · `down` · `split <n>`	scaffold then drive a [declared fleet](#a-fleet) from `.agent/fleet` (`init` writes a documented template)
`coop status`	fleet roll-up — per fork: running/idle, tasks done/total, blockers, diff size, the task it's on
`coop tasks list` · `lint` · `add "<title>"` · `split <n>`	inspect/validate `.agent/TASKS.md` — `lint` flags stale `[w]` claims and tasks that aren't [self-contained](#the-loop); `split` carves it into self-contained slices

Set up & maintain

Command	What it does
`coop init [--stack asdf]`	[scaffold](#project-toolchain--services) the queue, hooks, skills (and optionally a toolchain)
`coop up` · `down [-v]`	start/stop [sibling services](#services) (Postgres, Redis) for this repo
`coop build` · `update`	build the box image · [self-update coop + rebuild it fresh](#keeping-the-box-current) (latest agents/adapters)
`coop doctor`	[prove isolation](#prove-it-coop-doctor) — attack the box and check it holds
`coop check-secrets`	scan committed files for secrets by content — `--include-ignored` widens to the [whole visible tree](#secrets-never-enter-the-box) (exit 1 on a hit)
`coop help` · `version`	print help · print the version

1. checksums.txt is signed by the release workflow (keyless Sigstore):

cosign verify-blob checksums.txt \ --bundle checksums.txt.bundle \ --certificate-identity-regexp '^https://github.com/AndrewDryga/coop/' \ --certificate-oidc-issuer https://token.actions.githubusercontent.com

VS Code

git config --global diff.tool vscode git config --global difftool.vscode.cmd 'code --wait --diff "$LOCAL" "$REMOTE"'

Troubleshooting

Symptom	Fix
"no container runtime found"	Install Apple [`container`](https://github.com/apple/container) (macOS 26+), Docker, or Podman, then `coop build && coop doctor`. Force one with `COOP_RUNTIME=docker`.
"image … isn't built — run 'coop build'"	`coop build` (shared base), or `coop build` in a repo with a `Dockerfile.agent` (its own image). `coop doctor` builds it too.
Login hangs or "usage limit reached"	`coop login <agent>` re-runs the sign-in (paste-code, no browser). Hit a subscription limit? It resets on a schedule — wait, or `coop login` into another account. The unattended loop waits out the reset on its own.
Agent seems stuck / a detached loop won't quit	`coop fork logs <name> -f` to watch it; `coop fork stop <name>` to stop a detached loop. A foreground run is just Ctrl-C.
"permission denied" writing `~/.cache` / build or test caches	The shared cache volume initialized root-owned. Recreate it: `docker volume rm coop-cache` (or your runtime's equivalent), then `coop build`.
`go`/`gofmt`: "No version is set for command go"	The box provisions toolchains from `.tool-versions` via asdf — add the toolchain there (e.g. `golang 1.26.4`) so it's installed and shimmed. Set `COOP_NO_ASDF=1` to skip provisioning.
*A pinned `.tool-versions` tool (`go`, `ruby`, …) is installed yet "not found" in a login* shell**	asdf's shims sit on PATH via the image's `ENV`, which only reaches the agent process and non-login shells. A login shell (`sh -lc`, `bash -l`) sources `/etc/profile`, which resets PATH and drops the shims. The base box adds an `/etc/profile.d` drop-in to re-add them; rebuild an older box with `coop build` to pick it up.
Zed (ACP) can't find the agent	Zed must launch `coop` from a shell where it's on `PATH` (the installer puts it in `~/.local/bin`). Point Zed's ACP command at the absolute path if needed, and confirm `coop acp <agent>` runs in a terminal first.
A merge refuses	Dirty tree → commit/stash first. Policy flagged a secret/large file → review, then `--force`. Non-interactive shell → pass `--yes`. Gate (`COOP_GATE`) went red on the rebased tree → it rolled back; fix and re-run.
Secrets still visible / a custom secret isn't hidden	Run `coop doctor` to see what's shadowed. Add repo-specific paths to a `.coopignore` (see [Secrets never enter the box](#secrets-never-enter-the-box)).
"box image is stale … run 'coop build'"	You changed `Dockerfile.agent` or `.tool-versions` since the image was built. `coop build` to rebuild; the warning clears once the image matches.