能力标签

🔌 MCP 🤖 Agent 🔄 工作流 🌐 翻译 🐳 Docker 💻 CLI 🔗 REST API 🧠 Claude ✨ GPT 🕸 采集

🔌

MCP工具

主权OS

基于 Python · 让 AI 助手直接操作你的系统与工具

英文名：Sovereign-OS

⭐ 98 Stars 🍴 11 Forks 💻 Python 📄 未公布协议 🏷 AI 8.0分

8.0AI 综合评分

ai-agentsorchestrationpython

⚙️ 配置说明 🔍 查看原项目 📺 TG 频道

✦ AI Skill Hub 推荐

经 AI Skill Hub 精选评估，主权OS 获评「强烈推荐」。这款MCP工具在功能完整性、社区活跃度和易用性方面表现出色，AI 评分 8.0 分，适合有一定技术背景的用户使用。

📚 深度解析

主权OS 是一款基于 MCP（Model Context Protocol）标准协议的 AI 工具扩展。MCP 协议由 Anthropic 开发并开源，旨在建立 AI 模型与外部工具之间的标准化通信接口，目前已被 Claude Desktop、Claude Code、Cursor 等主流 AI 工具采纳。

通过安装主权OS，你的 AI 助手将获得额外的工具调用能力，可以用自然语言直接操控该工具的功能，无需学习复杂的命令行语法。MCP 工具的核心价值在于"一次配置，永久增强"——配置完成后，每次与 AI 对话时都可以无缝调用这些工具。

在技术实现上，MCP 工具通过标准的 JSON-RPC 协议与 AI 客户端通信，工具的功能以"工具列表"的形式暴露给 AI 模型，AI 可以按需调用。主权OS 提供了结构化的工具调用接口，使 AI 模型能够精确地理解和使用每个功能点，显著降低 AI 在工具使用上的错误率。

与传统的 API 集成相比，MCP 工具的优势在于无需编写代码——用户只需在配置文件中添加几行 JSON，即可让 AI 获得全新能力。AI Skill Hub 将主权OS 评为 AI 评分 8.0 分，属于同类工具中的优质选择。

📋 工具概览

主权OS 是一款遵循 MCP（Model Context Protocol）标准协议的 AI 工具扩展。通过 MCP 协议，它可以让 Claude、Cursor 等主流 AI 客户端直接访问和操作外部工具、数据源和服务，实现 AI 能力的无缝扩展。无论是文件操作、数据库查询还是 API 调用，都可以通过自然语言在 AI 对话中直接触发，极大提升生产效率。

GitHub Stars

⭐ 98

开发语言

Python

支持平台

Windows / macOS / Linux

维护状态

轻量级项目，按需更新

开源协议

未公布

AI 综合评分

8.0 分

工具类型

MCP工具

Forks

📖 中文文档

以下内容由 AI Skill Hub 根据项目信息自动整理，如需查看完整原始文档请访问底部「原始来源」。

📌 核心特色

通过标准 MCP 协议与 Claude、Cursor 等主流 AI 客户端深度集成
提供结构化工具调用接口，显著降低 AI 集成复杂度
支持 Claude Desktop 和 Claude Code 无缝接入，开箱即用
可与其他 MCP 工具组合叠加，构建完整 AI 工作站
轻量无侵入设计，不影响现有系统架构

🎯 主要使用场景

在 Claude Desktop 对话中直接调用本地工具，实现 AI 与系统的深度联动
通过自然语言驱动复杂的多步骤自动化任务，代替繁琐手动操作
将多个 MCP 工具组合使用，构建个人专属 AI 工作站

以下安装命令基于项目开发语言和类型自动生成，实际以官方 README 为准。

安装命令

# 方式一：通过 Claude Code CLI 一键安装
claude skill install https://github.com/Justin0504/Sovereign-OS

# 方式二：手动配置 claude_desktop_config.json
{
  "mcpServers": {
    "--os": {
      "command": "npx",
      "args": ["-y", "sovereign-os"]
    }
  }
}

# 配置文件位置
# macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
# Windows: %APPDATA%/Claude/claude_desktop_config.json

📋 安装步骤说明

确认已安装 Node.js（v18 或以上版本）
打开 Claude Desktop 或 Claude Code 的 MCP 配置文件
按「交给 Agent 安装 → Claude Desktop」标签中的 JSON 配置填入 mcpServers 字段
保存配置文件并重启 Claude 客户端
重启后，在对话中即可使用本工具

以下用法示例由 AI Skill Hub 整理，涵盖最常见的使用场景。

常用命令 / 代码示例

# 安装后在 Claude 对话中直接使用
# 示例：
用户: 请帮我用 主权OS 执行以下任务...
Claude: [自动调用 主权OS MCP 工具处理请求]

# 查看可用工具列表
# 在 Claude 中输入："列出所有可用的 MCP 工具"

以下配置示例基于典型使用场景生成，具体参数请参照官方文档调整。

配置示例

// claude_desktop_config.json 配置示例
{
  "mcpServers": {
    "__os": {
      "command": "npx",
      "args": ["-y", "sovereign-os"],
      "env": {
        // "API_KEY": "your-api-key-here"
      }
    }
  }
}

// 保存后重启 Claude Desktop 生效

📑 README 深度解析真实文档完整度 56/100 含工作流图查看 GitHub 原文 →

以下内容由系统直接从 GitHub README 解析整理，保留代码块、表格与列表结构。

简介

A governed AI workforce, ready to deploy on day one. Submit a goal — Sovereign-OS plans it, approves the budget, executes with built-in workers, and delivers a cryptographically verified result.

<a href="#quick-start">Quick Start</a> • <a href="#architecture">Architecture</a> • <a href="#features">Features</a> • <a href="#deployment">Deployment</a> • <a href="#configuration">Configuration</a> • <a href="#custom-workers">Custom Workers</a> • <a href="#docs">Docs</a>

---

Overview

Sovereign-OS is not another chatbot wrapper or agent framework. It is an operating system for autonomous AI work: a governance layer that enforces budget, quality, and permissions before any token is spent or any task is executed.

The core contract is simple. One YAML file — the Charter — declares the agent's mission, spending limits, KPIs, and allowed capabilities. Everything else — planning, approval, execution, auditing, payment — flows from that file.

Charter → CEO (plan) → CFO (approve budget) → Workers (execute) → Auditor (verify) → Ledger (record)

The Ledger is append-only. The Auditor is cryptographically bound. Neither can be overridden at runtime.

---

Features

Governance - Charter-driven: mission, competencies, KPIs, fiscal boundaries — all in one YAML. - CEO (Strategist) decomposes natural-language goals into executable task plans with dependencies. - CFO (Treasury) enforces max_task_cost_usd, daily_budget_usd, runway_days, and min_job_margin_ratio before any task runs. - TrustScore-gated permissions: READ_FILES, WRITE_FILES, SPEND_USD, CALL_API.

Execution - 16 built-in workers: summarize, research, reply, write_article, write_email, write_post, meeting_minutes, translate, rewrite_polish, collect_info, extract_structured, spec_writer, solve_problem, assistant_chat, code_assistant, code_review. - Multi-model: Strategist and workers can use different backends (e.g. GPT-4o for planning, Claude for execution). - Dynamic worker loading: drop a Python file into sovereign_os/agents/user_workers/ — no registration boilerplate.

Auditing - Every task output is verified against Charter KPIs by the ReviewEngine. - AuditReport carries score, passed, reason, suggested_fix, and proof_hash (SHA-256 of inputs + output). - Append-only audit trail (JSONL). Integrity verifiable offline.

Monetization & job queue - SQLite-backed job queue (Redis optional for multi-instance). - Stripe integration: set STRIPE_API_KEY and each completed job triggers a real charge; transactions appear in your Stripe Dashboard. - Auto-approval mode or manual review per job. - Ingest from any HTTP endpoint, Reddit (PRAW), Shopify, WooCommerce, or custom scrapers via the ingest bridge. - Webhook delivery: POST job result to any URL on completion.

<img src="readme_images/job_delivery.png" alt="Job delivery result" width="340" style="max-width:48%"/>  <img src="readme_images/stripe_dashboard.png" alt="Stripe Dashboard — completed charges" width="340" style="max-width:48%"/> Left: job result delivered in the dashboard. Right: charges recorded directly in Stripe Dashboard.

Observability - OpenTelemetry tracing. - Prometheus metrics at GET /metrics: job counters, queue depth, task duration histograms. - GET /health returns config warnings (missing API keys, payment mode). - Structured JSON logs with correlation IDs.

Security - API key authentication (constant-time comparison). - Optional IP allowlist and per-IP rate limiting. - Job input validation (Pydantic v2). - No secrets in code; everything via environment variables.

<img src="readme_images/block_case.png" alt="TrustScore gates" width="340" style="max-width:48%"/>  <img src="readme_images/block_case_detail.png" alt="Permission gate detail" width="340" style="max-width:48%"/> TrustScore-gated permission system — agents earn capabilities through passing audits.

---

Deployment

Docker Compose (recommended for production)

```bash cp .env.example .env

docker-compose.yml excerpt

services: web: build: . ports: ["8000:8000"] env_file: .env volumes: - sovereign_data:/app/data redis: image: redis:7-alpine volumes: - redis_data:/data ```

See docs/DEPLOY.md for volume strategy, health checks, and graceful shutdown.

Quick Start

CLI — run a single mission in 30 seconds:

git clone https://github.com/Justin0504/Sovereign-OS.git && cd Sovereign-OS
pip install -e .
sovereign run --charter charter.example.yaml "Summarize the current AI agent landscape."

Output: task plan → CFO approval → execution → audit report → ledger entry.

Web dashboard — accept paid jobs, run 24/7:

```bash pip install -e ".[llm]" cp .env.example .env

Edit .env: set OPENAI_API_KEY or ANTHROPIC_API_KEY, and optionally STRIPE_API_KEY

python -m sovereign_os.web.app

Edit .env with your API keys

python -m sovereign_os.web.app ```

Listens on http://0.0.0.0:8000 by default. Set SOVEREIGN_HOST and SOVEREIGN_PORT to change.

Edit .env

docker compose up -d

Ingest bridge (optional)

Pull real orders from Reddit, scrapers, or Shopify:

```bash pip install -e ".[bridge]" python -m sovereign_os.ingest_bridge # serves on :9000

In .env: SOVEREIGN_INGEST_URL=http://localhost:9000/jobs?take=true

```

See docs/INGEST_BRIDGE.md for Reddit credentials, scraper targets, and retail connectors.

---

Configuration

All configuration is via environment variables. Copy .env.example to .env.

Variable	Required	Description
`OPENAI_API_KEY`	One of these	OpenAI API key for LLM workers
`ANTHROPIC_API_KEY`	One of these	Anthropic API key for LLM workers
`STRIPE_API_KEY`	Optional	Stripe secret key (`sk_test_…` or `sk_live_…`). Without this, charges are simulated.
`SOVEREIGN_CHARTER_PATH`	Optional	Path to Charter YAML. Default: `charter.default.yaml`.
`SOVEREIGN_JOB_DB`	Optional	SQLite path. Default: `data/jobs.db`.
`SOVEREIGN_AUTO_APPROVE_JOBS`	Optional	`true` to skip manual approval. Default: `false`.
`SOVEREIGN_JOB_WORKER_ENABLED`	Optional	`true` to start the background job processor. Default: `false`.
`SOVEREIGN_INGEST_URL`	Optional	HTTP endpoint to poll for incoming jobs.
`SOVEREIGN_INGEST_ENABLED`	Optional	`true` to enable the ingest poller. Default: `false`.
`SOVEREIGN_API_KEY`	Optional	Bearer token for `/api/*` endpoints.
`SOVEREIGN_ALLOWED_IPS`	Optional	Comma-separated IP allowlist.
`SOVEREIGN_WEBHOOK_URL`	Optional	URL to POST job results to on completion.
`REDIS_URL`	Optional	Redis connection string for multi-instance job queue.