explaingit

paradigmxyz/centaur

Analysis updated 2026-06-24

26PythonAudience · ops devopsComplexity · 5/5Setup · hard

TLDR

Self-hosted team-shared AI agent platform with a Slack bot, FastAPI control plane, per-conversation Kubernetes sandboxes, and a credential-injecting proxy for outbound calls.

Mindmap

mindmap
  root((centaur))
    Inputs
      Slack mentions
      HTTP API calls
      Tool plugins
    Outputs
      Thread replies
      Workflow state
      Audit logs
    Use Cases
      Investigate CI failures
      Run team-wide agent
      Schedule digests
    Tech Stack
      Python
      FastAPI
      Kubernetes
      Postgres
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Give an engineering team one shared Slack agent that runs in isolated sandboxes

USE CASE 2

Investigate CI failures or internal-tool questions from a Slack thread

USE CASE 3

Build tool and workflow plugins that an agent can call as HTTP endpoints

What is it built with?

PythonFastAPIKubernetesPostgresSlack

How does it compare?

paradigmxyz/centauralicankiraz1/gemma-4-31b-mtp-vllm-serverchrisjohnson89/comfyui-neuralbooru
Stars262626
LanguagePythonPythonPython
Setup difficultyhardhardhard
Complexity5/54/53/5
Audienceops devopsops devopsvibe coder

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · hard Time to first run · 1day+

Needs a Kubernetes cluster, Postgres, Slack app credentials, and an iron-proxy outbound config before the agent can do real work.

In plain English

Centaur is a self-hosted platform that lets a whole team share one AI agent instead of each person setting up their own. The way it shows up day to day is in Slack: someone tags the bot, asks a question like why are the billing tests failing, and the bot opens a small isolated workspace, looks around, and reports back in the thread. The team also gets an HTTP API for the same thing if they want to drive it from elsewhere. Each conversation runs inside its own Kubernetes sandbox, which is just a small container that has a shell, a workspace folder, git, Python, Node.js, Bun, and the usual command-line tools an engineer would expect. The agent that runs inside the sandbox is not built into Centaur. The team picks a harness (the README names Amp, Claude Code, and Codex as examples) and Centaur runs it. Progress messages flow back to Slack while the work is happening, then the final answer arrives in the same thread. Four pieces make up the platform. A FastAPI control plane (services/api) holds the durable state, manages sandboxes, and registers tools and workflows. A Slack bot service (services/slackbot) receives Slack events and delivers replies. A sandbox container image (services/sandbox) is the per-conversation workspace. A separate piece called iron-proxy sits between the sandbox and the outside world, controlling outbound network calls and swapping in real credentials only at the moment a request goes out, so the agent itself never sees raw API keys. The security story is built around that proxy plus a default-deny Kubernetes network policy on each sandbox. Anything the agent touches outside its container goes through the proxy, which is bound to specific hosts and headers. Every message, every execution, every event is written to Postgres so a client can reconnect later without losing the result, and so the activity can be audited afterwards. Teams extend Centaur by adding tool plugins (small Python packages whose public methods become HTTP endpoints under /tools/my_tool/) and workflow plugins (Python functions with durable steps that can sleep, wait for external events, schedule themselves, or spawn child agents). The README lists everyday uses for this setup: investigating CI failures, answering questions against internal tools, summarizing Slack threads, running scheduled digests, and coordinating multi-step operational tasks. Local boot uses brew install just plus a few environment variables for Slack and 1Password, then just up.

Copy-paste prompts

Prompt 1
Boot centaur locally with brew install just, the Slack and 1Password env vars, and just up
Prompt 2
Plug Claude Code into a centaur sandbox image and route Slack mentions through it
Prompt 3
Write a centaur tool plugin under services/api that exposes a /tools/jira_search HTTP endpoint
Prompt 4
Define a centaur workflow that runs a nightly digest, waits for a Slack approval, then posts the summary

Frequently asked questions

What is centaur?

Self-hosted team-shared AI agent platform with a Slack bot, FastAPI control plane, per-conversation Kubernetes sandboxes, and a credential-injecting proxy for outbound calls.

What language is centaur written in?

Mainly Python. The stack also includes Python, FastAPI, Kubernetes.

How hard is centaur to set up?

Setup difficulty is rated hard, with roughly 1day+ to a first successful run.

Who is centaur for?

Mainly ops devops.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.