Architecture Overview

CortexPrism is a single-process agentic harness written in TypeScript/Deno. It exposes a CLI, a REST API + WebSocket server, and a web UI. All state is persisted in SQLite databases using WAL mode via @libsql/client.

High-Level Architecture

┌─────────────────────────────────────────────────────────────────┐
│                         CortexPrism                             │
│                                                                 │
│   CLI (cortex chat / run / serve / ...)                         │
│          │                                                      │
│          ▼                                                      │
│   ┌─────────────────────────────────────────────┐              │
│   │              agent/loop.ts                  │              │
│   │  userMessage → [memory inject] → LLM call   │              │
│   │  → [tool parse] → [validator] → [execute]   │              │
│   │  → [re-prompt loop] → response              │              │
│   │  → [episodic write] → [reflection]          │              │
│   └─────────────────────────────────────────────┘              │
│          │                                                      │
│   ┌──────┼──────────────────────────────────────┐              │
│   │      │         Subsystems                   │              │
│   │  memory/   tools/   sandbox/   security/    │              │
│   │  llm/      server/  scheduler/              │              │
│   └──────────────────────────────────────────────┘             │
│                                                                 │
│   SQLite databases (WAL mode)                                   │
│   cortex.db · memory.db · lens.db · vault.db · sess_*.db       │
└─────────────────────────────────────────────────────────────────┘

Core Components

Component	Description
Agent Loop	Core reasoning + tool loop that orchestrates LLM calls, tool execution, memory operations, and reflection
Memory System	5-tier memory with hybrid FTS5 keyword + vector embedding retrieval and exponential decay scoring
LLM Layer	12+ provider implementations with unified `LLMProvider` interface and CascadeRouter
Tool System	Extensible tool registry with built-in tools for file I/O, shell, web search, and code execution
Security (Parallax)	3-stage policy validation gate with encrypted vault, regex deny rules, and full audit logging
Sandbox	Docker container sandbox (subprocess fallback) with resource limits and auto-fix loop
Daemon Supervisor	Background process manager for validator, executor, and scheduler daemons with auto-restart
HTTP Server	Built-in web server with REST API, WebSocket streaming, and web UI dashboard
Scheduler	SQLite-persisted cron job scheduler with retry

Data Flow

User input enters through CLI, Web UI, or API
Agent loop processes input with context from memory
LLM provider generates response via the model router
Tool calls are executed through the Parallax security gate
Results are stored in memory and returned to the user

Core subsystems

Agent Loop — Core execution engine
Memory System — 5-tier memory architecture
Security Parallax — Defense-in-depth security model
Model Router — Intelligent LLM provider routing
Daemon Supervisor — Background process management
Plugin System — Plugin architecture
Databases — SQLite database schemas