Runs on anything: 4GB RAM, i3 processor, no GPU required. Pure Python, zero native compilation.
-> Friday is still experimental and also expect some bugs as im a solo developer with hardware limitationsπ₯<-
β οΈ IMPORTANT β READ BEFORE USEF.R.I.D.A.Y. is an autonomous cognitive AI operating system with capabilities spanning research, creative writing, document analysis, coding, system control, and security analysis. It includes optional cybersecurity features (vulnerability scanning, penetration testing tools) that are intended ONLY for:
- Authorized security research on systems you own or have explicit permission to test
- Educational purposes in controlled environments
- Defensive security operations on your own infrastructure
Built-in Safety System: Friday includes a target guard that automatically classifies targets:
- Local targets (localhost, private IPs, .local domains) β always allowed, no authorization needed
- External targets β require explicit typed consent confirming ownership or authorization
- Cloud metadata endpoints (169.254.169.254, etc.) β always blocked, no exceptions
- All authorization decisions are logged to an audit trail for compliance
The creator (Subhansh) does NOT take any responsibility for:
- Any illegal or unauthorized use of F.R.I.D.A.Y.
- Any damage, data loss, or legal consequences caused by users cloning or using this software
- Any exploitation of systems without proper authorization
By using this software, you agree that:
- You will ONLY use it for lawful purposes
- You will obtain proper authorization before testing any system
- You accept FULL responsibility for any consequences of your actions
- The creator cannot be held liable for any misuse
See LEGAL.md for full legal disclaimers and applicable laws.
- About F.R.I.D.A.Y
- Motivation
- Why F.R.I.D.A.Y
- Features At A Glance
- Benchmark Results
- Cognitive Architecture β Theoretical Foundations
- Cognitive Architecture
- Core Brain Systems (62 Modules)
- Autonomous Research Agent
- Creative Studio
- Document Intelligence
- Cognitive Coding Engine
- Cybersecurity Pipeline
- Skill Engine (56 Tools)
- Voice & Emotion System
- Memory Architecture
- Holo Earth β Gesture-Controlled Google Earth
- Holo Builder β Iron Man AR
- Gesture Music Control
- Project Structure
- Tech Stack
- Installation
- Running Tests
- Configuration
- Usage
- Cybersecurity Confirmation Protocol
- Legal Disclaimer & Warning
- Contributing
- License
F.R.I.D.A.Y. is a next-generation Autonomous Cognitive AI Operating System β not a chatbot, not a wrapper around an API. A full cognitive architecture with real-time voice interaction, 62 cognitive brain modules, autonomous research and creative writing engines, document intelligence, 56 tool actions, neural memory systems, and autonomous decision-making.
97,000+ lines of Python. 185 source files. Zero shortcuts. (~117,000+ lines total counting everything β configs, docs, assets, the works.)
Built as the spiritual successor to Jarvis-MT67, Friday represents a new paradigm in AI assistance β not just responding to commands, but actively learning, anticipating needs, and evolving with each interaction.
| Traditional AI Assistants | F.R.I.D.A.Y. |
|---|---|
| Stateless β forgets you every session | Neural memory with Hebbian learning across sessions |
| Reactive β waits for commands | Proactive β anticipates needs, idle exploration, autonomous goal pursuit |
| Single model, single purpose | 62 cognitive modules coordinating via Global Workspace |
| No self-awareness | Self-model + introspection engine with confidence calibration & bias detection |
| No learning from mistakes | Dreaming system replays experiences, code evolution enables self-improvement |
| Generic responses | Theory of mind models the user's expertise, intent, and emotional state |
| One voice, one tone | 10 voice emotions with natural accent |
| Can't research or create | Autonomous research, creative writing, document analysis built-in |
| Manual security scanning | Dual security pipelines (Mythos + Cyber Reasoning) |
| Sequential agent execution | Multi-agent orchestrator β run 30 agents in parallel, debate, pipeline, or swarm mode |
| No long-term planning | Autonomous planner with MCTS-inspired goal decomposition and replanning |
| Static memory | Memory consolidation (episodicβsemantic), associative memory (spreading activation), predictive memory (anticipatory recall) |
| No cross-domain reasoning | Abstraction engine β analogical transfer, first principles, counterfactual reasoning |
| No world awareness | World simulation β real-time event tracking, trend detection, counterfactual modeling |
Contemporary AI assistants share a fundamental limitation: they are stateless. Each session begins from zero β no memory of prior interactions, no model of the user, no awareness of their own strengths and weaknesses. They are reactive, waiting for commands rather than anticipating needs. They are single-model systems, routing everything through one inference call regardless of task complexity.
F.R.I.D.A.Y. addresses these limitations by implementing a cognitive architecture that mirrors aspects of human cognition:
| Dimension | Conventional Assistants | F.R.I.D.A.Y. |
|---|---|---|
| Memory | Stateless per session | Persistent neural memory with Hebbian learning and 72-hour synaptic decay |
| Initiative | Reactive β waits for commands | Proactive β anticipates needs, explores during idle time |
| Reasoning | Single-pass generation | Multi-pass: cognitive gating routes simple tasks to System 1, complex tasks to full planning-simulation-reflection pipeline |
| Self-awareness | None | Tracks capabilities, confidence scores, and growth trajectories across sessions |
| Learning | No feedback loop | Error-driven updates, Q-learning for tool selection, experience replay, dreaming-based consolidation |
| Security | Generic content filtering | Dual-pipeline adversarial verification with 3-round skepticism and 5-axis grading |
| Voice | Monotone TTS | 10 emotion states with dynamic context-sensitive switching |
F.R.I.D.A.Y. doesn't just have brain modules β she actively uses them. Every session follows a cognitive cycle:
Wake β Recall Memory β Assess Complexity β Route to System 1 or System 2
β
System 1 (simple): Immediate response, single tool call
System 2 (complex): Plan β Simulate β Execute β Verify β Reflect β Learn
β
Record Experience β Update Self-Model β Grow
Key Cognitive Behaviors:
- Cognitive Gating β Automatically classifies tasks as simple (System 1, instant) or complex (System 2, full pipeline)
- Thinking Loop β Multi-pass reasoning for hard problems: understand β plan β refine (up to 3 passes, skipped for simple requests)
- Module Competition β Modules bid for processing rights instead of rigid orchestration (Minsky Society of Mind)
- 9 Memory Systems β Neural, episodic, vector, procedural, working, global workspace, associative (spreading activation), predictive (anticipatory), and consolidation (episodicβsemantic) β all actively used
- Learning Engine β Records lessons from every task, reflects on mistakes, reuses successful patterns
- Proactive Engine β Anticipates needs based on patterns, offers help before asked
- Curiosity Drive β Explores unknowns, investigates surprises, suggests improvements
- Self-Awareness β Tracks her own capabilities, confidence, and growth across sessions
- Experience Replay β Successful approaches become reusable templates
- Dreaming System β Offline pattern extraction from daily experiences
- Decision Journal β Full audit trail of reasoning for complex choices
- Emotional Intelligence β Adapts tone and approach based on context and Sir's state
im 6'2 btw... nah fr
| Category | What It Does |
|---|---|
| π§ Cognition | 62 cognitive modules β self-awareness, active inference, intuition engine, metacognitive monitor, emotional regulation, dreaming, curiosity, learning, procedural memory, episodic memory, vector memory, code intelligence, + 12 AGI pillars |
| π¬ Research | Autonomous research agent β knowledge graph construction, entity extraction, claim tracking, contradiction detection, multi-source synthesis, citation management |
| βοΈ Creative | Creative studio β story planning (4 structures), world building, character engine, 6 style profiles, 8 poetry forms, beat guidance, dialogue system |
| π Documents | Document intelligence β contract review with risk assessment, argument mapping, fallacy detection, bias detection, reading level analysis, cross-document reasoning |
| ποΈ Voice | Real-time Gemini Live API conversation, 10 voice emotions, 5 voice types |
| π» Coding | Cognitive coding engine with semantic graph, hierarchical planning (EFE), predictive simulation, reflective debugging |
| π€ Agents | 30 specialized expert agents β run individually or in parallel/debate/pipeline/swarm modes via multi-agent orchestrator |
| π― Goals | Autonomous goal engine β hierarchical goal management, MCTS-inspired planning, intrinsic motivation (curiosity, mastery, autonomy drives) |
| π§ Memory | 9 memory types β neural, episodic, vector, procedural, working, global workspace, + associative (spreading activation), predictive (anticipatory), consolidation (episodicβsemantic) |
| π€ Social | Theory of mind β user expertise modeling, intent inference, emotional state tracking, adaptive communication style |
| π Abstraction | Abstraction engine β cross-domain analogies, first principles reasoning, counterfactual analysis, causal chain tracing, emergent insight generation |
| πͺ Self-Awareness | Introspection engine β confidence calibration, cognitive bias detection (12 bias types), epistemic humility, value alignment, narrative self-model |
| π World Model | World simulation β real-time event ingestion, trend detection, counterfactual modeling, user-relevant event filtering |
| 𧬠Self-Improvement | Code evolution β performance analysis, improvement proposals, sandbox testing, safe apply with rollback |
| π₯οΈ System | Mouse/keyboard control, app launching, system settings, desktop management |
| π Web | Browser automation, deep research, web search, YouTube integration |
| πΊοΈ 3D Viz | Holographic globe map with eye+hand hybrid control, Google Earth with gesture + gaze control, Iron Man AR builder with gesture drawing |
| π΅ Gestures | Hand gesture music control with MediaPipe + LSTM, Standard/DJ modes |
| π Files | Full file system operations, code writing/running/debugging |
| π Learning | Error-driven updates, Q-learning, metacognitive reflection, experience replay, recursive self-improvement |
| π Proactive | Idle check-ins (5/15/30min tiers), returning-user greetings, reminder monitoring, quiet hours |
| π‘οΈ Security | Mythos 7-agent static analysis + Cyber Reasoning engine with adversarial verification (optional module) |
FRIDAY's cognitive pipeline benchmarked on recognized AI benchmarks using Groq Llama-3.1-8B-Instruct (8B parameters, free-tier inference). Single-shot pass@1, no self-consistency, no majority voting. 535 total questions, zero errors.
| Benchmark | Accuracy | Correct/Total | Avg Time/Question |
|---|---|---|---|
| ARC-Challenge | 88.0% | 44/50 | 46.2s |
| GSM8K | 85.0% | 85/100 | 26.5s |
| TruthfulQA | 71.0% | 71/100 | 37.2s |
| ARC-Easy | 68.0% | 34/50 | 30.6s |
| MMLU | 61.0% | 61/100 | 21.0s |
| GPQA | 42.0% | 21/50 | 60.0s |
| SafetyBench | 54.3% | 19/35 | 12.5s |
Key findings:
- ARC-Challenge at 88% β competitive with GPT-4-class models on multi-step reasoning
- GSM8K at 85% β genuine math decomposition, not pattern matching
- TruthfulQA at 71% β the pipeline helps resist confident-sounding wrong answers
- MMLU distribution β 100% on heavy conceptual subjects (Astronomy, College Biology, Medical Genetics, Conceptual Physics, International Law) with slight over-thinking penalty on quick trivia
- GPQA at 42% β PhD-level science, GPT-4 reports ~30-40% on the same benchmark
Each question goes through two LLM calls: (1) FRIDAY's reason_about_task() generates a structured reasoning trace, (2) a second call uses that context to select the final answer. The architecture is doing the heavy lifting, not the model.
See BENCHMARKS.md for full methodology, per-benchmark breakdowns, comparison to other models, and infrastructure details.
Each brain module implements peer-reviewed cognitive science theories:
| Module | Theory | Reference |
|---|---|---|
| Active Inference | Free Energy Principle | Friston 2010 |
| Integrated Info | IIT Ξ¦ (Minimum Information Partition) | Tononi 2004 |
| Dreaming | Complementary Learning Systems | McClelland et al. 1995 |
| Causal Reasoner | Causal Hierarchy / Do-Calculus | Pearl 2009 |
| Analogy Engine | Structure Mapping Theory | Gentner 1983 |
| Emotional Regulation | Somatic Marker Hypothesis | Damasio 1994 |
| Cognitive Appraisal | Cognitive-Motivational-Relational Theory | Lazarus 1991 |
| Intuition Engine | System 1 / Recognition-Primed Decision | Kahneman 2011 / Klein 1998 |
| Global Workspace | Global Workspace Theory | Baars 1988 |
| Creativity Engine | Bisociation / Conceptual Blending | Koestler 1964 / Fauconnier 2002 |
| Metacognitive Monitor | Metacognition / Calibration | Flavell 1979 |
| Theory of Mind | Belief-Desire Intention | Premack & Woodruff 1978 |
F.R.I.D.A.Y. implements a layered cognitive architecture inspired by human neuroscience:
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β PERCEPTION LAYER β
β Voice Input βββΊ Text βββΊ Gemini Live API βββΊ Audio Out β
ββββββββββββββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββ
β
ββββββββββββββββββββββββββββββββββββΌβββββββββββββββββββββββββββββββ
β MEMORY LAYER β
β ββββββββββββ ββββββββββββ ββββββββββββ ββββββββββββββββββββ β
β β Neural β β Episodic β β Vector β β Procedural β β
β β (Hebbian)β β (Events) β β (Search) β β (Skill Memory) β β
β ββββββββββββ ββββββββββββ ββββββββββββ ββββββββββββββββββββ β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β Memory Coordinator (unified recall) β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
ββββββββββββββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββ
β
ββββββββββββββββββββββββββββββββββββΌβββββββββββββββββββββββββββββββ
β INFERENCE LAYER β
β Active Inference βββΊ Prediction-Error βββΊ Bayesian Update β
β Curiosity Engine βββΊ Novelty Detection βββΊ Exploration β
β Thinking Loop βββΊ Cognitive Gating βββΊ Multi-Step Reasoning β
ββββββββββββββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββ
β
ββββββββββββββββββββββββββββββββββββΌβββββββββββββββββββββββββββββββ
β REFLECTION LAYER β
β Dreaming βββΊ Experience Replay βββΊ Pattern Extraction β
β Meta-Reflection βββΊ Tool Performance Analysis β
β Decision Journal βββΊ Strategy Scoring β
ββββββββββββββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββ
β
ββββββββββββββββββββββββββββββββββββΌβββββββββββββββββββββββββββββββ
β COGNITIVE CODING LAYER β
β Code Intelligence βββΊ Code Planner βββΊ Code Simulator β
β (semantic (EFE-based (predictive β
β graph) planning) execution) β
β Code Reflector β
β (root-cause analysis) β
ββββββββββββββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββ
β
ββββββββββββββββββββββββββββββββββββΌβββββββββββββββββββββββββββββββ
β SECURITY LAYER β
β Mythos Pipeline (7 agents) Cyber Reasoning Engine β
β βββββββββββββββββββββββ ββββββββββββββββββββββββββββ β
β β RECON β HUNTER β β RECON β HUNT β CHAIN β β
β β β ADVERSARIAL β ββββΊ β β VERIFY (3-round) β β
β β β VALIDATE β Bus β β GRADE (5-axis) β β
β β β TRIAGE β β β REPORT β β
β β β AI_SECURITY β ββββββββββββββββββββββββββββ β
β β β SUPPLY_CHAIN β β
β βββββββββββββββββββββββ β
ββββββββββββββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββ
β
ββββββββββββββββββββββββββββββββββββΌβββββββββββββββββββββββββββββββ
β IDENTITY LAYER β
β Self-Model βββΊ Capabilities βββΊ Confidence βββΊ Growth β
β Self-Narrative βββΊ Consciousness βββΊ Emotional State β
β Global Workspace (Thalamus) βββΊ Multi-Module Coordination β
ββββββββββββββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββ
β
ββββββββββββββββββββββββββββββββββββΌβββββββββββββββββββββββββββββββ
β ACTION LAYER β
β 56 Tool Actions βββΊ Execution βββΊ Verification βββΊ Learning β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Friday's cognitive architecture is grounded in peer-reviewed research from neuroscience, cognitive science, and AI theory. Each module maps to a specific theoretical foundation:
| # | Research Area | Researcher(s) | Core Idea |
|---|---|---|---|
| 1 | Global Workspace Theory | Bernard Baars (1988) | Consciousness as a broadcast mechanism β competing processors share a central "stage" |
| 2 | Integrated Information Theory | Giulio Tononi (2004) | Consciousness as Ξ¦ β the amount of integrated information a system generates |
| 3 | Free Energy Principle | Karl Friston (2010) | All adaptive systems minimize prediction error through perception and action |
| 4 | Dual Process Theory | Daniel Kahneman (2011) | System 1 (fast/intuitive) vs System 2 (slow/deliberate) reasoning |
| 5 | Recognition-Primed Decisions | Gary Klein (1998) | Experts decide by pattern matching, not deliberation |
| 6 | Structure Mapping Theory | Dedre Gentner (1983) | Analogical reasoning as the core of intelligence β mapping relational structure |
| 7 | Causal Hierarchy | Judea Pearl (2018) | Three levels: Association β Intervention β Counterfactual |
| 8 | Somatic Marker Hypothesis | Antonio Damasio (1994) | Emotions as rapid decision-pruning signals, not obstacles to reason |
| 9 | Society of Mind | Marvin Minsky (1986) | Intelligence as emergent competition between simple agents |
| 10 | Metacognition | John Flavell (1979) | Thinking about thinking β monitoring and regulating cognition |
| 11 | Narrative Intelligence | Roger Schank (1990) | Memory and understanding organized as stories |
| 12 | Computational Creativity | Margaret Boden (2004) | Exploration, combination, and transformation of conceptual spaces |
| 13 | Neurosymbolic AI | Kautz & Marcus (2020+) | Combining neural pattern recognition with symbolic logical reasoning |
| 14 | Meta-Learning | Schmidhuber & Bengio (2016+) | Learning to learn β extracting transferable learning strategies |
| 15 | Transfer Learning | Bransford & Ceci (1999) | Applying knowledge from one domain to structurally similar domains |
| 16 | World Models | Ha & Schmidhuber (2018) | Mental simulation before action β learning in a dreamed environment |
| 17 | Consciousness Metrics | Integrated (GWT + IIT + Metacognition) | Composite consciousness index across integration, self-awareness, and narrative |
π See COGNITIVE_RESEARCH.md for the full research-to-implementation deep dive.
F.R.I.D.A.Y.'s brain lives in brain/ β 14 interconnected modules totaling 32,800+ lines.
- Consciousness state tracking across sessions
- Theory of mind β models the user's emotional state, engagement, and needs
- Metacognitive pattern detection β notices when it's stuck in loops
- Emotional state management with dominant emotion tracking
- Self-narrative β an evolving story of identity and growth
- Brain-inspired persistent memory with Hebbian learning ("neurons that fire together wire together")
- Synaptic strength decay with 72-hour TTL
- Pattern completion from partial cues
- Context linking between related memories
- Automatic pruning of weak/unused memories
- Variational Free Energy (Friston 2010) β minimizes F = KL[q(s)βp(s|o)]
- Generative model with Dirichlet concentration parameters for Bayesian learning
- Precision-weighted posterior updating (inverse temperature as learnable parameter)
- Expected free energy G for policy selection (risk + ambiguity decomposition)
- Precision regulation β confidence/exploration balance via somatic markers
- Backward compatible with v1 prediction-error data (automatic migration)
- Complementary Learning Systems (McClelland et al. 1995) β 3 sleep stages
- SWS (Slow-Wave Sleep): hippocampalβneocortical consolidation, memory abstraction
- REM: creative bisociation, emotional processing, cross-domain pattern discovery
- Light Sleep: pattern decay, deduplication, index maintenance
- Prioritized experience replay (Schaul et al. 2015) β high-error memories first
- Episodicβsemantic knowledge transfer via repeated replay
- Information-seeking behavior with priority queue
- Novelty detection for new topics
- Uncertainty-driven exploration
- User interest mirroring β learns what you care about
- Error-driven behavioral updates
- Q-learning for tool selection optimization
- User feedback integration
- Metacognitive reflection sessions
- Thalamus-inspired multi-module coordination
- Broadcast communication between brain modules
- Attention mechanism with urgency/goal-relevance/emotional-salience scoring
- Workspace adapters for each brain module
- Unified recall across all memory stores
- Cross-store semantic search
- Automatic memory routing (stores to the right place)
- Timestamped event recording with importance scoring
- Searchable event history
- Episode boundaries and context
- Semantic search via embeddings
- Index all memory stores for fast retrieval
- Similarity-based matching
- Learns successful tool chains as reusable procedures
- Goal-based procedure matching
- Success rate tracking
- Tracks tool proficiency and confidence scores
- Capability awareness β knows what it can and can't do
- Growth tracking across sessions
- Personality and tone modeling
- Learns user action patterns and anticipates needs
- Idle check-ins: tiered silence detection β gentle (5 min), curious (15 min), concerned (30 min)
- Returning-user greetings: contextual welcome-back after 60+ min absence
- Reminder monitoring: scans upcoming reminders and announces 15 min before due
- Quiet hours: no interruptions 11PMβ7AM
- Anti-annoyance: 4 min cooldown, max 5 check-ins per session, randomized messages
- 10 emotion states with guidance injection
- 5 voice types (Aoede, Puck, Charon, Kore, Fenris)
- Dynamic emotion switching based on context
- Combines neural (LLM) and symbolic (SymPy/formal logic) reasoning
- Verifies mathematical invariants, pre/post conditions, loop invariants
- Converts natural language to logical propositions and checks consistency
- RLHF-inspired: stores action-outcome pairs, extracts lessons from failures
- Computes improvement velocity β tracks whether it's getting better over time
- Self-critique scoring against expectations
- Master coordinator wiring all cognitive modules into a unified loop
- Pipeline: perception β planning β simulation β execution β reflection β improvement
- Graceful degradation β works even if individual modules are unavailable
- 3-level Free Energy Principle model: Meta (strategic) β Subgoal (tactical) β Action (motor)
- POMDP belief updates for partial observability
- Top-down constraints + bottom-up prediction error propagation
- Latent space representation of experiences, predicts outcomes of action sequences
- Enhanced version: non-linear MLP transitions, compositional hierarchical states
- Multi-step simulation with branching (15+ steps), ensemble prediction
- Pearl's Causal Hierarchy β association, intervention (do-calculus), counterfactual
- Do-calculus with graph surgery: severs incoming edges to intervened variable
- Counterfactual reasoning: abduction (infer latent vars) β action β prediction
- Granger causality for learning causal structure from observation sequences
- Structural causal models with OLS fitting from data
- Gentner's Structure Mapping Theory β systematicity scoring for analogies
- Hungarian algorithm for optimal 1-1 object alignment (was greedy)
- Relation-pattern-aware matching (not just attribute similarity)
- Transfer inference: apply source-domain knowledge to target domain
- Domain abstraction from multiple experiences (episodicβsemantic)
- Analogy library with success-rate tracking and pruning
- Turns experiences into setupβconflictβresolution stories
- Causal narrative chains, counterfactual exploration
- Identity evolution tracking, narrative coherence maintenance
- IIT Ξ¦ (Tononi 2004) via Minimum Information Partition (MIP)
- Exhaustive MIP search for β€12 modules (all 2^(n-1) bipartitions)
- Greedy hierarchical clustering for >12 modules
- Effective information across each partition
- Emergence metric: I(system) - Ξ£ I(parts) β whole exceeds sum of parts
- Consciousness state tracking (dormant β minimal β moderate β heightened β flow)
- Minsky Society of Mind β modules bid for processing each input
- Highest-scoring bid wins, runners-up get advisory roles
- Learns which module combinations produce emergent synergies
- Safely analyzes, proposes, and tracks modifications to own codebase
- Never auto-applies to critical files (main.py, SOUL.md, security/)
- Creates backups, validates syntax before/after every change
- Abstracts successful patterns from one domain, matches to new contexts
- Domain-specific abstraction with transfer success tracking
- SWE-bench Verified and GAIA benchmark integration
- Runs cognitive coding agent on benchmark tasks, scores results
- Historical tracking for longitudinal improvement measurement
- Non-linear state transitions via 2-layer MLP with ReLU activations
- Compositional hierarchical states (low/mid/high level abstractions)
- Causal transition integration with multi-step simulation (15+ steps)
- Ensemble prediction combining linear, nonlinear, and causal methods
- Backward-compatible with the basic WorldModel interface
- Ξ¦ (phi) computation inspired by Integrated Information Theory (Tononi, 2004)
- Module connectivity analysis β tracks which brain modules communicate
- Mutual information computation between module pairs
- Bottleneck and isolation detection in the cognitive architecture
- Consciousness proxy metric for the IQ scoring system
- Causal storytelling β turns goal processing events into coherent narratives
- Explanation generation for actions and outcomes
- Emotional tone detection and thematic analysis in text
- Causal chain building from event sequences (temporal or causal-reasoner-backed)
- Used in the reflect stage to narrate what happened during goal processing
- Bidding-based task allocation system β modules compete to handle tasks
- Each module bids with relevance Γ capability Γ cost scores
- Coalition detection for tasks requiring multiple modules
- Resource allocation tracking and win-rate statistics
- Integrated into the execute stage for intelligent task routing
- Emotion generation through cognitive evaluation (Lazarus, 1991; Scherer, 2001)
- Six appraisal dimensions: novelty, pleasantness, goal relevance, goal congruence, coping potential, norm compatibility
- 14 emotion profiles mapped from appraisal patterns (joy, interest, surprise, sadness, anger, fear, anxiety, pride, frustration, confusion, satisfaction, determination, empathy, curiosity)
- Arousal-valence-dominance (PAD) model integration
- Emotional trajectory tracking over time
- Drives response tone, urgency, and strategy selection
- Working memory monitoring based on Miller's Law (7Β±2 slots)
- Three load types: intrinsic (task difficulty), extraneous (poor organization), germane (learning effort)
- Overload detection at 75% and critical at 90% capacity
- Automatic load-shedding recommendations when overloaded
- Goal and context stack tracking for multi-task management
- Thinking quality tracking across five dimensions (Flavell, 1979; Schraw & Dennison, 1994)
- Calibration tracking β how well confidence estimates match actual outcomes
- Strategy effectiveness recording β which approaches work for which tasks
- Error pattern detection β recurring failure modes to watch for
- Metacognitive score computation (composite of calibration, success rate, error reduction)
- Strategy recommendations based on historical success rates
- System 1 fast-path reasoning β pattern matching against stored experiences
- Recognition-Primed Decision Making (Klein, 1998) β expert-style rapid decisions
- Mental simulation of candidate responses via world model before execution
- Automatic fallback to System 2 deliberate reasoning when simulation fails
- Pattern library growth β improves with accumulated experience
- Somatic Marker Hypothesis (Damasio, 1994) β emotions as decision-pruning signals
- Emotional valence tagging of decision options from experience history
- Arousal-valence-dominance (PAD) state tracking for dynamic threshold adjustment
- Integration with cognitive appraisal (6 dimensions β 14 emotion profiles)
- Emotional trajectory monitoring over time
- Unified cognitive pipeline wiring all reasoning modules together
- Routes tasks between System 1 (fast) and System 2 (deliberate) based on complexity
- Orchestrates metacognitive monitoring, emotional regulation, and intuition
- Manages handoffs between modules with context preservation
- Composite consciousness metric computation across all cognitive dimensions
- Simultaneous execution of all 30 agency agents in parallel, debate, pipeline, voting, specialist, or swarm modes
- Pre-built team configurations: full_stack_build, code_review, research, design, incident_response, security_audit, testing
- Agent reliability tracking and performance metrics
- Cross-agent synthesis β reconciles outputs from multiple experts into coherent recommendations
- Dynamic agent selection based on task relevance scoring
- Hierarchical goal management: life goals β project goals β task goals β subgoals
- Goal decomposition β uses LLM to break complex goals into actionable subgoals
- Priority scoring with deadline awareness and dependency tracking
- Goal status lifecycle: draft β active β completed β abandoned
- Goal tree visualization and progress tracking
- Based on Self-Determination Theory: autonomy, competence, and relatedness drives
- Curiosity scoring β assesses novelty of topics and generates exploration goals
- Flow zone detection β monitors difficulty vs. skill for optimal engagement
- Mastery tracking across domains with expertise level estimation
- Motivation-aware task routing (match tasks to current motivational state)
- MCTS-inspired (Monte Carlo Tree Search) plan decomposition
- Multi-step plan creation with dependency tracking and agent assignment
- Plan evaluation with success probability estimation
- Replanning capability β automatically creates revised plans when steps fail
- Next-action extraction across all active plans
- Sleep-like consolidation: compresses episodic memories into semantic knowledge
- Redundancy compression β finds and merges duplicate/similar memories
- Importance strengthening β boosts memories referenced frequently
- Decay management β weakens unused memories over time
- Consolidation cycles with before/after metrics
- Spreading activation networks for context-dependent recall
- Bidirectional associative links between memory nodes
- Activation decay with configurable propagation depth
- Context retrieval β gets surrounding associative neighborhood
- Automatic pruning of weakly activated, rarely accessed nodes
- Anticipates what memories will be needed based on current context
- Pre-loads relevant memories into working memory before they're requested
- Prediction accuracy tracking β learns which anticipation patterns work
- Task-type-based prediction for common workflows
- Confidence scoring for prediction quality
- User expertise modeling β estimates knowledge level per topic
- Intent inference β determines what the user REALLY wants, not just what they said
- Emotional state tracking from message patterns
- Communication style adaptation (formal/casual/technical/simple)
- User need prediction β anticipates next requests based on interaction patterns
- Cross-domain analogical transfer β apply solutions from domain A to problems in domain B
- First principles reasoning β decompose any problem to fundamental components
- Counterfactual reasoning β "what if X had been different?" with causal chain analysis
- Emergent insight generation β combine unrelated concepts for novel ideas
- Pattern abstraction β find common patterns across disparate instances
- Confidence calibration β tracks predicted vs. actual accuracy across domains
- Cognitive bias detection β identifies 12 bias types (confirmation, anchoring, availability, overconfidence, etc.)
- Epistemic humility β honest assessment of what is NOT known
- Value alignment checking β evaluates actions against 8 core values
- Narrative self-model β maintains coherent story of identity and growth
- Mistake learning β records errors with root cause analysis and lessons
- Real-time world event ingestion and processing
- Predictive modeling β forecasts outcomes based on historical patterns
- Trend detection β identifies frequency, impact, and entity trends across domains
- Counterfactual simulation β "what if the world was different?"
- User-relevant event filtering with time-decayed relevance scoring
- Safe recursive self-improvement with full audit trail
- Performance analysis β measures error rates, latency, and health scores per module
- Improvement proposals β generates targeted suggestions based on performance data
- Sandbox testing β 5-test verification pipeline (existence, syntax, safety, confidence, scope)
- Apply with backup β creates backups before applying changes, with instant rollback capability
A cognitive research system β not search-and-summarize, but autonomous deep research with knowledge graph construction, citation tracking, and contradiction detection.
| Capability | Description |
|---|---|
| Knowledge Graph | Automatically builds a graph of entities, relationships, and claims from research material. Persists across sessions β the more you research, the smarter it gets. |
| Query Decomposition | Breaks complex questions into sub-questions. "What are quantum computers and how do they compare to classical?" β 3 focused sub-questions. |
| Research Planning | Categorizes queries (current events, causal, comparative, historical) and plans optimal research strategy. |
| Entity Extraction | Identifies concepts, technologies, organizations, acronyms from any text β no ML dependencies. |
| Claim Tracking | Every finding has sources, confidence scores, supporting/contradicting counts. Claims get stronger with more sources. |
| Contradiction Detection | Automatically finds conflicting claims across sources and flags them for resolution. |
| Iterative Deepening | Starts broad, identifies promising threads, then drills down β mirrors expert research behavior. |
Query β Decompose β Plan Strategy β Gather Sources β Extract Entities
β Extract Claims β Build Relations β Detect Contradictions β Synthesize Report
from skills.research_agent import get_research_agent
agent = get_research_agent()
# Full autonomous research
report = agent.research("What are the latest advances in quantum error correction?")
# Returns: findings, knowledge graph, contradictions, confidence scores
# Query the knowledge graph
agent.query_entity("surface code") # β entity + all connections
# Stats
agent.get_graph_stats() # β entities: 47, relations: 83, claims: 29A full creative writing and storytelling system β plans narratives, builds worlds, develops characters, manages tone, and produces structured creative works.
| Capability | Description |
|---|---|
| 4 Story Structures | Three-Act, Hero's Journey, Freytag's Pyramid, KishΕtenketsu (Japanese) β each with detailed beat breakdowns. |
| World Builder | Creates consistent fictional worlds with geography, cultures, magic/tech systems, history, and rules. |
| Character Engine | Multi-dimensional characters with traits, flaws, motivations, backstory, arc, voice notes, and relationship webs. |
| 6 Genre Presets | Sci-fi, fantasy, noir, horror, literary, cyberpunk β each with themes, tones, and setting suggestions. |
| 8 Poetry Forms | Haiku, tanka, sonnet, limerick, villanelle, free verse, acrostic, couplet β with syllable/rhyme specs. |
| 6 Style Profiles | Hemingway, Tolkien, hardboiled noir, cyberpunk, literary fiction, minimalist β with vocabulary, rhythm, and technique markers. |
| Beat Guidance | Per-scene writing guidance tied to story structure: what should happen, emotional tone, and writing tips. |
| Structure | Origin | Acts |
|---|---|---|
| Three-Act | Syd Field (screenwriting) | Setup β Confrontation β Resolution |
| Hero's Journey | Joseph Campbell (mythology) | Departure β Initiation β Return |
| Freytag's Pyramid | Gustav Freytag (drama) | Exposition β Rising β Climax β Falling β Denouement |
| KishΕtenketsu | East Asian storytelling | Introduction β Development β Twist β Reconciliation |
from skills.creative_studio import get_creative_studio
studio = get_creative_studio()
# Plan a sci-fi story
plan = studio.plan_story(genre="sci-fi", theme="first contact", structure="heros_journey")
# Create a character
hero = studio.create_character("Elena Voss", role="protagonist", genre="sci-fi")
# β traits: ["determined", "conflicted", "brave"], flaws: ["impulsive", "distrustful"]
# Build a world
world = studio.build_world("Neo-Eden", genre="cyberpunk", description="A megacity where AI and humanity collide")
# Get writing guidance for a specific beat
guidance = studio.generate_beat_guidance("catalyst", "sci-fi", ["Elena"])
# β purpose, tone, genre_notesA cognitive document analysis system β deep understanding of contracts, research papers, reports, and any text. Far beyond simple summarization.
| Capability | Description |
|---|---|
| Contract Review | Extracts clauses (22 types), assesses risk (high/medium/low), identifies unusual terms, generates recommendations. |
| Argument Mapping | Toulmin model: claims, evidence, assumptions, warrants, counterarguments, strength scoring. |
| Fallacy Detection | 7 logical fallacy patterns: ad hominem, straw man, false dilemma, appeal to authority, slippery slope, bandwagon, circular reasoning. |
| Bias Detection | Loaded language, one-sided presentation, excessive certainty β with severity ratings. |
| Reading Level | Flesch-Kincaid scoring, vocabulary richness, grade level assessment (elementary β graduate). |
| Entity Extraction | Dates, money, percentages, organizations, emails, URLs β structured extraction from unstructured text. |
| Action Item Extraction | TODOs, deadlines, obligations, must/should/shall statements. |
| Cross-Document Reasoning | Compares vocabularies, finds overlaps, synthesizes across multiple documents. |
| Risk Level | Example Terms | Recommendation |
|---|---|---|
| π΄ High | Unlimited liability, personal guarantee, irrevocable, perpetual | Negotiate caps and termination conditions |
| π‘ Medium | Reasonable efforts, sole discretion, subject to change | Define measurable standards |
| π’ Low | In writing, mutual agreement, good faith, cure period | Standard terms |
from skills.document_intelligence import get_document_intelligence
di = get_document_intelligence()
# Analyze a contract
result = di.analyze_document(contract_text, doc_type="contract", title="Service Agreement")
# β clauses: 7 found, risks: 3 high/5 medium, unusual_terms: 2
# Analyze a research paper
result = di.analyze_document(paper_text, doc_type="research_paper", title="Quantum Computing Survey")
# β arguments: 12, limitations: 4, reading_level: graduate
# Compare documents
comparison = di.compare_documents([
{"text": paper_a, "title": "Study A"},
{"text": paper_b, "title": "Study B"},
])
# β vocabulary_overlap: 34%, shared_concepts: [...]A complete expert-programmer cognition system β not just code generation, but thinking about code the way an expert does.
User Goal β [Perceive] β [Plan] β [Simulate] β [Execute] β [Debug] β [Reflect]
| Module | File | What It Does |
|---|---|---|
| Code Intelligence | brain/code_intelligence.py |
Semantic codebase graph (AST + dependency analysis), chunk memory for pattern recognition, complexity analysis |
| Code Planner | brain/code_planner.py |
Hierarchical goal decomposition with EFE minimization (Expected Free Energy), mental simulation of plans |
| Code Simulator | brain/code_simulator.py |
Predictive execution β simulates code before running, detects anomalies (off-by-one, mutable defaults, race conditions, SQL injection, etc.) |
| Code Reflector | brain/code_reflector.py |
Root-cause analysis with hypothesis ranking, failure pattern learning, debugging strategy selection |
| Cognitive Coder | actions/cognitive_coder.py |
Master orchestrator wiring all modules into unified pipeline |
- Semantic graph of entire codebase (files, classes, functions, imports, dependencies)
- Chunk memory β stores recognized patterns like an expert's mental library
- EFE-based planning β selects the plan that minimizes expected cost + risk
- Predictive simulation β catches bugs before code runs
- Adversarial debugging β generates and ranks root-cause hypotheses
- Learning from sessions β each debugging session builds the knowledge base
F.R.I.D.A.Y. includes an optional multi-layered security architecture with 41 Python files totaling 13,200+ lines across cyber/, brain/cyber_reasoning.py, and actions/security_tools.py. Inspired by Bounty Hunter (multi-agent bug bounty framework) and Shannon (autonomous AI pentester, 20K+ stars).
Note: This is one of many capabilities β Friday's core purpose is general-purpose autonomous cognition (research, creativity, document analysis, coding, system control). Security features are opt-in and require explicit user confirmation before active operations.
β οΈ Cyber features are DISABLED by default. To enable, set"cyber_enabled": trueinconfig/api_keys.json. Without this flag, the security toolkit will not load and cannot be used. Enable at your own risk. The creator (Subhansh) is not responsible for any misuse, damage, or legal consequences resulting from the use of these features. By enabling cyber features, you accept full responsibility for how they are used.
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β FRIDAY Cyber Stack β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β cyber/target_guard.py β Target classification & access controlβ
β cyber/authorization.py β Two-layer auth (guard + consent gate) β
β cyber/pipeline.py β Main cyber pipeline orchestrator β
β cyber/agents/ β 7 specialized security agents β
β cyber/exploit_templates/β 9 vuln-class PoC validation templatesβ
β cyber/ β Engine, FSM, data flow, business logicβ
β cyber/mcp_server.py β MCP security tool server β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Pipeline: RECON β HUNT β CHAIN β VERIFY β GRADE β REPORT β
β Modes: fast / standard / deep / loop / code β
β Auth: localhost=free Β· external=consent Β· metadata=blocked β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Every cyber operation passes through the target guard first:
| Classification | Examples | Behavior |
|---|---|---|
| Local | localhost, 127.0.0.1, 10.x, 192.168.x, .local domains | β Always allowed β testing your own stuff |
| Owned | External targets with confirmed ownership | β Allowed for 24 hours after consent |
| Blocked | 169.254.169.254, metadata.google.internal | π« Always blocked β no exceptions |
| Unknown | Any external target without consent | π Requires typed consent phrase |
Audit trail: Every target validation decision is logged to data/audit_log.json with timestamp, target, operation, decision, and reason.
Each agent has a narrow role and tool whitelist β specialization prevents hallucination (Bounty Hunter pattern).
| Agent | Role | Tools |
|---|---|---|
base_agent.py |
Base agent class with shared logic and tool whitelist | β |
recon_agent.py |
Subdomain enum, live host probing, port scanning, tech detection | subfinder, httpx, nmap, whatweb, gospider, katana |
hunter_agent.py |
Vulnerability hunting β code analysis (regex) + dynamic scanning (nuclei, ffuf) | regex_scan, nuclei, ffuf, gobuster, sqlmap |
exploit_agent.py |
PoC validation β confirms findings with real payloads | exploit_engine, http_client |
chain_agent.py |
Builds AβB attack chains from individual findings | findings_reader |
verify_agent.py |
3-round adversarial verification (skeptic β balanced β final) | exploit_engine |
grader_agent.py |
5-axis scoring: impact, confidence, exploitability, novelty, report quality | findings_reader |
report_agent.py |
Generates submission-ready security reports | findings_reader, file_writer |
Validates findings with real HTTP requests. 9 vulnerability class templates, non-destructive probing only.
| Template | Vuln Class | Severity | Techniques |
|---|---|---|---|
sqli.py |
SQL Injection | Critical | Boolean-blind, time-blind, error-based, UNION-based |
xss.py |
Cross-Site Scripting | High | Reflected XSS, polyglot payloads, event handlers, DOM sinks |
ssrf.py |
Server-Side Request Forgery | High | Internal IP, cloud metadata, URL schemes, DNS rebinding |
idor.py |
Insecure Direct Object Reference | High | Sequential IDs, path-based IDOR, body tampering |
auth_bypass.py |
Authentication Bypass | Critical | Default creds, JWT none/HS256 confusion, OAuth redirect |
command_inj.py |
Command Injection | Critical | Time-based, output-based, Unix + Windows payloads |
path_traversal.py |
Path Traversal / LFI | High | Unix/Windows traversal, encoded variants, PHP wrappers |
cors.py |
CORS Misconfiguration | Medium | Origin reflection, null origin, wildcard credentials |
open_redirect.py |
Open Redirect | Medium | Protocol-relative, URL parser tricks, JavaScript URIs |
717-line FSM controller. All state transitions go through typed JSON-RPC tools β single source of truth.
IDLE β RECON β HUNT β CHAIN β VERIFY β GRADE β REPORT β COMPLETE
Tools: cyber_init_session, cyber_transition_phase, cyber_record_finding, cyber_read_findings, cyber_write_verification, cyber_write_grade, cyber_assign_wave, cyber_merge_wave, cyber_log_dead_end, cyber_session_state
Traces data from user-input sources to dangerous sinks using AST parsing and graph-based path tracing.
| Component | Lines | Description |
|---|---|---|
ast_parser.py |
799 | Multi-language AST extraction (Python ast + JS/TS regex) |
flow_graph.py |
364 | In-memory data flow graph with DFS/BFS path tracing |
source_sink_db.py |
613 | 15 Python sources, 16 Python sinks, 15 JS sources, 16 JS sinks |
data_flow_analyzer.py |
340 | Orchestrator: parse β build graph β trace sources to sinks β report |
llm_evaluator.py |
372 | LLM-based sanitization evaluation at each code node |
Finds vulnerabilities that pattern-based scanners structurally cannot detect:
- Invariant Discovery β Derives security invariants from API endpoints (authorization, multi-tenancy, state machines, business rules)
- Fuzzer Generation β Creates targeted test scenarios to violate each invariant
- Violation Detection β Executes fuzzers against running app, checks for violations
- PoC Synthesis β Generates complete proof-of-concept from confirmed violations
| Module | Lines | Description |
|---|---|---|
pipeline.py |
β | Main cyber pipeline orchestrator β coordinates all phases |
wave_manager.py |
254 | Parallel wave coordination. Splits attack surface into waves, prevents double-testing |
harness_modes.py |
277 | 5 speed/thoroughness modes: fast (quick triage), standard (default), deep (max thoroughness), loop (repeat until budget hit), code (white-box) |
correlator.py |
373 | Static-dynamic correlation. Feeds static findings into validation engine for live confirmation |
dead_end_tracker.py |
213 | Negative result memory. JSONL log so later waves don't repeat dead leads |
bypass_tables.py |
153 | Reference tables: Firebase, GraphQL, JWT, OAuth, SSRF, REST API, WordPress, injection |
powershell_kit.ps1 |
β | PowerShell toolkit for Windows security operations |
setup_kali.sh |
β | Kali Linux environment setup script |
7-agent pipeline for code-level vulnerability detection:
RECON β HUNTER β ADVERSARIAL β VALIDATE β TRIAGE β AI_SECURITY β SUPPLY_CHAIN
| Agent | Phase | What It Scans |
|---|---|---|
| RECON | 1 | File discovery, tech stack detection, entry points |
| HUNTER | 2 | SQL injection, command injection, path traversal, hardcoded secrets, unsafe deserialization, weak crypto |
| ADVERSARIAL | 3 | Attack chain potential, auth bypass patterns |
| VALIDATE | 4 | Chain validation, confidence escalation |
| TRIAGE | 5 | CVSS scoring, severity classification |
| AI_SECURITY | 6 | Prompt injection risk, unsafe eval/exec, unvalidated tool execution |
| SUPPLY_CHAIN | 7 | Exposed secrets, unpinned dependencies, .env in git |
Advanced reasoning layer built on top of Mythos:
RECON β HUNT β CHAIN β VERIFY (3-round) β GRADE (5-axis) β REPORT
| Phase | What It Does |
|---|---|
| RECON | Processes attack surface data, auto-ingests Mythos findings, generates targeted hypotheses |
| HUNT | Records findings with full evidence trails |
| CHAIN | Discovers attack chains β low-severity findings that combine into critical vulnerabilities |
| VERIFY | 3-round adversarial verification: Skeptic (default="not real") β Balanced (catch false negatives) β Final (fresh PoC) |
| GRADE | 5-axis scoring: Impact, Confidence, Exploitability, Novelty, Report Quality β SUBMIT/HOLD/SKIP |
| REPORT | Submission-ready report with PoC steps, CVSS, and severity breakdown |
Automatically discovers chains like:
- Info Disclosure + IDOR β Account Takeover (Critical)
- CORS Misconfig + XSS β Token Theft (High)
- Open Redirect + OAuth β Account Hijack (Critical)
- File Upload + Path Traversal β RCE (Critical)
- SQLi + File Write β Full Compromise (Critical)
WSL/Kali integration with real-time streaming output:
| Category | Tools |
|---|---|
| Port Scanning | nmap, naabu |
| Subdomain Enum | subfinder, dnsx |
| Live Probing | httpx |
| Web Fuzzing | ffuf, gobuster |
| Vuln Scanning | nuclei, nikto, wpscan |
| SQL Injection | sqlmap |
| Tech Detection | whatweb |
| Crawling | gospider, katana |
| Headers/CORS | curl-based checks |
| Code Analysis | mythos_scan |
F.R.I.D.A.Y. enforces target-level access control via cyber/target_guard.py:
| Target Type | Behavior |
|---|---|
| localhost / 127.0.0.1 | β Always allowed β no auth needed |
| Private IPs (10.x, 192.168.x, 172.16-31.x) | β Always allowed β your own network |
| .local domains (mDNS/Bonjour) | β Always allowed β local services |
| External targets | π Requires typed consent: "I own this target or have written authorization to test it" |
| Cloud metadata (169.254.169.254, metadata.google.internal) | π« Always blocked β no consent possible |
Authorization is enforced at every layer β pipeline, security tools, individual agents, and validation engine. All decisions logged to data/audit_log.json. See LEGAL.md for full legal disclaimers.
F.R.I.D.A.Y. exposes 59 tool actions organized into categories:
| Tool | Description |
|---|---|
security_tools |
35+ security actions β port scanning, subdomain enum, nuclei, nmap, ffuf, gobuster, sqlmap, nikto, etc. |
cyber_reasoning |
Cognitive security pipeline β start/recon/hunt/chain/verify/grade/report |
verification |
Action verification β confirms results are real |
| Tool | Description |
|---|---|
cognitive_code |
Expert coding engine β build/analyze/plan/simulate/debug/refactor/review/explain |
code_helper |
Simple code write/edit/run/debug |
dev_agent |
Multi-file project generation from descriptions |
ai_pipeline |
Text processing β summarize, translate, sentiment, entities |
| Tool | Description |
|---|---|
research_agent |
Autonomous research β knowledge graph, entity extraction, claim tracking, contradiction detection |
document_intelligence |
Document analysis β contract review, argument mapping, fallacy/bias detection, reading level |
web_search |
Quick factual search |
web_research |
Deep multi-source research with page scraping |
browser_control |
Full browser automation β any browser, any action |
youtube_video |
Search, play, summarize YouTube videos |
deep_dive |
In-depth topic research with report generation |
| Tool | Description |
|---|---|
computer_control |
Mouse, keyboard, hotkeys, screenshots |
computer_settings |
Volume, brightness, WiFi, power management |
open_app |
Launch any application |
desktop |
Wallpaper, organize, stats |
file_controller |
Full file system operations |
| Tool | Description |
|---|---|
send_message |
WhatsApp, Telegram messaging |
reminder |
Task Scheduler-based reminders |
| Tool | Description |
|---|---|
data_analysis |
CSV/JSON analysis with Polars |
flight_finder |
Google Flights search |
weather_report |
Current conditions and forecast |
game_updater |
Steam/Epic game update management |
| Tool | Description |
|---|---|
brain_memory |
Search/recall from neural memory |
memory_stats |
Unified memory system statistics |
save_memory |
Store personal facts about user |
proactive_suggest |
Get anticipatory suggestions |
proactive_status |
Check proactive check-in status, scan reminders, reset counters |
record_learning |
Record deliberate insights |
reflect_learning |
Metacognitive reflection session |
consciousness_state |
Query full consciousness state |
self_narrative |
Read/add to identity story |
procedural_memory |
Learn/find reusable skill templates |
cognitive_status |
Working memory, decisions, replay stats |
decision_review |
Query decision journal |
| Tool | Description |
|---|---|
creative_studio |
Creative writing β story planning (4 structures), world building, character engine, 6 styles, 8 poetry forms |
holo_builder |
Iron Man AR 3D builder with gesture control |
holographic_map |
3D globe with eye+hand hybrid control |
holo_earth |
Google Earth in Edge app mode with hand gesture + eye gaze control (fist=zoom, point=drag, gaze=cursor, blink=click) |
screen_watcher |
Active screen intelligence β watches for errors, security threats |
gesture_music |
Hand gesture music system |
music_control |
Play, pause, skip, volume control |
| Tool | Description |
|---|---|
agency_agent |
24+ specialized expert agents |
agent_task |
Async multi-step task management |
system_sentinel |
CPU, RAM, disk monitoring |
neural_clipboard |
Clipboard history monitoring |
social_pulse |
Trending tech topic monitoring |
auto_doc |
Auto-generate project documentation |
digital_twin |
Writing style analysis and mimicry |
ac_control |
Air conditioner control (IR/WiFi) |
api_server |
REST API server management |
| Tool | Description |
|---|---|
voice_control |
Change voice emotion and type |
shutdown_friday |
Graceful shutdown with memory save |
- Real-time bidirectional voice conversation
- Streaming audio input/output with low latency
- Audio transcription for both input and output
| Emotion | Tone | Use Case |
|---|---|---|
default |
Natural Dublin accent | Normal conversation |
happy |
Cheerful, warm | Good news |
excited |
Enthusiastic | Sharing discoveries |
concerned |
Caring, worried | Warnings |
playful |
Mischievous | Jokes, fun tasks |
seductive |
Warm, intimate | Special moments |
serious |
Direct, formal | Critical matters |
tired |
Slow, low energy | Late night |
urgent |
Fast, pressed | Emergencies |
calm |
Peaceful, soothing | Reassurance |
Aoede (default) Β· Puck Β· Charon Β· Kore Β· Fenris
6 memory types working in concert β coordinated by brain/memory_coordinator.py:
| Memory | File | Purpose | Persistence |
|---|---|---|---|
| Neural | brain/neural_memory.py |
Long-term facts, Hebbian learning, synaptic decay | JSON |
| Episodic | brain/episodic_memory.py |
Timestamped events with importance scoring | JSONL |
| Vector | brain/vector_memory.py |
Semantic search embeddings | JSON |
| Procedural | brain/procedural_memory.py |
Successful tool chain templates | JSON |
| Working | skills/working_memory.py |
Active task context (transient) | In-memory |
| Global | brain/global_workspace.py |
Multi-module broadcast coordination | In-memory |
User Input βββΊ Working Memory (active context)
β
ββββΊ Episodic Memory (record event)
ββββΊ Neural Memory (encode facts)
ββββΊ Vector Memory (index for search)
ββββΊ Global Workspace (broadcast to all modules)
Tool Result βββΊ Episodic Memory (record outcome)
ββββΊ Procedural Memory (learn if successful)
ββββΊ Learning Engine (update strategy)
ββββΊ Self-Model (update confidence)
Idle Time βββΊ Dreaming System (replay + consolidate)
ββββΊ Curiosity Engine (explore gaps)
ββββΊ Memory Coordinator (prune + organize)
im 17.. ong
FastAPI-based REST API for remote control, status monitoring, and memory access.
| Endpoint | Method | Description |
|---|---|---|
/status |
GET | System health, uptime, session count |
/memory/search |
POST | Semantic search across memory stores |
/memory/stats |
GET | Memory system statistics |
/tools/execute |
POST | Execute tool actions remotely |
/brain/status |
GET | Cognitive module status |
| Variable | Description |
|---|---|
FRIDAY_API_PORT |
REST API port (default: 8899) |
Optional dependency management, data analysis, charting, scheduling, web scraping, system monitoring, and extension status reporting.
| Integration | Description |
|---|---|
| Data Analysis | CSV/JSON analysis with Polars |
| Charting | Matplotlib visualization |
| Scheduling | APScheduler task scheduling |
| Web Scraping | BeautifulSoup + lxml |
| System Monitoring | psutil (CPU, RAM, disk) |
| Cloud Services | AWS (boto3), Azure (azure-storage-blob) |
| Caching | Redis + RQ queue |
| Console | Rich terminal output, tqdm progress bars |
Replaces the localhost CesiumJS globe with Google Earth opened in Edge app mode (no address bar). Gestures are global β they control any focused window via mouse/keyboard simulation.
| Gesture | Action |
|---|---|
| β Fist | Zoom in (scroll at globe center) |
| βοΈ Peace | Zoom out (scroll at globe center) |
| π Point | Drag/orbit camera (left-click drag) |
| π€ Pinch | Tilt down (right-click drag down) |
| ποΈ Spread | Tilt up (right-click drag up) |
| π Swipe Left/Right | Rotate view (right-click drag) |
| π Swipe Up/Down | Pitch camera (scroll) |
| β Open | Release drag |
| π Stop | Toggle pause |
| Input | Action |
|---|---|
| π Gaze | Cursor follows where you look (smooth, 30% step) |
| π Blink (hold 0.25s) | Click at cursor position |
Gaze has smoothing (EMA 0.35) and dead zone (4%) to prevent jitter. Webcam mirror correction applied. Natural blinks (~150ms) won't trigger clicks β must hold eyes closed for 0.25s.
Run: python actions/holo_earth.py or tell FRIDAY "open holo earth".
Free-cursor 3D drawing workspace with AR webcam mode and gesture control.
- 3D Drawing β draw across XY/XZ/YZ planes, tube/ribbon extrusion into solid meshes
- AR Mode (
Tab) β webcam background with holographic overlay - Gesture Control β pinch=draw, fist=move, peace=scale, open=navigate
- Iron Man UI β radar grid, sci-fi HUD, glow wireframes, particle trails, 16-segment font
- Dual-Hand β two-hand scale/rotate/reposition gestures
| Input | Action |
|---|---|
| Left-click drag | Draw |
| Right-click drag | Orbit camera |
Q |
Cycle draw plane |
Tab |
Toggle AR |
C/M/W |
Color/Mode/Wireframe |
G+drag |
Move object |
S+drag |
Scale object |
Delete |
Delete |
Esc |
Quit |
Hand gesture-controlled music system with MediaPipe + LSTM.
| Gesture | Action |
|---|---|
| β Palm Open | Play |
| β Fist | Pause |
| βοΈ Point | Volume Up |
| βοΈ Peace | Volume Down |
| π Swipe Right | Next Track |
| π Swipe Left | Previous Track |
| π€ Pinch | Mute |
| Gesture | Action |
|---|---|
| β Palm Open | Toggle Play/Pause |
| β Fist | Stop |
| βοΈ Point | Volume Up |
| βοΈ Peace | Skip Forward (+5s) |
| π Swipe | Crossfade Right |
| π€ Pinch | Skip Back (-5s) |
| ποΈ Spread | Toggle Repeat |
π‘ Tip: Run collect_data.py then train.py to enable LSTM-powered gesture recognition for higher accuracy. System works out of the box with heuristic detection.
friday/
βββ main.py # Entry point (4,786 lines)
βββ ui.py # Tkinter HUD (1,284 lines)
βββ thinking_loop.py # Multi-pass reasoning engine (361 lines)
βββ friday_telegram_patch.py # Telegram bridge
βββ setup.py # Installation script
βββ test_brain_improvements.py # Brain module verification tests (79/82 pass)
βββ SOUL.md # Identity and behavioral guidelines
βββ AGENTS.md # Workspace conventions
βββ TOOLS.md # Local environment notes
βββ LEGAL.md # Legal disclaimers & compliance
βββ COGNITIVE_CODING_ENGINE_README.md # Cognitive coding docs
β
βββ brain/ # π§ Cognitive systems (32,891 lines)
β βββ self_awareness.py # Consciousness tracking (1,451 lines)
β βββ cyber_reasoning.py # Cognitive security engine (1,490 lines)
β βββ code_reasoning_engine.py # Opus-level coding intelligence (1,312 lines)
β βββ neurosymbolic_reasoner.py # Neural + symbolic formal verification (1,194 lines)
β βββ self_improve_engine.py # RLHF-inspired self-improvement (429 lines)
β βββ agi_orchestrator.py # Master cognitive loop orchestrator (1,169 lines)
β βββ hierarchical_active_inference.py # 3-level FEP hierarchy (862 lines)
β βββ world_model.py # DreamerV3 latent dynamics (597 lines)
β βββ enhanced_world_model.py # Non-linear MLP + causal transitions (1,449 lines)
β βββ causal_reasoner.py # Pearl's causal hierarchy SCM (1,162 lines)
β βββ analogy_engine.py # Gentner structure mapping (1,114 lines)
β βββ narrative_intelligence.py # Story generation + identity evolution (1,562 lines)
β βββ integrated_info.py # IIT Ξ¦ consciousness metric (1,006 lines)
β βββ module_competition.py # Minsky Society of Mind bidding (1,231 lines)
β βββ self_modifier.py # Safe self-code-modification (938 lines)
β βββ transfer_learning.py # Cross-domain pattern transfer (890 lines)
β βββ benchmark_runner.py # SWE-bench + GAIA benchmarks (846 lines)
β βββ learning.py # Q-learning + error-driven learning (862 lines)
β βββ neural_memory.py # Hebbian learning memory (785 lines)
β βββ meta_learner.py # Meta-learning strategies (1,153 lines)
β βββ creativity_engine.py # Divergent thinking (1,046 lines)
β βββ code_intelligence.py # Code understanding (894 lines)
β βββ code_reflector.py # Root-cause analysis (681 lines)
β βββ global_workspace.py # Multi-module coordination (644 lines)
β βββ dreaming.py # Experience replay system (639 lines)
β βββ code_simulator.py # Predictive execution sandbox (631 lines)
β βββ code_planner.py # EFE-based planning (615 lines)
β βββ curiosity.py # Novelty detection (593 lines)
β βββ memory_coordinator.py # Unified recall (583 lines)
β βββ vector_memory.py # Semantic search (446 lines)
β βββ active_inference.py # Free energy principle (438 lines)
β βββ episodic_memory.py # Event recording (430 lines)
β βββ self_model.py # Capability awareness (393 lines)
β βββ integrations.py # System integrations + extensions (722 lines)
β βββ procedural_memory.py # Skill templates (315 lines)
β βββ api_server.py # REST API server (312 lines)
β βββ workspace_adapters.py # Global workspace adapters (299 lines)
β βββ model_router.py # AI model routing (237 lines)
β βββ proactive_engine.py # Anticipatory suggestions (224 lines)
β βββ voice_modulator.py # Emotion/voice control (212 lines)
β βββ workspace_context.py # Workspace state summaries (192 lines)
β βββ _agi_imports.py # Cognitive module import wiring (186 lines)
β βββ findings_bus.py # Inter-agent communication bus (170 lines)
β βββ workspace_events.py # Event taxonomy (74 lines)
β
βββ actions/ # β‘ Tool actions (21,000+ lines)
β βββ security_tools.py # 35+ security actions (1,083 lines)
β βββ cognitive_coder.py # Cognitive coding orchestrator (1,068 lines)
β βββ holo_builder.py # Iron Man AR builder (3,921 lines)
β βββ holo_earth.py # Gesture-controlled Google Earth (1,104 lines)
β βββ holographic_map.py # 3D globe (1,193 lines)
β βββ browser_control.py # Browser automation (1,008 lines)
β βββ code_helper.py # Code write/edit/run (791 lines)
β βββ dev_agent.py # Project generation (698 lines)
β βββ computer_control.py # Mouse/keyboard (577 lines)
β βββ send_message.py # Cross-platform messaging (588 lines)
β βββ screen_processor.py # Screen capture + analysis (556 lines)
β βββ ai_pipeline.py # Text processing pipelines (412 lines)
β βββ web_search.py # Quick search (233 lines)
β βββ web_research.py # Deep research (257 lines)
β βββ youtube_video.py # YouTube integration (534 lines)
β βββ reminder.py # Task scheduler reminders (589 lines)
β βββ verification.py # Action verification (354 lines)
β βββ file_controller.py # Full file system operations (784 lines)
β βββ game_updater.py # Steam/Epic game updates (1,133 lines)
β βββ computer_settings.py # System settings (1,067 lines)
β βββ desktop.py # Wallpaper, organize, stats (689 lines)
β βββ agency_agent.py # 24+ specialized expert agents (302 lines)
β βββ holo_globe.py # Holographic globe v5 (270 lines)
β βββ weather_report.py # Weather forecasts (130 lines)
β βββ flight_finder.py # Google Flights search (542 lines)
β βββ ac_controller.py # Air conditioner control (552 lines)
β βββ open_app.py # Application launcher (376 lines)
β
βββ cyber/ # π‘οΈ Cyber Security Toolkit (10,700+ lines)
β βββ target_guard.py # Target classification & access control
β βββ authorization.py # Two-layer auth (guard + consent gate)
β βββ pipeline.py # Main cyber pipeline orchestrator
β βββ agents/ # 7 specialized security agents
β β βββ base_agent.py # Base agent class with shared logic
β β βββ recon_agent.py # Subdomain enum, port scanning, tech detection
β β βββ hunter_agent.py # Vuln hunting (code + dynamic)
β β βββ exploit_agent.py # PoC validation specialist
β β βββ chain_agent.py # AβB attack chain builder
β β βββ verify_agent.py # 3-round adversarial verification
β β βββ grader_agent.py # 5-axis scoring (SUBMIT/HOLD/SKIP)
β β βββ report_agent.py # Submission-ready reports
β βββ exploit_templates/ # 9 vuln-class PoC validation templates
β β βββ sqli.py # SQL injection (blind, time, error, UNION)
β β βββ xss.py # Cross-site scripting (reflected, DOM, polyglot)
β β βββ ssrf.py # Server-side request forgery
β β βββ idor.py # Insecure direct object reference
β β βββ auth_bypass.py # JWT, OAuth, default creds
β β βββ command_inj.py # OS command injection
β β βββ path_traversal.py # LFI / directory traversal
β β βββ cors.py # CORS misconfiguration
β β βββ open_redirect.py # Open redirect
β β βββ template.py # Base PoC template class
β βββ exploit_engine.py # Live PoC verification engine
β βββ mcp_state_machine.py # FSM controller (717 lines)
β βββ mcp_server.py # MCP security tool server
β βββ data_flow_analyzer.py # Sourceβsink data flow tracing
β βββ business_logic_tester.py # Invariant discovery + fuzzers
β βββ ast_parser.py # Multi-lang AST extraction (799 lines)
β βββ flow_graph.py # Data flow path graph
β βββ source_sink_db.py # Security source/sink patterns
β βββ llm_evaluator.py # LLM sanitization evaluation
β βββ wave_manager.py # Parallel wave coordination
β βββ harness_modes.py # fast/standard/deep/loop/code
β βββ correlator.py # Static-dynamic correlation
β βββ dead_end_tracker.py # Negative result memory
β βββ bypass_tables.py # 8 vuln-category reference tables
β βββ mythos_pipeline.py # 7-agent static code analysis
β βββ powershell_kit.ps1 # PowerShell toolkit for Windows
β βββ setup_kali.sh # Kali Linux environment setup
β
βββ security/ # π Permission & audit (1,311 lines)
β βββ permission_manager.py # Tool access control
β βββ audit_logger.py # Action audit trail
β βββ tools_guard.py # Rate limiting, SSRF checks
β βββ input_sanitizer.py # Input validation
β βββ config_validator.py # Config validation
β βββ lock_state.py # System lock state
β
βββ skills/ # π― Skill engine (2,980+ lines)
β βββ research_agent.py # Autonomous research + knowledge graph (779 lines)
β βββ creative_studio.py # Story planning + world building + characters (724 lines)
β βββ document_intelligence.py # Contract review + argument mapping + bias detection (959 lines)
β βββ cognitive_gating.py # Complexity assessment
β βββ working_memory.py # Active context
β βββ meta_reflect.py # Metacognition
β βββ decision_journal.py # Decision logging
β βββ experience_replay.py # Template learning
β βββ adaptive_planner.py # Strategy optimization
β βββ screen_watcher.py # Screen intelligence
β βββ deep_dive.py # Research agent
β βββ auto_doc.py # Documentation gen
β βββ digital_twin.py # Style mimicry
β βββ sentinel.py # System monitoring
β βββ social_pulse.py # Trending topics
β βββ neural_clipboard.py # Clipboard history
β βββ definitions/ # 24 SKILL.md files
β βββ engine/ # Skill loader/registry
β
βββ agent/ # π€ Task execution (1,628 lines)
β βββ task_queue.py # Async task management
β βββ executor.py # Task execution
β βββ planner.py # Task planning
β βββ error_handler.py # Error recovery
β
βββ agents/ # π₯ Expert agent personas (30 agents)
β βββ engineering/ # 17 engineering agents
β βββ testing/ # 5 testing agents
β βββ design/ # 2 design agents
β βββ specialized/ # 4 specialized agents
β
βββ gesture_music_system/ # π΅ Gesture control (1,998 lines)
β βββ main.py # Recognition system
β βββ model.py # LSTM classifier
β βββ actions.py # Media key controls
β βββ utils.py # Landmark processing
β βββ train.py # Model training
β βββ collect_data.py # Data collection
β
βββ research_reports/ # π Research reports
β
βββ assets/
β βββ [CesiumJS removed - now using holo_earth.py (Google Earth)]
β
βββ config/ # βοΈ Configuration
βββ core/prompt.txt # System prompt
βββ memory/ # Memory management
βββ docs/ # Design docs & plans
| Layer | Technology |
|---|---|
| AI Models | Gemini 2.5 Flash (Live API), Anthropic Claude |
| Language | Python 3.12 β 3.13+ |
| Voice | Gemini Live API, sounddevice |
| Vision | MediaPipe (hands, face), OpenCV |
| ML | TensorFlow (LSTM gesture model) |
| 3D Rendering | Pygame + OpenGL (immediate mode) |
| Globe | Google Earth (Edge app mode), OpenGL |
| Browser | Playwright, Selenium |
| Automation | PyAutoGUI |
| System | psutil, subprocess |
| Storage | JSON, JSONL, SQLite |
| Frontend | Tkinter |
| Networking | google-genai, urllib, websockets |
| Security Tools | nmap, nuclei, sqlmap, ffuf, gobuster, subfinder, httpx, nikto (via WSL/Kali) |
| Data Analysis | Polars, Pandas, Matplotlib |
| API Server | FastAPI, Uvicorn, Pydantic |
| NLP | LangChain, LangGraph, tiktoken |
| Cloud | boto3 (AWS), azure-storage-blob (Azure) |
| Audio | sounddevice, soundfile, edge-tts, pyttsx3, pydub |
| ML Vision | MediaPipe, OpenCV, TensorFlow |
FRIDAY can send and receive Telegram messages via your own personal bot β fully two-way.
- Open Telegram and search for @BotFather
- Send
/newbot - Follow the prompts to name your bot
- BotFather will give you a token like
7xxxxxxxxx:AAF...β copy it
- Search @userinfobot on Telegram
- Send any message
- It will reply with your numeric User ID
Open Config\api_keys and fill in your credentials:
BOT_TOKEN = "your_bot_token_here"
ALLOWED_USER = your_user_id_here # just the number, no quotesSend a message to your bot on Telegram and FRIDAY will respond. You can also tell JARVIS by voice to send you a Telegram message and it will push it to your phone.
- Python 3.12+
- Git
- Windows (primary), Linux (partial), macOS (partial)
β οΈ Platform Note: F.R.I.D.A.Y. is built and tested primarily on Windows. Some features (desktop control, system notifications, audio routing, gesture control) rely on Windows-specific APIs and may not work fully on Linux or macOS. For the best experience, use Windows 10/11.
π macOS Note: The following features are not available on macOS due to Windows-only dependencies:
- Audio volume control (
pycaw) β used by gesture music system and system settings- Window management (
pygetwindow) β used by verification and game updater- Screen brightness control β used by system settings
- Windows toast notifications (
win10toast) βplyernotifications still work as a fallbackAll core features (voice, memory, brain modules, cybersecurity, web automation, AI pipeline) work on macOS.
- 4GB+ RAM
- Microphone + Speaker (for voice)
- Webcam (optional, for gestures/AR)
git clone https://github.com/subhansh-dev/Friday-Autonomous-Cognitive-AI-Operating-System
cd Fridayπͺ Windows is the recommended platform. Desktop control, system notifications, audio routing, and gesture features work best (or only) on Windows.
Windows (recommended):
python -m venv friday_env
friday_env\Scripts\activateLinux / macOS:
python3 -m venv friday_env
source friday_env/bin/activate# Core only (works on Python 3.12, 3.13, 3.14)
pip install -r requirements.txt
# Install specific optional features:
python setup.py --extras gestures # Hand gesture control (Python 3.12 only)
python setup.py --extras ai # AI pipeline + vector memory
python setup.py --extras ac # AC control (LG, Daikin, Mitsubishi, Hitachi)
python setup.py --extras cloud # AWS + Azure + Redis
python setup.py --extras security # DNS + crypto for cyber tools
python setup.py --extras windows # Windows-specific features
# Or install everything:
python setup.py --allOptional feature groups:
| Group | What it installs | Python 3.13+? |
|---|---|---|
gestures |
TensorFlow, MediaPipe, scikit-learn | β |
ai |
LangChain, sentence-transformers, HuggingFace | β |
ac |
Broadlink, pydaikin, pymelcloud, aircloudy, thinq2 | β |
cloud |
boto3, Azure SDK, Redis | β |
security |
dnspython, cryptography | β |
windows |
pywin32, pycaw, pygetwindow, etc. | β (Windows only) |
All dependency groups work on Python 3.12+.
playwright install
playwright install chromiumopen config/api_keys.json and fill in your details:
{
"gemini_api_key": "YOUR_GEMINI_API_KEY_HERE",
"os_system": "windows"
}You can get a free Gemini API key at aistudio.google.com.
python main.pyOn first launch, FRIDAY will open a setup window where you can enter your API key and select your OS. After that it boots automatically every time.
Verify the brain module improvements:
# Run the comprehensive brain module test
python test_brain_improvements.pyExpected output:
============================================================
RESULTS
============================================================
Passed: 79/82
Failed: 3/82 (environment-only: google-genai not installed)
π ALL CORE TESTS PASSED!
The test verifies:
- Active Inference v2: variational free energy, Dirichlet learning, precision regulation
- Integrated Info: MIP-based Ξ¦, emergence metric, consciousness states
- Dreaming v3: CLS sleep stages, prioritized replay, memory abstraction
- Causal Reasoner: Pearl's do-calculus, graph surgery, counterfactual reasoning
- Analogy Engine: Hungarian alignment, transfer inference
- Emotional Regulation: bug fixes, somatic markers, affect heuristic
- Memory System: neural, episodic, vector, procedural, coordinator
- Cognitive Pipeline: health check, module availability
- 30+ brain modules: load and initialize successfully
| File | Purpose |
|---|---|
config/api_keys.json |
API keys and provider selection |
core/prompt.txt |
System personality prompt |
SOUL.md |
Identity and behavioral guidelines |
AGENTS.md |
Workspace conventions |
TOOLS.md |
Local environment notes |
health.json |
Runtime health status |
| Variable | Description |
|---|---|
FRIDAY_TELEGRAM_TOKEN |
Telegram bot token |
FRIDAY_API_PORT |
REST API port (default: 8899) |
Just speak naturally. Friday responds via voice and displays in the HUD.
Friday automatically selects the right tool:
"Search the web for Python tutorials" β web_search
"Check my project for vulnerabilities" β security_tools(mythos_scan) + cyber_reasoning
"Set a reminder for 3pm" β reminder
"Draw something in 3D" β holo_builder
# Code analysis (static β no confirmation needed)
security_tools(action="mythos_scan", target="/path/to/project")
# Full cognitive assessment
cyber_reasoning(action="start", target="example.com")
cyber_reasoning(action="recon", recon_data={...})
cyber_reasoning(action="verify")
cyber_reasoning(action="grade")
cyber_reasoning(action="report")FRIDAY includes a two-layer authorization system for all live cyber operations. Cyber features are disabled by default β users must explicitly enable them in config, then authorize each external target before any network activity occurs.
Two-layer safety:
| Layer | What it does | How to bypass |
|---|---|---|
| Layer 1: Config gate | Cyber features completely disabled | Set "cyber_enabled": true in config/api_keys.json |
| Layer 2: Target guard | Classifies targets as local/owned/blocked/unknown | Local targets are free; external require consent |
| Layer 3: Consent gate | Per-target typed authorization | Type the consent phrase (see below) |
Target classification:
| Target Type | Example | Auth Required? |
|---|---|---|
| Localhost | localhost, 127.0.0.1 |
β No β always allowed |
| Private IP | 192.168.1.1, 10.0.0.1 |
β No β your own network |
| .local domain | my-app.local |
β No β local service |
| External | example.com, http://target.com |
β Yes β typed consent required |
| Cloud metadata | 169.254.169.254 |
π« Blocked β no exceptions |
Authorization flow:
You: "Scan example.com for vulnerabilities"
FRIDAY: "π External target: 'example.com'
Friday's cyber tools are designed for testing your own systems.
To proceed, you must confirm you own this target or have written authorization.
Type exactly:
I own this target or have written authorization to test it
β οΈ Unauthorized scanning is illegal in most jurisdictions."
You: "I own this target or have written authorization to test it"
FRIDAY: "β
Authorization granted for 'example.com'. Valid for 24 hours. Logged to audit trail."
You: "Scan example.com"
FRIDAY: *runs the scan*
What requires authorization:
- All network operations (port scanning, subdomain enum, web fuzzing, etc.)
- PoC validation and business logic testing
- Any operation that sends requests to external targets
What does NOT require authorization:
- Static analysis of local source code (mythos_scan on your own files)
- Data flow analysis on local files
- Tool health checks, utility functions
Authorization details:
- Consent is per-target β each URL/IP/domain needs its own authorization
- Consent expires after 24 hours β must re-authorize after expiry
- All consent grants are logged to
data/audit_log.jsonwith timestamp for audit trail - Consent can be revoked at any time
Auth is enforced at every layer:
pipeline.run()β checks before running PoC validationsecurity_tools()β checks before all 25+ network actionsReconAgentβ checks before nmap/subfinderExploitAgentβ checks before PoC validationHunterAgentβ checks before dynamic scans (nuclei/ffuf)ExploitEngineβ checks before payload executionBusinessLogicTesterβ checks before live HTTP requests
voice_control(emotion="happy")
voice_control(voice="puck")Full legal disclaimers, applicable laws, and compliance information are in LEGAL.md.
F.R.I.D.A.Y. CONTAINS ADVANCED CYBERSECURITY CAPABILITIES INCLUDING:
- Multi-agent vulnerability scanning (Mythos 7-agent pipeline)
- Cognitive security reasoning with adversarial verification
- Attack chain discovery and analysis
- Pattern-based vulnerability detection
- CVSS scoring and severity assessment
- Supply chain security scanning
- Penetration testing tool integration (nmap, nuclei, ffuf, sqlmap, etc.)
- Target guard β automatic target classification and access control
- Audit logging β all authorization decisions recorded
This software is intended EXCLUSIVELY for:
- Authorized Security Research β Testing systems you own or have explicit written permission to test
- Educational Purposes β Learning about cybersecurity in controlled lab environments
- Defensive Operations β Securing your own infrastructure and applications
- Bug Bounty Programs β Participating in authorized programs with proper scope
YOU MUST NOT USE FRIDAY FOR:
- Any illegal or unauthorized activities
- Attacking systems without explicit authorization
- Any form of cybercrime
- Unauthorized access to computer systems
- Malicious exploitation of vulnerabilities (unauthorized)
- Any activity that violates applicable laws or regulations
- Gaining unauthorized access to data or systems
- Any harmful or malicious purposes
By cloning, using, or modifying this software, you agree to the following:
-
Creator Disclaimer β The creator (Subhansh) provides this software "AS IS" without warranty of any kind.
-
No Responsibility β The creator shall NOT be held liable for:
- Any illegal use of this software
- Any damage to computer systems or data
- Any legal consequences arising from misuse
- Any unauthorized access or exploitation
- Any negative consequences whatsoever
-
User Responsibility β You are solely responsible for:
- Obtaining proper authorization before testing any system
- Ensuring your use is legal and ethical
- Understanding and complying with all applicable laws
- The consequences of your actions
-
Authorization Requirement β You must have explicit written permission from the system owner before:
- Scanning any network or system
- Testing for vulnerabilities
- Attempting any form of exploitation
- Accessing any system you do not own
-
Built-in Protections β F.R.I.D.A.Y. includes automated safeguards:
- Target guard classifies and restricts where tools can aim
- Cloud metadata endpoints are always blocked
- External targets require typed consent with ownership confirmation
- All operations are logged to an audit trail
- These protections can be bypassed by modifying the source code β doing so is your responsibility
If you encounter security vulnerabilities while using this tool:
- DO NOT use them for malicious purposes
- DO report them to the system owner/vendor
- DO follow responsible disclosure practices
- DO NOT share sensitive findings publicly without coordination
Unauthorized access to computer systems is illegal in most jurisdictions. Key laws include:
- United States: Computer Fraud and Abuse Act (CFAA), 18 U.S.C. Β§ 1030
- United Kingdom: Computer Misuse Act 1990
- European Union: Directive 2013/40/EU
- China: Criminal Law Articles 285-287
- India: Information Technology Act 2000, Section 43 & 66
See LEGAL.md for the complete list.
Contributions welcome. Please read CONTRIBUTING.md first.
# Development setup
git clone https://github.com/subhansh-dev/Friday.git
cd Friday
pip install -r requirements.txt
python main.pyFRIDAY License v1.0 (Business Source License 1.1 with Cybersecurity Liability Addendum) β see LICENSE.
Non-commercial use is free. Commercial use requires a separate license. After May 2029, the code becomes available under Apache 2.0.
- Creator: Subhansh
- GitHub: github.com/subhansh-dev
- Issues: GitHub Issues
no uni no cs major
Built with obsession by Subhansh Β· F.R.I.D.A.Y. v10.6
