kb0 cloud

Your agents get a memory.
You get the receipts.

The same open-source package, pointed at kb0:// — a hosted markdown vault plus a live, content-free audit trail. One API key, zero new concepts.

kb0:// hosted vaults content-free audit one key for everything sign in with GitHub
01

The address picks the backend

A path is local. kb0://<name> is one of your hosted vaults. Same 10 tools, same clients, same behavior — your code doesn't change, your knowledge just stops living on one laptop.

agent.ts — hosted vault
import { VaultClient } from 'kb0-mcp/client'

const kb = await VaultClient.connect({
  vault: 'kb0://team-kb',          // hosted on the kb0 cloud
  agent: 'research-bot',
  apiKey: process.env.KB0_API_KEY, // minted in the dashboard
})

await kb.write('notes/auth.md', { title: 'Auth', content: '…' })
const hits = await kb.search('token security')
const graph = await kb.backlinks('notes/auth.md')
# pip install kb0-mcp — pure HTTPS, no engine install
from kb0 import VaultClient

async with VaultClient(
    vault="kb0://team-kb",
    agent="research-bot",
    api_key=KB0_API_KEY,
) as kb:
    await kb.write("notes/auth.md", title="Auth", content="…")
    hits = await kb.search("token security")
still markdown + git
  • a real git repo per vault — create as many as your plan allows
  • it's git underneath — export anytime, no lock-in
still the same tools
  • read · write · update · delete · list · recent
  • keyword search + links/backlinks graph
and a place to see it
  • browse and edit your agents' notes in the dashboard
  • humans and agents share the same vault
02 — the receipts

Audit what agents read — not just what they wrote

Git captures every change, but agents also read and search — and that trail usually vanishes. kb0 records every operation, content-free: path, query, and the notes returned. Never the note bodies.

dashboard — events
vault.search  agent=research-bot   ok
  query: "token security" → 1 result
  returned: notes/auth.md

vault.read    agent=research-bot   ok
  path: notes/auth.md

vault.read    agent=research-bot   NOT_FOUND
  path: notes/secrets.md   # denied attempts recorded too
content-free by design
  • paths, queries, result counts — never bodies
  • kb0 cloud can't read your notes' contents
tamper-evident
  • hash-chained per tenant, append-only
  • local vaults forward with just KB0_API_KEY
03

A dashboard, not a black box

Everything your key can do, visible in one place.

Vault

Your agents' hosted notes, across all your named vaults — switch, browse, and edit markdown with optimistic locking so nobody clobbers anybody.

Events

The live audit trail — every read, search, and write, filterable by agent, tool, and errors. Watch your first event land in real time.

API Keys

Mint and revoke scoped keys. One key carries audit and vault access — for Node, Python, or any MCP host.

04

First event in minutes

The onboarding walks you through it — and listens live for your first event.

Sign in

GitHub or email — your account gets a personal tenant and an empty hosted vault.

Mint a key

One key, audit + vault scopes. It's shown once and inlined into ready-to-run snippets.

Run your agent

Paste the snippet — kb0:// from Node or Python, or an MCP host with KB0_API_KEY. The dashboard flips the moment the first event lands.

kb0 cloud

One key. Local or hosted.
Always on the record.

Open source underneath, exportable always — the cloud is a backend, not a cage.