Space Agent is built around a single guiding principle: the browser is the primary runtime, and the server is thin infrastructure. Agent orchestration, prompt construction, tool execution, state management, and optimistic UX all live inDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/agent0ai/space-agent/llms.txt
Use this file to discover all available pages before exploring further.
app/—the frontend. The server exists to deliver page shells, handle authentication, serve modules, expose narrow APIs, and proxy outbound fetches. New behavior belongs in the frontend unless a backend boundary is required for security, shared-data integrity, cross-user isolation, or runtime stability.
Major Entry Files
Every piece of the runtime has a clear owner. The table below maps each major entry file to its role:| File | Role |
|---|---|
space.js | CLI entry router; discovers commands dynamically |
commands/serve.js | Runtime startup command and launch-time parameter overrides |
commands/supervise.js | Production-ready zero-downtime supervisor for source-checkout auto-updates |
server/server.js + server/app.js | Creates and starts the local HTTP runtime |
server/jobs/ | Primary-owned periodic maintenance jobs |
server/router/router.js | Defines exact request ordering across all URL namespaces |
server/pages/*.html | Server-owned page shells for /, /admin, /login, and /enter |
app/L0/_all/mod/_core/framework/js/initFw.js | Frontend bootstrap; installs the runtime on framework-backed pages |
app/L0/_all/mod/_core/router/ | Authenticated root app shell for / |
app/L0/_all/mod/_core/onscreen_agent/ | Floating routed overlay agent |
The Electron desktop host in
packaging/desktop/main.js starts the server on a free loopback port and loads the resolved runtime URL — it is a packaging wrapper, not a separate backend.Runtime Surfaces
Space Agent exposes several URL surfaces, each with a distinct purpose:| Surface | Description |
|---|---|
/ | Authenticated app shell; hands off to _core/router |
/admin | Firmware-only admin shell (maxLayer=0); module and extension resolution stay L0-only |
/login | Public sign-in shell; does not depend on authenticated /mod/... assets |
/enter | Recovery-safe launcher shell available to authenticated sessions and single-user runtime |
/api/<endpoint> | Backend endpoint surface |
/api/proxy | Authenticated outbound fetch proxy for cross-origin requests |
/mod/<author>/<repo>/... | Browser module delivery; backed by L0, L1, or L2 through layered inheritance |
/~/... and /L0/..., /L1/..., /L2/... | Authenticated direct app-file fetches |
The
/admin shell injects meta[name="space-max-layer"] with the value 0, which clamps all module and extension resolution to firmware (L0) only. This is why the admin UI always reflects base firmware state.Request Routing Order
The server router processes every incoming request through a fixed priority sequence. Understanding this order explains why/api/proxy is always available before dynamic page logic runs:
Frontend Boot Flow
Once the server delivers a page shell, the frontend takes over through a defined bootstrap sequence:Server shell
server/pages/index.html (or admin.html) loads shared framework CSS and the framework bootstrap script.initFw.js
app/L0/_all/mod/_core/framework/js/initFw.js installs the frontend runtime on globalThis.space, injects the _core/framework/head/end HTML seam into document.head, and runs the extensible framework bootstrap.initializer.js
_core/framework/js/initializer.js runs shared bootstrap setup, including framework-managed same-origin _blank page-open handling and best-effort interception of current-tab cross-origin http(s) navigation escapes.Alpine
Alpine helpers and shared bootstrap behavior are installed. Stores become available via
$store.*.The globalThis.space Runtime
Framework boot publishes the shared runtime at globalThis.space. All first-party modules access server APIs, routing, skill loading, and cross-feature helpers through this namespace rather than through direct imports or private internals.
space.api
Authenticated backend API client helpers, including file reads, identity, and optional Git history APIs.
space.router
Router helper surface on routed app pages; also available as Alpine
$router.space.skills
Skill discovery and on-demand loading with
space.skills.load("skill/path").space.current / space.spaces
Spaces and widget helper surfaces for the currently open space and cross-space CRUD.
space.browser
Top-level numeric-id runtime API for registered browser surfaces and popup windows.
space.onscreenAgent
Overlay display control, normal prompt submission, and guarded preset-button prompt submission.
The
space runtime is window-local and must not be published into parent, top, or sibling frames.