Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/agent0ai/space-agent/llms.txt

Use this file to discover all available pages before exploring further.

Space Agent is built around a single guiding principle: the browser is the primary runtime, and the server is thin infrastructure. Agent orchestration, prompt construction, tool execution, state management, and optimistic UX all live in app/—the frontend. The server exists to deliver page shells, handle authentication, serve modules, expose narrow APIs, and proxy outbound fetches. New behavior belongs in the frontend unless a backend boundary is required for security, shared-data integrity, cross-user isolation, or runtime stability.

Major Entry Files

Every piece of the runtime has a clear owner. The table below maps each major entry file to its role:
FileRole
space.jsCLI entry router; discovers commands dynamically
commands/serve.jsRuntime startup command and launch-time parameter overrides
commands/supervise.jsProduction-ready zero-downtime supervisor for source-checkout auto-updates
server/server.js + server/app.jsCreates and starts the local HTTP runtime
server/jobs/Primary-owned periodic maintenance jobs
server/router/router.jsDefines exact request ordering across all URL namespaces
server/pages/*.htmlServer-owned page shells for /, /admin, /login, and /enter
app/L0/_all/mod/_core/framework/js/initFw.jsFrontend bootstrap; installs the runtime on framework-backed pages
app/L0/_all/mod/_core/router/Authenticated root app shell for /
app/L0/_all/mod/_core/onscreen_agent/Floating routed overlay agent
The Electron desktop host in packaging/desktop/main.js starts the server on a free loopback port and loads the resolved runtime URL — it is a packaging wrapper, not a separate backend.

Runtime Surfaces

Space Agent exposes several URL surfaces, each with a distinct purpose:
SurfaceDescription
/Authenticated app shell; hands off to _core/router
/adminFirmware-only admin shell (maxLayer=0); module and extension resolution stay L0-only
/loginPublic sign-in shell; does not depend on authenticated /mod/... assets
/enterRecovery-safe launcher shell available to authenticated sessions and single-user runtime
/api/<endpoint>Backend endpoint surface
/api/proxyAuthenticated outbound fetch proxy for cross-origin requests
/mod/<author>/<repo>/...Browser module delivery; backed by L0, L1, or L2 through layered inheritance
/~/... and /L0/..., /L1/..., /L2/...Authenticated direct app-file fetches
The /admin shell injects meta[name="space-max-layer"] with the value 0, which clamps all module and extension resolution to firmware (L0) only. This is why the admin UI always reflects base firmware state.

Request Routing Order

The server router processes every incoming request through a fixed priority sequence. Understanding this order explains why /api/proxy is always available before dynamic page logic runs:
1

API Preflight

CORS and preflight handling runs first across all paths.
2

/api/proxy

The authenticated outbound fetch proxy is matched before any other /api/ route.
3

/api/<endpoint>

Individual backend API endpoints are matched next.
4

/mod/...

Browser module delivery — the layered L0 → L1 → L2 inheritance resolution happens here.
5

App-file fetches

Authenticated direct file fetches under /~/..., /L0/..., /L1/..., and /L2/....
6

Page shells

/, /admin, /login, and /enter are matched last and respond with their server-owned HTML shells.

Frontend Boot Flow

Once the server delivers a page shell, the frontend takes over through a defined bootstrap sequence:
1

Server shell

server/pages/index.html (or admin.html) loads shared framework CSS and the framework bootstrap script.
2

initFw.js

app/L0/_all/mod/_core/framework/js/initFw.js installs the frontend runtime on globalThis.space, injects the _core/framework/head/end HTML seam into document.head, and runs the extensible framework bootstrap.
3

initializer.js

_core/framework/js/initializer.js runs shared bootstrap setup, including framework-managed same-origin _blank page-open handling and best-effort interception of current-tab cross-origin http(s) navigation escapes.
4

Alpine

Alpine helpers and shared bootstrap behavior are installed. Stores become available via $store.*.
5

Router

The first mounted module takes over the next seam. On /, this is _core/router; on /admin, it is _core/admin. Each module exposes further extension anchors for downstream composition.
Because extension lookup results are cached in memory, adding new ext/html/... or ext/js/... files typically requires a browser refresh before the running page discovers them.

The globalThis.space Runtime

Framework boot publishes the shared runtime at globalThis.space. All first-party modules access server APIs, routing, skill loading, and cross-feature helpers through this namespace rather than through direct imports or private internals.

space.api

Authenticated backend API client helpers, including file reads, identity, and optional Git history APIs.

space.router

Router helper surface on routed app pages; also available as Alpine $router.

space.skills

Skill discovery and on-demand loading with space.skills.load("skill/path").

space.current / space.spaces

Spaces and widget helper surfaces for the currently open space and cross-space CRUD.

space.browser

Top-level numeric-id runtime API for registered browser surfaces and popup windows.

space.onscreenAgent

Overlay display control, normal prompt submission, and guarded preset-button prompt submission.
The space runtime is window-local and must not be published into parent, top, or sibling frames.

Build docs developers (and LLMs) love