Initial release — AI COMMS v1.0.0

Multi-agent AI communication network over WhatsApp and Microsoft Teams.

- 18 AI providers (OpenAI, Anthropic, Google, NVIDIA NIM, OpenClaw, etc.)
- Encrypted agent-to-agent protocol (AES-256-GCM + HMAC-SHA256)
- Multi-agent group coordination
- 6-layer jailbreak defense
- Provider failover with rate limiting
- Health monitoring, audit logging, admin commands
- Docker + PM2 production deployment
- 64 automated tests passing

Author: jovanSAPFIONEER

.dockerignore

@@ -0,0 +1,9 @@
+node_modules
+.env
+auth_info
+logs
+data
+*.pem
+*.key
+*.cert
+.git

.env.example

@@ -0,0 +1,177 @@
+# ============================================
+# AI COMMS — Environment Variables
+# Copy this to .env and fill in your keys
+# ============================================
+
+# --- AI Provider API Keys (fill in the ones you want to use) ---
+
+# Which provider to use: openai | anthropic | google | mistral | cohere | groq | ollama | deepseek | xai | perplexity | together | fireworks | codex | copilot | claude-code | claude-cowork | nvidia-nim | openclaw
+AI_PROVIDER=openai
+
+# OpenAI (GPT-4o, GPT-4, GPT-3.5)
+OPENAI_API_KEY=
+OPENAI_MODEL=gpt-4o
+
+# Anthropic (Claude 4, Claude 3.5 Sonnet, etc.)
+ANTHROPIC_API_KEY=
+ANTHROPIC_MODEL=claude-sonnet-4-20250514
+
+# Google Gemini
+GOOGLE_API_KEY=
+GOOGLE_MODEL=gemini-2.0-flash
+
+# Mistral AI
+MISTRAL_API_KEY=
+MISTRAL_MODEL=mistral-large-latest
+
+# Cohere (Command R+)
+COHERE_API_KEY=
+COHERE_MODEL=command-r-plus
+
+# Groq (fast inference — LLaMA, Mixtral)
+GROQ_API_KEY=
+GROQ_MODEL=llama-3.3-70b-versatile
+
+# Ollama (local LLMs — no API key needed)
+OLLAMA_BASE_URL=http://localhost:11434
+OLLAMA_MODEL=llama3
+
+# DeepSeek
+DEEPSEEK_API_KEY=
+DEEPSEEK_MODEL=deepseek-chat
+
+# xAI (Grok)
+XAI_API_KEY=
+XAI_MODEL=grok-2-latest
+
+# Perplexity
+PERPLEXITY_API_KEY=
+PERPLEXITY_MODEL=sonar-pro
+
+# Together AI (open-source models hosted)
+TOGETHER_API_KEY=
+TOGETHER_MODEL=meta-llama/Llama-3-70b-chat-hf
+
+# Fireworks AI
+FIREWORKS_API_KEY=
+FIREWORKS_MODEL=accounts/fireworks/models/llama-v3p1-70b-instruct
+
+# OpenAI Codex (code-optimized)
+CODEX_API_KEY=
+CODEX_MODEL=o4-mini
+
+# GitHub Copilot / GitHub Models
+# Get a token at https://github.com/settings/tokens (needs copilot scope)
+COPILOT_TOKEN=
+COPILOT_MODEL=gpt-4o
+COPILOT_BASE_URL=https://models.github.ai/inference
+
+# Claude Code (Anthropic's agentic coding model)
+CLAUDE_CODE_API_KEY=
+CLAUDE_CODE_MODEL=claude-sonnet-4-20250514
+CLAUDE_CODE_MAX_TOKENS=16384
+CLAUDE_CODE_THINKING_BUDGET=10000
+
+# Claude Cowork (Anthropic's collaborative agent)
+CLAUDE_COWORK_API_KEY=
+CLAUDE_COWORK_MODEL=claude-sonnet-4-20250514
+CLAUDE_COWORK_MAX_TOKENS=8192
+CLAUDE_COWORK_THINKING_BUDGET=8000
+
+# NVIDIA NIM / NemoClaw (open source models via NVIDIA inference)
+# Get an API key at https://build.nvidia.com
+NVIDIA_API_KEY=
+NVIDIA_NIM_BASE_URL=https://integrate.api.nvidia.com/v1
+NVIDIA_NIM_MODEL=nvidia/nemotron-3-super-120b-a12b
+NVIDIA_NIM_MAX_TOKENS=4096
+
+# OpenClaw (personal AI assistant — https://openclaw.ai)
+# Connects to a running OpenClaw Gateway instance
+OPENCLAW_BASE_URL=http://localhost:18789
+OPENCLAW_AUTH_TOKEN=
+OPENCLAW_SESSION=main
+OPENCLAW_MODEL=default
+
+# --- Security ---
+
+# Allowlist — comma-separated phone numbers or Teams IDs that can use the bot
+# Leave empty to allow everyone. Set SECURITY_ENABLE_ALLOWLIST=true to activate.
+SECURITY_ENABLE_ALLOWLIST=false
+SECURITY_ALLOWLIST=
+SECURITY_BLOCKLIST=
+
+# Rate limiting (on by default) — max messages per sender per window
+SECURITY_ENABLE_RATE_LIMIT=true
+SECURITY_RATE_LIMIT_MAX=20
+SECURITY_RATE_LIMIT_WINDOW_MS=60000
+
+# Max message length (chars)
+SECURITY_MAX_MESSAGE_LENGTH=10000
+
+# Agent-to-agent shared secret — all agents in your network must use the same secret
+# Generate one: node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"
+SECURITY_AGENT_SECRET=
+SECURITY_REQUIRE_AGENT_AUTH=false
+
+# Prompt injection detection (on by default, logging only)
+# Set BLOCK to true to reject suspicious messages instead of just logging
+SECURITY_ENABLE_INPUT_SANITIZATION=true
+SECURITY_BLOCK_PROMPT_INJECTION=false
+
+# Replay protection — reject agent messages older than this (ms), 0 = disabled
+SECURITY_MAX_MESSAGE_AGE_MS=300000
+
+# Payload encryption — AES-256-GCM for agent-to-agent message bodies
+# All agents in your network must share the same key
+# Generate one: node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"
+SECURITY_ENCRYPTION_KEY=
+
+# TLS for webhook servers (Cloud API + Teams)
+# Provide paths to cert/key files, or use a reverse proxy (nginx/Caddy) instead
+TLS_CERT_PATH=
+TLS_KEY_PATH=
+
+# --- Agent Identity ---
+AGENT_NAME=MyAI
+AGENT_ID=agent_001
+
+# --- Messaging Platform ---
+# Which platform(s) to connect: whatsapp | teams | both
+PLATFORM=whatsapp
+
+# --- WhatsApp ---
+# "baileys" for free local connection, "cloud-api" for official Meta API
+WHATSAPP_MODE=baileys
+
+# Only needed if WHATSAPP_MODE=cloud-api
+WHATSAPP_PHONE_NUMBER_ID=
+WHATSAPP_ACCESS_TOKEN=
+WHATSAPP_VERIFY_TOKEN=
+WHATSAPP_WEBHOOK_PORT=3000
+
+# Cloud API webhook signature verification (optional but recommended)
+# Get this from your Meta App Dashboard > App Secret
+WHATSAPP_APP_SECRET=
+
+# --- Microsoft Teams ---
+# Register a bot at https://dev.botframework.com or Azure Portal
+TEAMS_APP_ID=
+TEAMS_APP_PASSWORD=
+TEAMS_PORT=3978
+
+# --- Health & Monitoring ---
+HEALTH_PORT=9090
+
+# --- Admin ---
+# Comma-separated phone numbers that can use !admin commands
+ADMIN_LIST=
+
+# --- Provider Failover ---
+# Comma-separated fallback providers if the primary fails
+# e.g. AI_FALLBACK_PROVIDERS=anthropic,google,groq
+AI_FALLBACK_PROVIDERS=
+
+# --- Per-Provider Rate Limits (requests per minute, optional) ---
+# RATE_LIMIT_OPENAI_RPM=60
+# RATE_LIMIT_ANTHROPIC_RPM=40
+# RATE_LIMIT_GOOGLE_RPM=60

.gitignore

@@ -0,0 +1,8 @@
+node_modules/
+.env
+auth_info/
+logs/
+data/
+*.pem
+*.key
+*.cert

Dockerfile

@@ -0,0 +1,25 @@
+FROM node:20-alpine
+
+WORKDIR /app
+
+# Copy package files
+COPY package.json package-lock.json* ./
+
+# Install production dependencies
+RUN npm ci --omit=dev
+
+# Copy source
+COPY src/ ./src/
+COPY .env* ./
+
+# Create directories
+RUN mkdir -p data logs auth_info
+
+# Health check
+HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
+  CMD wget -qO- http://localhost:9090/health || exit 1
+
+# Expose ports (health, whatsapp webhook, teams)
+EXPOSE 9090 3000 3978
+
+CMD ["node", "src/index.js"]