Terminal first
An interactive Rich and prompt_toolkit experience designed to stay close to the code.
Open source · Developer tools · 2026
A terminal-native agentic assistant for developers.
Overview
Donovan Agent can chat with an LLM provider, inspect and edit files, run shell commands, execute local Python, search the web, use browser automation, connect MCP servers, remember project context, manage checkpoints, and work through real coding tasks from the command line.
Explore on GitHub ↗Capabilities
Developer tooling, persistent context, and explicit control in one terminal-first interface.
An interactive Rich and prompt_toolkit experience designed to stay close to the code.
Read, write, patch, search, run shell commands, execute Python, automate browsers, and connect MCP tools.
SQLite-backed sessions, memories, learned skills, tool records, schedules, and project context.
Works with OpenAI-compatible APIs, Anthropic, DeepSeek, Qwen, Ollama, and LM Studio.
Planning, checkpoints, subagents, contracts, recipes, evaluations, handoffs, and recovery.
Approved workspaces, risk-classified commands, audited writes, masked secrets, and explicit approval gates.
Model providers
Donovan is provider-flexible rather than tied to a single hosted service. It supports OpenAI and OpenAI-compatible APIs, Anthropic, DeepSeek, Qwen, Ollama, LM Studio, and custom local or hosted /v1/chat/completions endpoints.
The setup wizard guides users through API keys, model selection, optional Tavily search, workspace permissions, and tool approval settings. Providers can be changed later without rebuilding the workspace.
donovan setup
donovan model
donovan model set
Workflows & memory
Long-running state is stored in SQLite, including sessions, message history, tool calls, audit logs, memories, learned skills, project context, scheduled tasks, and activity events. This allows Donovan to resume work, recall prior decisions, and keep a traceable record of actions.
Higher-level workflows turn raw tools into repeatable engineering processes. Contracts define a goal and success criteria; recipes capture reusable procedures; sandboxes stage commands before promotion; profiles preserve workspace preferences; and evaluations or agent tests check repeatable behaviour.
Break complex tasks into visible steps with thinking summaries and activity streams.
Create checkpoints and sandboxes before risky edits or command execution.
Coordinate subagents, routing, handoffs, watchers, and inbox triage.
Store project memories and reusable skills inside the approved workspace.
create a contract for fixing the browser companion setup
set up a recipe named release-check that runs tests and summarizes risks
configure router automatically for this project
Browser & MCP
Donovan supports the Model Context Protocol for connecting servers that expose tools, resources, and prompts. MCP servers can be registered, inspected, diagnosed, and called from the interactive agent.
Browser work has two modes. Browser Companion works with already-open Chrome, Edge, Brave, Vivaldi, Opera, Arc, Chromium, and Firefox tabs through a local extension. Dedicated automation sessions use optional Playwright support for controlled browsing, text extraction, screenshots, and interaction.
donovan mcp listList connected MCP serversdonovan mcp add <name>Add an external tool server/browser companion activeInspect the active browser connection/browser screenshotCapture the current automated pageSafari requires a separately packaged and signed Safari Web Extension, so it is not supported by the unpacked Browser Companion.
Security
Because Donovan can edit files, execute code, and connect external tools, its defaults are designed around explicit workspaces and auditable actions. Workspaces must be approved, destructive commands are risk-classified, writes and patches are logged, tool results are recorded, API keys are masked in configuration output, and sensitive system paths are blocked.
Full autonomy should only be used on machines and folders where broad tool execution is acceptable.
Architecture
The repository separates the agent loop from execution, providers, security, memory, browser tooling, MCP, planning, scheduling, skills, subagents, and terminal UI. This keeps integrations replaceable and makes security-sensitive behaviour easier to inspect.
Running donovan doctor checks Python, the operating system, terminal encoding, configuration, writable data directories, SQLite, provider connectivity, Tavily, the shell backend, Git, ripgrep, Node, workspace permissions, browser automation, checkpoints, skills, and registered tools.
Quick install
curl -fsSL https://raw.githubusercontent.com/tudor-22/donovan-agent/main/install.sh | bash
powershell -ExecutionPolicy Bypass -c "irm https://raw.githubusercontent.com/tudor-22/donovan-agent/main/install.ps1 | iex"
The installer checks Python, clones the repository, creates a virtual environment, adds Donovan to your user PATH, optionally installs browser support, and runs first-time setup.
donovandonovan chat "Explain this repository's structure."donovan run "Inspect this project and summarize the main risks."donovan doctorKnown limitations include timeout-limited Python execution rather than a complete security sandbox, explicit search-and-replace patching, non-streaming tool-call turns when structured tool calls are required, and optional Playwright installation for browser automation.
Open source