# Add to your Claude Code skills
git clone https://github.com/thesongzhu/FridayLast scanned: 5/16/2026
{
"issues": [
{
"type": "npm-audit",
"message": "express-rate-limit: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "fast-uri: fast-uri vulnerable to path traversal via percent-encoded dot segments",
"severity": "high"
},
{
"type": "npm-audit",
"message": "hono: Hono has CSS Declaration Injection via Style Object Values in JSX SSR",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "ip-address: ip-address has XSS in Address6 HTML-emitting methods",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "protobufjs: protobuf.js: Code injection through bytes field defaults in generated toObject code",
"severity": "high"
}
],
"status": "WARNING",
"scannedAt": "2026-05-16T06:21:17.642Z",
"semgrepRan": false,
"npmAuditRan": true,
"pipAuditRan": true
}Friday is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by thesongzhu. AI. It has 918 GitHub stars.
Friday returned warnings in SkillsLLM's automated security scan. It has no critical vulnerabilities, but review the flagged issues in the Security Report section before adding it to your workflow.
Clone the repository with "git clone https://github.com/thesongzhu/Friday" and add it to your Claude Code skills directory (see the Installation section above).
Friday is primarily written in TypeScript. It is open-source under thesongzhu on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh Friday against similar tools.
No comments yet. Be the first to share your thoughts!
Requires a passing catalog security scan. Resolve the flagged issues and resubmit to enable featuring.
Friday is a self-hosted personal AI and automation runtime: a local-first application layer that helps AI agents turn user-approved goals into verified work.
It is meant to feel less like a blank chatbot and more like a private execution partner: you give a goal, Friday checks what it can do, uses configured capabilities, asks for the human-only pieces, executes, verifies the result, and records what it learned. Capability acquisition and self-upgrade flows are active work and should be treated as review-gated WIP rather than a fully autonomous promise.
Friday is not a magic fully autonomous system. It will not create accounts for you, bypass CAPTCHA, pay for services, take production-changing actions, or use credentials you have not provided. Its job is to do the work it can safely do, stop clearly when it needs you, and leave evidence behind.
Friday is a public v1 local candidate distributed via npm/source only, not a release-complete claim for every integration in the repository.
unsupported in this release.blocked_by_env, mock-only tests, workflow success alone, stale artifacts, and wrong-SHA artifacts are not release proof.1.0.1 closed as dogfood_partial_pass (UX 7.78/10 weighted). The published npm 1.0.2 package still carries the original nine proof-pending headlines. GitHub-visible source after 1.0.2 has closed several deterministic slices and is staged as a 1.0.3 package candidate, but 1.0.3 is not published until a future authorized release; see docs/public-v1-local-candidate.md.| Area | What Friday is built to do | Boundary |
|---|---|---|
| Chat and task execution | Answer, plan, execute tool-backed work, show progress, and recover from failures | Depends on configured providers and granted tools |
| Text, vision, OCR, PDF, files | Route work to configured providers or built-in parsers, then report what is missing when a lane is unavailable | Vision/OCR/TTS depend on provider support and credentials |
| Web and browser work | Use configured web search providers, local browser control, and workflow steps | Login, payment, CAPTCHA, and sensitive accounts require the user |
| Skills and workflows | Import, validate, stage, promote, run, verify, update, and roll back reusable skills/workflows where the lifecycle is closed | Generated or imported skills are candidates until review, canary, and promotion gates pass; workflow upgrade proof is not identical to skill lifecycle proof |
| Memory and self-improvement | Store explicit preferences, learned facts, lessons, provider routing signals, recipes, evals, and recovery notes | User-visible, auditable, and reversible; learned signals are not hidden model training, unquestioned truth, or guaranteed prompt behavior |
| Self-healing | Detect failures, propose fixes, and run low-risk repairs only where the path is wired, configured, and evidence-backed | Dispatcher-style auto-fix is default-off; high-risk or data-changing repairs require approval, receipts, and rollback or an explicit non-reversible record |
| Optional channel adapters | Connect Discord, Telegram, and Feishu/Lark trusted-inbound (proven via same-SHA Real Green Gate channel artifacts on the release SHA) where configured; other configured channels remain optional surfaces | Channels are configured-only surfaces; outbound channel control automation is not part of the public v1 local release claim; Slack HTTP Events-API inbound and QQ are unsupported; sensitive actions still require confirmation |
| Long-running goals | Run user-authorized standing goals, create agenda items, gather evidence, and report outcomes | Friday is goal-driven by the user; it does not invent unrelated long-term agendas |
npm install -g @thesongzhu/friday
friday start
# Open http://localhost:3141
git clone https://github.com/thesongzhu/Friday.git
cd Friday
bash scripts/ops/friday-first-run.sh
# Or on macOS, double-click "Friday Setup.command"
The first-run helper installs dependencies, builds Friday, starts the local runtime, and opens the setup page. On macOS it also attempts to install the login startup agent and menu-bar companion (an unsigned local-source build — not a notarized or release-proven desktop distribution; see the capability matrix) so Friday can come back after restart. If you run it from Desktop, Documents, or Downloads, it prepares the launchd-safe runtime at ~/Friday automatically before installing the login agents.
git clone https://github.com/thesongzhu/Friday.git
cd Friday
npm install
npm run build
npm start
# Open http://localhost:3141
docker compose -f docker/docker-compose.yml up --build
# Open http://localhost:3141
First-run setup guides you through providers, local permissions, and optional capabilities. Channel setup is optional and must verify the configured channel before it is treated as available. After setup, Friday should open directly to Home.
Friday is BYOK: you bring the model and search/API credentials you want to use.
The setup flow should answer four questions for every capability:
Typical provider lanes include OpenAI, Doubao/Volcengine, Moonshot, Anthropic, Google, OpenRouter, Tavily, Serper, local browser/PDF/file tooling, MCP servers, and custom skills. A missing key or account is not treated as success; Friday should show it as a human blocker with the next configuration step.
When Friday does not have a capability for a goal, the target closed loop is:
goal -> capability gap -> candidates -> sandbox/test -> approval if required -> install/register -> doctor verify -> execute
This loop is not yet a blanket production guarantee. Current builds can report gaps and exercise parts of the workflow, while generated skills, self-upgrades, and adjustment-fidelity paths remain review-gated and covered by ongoing stress tests. Allowed automatic steps depend on policy. Searching, analysis, draft generation, and sandbox verification are low-risk by default. Downloading code, installing packages, writing config, registering tools, shell access, and external network calls are governed by the autonomy policy. OAuth, payment, CAPTCHA, API keys, sensitive permissions, and production writes always require the user.
Friday's self-improvement is intentionally boring and inspectable: