by smithersai
Agent workflows with full observability and time travel: watch every step live, rewind, fork, replay any run. Claude Code, Codex, Gemini, any model or harness.
# Add to your Claude Code skills
git clone https://github.com/smithersai/smithersLast scanned: 7/11/2026
{
"issues": [
{
"file": "apps/cli/docs/SKILL.md",
"line": 479,
"type": "prompt-injection",
"message": "Possible concealment directive: \"never tell the human\"",
"severity": "medium"
},
{
"file": "apps/cli/src/hermes-plugin/skills/orchestrate/SKILL.md",
"line": 39,
"type": "prompt-injection",
"message": "Possible concealment directive: \"Never tell the human\"",
"severity": "medium"
},
{
"file": "apps/cli/src/openclaw-plugin/skills/orchestrate/SKILL.md",
"line": 24,
"type": "prompt-injection",
"message": "Possible concealment directive: \"Do not tell the human\"",
"severity": "medium"
},
{
"file": "claude-plugin/skills/smithers/SKILL.md",
"line": 100,
"type": "prompt-injection",
"message": "Possible concealment directive: \"Never tell the human\"",
"severity": "medium"
},
{
"file": "codex-plugin/skills/smithers/SKILL.md",
"line": 42,
"type": "prompt-injection",
"message": "Possible concealment directive: \"Never tell the human\"",
"severity": "medium"
},
{
"file": "skills/smithers/SKILL.md",
"line": 479,
"type": "prompt-injection",
"message": "Possible concealment directive: \"never tell the human\"",
"severity": "medium"
}
],
"status": "PASSED",
"scannedAt": "2026-07-11T06:11:51.056Z",
"npmAuditRan": false,
"pipAuditRan": true,
"promptInjectionRan": true
}smithers is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by smithersai. Agent workflows with full observability and time travel: watch every step live, rewind, fork, replay any run. Claude Code, Codex, Gemini, any model or harness. It has 314 GitHub stars.
Yes. smithers passed SkillsLLM's automated security scan — a dependency vulnerability audit plus prompt-injection heuristics — with no high-severity issues. You can read the full report in the Security Report section on this page.
Clone the repository with "git clone https://github.com/smithersai/smithers" and add it to your Claude Code skills directory (see the Installation section above).
smithers is primarily written in JavaScript. It is open-source under smithersai on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh smithers against similar tools.
No comments yet. Be the first to share your thoughts!
Agent workflows you can watch live, rewind, fork, and replay.
Tell your coding agent to do real, multi-step work, then Smithers runs it for minutes or days: watch every step live, gate the risky ones behind human approvals, and rewind, fork, or replay any run. The same workflow runs across Claude Code, Codex, Pi, AI SDK models, and remote sandboxes.
Time travel: fork a run from any earlier frame and branch an alternate timeline. Every step is a database row, so live watching, rewind, and replay are built in.
| You want to… | Smithers? |
|---|---|
| Get one answer from one prompt | No, call the model directly |
| Let a coding agent change a repo across many steps | Yes |
| Pause for a human approval, then resume later | Yes |
| Run several agents that review, retry, and converge | Yes |
| Survive crashes and replay, fork, or rewind a run | Yes |
Smithers is the durable runtime for coding-agent work: when the unit of work is an agent editing a real repository over many steps, and you need that work to be inspectable, approvable, and recoverable.
Claude Code, Codex, and the other harnesses already fan out subagents, and for work that fits in one sitting they are the right tool. The fan-out is ephemeral, though: it lives inside one session, one vendor, and one terminal.
| Built-in subagent fan-out | A Smithers run |
|---|---|
| Dies when the session ends or crashes | Persists and resumes from the last finished step |
| One vendor per session | Claude, Codex, Gemini, and Pi share one workflow |
| An approval blocks the terminal | An approval suspends the run durably, overnight if needed |
| A bad decision means starting over | Rewind, fork, or replay from any step |
| Orchestration is a prompt you retype | A workflow is a file you version, review, and rerun |
When the work has to survive the session, hand the fan-out to Smithers. Your agent still drives everything; the run just stops being disposable. Detailed comparisons: vs. Claude Code Workflows, vs. Temporal, and vs. LangGraph. The longer argument is in the open, durable version of agent workflows.
Smithers is driven by your coding agent, not a GUI you click. Your agent runs Smithers on your behalf: it scaffolds workflows, kicks off runs, watches them, and handles approvals.
One command sets everything up. From inside your project:
bunx smithers-orchestrator init
init does everything:
smithers skill into the coding agents on your machine (Claude Code,
Pi, and more), so your agent knows how and when to use Smithers. No mkdir, no curl..smithers/ with ready-made workflows (hello, implement, plan,
review, debug, and more) your agent can pick from.Then just ask:
"orchestrate an agent to add rate limiting and keep iterating until the tests pass."
Your agent picks the right workflow, starts the run, and keeps going through retries and review loops until the work is actually done.
To wire the MCP server into every detected agent too, run bunx smithers-orchestrator mcp add. See Agent Support for the full per-agent
matrix, and skills/smithers/ for the onboarding skill itself.
A workflow is a JSX tree of tasks. You usually don't write these by hand: you prompt your agent, and it writes them from the same primitives the built-in pack uses. Each example below starts with the prompt that produces it.
This page is the 90-second version. The Tour is the 15-minute version: it builds a real code-review workflow one capability at a time.
"implement this request and keep iterating until a reviewer signs off"
import { createSmithers, Loop, CodexAgent } from "smithers-orchestrator";
import { z } from "zod";
const { Workflow, Task, smithers, outputs } = createSmithers({
input: z.object({ request: z.string() }),
impl: z.object({ summary: z.string(), filesChanged: z.array(z.string()) }),
review: z.object({ approved: z.boolean(), feedback: z.string() }),
});
const coder = new CodexAgent({
model: "gpt-5.6-luna",
config: { model_reasoning_effort: "medium" },
});
const reviewer = new CodexAgent({
model: "gpt-5.6-sol",
config: { model_reasoning_effort: "xhigh" },
sandbox: "read-only",
});
export default smithers((ctx) => (
<Workflow name="implement-reviewed">
<Loop until={ctx.latest(outputs.review, "validate")?.approved} maxIterations={5}>
<Task id="implement" output={outputs.impl} agent={coder}>
{`Implement: ${ctx.input.request}
Address this reviewer feedback first: ${ctx.latest(outputs.review, "validate")?.feedback ?? "none yet"}`}
</Task>
<Task id="validate" output={outputs.review} agent={reviewer}>
{`Review the working-tree changes for: ${ctx.input.request}.
Approve only when the change is correct and tested.`}
</Task>
</Loop>
</Workflow>
));
This is the loop a one-shot agent call can't give you: implement, review, feed the feedback back in, repeat until approved. Every iteration is persisted, so a crash mid-loop resumes at the current iteration instead of iteration one.
The bigger version of this idea (split a request into tickets, implement them in
parallel worktrees, gate on your approval, land through a merge queue) is
examples/parallel-tickets.jsx: a small engineering
team in one file.
Durability is the differentiator. Runs survive crashes, restarts, and flaky tools because every completed step is persisted to SQLite the moment it finishes. The runtime always knows what's done and what to run next. Approvals, human questions, retries, and replay are first-class.
prompt → render workflow → run task → validate output → persist to SQLite → re-render → resume · inspect · replay
That loop is the whole model: a task runs, its output is validated against a schema and written down, then the workflow re-renders from persisted state to decide the next task. A crash at any point resumes from the last write, not from the top.
A run killed mid-task, then resumed: the completed task is skipped, the interrupted task re-runs, the run finishes. No recovery code.
bunx smithers-orchestrator up workflow.tsx --input '{"description":"Fix bug"}'
bunx smithers-orchestrator up workflow.tsx --run-id abc123 --resume true # resume after a crash
bunx smithers-orchestrator rewind abc123 --frame 4 # time-travel to an earlier frame
bunx smithers-orchestrator fork abc123 # branch an alternate timeline
bunx smithers-orchestrator replay abc123 # replay from a checkpoint
Prefer the CLI? The seeded workflows run directly, and whether your agent started a run or you did, you can see exactly what's happening:
bunx smithers-orchestrator workflow run hello # smallest possible run; prompt lives at .smithers/prompts/hello.mdx
bunx smithers-orchestrator workflow run plan --prompt "add rate limiting and API key rotation"
bunx smithers-orchestrator ps # list active, paused, and recently completed runs
bunx smithers-orchestrator inspect RUN_ID # steps, agents, approvals, and outputs for one run
bunx smithers-orchestrator logs RUN_ID # tail the event log
bunx smithers-orchestrator chat RUN_ID # read the agent's chat output
ps shows you what needs attention (a paused approval, a recent failure); inspect drills
into a single run so you can follow each step and agent as it works. Run
bunx smithers-orchestrator starters to browse plain-English starters.
Prefer a live page over every run? bunx smithers-orchestrator monitor opens the Smithers
Monitor: the grouped run list, each run's execution tree with per-node status, and the
structur