Third-Eye

Name: Third-Eye
Author: eli-labz

by eli-labz

Warning

A production-grade OSINT platform that provides situational awareness across multiple intelligence domains.

285stars

1forks

TypeScript

Added 6/14/2026

View on GitHub Download ZIP Scan for vulnerabilities

AI Agentsaiai-agentgeospatialmaven-smart-systempalantir

Installation

# Add to your Claude Code skills
git clone https://github.com/eli-labz/Third-Eye

Getting Started

Guides for using ai agents skills like Third-Eye.

Caveman: Cut Claude Token Use by 65%
How agent-side prompt compression works, when to use it, and when not to.
What is an AI Skills Marketplace?
Definitions, how marketplaces work, and how to choose between them in 2026.
Getting Started with AI Skills

Security ReportWarning

Last scanned: 6/14/2026

{
  "issues": [
    {
      "type": "npm-audit",
      "message": "@vercel/analytics: Vulnerability found",
      "severity": "medium"
    },
    {
      "type": "npm-audit",
      "message": "@vitest/mocker: Vulnerability found",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "esbuild: esbuild: Missing binary integrity verification in Deno module enables remote code execution via NPM_CONFIG_REGISTRY",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "next: Vulnerability found",
      "severity": "medium"
    },
    {
      "type": "npm-audit",
      "message": "postcss: PostCSS has XSS via Unescaped </style> in its CSS Stringify Output",
      "severity": "medium"
    },
    {
      "type": "npm-audit",
      "message": "vite: Vulnerability found",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "vite-node: Vulnerability found",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "vitest: Vulnerability found",
      "severity": "high"
    }
  ],
  "status": "WARNING",
  "scannedAt": "2026-06-14T08:16:29.806Z",
  "npmAuditRan": true,
  "pipAuditRan": true,
  "promptInjectionRan": true
}

README.md

Agentic AI for Beginners

Build your first AI agent from scratch - tool use, ReAct pattern, memory, deployment

41 minBeginner

Comments (0)

to leave a comment.

No comments yet. Be the first to share your thoughts!

Related Skills

ECC

by affaan-m

The agent harness performance optimization system. Skills, instincts, memory, security, and research-first development for Claude Code, Codex, Opencode, Cursor and beyond.

215,057

zagi Alice

⬡ THIRD EYE

Open-Source Global Intelligence & Reconnaissance Platform

A real-time global intelligence dashboard that aggregates live flight tracking, CCTV networks, earthquake monitoring, conflict zone mapping, and 24/7 news feeds into a single GPU-accelerated interface.

🌐 Live Demo · 🐛 Report Bug · ✨ Request Feature · ⭐ Star This Repo

If Third Eye is useful to you, please consider giving it a ⭐ — it helps the project grow and reach more people!

🔍 Overview

Third Eye is a production-grade OSINT platform that provides real-time situational awareness across 13+ intelligence domains — all in one GPU-accelerated interface. Built with Next.js 16 and MapLibre GL, every data point is rendered via WebGL for 60fps performance even with thousands of concurrent entities on-screen.

No API keys required to get started. Clone, run, and you're live in under 2 minutes.

✨ Why Third Eye?

🌍 16 live data layers — aviation, maritime, CCTV, seismic, fires, news, weather, space, cyber, conflict, crypto, sanctions, and more
⚡ WebGL-powered — GPU-accelerated map rendering, not DOM-based. Handles thousands of entities at 60fps.
🔑 Zero-key startup — all core layers work out of the box with public, keyless APIs
🐳 Docker-ready — single-command self-hosting with prebuilt GHCR image
🧰 Built-in RECON toolkit — port scanner, DNS lookup, WHOIS, SSL inspector, IP intelligence, CVE scanner, crypto wallet tracer, and OFAC sanctions search
📡 Telegram OSINT — geoparsed public channel posts plotted on the map in real time
💰 Crypto intelligence — BTC + ETH wallet tracing with live OFAC SDN sanctions cross-check
🏠 Self-hostable — CasaOS one-click install supported

🗺️ Intelligence Domains

Domain	Data Points	Sources
✈️ Aviation	Commercial, Private, Military, Jets	OpenSky Network
🚢 Maritime	39 Global Ports, 10 Chokepoints	Static Naval Intel
📷 CCTV	2,000+ Cameras	TfL, WSDOT, Caltrans, NYC DOT, VicRoads + more
🌋 Seismic	Real-time M2.5+	USGS Earthquake API
🔥 Fires	Active Hotspots	NASA FIRMS
📺 News	24/7 Live Streams	25+ Global Broadcasters
🌪️ Weather	Severe Events	NASA EONET
🛰️ Space	Solar Weather, Satellites	NOAA SWPC, N2YO
🛡️ Cyber	CVE Threats, Vulnerability Scanning	NVD, Custom Scanner
⚔️ Conflict	13 Active Zones	Static OSINT Intel
💰 Crypto	BTC + ETH Wallet Tracing, OFAC SDN Match	blockstream.info, Blockscout, OpenSanctions
🚫 Sanctions	Person / Org / Vessel SDN Search	OpenSanctions (US OFAC SDN mirror)
📱 Telegram OSINT	Geoparsed Posts from Public Channels	t.me/s/ web preview

🏗️ Architecture

🚀 Quick Start

Option 1 — npm (2 minutes)

git clone https://github.com/eli-labz/Third-Eye.git
cd Third-Eye
npm install
npm run dev

Open http://localhost:3000 — done. No API keys needed.

Option 2 — Docker

git clone https://github.com/eli-labz/Third-Eye.git
cd Third-Eye
cp .env.template .env   # optional — configure keys / port
docker compose up -d

Option 3 — Prebuilt Image (fastest)

docker pull ghcr.io/aiacos/third-eye:latest
docker run -d -p 3000:3000 --env-file .env ghcr.io/aiacos/third-eye:latest

💡 Custom port: Set THIRDEYE_PORT in .env to change the published host port without editing the compose file.

⚙️ Configuration

Third Eye works without any API keys — all core layers use public, keyless sources. Copy .env.template to .env and configure only what you need:

# Published host port (container always listens on 3000). Default: 3000
THIRDEYE_PORT=3000

# RECON scanner backend — generate key with: openssl rand -hex 32
SCANNER_URL=
SCANNER_KEY=

# Optional — for higher rate limits
FIRMS_API_KEY=         # NASA FIRMS
OPENSKY_CLIENT_ID=     # OpenSky OAuth2
OPENSKY_CLIENT_SECRET=
N2YO_API_KEY=          # N2YO satellites
AIS_API_KEY=           # aisstream.io maritime

Without SCANNER_URL/SCANNER_KEY the RECON toolkit returns 503; every other layer works out of the box.

🛠️ Features In Depth

Intelligence Layers

16 toggleable data layers with real-time entity counts
GPU-accelerated rendering — all map data rendered via WebGL, not DOM
Progressive loading — data fetched on-demand when layers are activated
Viewport-aware — only loads relevant data for the visible region

RECON Toolkit

Port Scanner — TCP connect scan with service fingerprinting
DNS Lookup — Full record resolution (A, AAAA, MX, NS, TXT, CNAME)
WHOIS — Domain/IP registration data (auto-cross-checked against OFAC SDN)
SSL/TLS Inspector — Certificate chain analysis
IP Intelligence — Geolocation, ASN, threat reputation (auto-cross-checked against OFAC SDN)
Vulnerability Scanner — CVE lookup against NVD database
Crypto Wallet Trace — BTC + ETH lookup (balance, tx history, OFAC SDN sanctions flag)
OFAC Sanctions Search — Full-text search across persons, organizations, vessels, and aircraft

Live Broadcast Network

25+ live 24/7 news streams from global broadcasters
Click any news dot on the map to open the live stream
Feeds from NBC, CBS, ABC, Sky News, Al Jazeera, France 24, NHK, WION, and more

Telegram OSINT Layer

Public-channel feed scraped from the unauthenticated web preview — no Bot API token, no MTProto
Overridable channel list via THIRDEYE_TELEGRAM_CHANNELS
Posts geoparsed against a multilingual place dictionary (EN + Cyrillic + Arabic) and plotted on the map

Crypto Wallet Intelligence

BTC via blockstream.info (Esplora API, keyless)
ETH via Blockscout's public ETH instance (keyless)
Every lookup auto-cross-checked against the OFAC SDN sanctioned-address list
Sanctioned wallets surface a red SANCTIONED — OFAC SDN badge

Conflict Zone Monitoring

13 active conflict/tension zones with severity-coded markers
Active Wars: Ukraine, Gaza, Sudan, Myanmar, DRC, Yemen
High Tension: Syria, Lebanon, Sahel, Somalia, Red Sea
Elevated: Taiwan Strait, Korean DMZ

Performance

75% reduction in edge requests vs initial release
Aggressive polling relaxation (15-30 min intervals for stable data)
Static data served from memory — zero external API calls for news feeds

🖥️ Tech Stack

Layer	Technology
Framework	Next.js 16 (App Router, Turbopack)
Language	TypeScript 5
Map Engine	MapLibre GL JS (WebGL)
Animations	Framer Motion
Icons	Lucide React
Styling	Custom CSS Design System
Deployment	Vercel Edge Network

⌨️ Keyboard Shortcuts

Key	Action
`F`	Toggle flight layers
`E`	Toggle earthquakes
`S`	Toggle satellites
`D`	Toggle day/night cycle
`Escape`	Close panels

🧠 Smart System (optional, off by default)

An optional, feature-flagged, human-in-the-loop data-fusion module that layers an analyst workflow over the platform's existing live feeds:

Ingestion → Ontology → Advisory AI models → Human review → Audit

It is decision-support only — nothing autonomous, kinetic, or real-world. It ingests the platform's real feeds (flights, maritime, satellites, earthquakes, GDELT, news), normalizes them into canonical entities, runs explainable advisory models (object-detection summary, track-anomaly detection, report summarization, course-of-action generation, risk scoring), and routes every recommendation into a human approve / reject / request-changes queue with a full audit trail.

Completely invisible unless enabled:

ENABLE_MSS_SMART_SYSTEM_MODULE=true      # adds a "Smart System" panel + /api/smart-system/*
SMART_SYSTEM_RUN_KEY=<random-secret>     # (recommended) guards the heavy /run endpoint
KV_REST_API_URL=...                      # (optional) Vercel KV / Upstash → state persists
KV_REST_API_TOKEN=...                    #             across serverless requests

When off, the GUI, routes and workflows are unchanged. Full architecture, API reference, and safety notes: docs/SMART_SYSTEM.md. Run its test suite with npm test.

🤝 Contributing

Contribution