v0.1.0 · Open Source

Safe tools for
agentic products.

Nexara is the capability layer for AI systems that need signed skill discovery, policy-bound tool calls, remote execution, redacted secrets, audit trails, and optional learned ranking without hard-coding every integration.

Read the Guide View on GitHub
12
Rust Crates
4
Storage Modes
GA
Server APIs
MIT
Licensed
Core Capabilities

The contract between AI intent and real-world action.

Signed skill registries

Publish installable capability packs with product-neutral `host_requirements`, manifest hash checks, trust tiers, action classes, secret requirements, and confirmation policy. Hosts decide what to install; models never become the security boundary.

host_requirements Ed25519 contracts manifest SHA trust tiers

Policy before execution

Runtime checks scope, payload size, action class, trust profile, confirmation state, and concurrency before a host executor ever receives the call.

Remote tool contracts

Discover and call remote Nexara tools over HTTP with auth providers, host allowlists, route learning, diagnostics, and circuit-breaker behavior.

Secrets, audit, and learned ranking

Redacted sync and async secret stores, structured audit records, and optional usage signals give product teams operational visibility without letting learned behavior override policy.

Architecture

Host-owned execution. Nexara-owned capability contracts.

Your product keeps identity, context, final execution, and deployment. Nexara supplies the contracts for discovery, policy, secrets, remote tools, learning signals, and admin operations.

Host

Catalogs, executors, trust resolution, user context, and final action.

Nexara

Registries, runtime policy, secrets, remote contracts, audit, and APIs.

Nexara component architecture diagram

Embed it, serve it, or bridge from JavaScript.

01 Rust facade

Pull in the facade crate and enable only the modules your host needs: runtime, registry, remote, secrets, learning, server, or compatibility importers.

02 Authenticated server

Run list/call routes plus admin install, enable, disable, readiness, secret, and metrics APIs behind bearer auth or a host-provided authorizer.

03 JavaScript SDK

Browser or Node surfaces can list tools, call tools, and drive admin flows through the small typed JavaScript client.

Cargo.toml 
[dependencies]
nexara = { version = "0.1", features = [
  "runtime",
  "registry",
  "remote",
  "secrets",
  "server"
] }
JavaScript 
import { NexaraClient } from "@nexara/runtime";

const nexara = new NexaraClient({
  baseUrl: "https://tools.example.com",
  token: process.env.NEXARA_TOKEN
});

const tools = await nexara.listTools({
  prompt: "Find the best search capability"
});

Give your AI product a capability layer it can grow into.

Start embedded, add signed registries, expose a server, and let hosts stay in control as your tool ecosystem expands.

Open Repository View Roadmap