Agents overview
An agent in Foxora is a configured assistant: a model, a system prompt, a set of tools, and a place to run. This page covers how to think about them.
Agent vs chatbot
A chatbot answers messages. An agent does things — it can call tools, edit files, browse the web, and run multi-step plans without you babysitting each step. The line is fuzzy, but the practical difference is autonomy: agents are allowed to act.
Anatomy of an agent
- Model — which LLM the agent uses (e.g.
gpt-4o-mini). - System prompt — the instructions that shape its behaviour.
- Tools — capabilities like file I/O, shell, web search, HTTP, or custom tools you define.
- Workspace — a sandboxed directory the agent can read and write.
- Memory — short-term (conversation history) and long-term (notes the agent saves to its workspace).
- Trigger — how it starts: manual chat, schedule, or webhook.
Where agents run
In Ember OS
On your machine. Best for personal assistants, coding work, and anything that needs access to local files. See the desktop tour.
As cloud agents
On Foxora’s infrastructure. Best for scheduled jobs, webhook-triggered flows, and anything that needs to keep running when your laptop is closed. See Cloud agents.
Permissions model
Agents can be powerful, so Foxora is opinionated about consent. By default every tool that touches the outside world (file system, shell, network, spending) goes through one of three approval modes:
- Ask every time — safest, slowest.
- Ask once per session — default for most tools.
- Always allow — for tools you trust completely.
Untrusted prompts
If an agent processes content from the web or other people, treat that content as potentially adversarial. Keep destructive tools on Ask every time.