AssistKick Agent Server
Self-hosted Go backend. Agentic AI chat, password storage, bookmark storage, and a filesystem-based skill system — in a single Docker container.
Streaming AI with a Tool Loop
Send a message to POST /v1/chat/completions and get back a real-time SSE stream. The server runs an agentic tool loop with up to 10 iterations per request — the AI can call shell commands, search bookmarks, look up passwords, and load skills, then reason about the results and call more tools. Full conversation history is sent to the LLM on each turn for context-aware responses. Persistent sessions store every message so you can resume conversations across devices. If a client disconnects mid-stream, in-flight API calls finish and persist — no work is lost.
Filesystem-Based AI Behaviors
Skills are directories on the server filesystem, each containing a SKILL.md file and an optional references/ folder. The SKILL.md uses YAML frontmatter for metadata (name, description, enabled flag) and a markdown body that defines the AI behavior. Template expansion replaces {{PLACEHOLDER}} patterns with the contents of reference files. Shell execution runs !`command` patterns inline during expansion. Skills are managed through a full CRUD REST API — create, read, update, delete, and toggle enabled state. For multi-node deployments, optional S3 sync keeps skills consistent across servers.
Server-Side Prompt Management
System prompts live on the filesystem as template files with YAML frontmatter. The {{SKILLS}} placeholder automatically expands to a formatted list of all enabled skills, keeping prompts in sync with available capabilities. The @file(path) directive includes external file contents inline, letting you compose prompts from reusable fragments. A default prompt is seeded on first server startup. Prompts are fully manageable through the REST API — clients select which prompt to use per session.
Encrypted Blobs with KDF Salt
The server stores password entries as opaque encrypted blobs — it never sees or processes plaintext credentials. All encryption and decryption happens client-side using AES-256 with Argon2id key derivation. The server manages a write-once KDF salt per vault, ensuring consistent key derivation across devices. Entries support group and folder organization through the API. Full CRUD operations let clients create, read, update, and delete entries and groups.
Tags, Search, and AI Enrichment
Bookmarks are first-class entities with full CRUD operations, content storage, and a tag system with aggregate counts. Search spans titles, descriptions, URLs, and full content — find any bookmark by any field. On ingest, bookmarks pass through AI enrichment that generates titles, tags, and excerpts automatically. Content captured from the browser extension — whether intercepted from X.com or grabbed via Readability — is stored as markdown on the server.
Six Tools the AI Can Call
The agentic loop exposes six tools to the LLM. Each tool has a defined schema and the AI decides when and how to call them based on the conversation context.
| Tool | Description |
|---|---|
| shell | Runs commands via sh -c with a 30-second timeout |
| search_bookmarks | SQL search across bookmark titles, descriptions, URLs, and content |
| read_bookmark | Fetches full bookmark content by ID |
| search_passwords | Searches titles, usernames, and URLs — never returns encrypted fields |
| read_password | Returns entry metadata plus the encrypted blob for client-side decryption |
| skill | Loads and expands a named skill with template and shell execution |
Single Binary, Docker Ready
The agent server compiles to a single Go binary with no CGO dependencies. Run it directly or use Docker Compose for a production-ready setup that includes Node.js and Python runtimes for skills that execute scripts.
Single Go binary with Docker support
docker compose up --build
Three SQLite files: chat.db, passwords.db, bookmarks.db
Pure Go driver (modernc.org/sqlite) — no CGO, easy cross-compilation
Includes Node.js and Python for skills that run scripts
Environment variables for API key, OpenRouter key, model, S3 settings
REST API Surface
All endpoints except the health check require Bearer token authentication. The API follows REST conventions with JSON request and response bodies.
| Area | Endpoints |
|---|---|
| Chat | POST /v1/chat/completions, GET /v1/models |
| Sessions | CRUD on /v1/sessions |
| Skills | CRUD on /v1/skills with file management |
| Prompts | CRUD on /v1/prompts |
| Passwords | CRUD on /v1/passwords with groups and KDF salt |
| Bookmarks | CRUD on /v1/bookmarks with tags |
Streaming Event Types
The chat endpoint streams Server-Sent Events. Each event has a type field that tells the client what kind of data to expect, enabling real-time UI updates for tool execution, streaming text, and session management.
| Event | Purpose |
|---|---|
| session / session.update | Session lifecycle — creation and updates |
| content.delta | Streaming text chunks from the LLM |
| tool_call.start / tool_call.result | Tool execution visibility — what the AI is doing |
| message.start / message.end | Turn boundaries for message framing |
| done | Stream complete with token usage statistics |
| error | Error details when something fails |