Skip to Content
ConceptsConcept map

Concepts

TL;DR

CMDOP is an execution-state continuity layer with single-homed execution: a Go agent runs on each of your machines, connects outbound to a relay, and is reached by operators — Desktop, CLI, SDK, and AI. Five core pieces frame the model — agent (the LLM-driven loop), daemon (the long-lived host process), fleet (the tenant boundary), session (a stored, resumable conversation or PTY), and permission (the gate on remote tool calls). Nothing listens inbound; code runs locally, never in the cloud.

CMDOP is a Go agent that runs on each of your machines, plus a Desktop client and CLI that talk to those agents. This page maps the moving parts so the rest of the section makes sense.

What is CMDOP, in one paragraph?

CMDOP gives every machine you own (laptop, VPS, edge box, CI runner) a long-running agent that connects outbound to a relay. From the Desktop app or the CLI, you can chat with that agent, run shell sessions on it, ask it to call other agents, or grant a guest a time-bound share link. Nothing listens on an inbound port. The agent runs your code locally — CMDOP never executes your work in the cloud.

The five things you need to know

  • Agent — the LLM-driven loop that runs on a machine and decides which tools to call. See Agents.
  • Daemon — the long-lived OS process that hosts the agent, holds the relay connection, and serves local clients over a Unix socket. See Daemon.
  • Fleet — the tenant boundary. Owns machines, members, API keys. See Fleets.
  • Session — a stored, resumable conversation or PTY. Survives client disconnects. See Sessions.
  • Permission — the gate that decides whether a remote agent’s tool call is allowed. See Permissions.

How the pieces fit

Local clients (Desktop, CLI, SDK) attach to the daemon over a per-user Unix socket / Windows named pipe. The daemon holds one outbound TLS gRPC connection to the relay, identifies its fleet, and reaches every other agent in that fleet through the same channel.

AgentsThe Go binary that runs on every machine.DaemonLifecycle, ONLINE / DEGRADED / STARTING, heartbeat.SessionsTerminal sessions and persistent sessionmgr.FleetsMulti-tenant isolation and credential resolver.Agent CommunicationA asks B — ask_machine, ask_machines, fan-out.PermissionsThe gate, the floor, rule grammar, modes.

What changed since v1

  • ssh is now connect. The subsystem and CLI verb were renamed. Docs that say “ssh” are stale.
  • Server-to-server is first-class. Agents can call each other directly via ask_machine / ask_machines. See Agent Communication.
  • Permission gate. Inbound tool calls from remote agents are filtered by permissions.yaml. See Permissions.
  • MCP server. cmdop agent start --with-mcp exposes the tool surface to Claude Desktop / Cursor. See mcp/.

TAGS: concepts, mental-model, architecture, overview DEPENDS_ON: [agents, daemon, sessions, fleets, permissions]

Last updated on
Agents

CMDOP documentation — autonomous AI agents on every machine you register.

Product

Docs

Resources

Company

© 2026 Cmdop. MIT Licensed.GitHub ↗