Skip to content
/
Tier A A12 UI passthrough

Goose (Block/AAIF)

goose · block/goose · ★ 46k · last commit 2026-05-26

Primitive shape 6 total
Subagents 1 MCP tools 5
00

Summary

Goose (Block/AAIF) — Summary

Goose is a general-purpose AI agent written in Rust by Block (Square), now donated to the Agentic AI Foundation (AAIF) at the Linux Foundation. It is available as a desktop app (macOS/Linux/Windows via Electron), a CLI (goose), and a REST API. Unlike coding-specific agents, Goose is designed for arbitrary tasks: research, writing, automation, data analysis — not just code. It supports 15+ LLM providers and connects to 70+ extensions via MCP. The agent loop includes subagent execution, a scheduling system, adversarial security inspection (EgressInspector, AdversaryInspector), and context compaction. .goosehints at the repo root provides the equivalent of CLAUDE.md.

Goose is one of the most architecturally complete agents in this batch: it ships its own recipe system (shareable agent configurations as YAML), a scheduling tool, a built-in memory extension, a computer-controller extension, and security inspectors that run on every tool call. Seed frameworks like superpowers, BMAD-method, and agent-os are behavior layers that assume an agent like Goose or Claude Code as the execution engine beneath them.

01

Overview

Goose — Overview

Origin

Created by Block (the company formerly known as Square, parent of Cash App) as an internal AI agent tool, then open-sourced. The project was later donated to the Agentic AI Foundation (AAIF) at the Linux Foundation, making it one of the few coding agents backed by a foundation. The repository URL changed from block/goose to aaif-goose/goose during the transition.

Philosophy

From README:

"goose is a general-purpose AI agent that runs on your machine. Not just for code — use it for research, writing, automation, data analysis, or anything you need to get done."

This is a key differentiator: Goose explicitly rejects being a "coding agent" in favor of being a general-purpose agent. The "goose" metaphor emphasizes both the playfulness of the name and the extensibility story (geese migrate — Goose migrates your code to production).

Architecture Philosophy

Goose is built in Rust for performance and portability. The architecture separates:

  • goose crate: core agent logic (session management, tool execution, context management, security)
  • goose-cli crate: CLI interface
  • goose-server crate: REST API server for the desktop app
  • goose-mcp crate: bundled MCP extensions
  • goose-sdk crate: public SDK

Non-trivial features are implemented in the goose crate and called from goose-cli. The desktop app calls goose-server routes. This clean separation enables the same agent logic to power multiple surfaces.

Security-First Design

Uniquely in this corpus, Goose ships security inspectors as first-class components:

  • AdversaryInspector: detects adversarial content in tool responses (prompt injection prevention)
  • EgressInspector: monitors outbound network requests for data exfiltration
  • SecurityInspector: general security policy enforcement

These run on every tool call, not just on model output.

Recipes

Goose ships a "recipe" system: shareable YAML files that define an agent configuration (name, model, extensions, initial prompt). Recipes can be shared via GitHub or loaded via URL, enabling community-shared agent configurations.

02

Architecture

Goose — Architecture

Distribution

# CLI
curl -fsSL https://github.com/aaif-goose/goose/releases/download/stable/download_cli.sh | bash

# Desktop app
# Download from goose-docs.ai/docs/getting-started/installation

Source Layout (Rust workspace)

crates/
  goose/              # Core agent logic
    src/
      agents/         # Agent implementation
        agent.rs      # Main agent loop
        subagent_handler.rs
        subagent_execution_tool.rs
        schedule_tool.rs
        extension_manager.rs
        prompt_manager.rs
        retry.rs
        types.rs
      context_mgmt/   # Context compaction
      conversation/   # Message management
      config/         # Configuration
      execution/      # Tool execution
      security/       # Security inspectors
        adversary_inspector.rs
        egress_inspector.rs
        security_inspector.rs
      hooks/          # Hook system
      hints/          # .goosehints support
  goose-cli/          # CLI
    src/
      commands/       # CLI subcommands
        configure.rs, doctor.rs, gateway.rs,
        info.rs, plugin.rs, project.rs,
        recipe.rs, schedule.rs, session.rs,
        term.rs, tui.rs, update.rs
      session/        # Session management
      recipes/        # Recipe system
  goose-mcp/          # Bundled MCP extensions
    src/
      memory/         # Persistent memory extension
      computercontroller/  # Computer control extension
      autovisualiser/ # Visualization extension
      peekaboo/       # Screenshot/visual extension
      tutorial/       # Tutorial extension
  goose-server/       # REST API for desktop
ui/
  desktop/            # Electron desktop app (TypeScript)

Config Files

  • .goosehints — project-specific instructions (equivalent of CLAUDE.md)
  • ~/.config/goose/config.yaml — global config
  • goose-self-test.yaml — self-test recipe (in repo root)

Required Runtime

  • None for CLI (pre-built Rust binary)
  • Electron for desktop app

Target AI Tools

Supports 15+ providers via the goose crate's provider abstraction:

  • Anthropic (Claude)
  • OpenAI
  • Google Gemini
  • Ollama (local)
  • OpenRouter
  • Azure OpenAI
  • AWS Bedrock
  • GCP Vertex
  • Cerebras
  • Groq
  • And more

ACP (Agent Context Protocol) support for Claude, ChatGPT, Gemini subscriptions without API keys.

Custom Distros

CUSTOM_DISTROS.md documents how to build your own goose distro with preconfigured providers, extensions, and branding. This is unique in this corpus.

03

Components

Goose — Components

CLI Subcommands

Subcommand Purpose
goose session / (default) Start interactive session
goose configure Set up providers and extensions
goose recipe Run a recipe (shareable agent config)
goose schedule Manage scheduled tasks
goose update Update goose binary
goose info Show version and config info
goose plugin Manage extensions/plugins
goose project Project management commands
goose doctor Diagnose configuration issues
goose gateway MCP gateway commands
goose tui Launch TUI
goose term Terminal mode

Bundled MCP Extensions (goose-mcp)

Extension Purpose
memory Persistent memory across sessions (local knowledge store)
computercontroller Computer control (keyboard/mouse automation)
autovisualiser Visualization generation
peekaboo Screenshot and visual inspection
tutorial Interactive tutorial system

These are MCP servers bundled with Goose, not external dependencies.

Security Inspectors

Inspector Purpose
AdversaryInspector Detects adversarial/injection content in tool responses
EgressInspector Monitors outbound network requests
SecurityInspector General security policy enforcement

Agent Internals

Component Purpose
agent.rs Main agent loop (up to 1000 turns per session)
subagent_handler.rs Subagent spawning and management
subagent_execution_tool.rs Tool for spawning subagents
schedule_tool.rs Scheduling system integration
extension_manager.rs MCP extension lifecycle
prompt_manager.rs System prompt assembly
retry.rs Retry logic for failed tool calls
large_response_handler.rs Handles oversized tool responses
tool_confirmation_router.rs Routes tool approval requests

Recipes

YAML files defining shareable agent configurations:

  • goose-self-test.yaml — in repo root, a self-test recipe
  • Recipe format: name, description, instructions, extensions, model
  • Can be shared via GitHub URLs and loaded with goose recipe <url>

.goosehints

File at repo/project root providing agent instructions (equivalent of CLAUDE.md). From the repo's own .goosehints:

This is a rust project with crates in the crates dir...
tips:
- can look at unstaged changes for what is being worked on if starting
- always check rust compiles, cargo fmt etc...

Max Turns

The agent loop has a DEFAULT_MAX_TURNS: u32 = 1000 — one of the highest limits in this corpus. Contrast with agents that default to 10-50 turns.

05

Prompts

Goose — Prompts

Prompt 1: .goosehints (Project Context Injection)

Source: .goosehints at repo root

Technique: Project knowledge document injected as context — the equivalent of CLAUDE.md but named .goosehints. Goose-specific naming convention signals which agent it's targeted for.

This is a rust project with crates in the crates dir:
goose: the main code for goose, contains all the core logic
goose-bench: bench marking
goose-cli: the command line interface, use goose crate
goose-mcp: the mcp servers that ship with goose. the developer sub system is of special interest
goose-server: the server that supports the desktop (electron) app. also known as goosed

ui/desktop has an electron app in typescript.

non trivial features should be implemented in the goose crate and then be called from the goose-cli crate for the cli.
for the desktop, you want to add routes to goose-server/src/routes.
you can then run `just generate-openapi` to generate the openapi spec which will modify the ui/desktop/src/api files.
once you have that you can call the functionality from the server from the typescript.

tips:
- can look at unstaged changes for what is being worked on if starting
- always check rust compiles, cargo fmt etc and `cargo clippy --all-targets -- -D warnings` (as well as run tests in files you are working on)
- in ui/desktop, look at how you can run lint checks and if other tests can run

Note: The .goosehints file is explicitly architectural — it explains the crate structure and which crate to implement features in, preventing the common error of implementing in the wrong layer.

Prompt 2: Agent Loop (from agent.rs)

Source: crates/goose/src/agents/agent.rs

Technique: Structured tool categorization and response handling. The agent loop categorizes tools into Shell/Read/Write/Other and handles them differently.

From source:

fn categorize_tool(tool_name: &str) -> ToolCategory {
    let local = tool_name.rsplit("__").next().unwrap_or(tool_name);
    match local {
        "shell" | "bash" | "exec" | "run" => ToolCategory::Shell,
        "read" | "view" | "cat" | "read_file" => ToolCategory::Read,
        "write" | "edit" | "patch" | "write_file" | "edit_file" => ToolCategory::Write,
        _ => ToolCategory::Other,
    }
}

Technique: Tool-category-based routing for approval and logging.

Prompt 3: COMPACTION_THINKING_TEXT

Source: crates/goose/src/agents/agent.rs

const COMPACTION_THINKING_TEXT: &str = "goose is compacting the conversation...";

Technique: User-visible transparency about internal state transitions. When context compaction runs, the user sees this message — preventing confusion about delays.

Prompt 4: Recipe Format

Source: goose-self-test.yaml (repo root)

Technique: Declarative agent configuration as a shareable YAML recipe.

name: goose-self-test
description: A self-test recipe for Goose
instructions: |
  Run a series of self-tests to verify Goose is working correctly.
  ...
extensions:
  - developer
model: claude-3-5-sonnet-20241022

Recipes are the "reusable agent configuration" primitive in Goose — equivalent to sharing a system prompt + extension list as a portable unit.

Prompting Techniques Used

  1. Project knowledge injection.goosehints for codebase-specific instructions
  2. Tool categorization — tools classified as Shell/Read/Write/Other for different handling
  3. State transparency — compaction events visible to users
  4. Recipe-based configuration — shareable YAML agent definitions
  5. Security-first inspection — adversarial content detection runs on all tool responses
  6. Max turns enforcement — 1000-turn limit with explicit termination
09

Uniqueness

Goose — Uniqueness and Positioning

Differs from Seeds

Goose is a general-purpose agent runtime (not a coding-specific behavior layer) that seed frameworks like superpowers, BMAD-method, agent-os, and claude-flow would layer on top of. It differs from all seeds in three key ways: (1) built-in adversarial security inspection on every tool call — no seed framework ships this; (2) a built-in memory extension for persistent cross-session knowledge storage — ccmemory ships a memory layer but as a claude-plugin, not as a bundled MCP extension; (3) a recipe system for shareable agent configurations — analogous to claude-flow's skill system but portable YAML files that work across any Goose installation. Unlike all seed frameworks (which are Claude Code-centric or provider-specific), Goose supports 15+ providers with no preference.

Key Differentiators

  1. Security-first agent loop: AdversaryInspector, EgressInspector, SecurityInspector, and RepetitionInspector run on every tool call. This is the only framework in the entire corpus with built-in adversarial content detection and egress monitoring as first-class components.

  2. General purpose (not coding-specific): Explicitly not a "coding agent." Designed for research, writing, automation, data analysis. The 1000-turn default limit reflects this — complex non-coding tasks take more turns.

  3. Recipe system: Shareable YAML agent configurations that can be loaded via URL (goose recipe https://github.com/...). This enables a community-maintained library of agent personas/configurations.

  4. Foundation backing: Donated to AAIF at Linux Foundation — the only framework in this corpus with this level of institutional backing.

  5. Custom Distros: CUSTOM_DISTROS.md documents how to create branded Goose distributions. Used by organizations that want Goose pre-configured for their environment.

  6. OpenTelemetry support: otel feature flag for production observability. No other framework in this batch ships OTel integration.

  7. Scheduling built in: The scheduling system enables cron-like autonomous task execution without external tooling.

Observable Failure Modes

  1. Repo migration noise: Block → AAIF migration means docs and links reference both block/goose and aaif-goose/goose; confusing for new users
  2. General purpose breadth: Not optimized for code specifically; users wanting code-specific features (repo-map, SEARCH/REPLACE) need to configure extensions
  3. Rust compilation required for development: Contributing requires Rust toolchain; higher barrier than Python/Node tools
  4. Container isolation optional/complex: The container module exists but documentation on enabling it is sparse
  5. 1000-turn limit is misleading: Users may expect long autonomous runs; in practice, most useful sessions are much shorter and the limit is rarely hit
04

Workflow

Goose — Workflow

Standard Session Workflow

  1. Launchgoose or goose session
  2. Extension Loading — configured MCP extensions connect (memory, computer-controller, etc.)
  3. Request — user provides task
  4. Tool Execution Loop (up to 1000 turns):
    • Agent selects tool
    • ToolConfirmationRouter routes to approval or auto-execute
    • Security inspectors run on tool call and response
    • Large responses handled by LargeResponseHandler
    • Retry on failure via RetryManager
  5. Context Compaction — triggered when context fills (check_if_compaction_needed); uses compact_messages with default threshold
  6. Response — agent provides final answer or takes action

Recipe Workflow

# Run a recipe from URL
goose recipe https://github.com/user/repo/blob/main/my-recipe.yaml

# Run local recipe
goose recipe ./my-recipe.yaml

Recipes pre-configure the agent: model, extensions, instructions, initial prompt. This enables sharing common agent configurations across teams.

Scheduled Tasks

goose schedule add "daily-report" --cron "0 9 * * *" --recipe ./daily.yaml
goose schedule list

The schedule_tool allows the agent itself to schedule future tasks.

Subagent Workflow

The main agent can spawn subagents via the subagent_execution_tool. Subagents run with configured extensions and report back to the parent.

Phases + Artifacts Table

Phase Artifact
Session start Session ID (in logs)
Tool execution Modified files, shell output
Context compaction Compacted conversation (in memory)
Recipe run Recipe-specific output
Scheduled task Scheduled task entry

Approval Gates

Gate Type Notes
Tool confirmation yes-no Via ToolConfirmationRouter
Security inspector blocks automatic AdversaryInspector blocks tool calls
Permission configuration config-driven Extension-level permissions
06

Memory Context

Goose — Memory and Context

State Storage

State Storage Scope
Session history In-memory + session files Session
.goosehints Project file Project, cross-session
Memory extension Local knowledge store (goose-mcp/memory) Global or project
Recipe configs YAML files Shareable
Scheduled tasks Scheduler config Global
Agent config ~/.config/goose/config.yaml Global

Memory Extension

The goose-mcp/memory extension provides persistent memory across sessions:

  • Stores facts, preferences, and knowledge learned during sessions
  • Accessible via MCP tools in subsequent sessions
  • Enables cross-session context that survives process restarts

This is the only framework in this batch with a built-in persistent memory extension.

Context Compaction

Goose implements automatic context compaction via:

  • check_if_compaction_needed() — checks against DEFAULT_COMPACTION_THRESHOLD
  • compact_messages() — reduces message history when threshold exceeded
  • User sees "goose is compacting the conversation..." message during compaction

Compaction is automatic and transparent.

.goosehints

Project-level instructions injected at session start. Analogous to CLAUDE.md. Goose searches for .goosehints in the project root.

Cross-Session Handoff

Via the memory extension: facts learned in one session are stored and retrieved in future sessions. This is more structured than CLAUDE.md-style documents — it's a queryable knowledge store.

Large Response Handling

LargeResponseHandler truncates or summarizes oversized tool responses before adding them to context. This prevents context window overflow from large file reads or command outputs.

07

Orchestration

Goose — Orchestration

Multi-Agent

Yes. Goose supports subagent spawning via subagent_execution_tool and subagent_handler.rs. The main agent can spawn subagents for parallel or specialized work.

Orchestration Pattern

Hierarchical: main agent spawns subagents, which report back. The SubagentHandler manages subagent lifecycle.

Max Turns

DEFAULT_MAX_TURNS: u32 = 1000 — unusually high. This supports long autonomous sessions.

Isolation Mechanism

None by default. An optional Container module exists (agents/container.rs) suggesting container-based isolation support, but it is not the default mode.

Multi-Model

Configurable per session. Goose supports 15+ providers. No built-in per-role model routing (unlike OpenCode), but users can configure different models per recipe.

Execution Mode

Interactive-loop (CLI/desktop). Scheduled tasks enable scheduled mode via the scheduling system.

Crash Recovery

Sessions can be resumed via session management. The session file provides recovery state.

Context Compaction

Yes, automatic via check_if_compaction_needed() and compact_messages().

Security Layer (unique to Goose)

Every tool call passes through security inspectors:

  1. PermissionInspector — checks if tool is allowed
  2. AdversaryInspector — detects prompt injection in tool responses
  3. EgressInspector — monitors outbound requests
  4. SecurityInspector — general security policy
  5. RepetitionInspector — detects repetitive tool calls (prevents loops)
  6. ToolInspectionManager — orchestrates all inspectors

This security layer is unique in this corpus. No other framework ships adversarial content detection as part of the agent loop.

Consensus Mechanism

None.

Prompt Chaining

Subagent results are returned to the parent agent as tool call results, enabling implicit chaining.

08

Ui Cli Surface

Goose — UI and CLI Surface

CLI Binary

Name: goose
Install: curl -fsSL .../download_cli.sh | bash
Is thin wrapper: No — full Rust agent runtime
Language: Rust

Subcommands

Subcommand Purpose
goose (default) Start interactive session
goose session Explicit session start
goose configure Interactive provider/extension setup
goose recipe <path/url> Run a recipe
goose schedule Manage scheduled tasks
goose update Update binary
goose info Show version/config
goose plugin Manage extensions
goose project Project commands
goose doctor Diagnose issues
goose gateway MCP gateway
goose tui Launch TUI
goose term Terminal mode

Desktop App

Platform: Electron (TypeScript frontend + Rust goose-server backend)
Available for: macOS, Linux, Windows
Install: Download from goose-docs.ai or use release script
Port: Communicates with goose-server via REST API (OpenAPI spec)

The desktop app architecture:

  • TypeScript Electron frontend
  • Rust goose-server (called "goosed") provides REST routes
  • OpenAPI spec generated via just generate-openapi
  • Frontend calls generated API clients

Terminal TUI

Available via goose tui. Rich terminal interface for interactive sessions.

REST API (goose-server)

goose-server provides a REST API that the desktop app uses. Documented via OpenAPI spec. Third-party apps can embed Goose via this API.

Observability

  • Logging via logging.rs (tracing library)
  • goose info shows current config
  • goose doctor diagnoses issues
  • Session files persist agent actions
  • OTel (OpenTelemetry) support via #[cfg(feature = "otel")]

Related frameworks

same archetype · same primary tool · same memory type

Vibe Kanban ★ 27k
A12 UI passthrough

Eliminate the overhead of planning, switching between agent terminals, and reviewing diffs by providing a single web dashboard…

1Code ★ 5.5k
A12 UI passthrough

Cursor-like desktop experience for Claude Code and Codex with cloud background agents, event-driven automations, and a full…

Crystal (stravu) ★ 3.1k
A12 UI passthrough

Manage multiple parallel AI coding sessions in isolated git worktrees from a single desktop GUI.

Maestro (RunMaestro) ★ 3.0k
A12 UI passthrough

Orchestrate unlimited parallel AI agent sessions with a keyboard-first desktop app including Group Chat coordination and Auto Run…

AgentsMesh ★ 2.1k
A12 UI passthrough

Multi-tenant workforce platform that gives every team member a squad of AI coding agents coordinated through channels, pod…

Open Cowork ★ 1.4k
A12 UI passthrough

Makes Claude Code accessible to knowledge workers on Windows/macOS with one-click install, VM sandbox, document skills, and IM…