Frida Alma logo Oracle · Frida Alma
Autonomous Agentic Framework

An agent that never refuses a task for lack of tools.

Oracle is Frida Alma's autonomous AI agent for coding, intelligence research and cybersecurity. Built on the Agno framework with a model-agnostic design, it goes far beyond a coding assistant: it keeps persistent memory across sessions, creates new tools when none exist, and verifies every claim against real-time external sources before reporting it.

“I never refuse a task for lack of tools — I build them.”
Explore capabilities
Founding principles

Four rules that shape every behavior.

01

Tool Creation Mandate

If no tool exists for a task, Oracle builds one from scratch — always.

02

Persistent Memory

Remembers past sessions, user preferences and knowledge via SQLite and a ChromaDB vector store.

03

Mandatory Verification

Every claim is cross-checked against real-time external sources before it is reported.

04

Dual Specialization

A general coding and automation core, with opt-in modules for OSINT and cybersecurity.

Core capabilities

An operator, not a suggester.

Full workspace access, real execution and the ability to delegate — all with context that persists across conversations.

Files & code

Reads, writes and edits any file with atomic, precise modifications. Searches by glob or regex across the entire workspace.

Shell & sub-agents

Executes shell commands with configurable timeouts and spawns sub-agents for parallel or complex research tasks.

Cross-session memory

Preferences and context persist between conversations. Web UI with SSE streaming and an interactive CLI with history.

Read / write files
Atomic, precise modifications on any file
Glob / regex search
Full workspace access
Shell execution
Commands with configurable timeout
Spawn sub-agents
For parallel or complex research tasks
Web UI & CLI
Streaming SSE, Markdown rendering, dark theme · persistent multi-line input
What has been built

Every module exists because a concrete problem required it.

The entire Oracle ecosystem was built iteratively — no design documents, no long-term planning. The three largest components were designed and implemented by Oracle itself, on request, starting from nothing.

Web Access

web_access.py · ~1,250 lines

A robust, SSRF-safe HTTP client that gives Oracle reliable internet access for verification and research.

GET / POST / download with retry SSRF protection — private IP blocking Rate limiting & timeouts HTML scraping with CSS selectors SQLite cache with TTL Thread-safe

OSINT Framework

osint/ · 25+ modules

A complete 7-layer intelligence pipeline for running investigations end-to-end, activatable on demand.

Collection
domain_recon (WHOIS, DNS, SSL, crt.sh), social_search (2,000+ platforms), web_scraper, google_dorker, api_lookup
Analysis
cross_reference (triangulation across 3+ sources), timeline_builder, geo_osint (EXIF and visual cues)
Verification
fact_checker, image_verifier (reverse image + EXIF), confidence_scorer (A-1 → E-5)
Research
academic_search (Scholar, PubMed, arXiv), incongruity_detector, legal_reference (GDPR, CFAA, Penal Code)
Cybersecurity
attack_surface, threat_intel, breach_checker
Reporting
report_gen (structured reports), sanitizer (personal data anonymization)

Security Audit Engine

sec_protocol/ · 4 modules

A cybersecurity analysis system built to audit real codebases, activatable on demand.

Full audit — secrets, CWE/OWASP patterns, missing headers 10 fix patterns — UAF, TOCTOU, Prompt Injection… Threat modeling — NIST CSF + MITRE ATT&CK (260+ techniques) Toolkit catalog — 60+ tools Vector KB — 77 docs from 14 sources

Vector Memory

ChromaDB semantic memory with CLIP-based multimodal encoding (512-dim vectors for text and images), named collections, and image lifecycle management.

Gmail Client

Full Gmail management via Google API (OAuth2): read, search, send, reply, forward, labels, archive and attachment download.

Environment Probe

A pre-flight feasibility checker: TCP/DNS, dependency validation, filesystem permissions and env vars — returns FEASIBLE / WARNINGS / BLOCKED.

Real-world results

Validated on real targets, not benchmarks.

7
OSINT layers, end-to-end
3,915
Files audited across 2 codebases
0
Real vulnerabilities — all false positives
77
Security docs from 14 sources

Scam identification

OSINT · full 7-layer pipeline

A site flagged as suspicious was run through every layer. All returned red flags. The SCAM verdict was confirmed accurate by the user — the site had previously defrauded them, validating the methodology end-to-end.

Verdict: SCAM — confirmed

Legitimacy verification ×2

OSINT · full 7-layer pipeline

Two platforms suspected of fraud were analyzed. Both were found fully legitimate with detailed evidence: domain age, SSL certificates, hosting provider, reputation APIs and absence of scam mentions.

Verdict: LEGITIMATE

OpenBSD kernel + userland

2,973 files · 37.1 MB

Sparse checkout of sys/kern, sys/net, libssl, libcrypto, ssh, httpd. Zero real vulnerabilities; 163 raw findings, all confirmed false positives. Quantified defenses: strlcpy (940), privilege separation (465), pledge (135), unveil (92).

0 real vulnerabilities

SuperMemory monorepo

942 files · 96.4 MB

Full-stack audit across apps, packages and SDKs. Zero real vulnerabilities; 66 raw findings, all false positives. No exposed API keys; confirmed rate limiting (30), input sanitization (27), CSRF protection (20), zero eval() in source.

0 real vulnerabilities
In conversation

What you can ask — and how it responds.

“Refactor api_handler.py to add retry logic with exponential backoff and update the tests.”
Oracle — analyzes the file, drafts a plan, writes the code, runs the tests and reports results. Installs missing libraries automatically, and remembers your preference for exponential backoff.
“Investigate the domain suspicious-site.example. Is it a scam?”
Oracle — activates the OSINT framework, runs all 7 layers, produces a confidence-scored report (A–E) with a verdict, and verifies each claim against real-time sources.
“We don't have a tool for an API that needs a Bearer token yet.”
Oracle — builds a new tool on the spot: an authenticated HTTP client module, adds it to the Tool Repository, tests it, then uses it. The tool persists for future sessions.
“Remember that I prefer detailed comments in Italian for all code you write.”
Oracle — stores the preference in persistent memory (SQLite + ChromaDB) and applies it to every subsequent coding task.