GitHub - factorly-dev/factorly: Factorly is a local runtime for agent tool chains. It manages tool calls, injects credentials from an encrypted vault, enforces governance rules, and logs everything. Your agent sees workflows, tools, and data. Secrets stay secret.

2 min read Original article ↗
░█▀▀░█▀█░█▀▀░▀█▀░█▀█░█▀▄░█░░█░█
░█▀▀░█▀█░█░░░░█░░█░█░█▀▄░█░░░█░
░▀░░░▀░▀░▀▀▀░░▀░░▀▀▀░▀░▀░▀▀▀░▀░

Release Go License: GPL-3.0 CI npm PyPI MCP Docs

Build what your agent can do.

Define tools, compose workflows, test and run them. MCP servers, REST APIs, and CLI commands in one config, one UI, one audit log.

Factorly is a local runtime for agent tool chains. It manages tool calls, injects credentials from an encrypted vault, enforces governance rules, and logs everything. Your agent sees workflows, tools, and data. It never receives your credentials, only the tool's response. Secrets stay secret.

Screenshot of Factorly UI


Install

Install with your package manager of choice:

brew install factorly-dev/tap/factorly
  # or: npm install -g factorly
  # or: pip install factorly
  # or: go install github.com/factorly-dev/factorly@latest

Quick Start

Zero config: wrap any existing MCP server and it's instantly callable through Factorly:

factorly wrap -- npx -y @modelcontextprotocol/server-everything

Then set up a project: install a blueprint, store credentials, and sync with your agent:

# 1. Create a project config + install a blueprint (41 services: GitHub, Slack, Stripe, Linear, Gmail, ...)
factorly init
factorly blueprint install github

# 2. Store credentials in the encrypted vault (or: factorly auth login github)
factorly vault set GITHUB_TOKEN ghp_xxxxxxxxxxxx

# 3. Confirm it's wired up
factorly tools status

# 4. Connect to your agent (auto-detects Claude Code, Cursor, Codex), then reload it
factorly sync

# 5. Optional — browse, edit, and try tools in the UI
factorly ui

Your agent connects to Factorly as a single MCP server or CLI and sees every tool you've configured. Your agent never possesses the credential — Factorly resolves {{vault:KEY}} references at call time and only the resolved request leaves the box. Full walkthrough: Getting Started.


What It Does

Define — one config, every protocol, 40+ blueprints included

Test — Try tools in the UI, see the response, iterate before giving your agent access

Composeworkflows with per-step policies, deterministic sequences

Governvault, policies, audit log. Built in, not bolted on.

┌────────────┐       ┌────────────┐       ┌────────────┐
│            │       │            │       │            │
│ Your Agent │──────▶│  Factorly  │──────▶│ Your Tools │
│            │       │            │       │            │
└────────────┘       └────────────┘       └────────────┘
  Sees:                Vault               REST APIs
  - tool names         Governance          CLI commands
  - workflows          Audit log           MCP servers
  - data               Rate limits

  Never sees:
  - API keys
  - tokens
  - credentials

Docs

License

GPL-3.0