Lodurr Product Manual
Lodurr: the local-first Agent Runtime for governed AI operations
Lodurr is designed for teams that want AI agents to move beyond isolated conversations and become reliable operational systems. It provides the runtime layer around model reasoning: message routing, controlled execution, tool orchestration, memory distillation, evaluation loops, human approval, and deployment discipline.
1. Why Lodurr
Lodurr is named after Lodur, a less commercialized figure in Norse myth associated in some traditions with the animating force given to the first humans. That identity fits the product: Lodurr is not the model itself and not a single feature. It is the operating layer that gives agentic work shape, boundaries, memory, and accountable motion.
The name also signals a design stance. Powerful AI systems should not be presented as magic boxes. They need visible structure: routing, approvals, logs, memory policy, tool rules, and deployment discipline. Lodurr turns raw model capability into a product surface that can be inspected, extended, and operated by a real team.
2. Product Thesis
The next generation of AI software will not be defined only by stronger models. It will be defined by the runtime surrounding those models. The runtime decides what information is available, which tools can be used, when a human must approve an action, how outcomes are scored, what is remembered, and how the system is deployed.
Lodurr treats agent work as an operational trajectory rather than a single response. A request enters the system, becomes a routed intent packet, flows through planning and execution, collects observations, receives evaluation, and leaves behind distilled memory. The final answer matters, but the path to that answer matters just as much.
Lodurr is the runtime layer for teams that need agent behavior to be observable, governable, repeatable, and ready for deployment.
3. Operating Principles
Lodurr follows four product principles. The first is local-first operation: development, inspection, and evaluation begin on the operator's machine so that behavior can be understood before it is shared. The second is connector isolation: model-facing details belong behind stable connector contracts, not inside the core planning loop.
The third principle is audit-always. Agent systems that use tools must create evidence as they work. Logs are not a secondary observability feature; they are part of the reasoning surface. The fourth principle is memory-by-distillation. Lodurr does not treat history as an endless transcript. It turns workflow traces into smaller, higher-signal memory entries that can improve future runs.
| Principle | Meaning | Product Outcome |
|---|---|---|
| Local-first | Operate close to the developer and the task context. | Faster inspection and lower operational risk. |
| Connector isolation | Keep model-specific concerns outside the core runtime. | Stable architecture as model ecosystems change. |
| Audit-always | Record decisions, tool calls, outcomes, and approvals. | Reliable debugging and accountable operations. |
| Memory-by-distillation | Compress traces into durable operating knowledge. | Improvement without context overload. |
4. Architecture Map
Lodurr is organized as a layered runtime. The Human Gate captures intent and approval boundaries. Hermes Mesh routes structured work packets. The Agent Kernel owns planning and state transitions. Agent Harness governs execution. Tool Cortex exposes controlled capabilities. Memory Mycelium stores distilled knowledge. Evaluation Reflex scores outcomes and feeds the next improvement cycle.
lodurr/
kernel/ planning, graph construction, state transitions
hermes/ message packets, routing, context compression
harness/ governed execution and checkpoints
tools/ controlled tool registry and schemas
memory/ working, episodic, semantic, procedural memory
evaluation/ scoring, critique, regression signals
policy/ human gate, risk levels, approval rules
docs/ product manual and deployment guidanceThis map keeps the runtime understandable. A team can change a connector without changing memory, expand tool access without changing the planner, or revise approval policy without rewriting the documentation system. Each layer has a reason to exist and a boundary to defend.
5. Agent Kernel
The Agent Kernel is the center of Lodurr. It receives the objective, reads current state, asks Hermes Mesh for the relevant context packet, chooses a plan, compiles a runnable graph, and passes actions through the Harness. It does not own every detail. Its job is to coordinate the runtime without letting any single prompt become the whole system.
Objective, policy context, available tools, memory summary.
Task stages, expected observations, constraints, checkpoints.
Governed actions through the Agent Harness.
Outcome summary, useful memory, evaluation signal.
6. Hermes Mesh
Hermes Mesh is the routing fabric of Lodurr. It converts vague instructions into structured packets that can move across agents and modules. A packet includes intent, constraints, relevant memory, expected output, risk level, and the next owner. This structure reduces drift because each agent receives a narrower, better-defined task.
Hermes also handles context compression. Instead of passing entire histories from one stage to another, it sends the smallest useful packet. This makes workflows more predictable and prevents the runtime from treating every detail as equally important.
7. Agent Harness
Agent Harness is the execution boundary. It ensures that every action has an owner, input, expected output, risk level, and checkpoint. The Harness is what turns a plan into governed work rather than uncontrolled automation.
In a mature workflow, the Harness can decide whether an action is read-only, reversible, irreversible, or approval-bound. It also creates the evidence needed for review. When a workflow succeeds, the team can see why. When it fails, the team has the trace needed to repair it.
8. Tool Cortex
Tool Cortex exposes capabilities to the runtime through explicit schemas and risk levels. Tools may read files, summarize documents, query a local service, create artifacts, run tests, or prepare a release. Lodurr treats these capabilities as governed resources, not hidden powers inside the model.
| Tool Class | Risk | Runtime Policy |
|---|---|---|
| Read-only inspection | Low | Allow with audit trail. |
| Artifact generation | Medium | Track inputs, outputs, and owner. |
| Local file changes | Medium | Limit scope and preserve checkpoints. |
| Release actions | High | Require human approval and rollback plan. |
9. Memory Mycelium
Memory Mycelium is the memory architecture of Lodurr. It separates working memory for the current run, episodic memory for past workflow traces, semantic memory for stable facts, and procedural memory for reusable operating routines. This keeps the system from relying on a giant transcript as its only form of continuity.
Good memory is selective. Lodurr stores what helps future runs: decisions, constraints, failure modes, tool patterns, approval preferences, and environment facts. It avoids turning every conversation into a permanent source of truth. Memory entries should have source, timestamp, confidence, owner, and expiry rules.
10. Evaluation Reflex
Evaluation Reflex is the feedback system. It compares the plan with the result, checks whether tools behaved as expected, records failures, and generates improvement signals. This is the practical basis for Lodurr's self-improving behavior: not mysticism, but structured feedback and regression discipline.
policy_next = update(policy_current, score, critique, human_feedback, regression_result)
Evaluation should be close to the work. A release workflow may evaluate tests, build output, and deployment health. A research workflow may evaluate citation quality, coverage, and uncertainty. A design workflow may evaluate consistency, accessibility, and polish.
11. Human Gate
Human Gate is the product layer that keeps human judgment inside the system. It captures intent, sets boundaries, authorizes sensitive actions, and records decisions. Lodurr is built for teams, so it treats human approval as part of the runtime rather than an interruption outside the runtime.
The Human Gate should be lightweight for low-risk work and explicit for high-risk work. The goal is not to slow every action. The goal is to make sure the runtime knows when autonomy is appropriate and when a person needs to decide.
12. Security Model
Lodurr's security model is based on containment, auditability, and scope control. The runtime starts local, exposes only the capabilities it needs, records action traces, and keeps high-impact operations behind policy gates. The safest agent system is not the one with the fewest tools; it is the one whose tools have clear boundaries and reviewable behavior.
Production deployments should add authentication, transport security, request limits, log redaction, role-based access, and retention policies. Memory should never become an unbounded archive. Tool output should be summarized before it enters later reasoning steps. Operational logs should help review behavior without exposing sensitive payloads.
13. Developer Workflow
Development starts by choosing the workflow boundary. Define the objective, available tools, risk level, memory needs, and evaluation criteria. Then add the smallest new module needed to support that workflow. Lodurr favors clear module ownership over large cross-cutting changes.
Define the workflow objective and success signal.
Register the required tool schemas and risk levels.
Add memory entries only for reusable operating knowledge.
Write tests for planning, execution, and evaluation output.
14. API Surface
Lodurr exposes a compact runtime interface. Health endpoints verify process readiness. Workflow endpoints start a run and return the graph, observations, evaluation, and memory summary. Audit endpoints expose reviewable traces. The product goal is not to maximize the number of endpoints; it is to make each endpoint predictable and useful.
GET /health
GET /capabilities
POST /workflows/run
GET /workflows/:id
GET /audit?limit=3215. Local Operation
Local operation is the default development path. Install Node.js 20 or newer, enter the runtime directory, install dependencies, run the test suite, and start the service on a loopback address. Local operation makes it easy to inspect behavior before any shared environment is involved.
cd agent-runtime
npm install
npm test
npm start
curl http://127.0.0.1:8787/healthA healthy local run should pass three checks: the process responds, the capability registry loads, and a workflow can complete with a graph, observations, evaluation, and memory summary. If any of those checks fail, fix the local behavior before adding deployment complexity.
16. Docker Deployment
Docker deployment is useful for repeatable local environments, team review, and CI smoke testing. The container should start the runtime with a predictable working directory, a loopback or internal bind address, and explicit environment configuration. The image should not contain environment-specific credentials or private machine state.
cd agent-runtime
docker compose up --build
curl http://127.0.0.1:8787/healthTroubleshooting Docker should follow the same path every time: check container status, inspect logs, verify the bound port, confirm environment values, rebuild the image, and repeat the health check. Avoid changing application code until the deployment environment has been verified.
17. GitBook Deployment
The GitBook site is a static documentation surface. It can be hosted through GitHub Pages, Vercel,
Netlify, Cloudflare Pages, or any static file server. The recommended path is to publish the
gitbook/ directory as the documentation root.
Publish the repository and select the GitBook directory as the documentation source.
Import the repository and set the output directory to gitbook.
Use the GitBook directory as the publish directory with no build command.
Serve the files with Nginx, Caddy, object storage, or any static host.
18. Server Operations
Shared server operation should be treated as a controlled backend deployment. Run the Node service behind a reverse proxy, use HTTPS, restrict direct access to the runtime port, and add authentication before exposing team workflows. The runtime should bind internally while the proxy handles public access.
# /etc/systemd/system/lodurr-agent.service
[Unit]
Description=Lodurr Agent Runtime
After=network.target
[Service]
WorkingDirectory=/opt/lodurr/agent-runtime
ExecStart=/usr/bin/node ./src/bin/lodurr-agent.js serve --host 127.0.0.1 --port 8787
Restart=always
Environment=NODE_ENV=production
[Install]
WantedBy=multi-user.targetServer operations should monitor process health, response time, failed workflow rate, rejected actions, memory growth, and tool execution errors. Each signal should point to an owner and a response path.
19. CI/CD Governance
Lodurr's CI pipeline should protect the contract between planning, execution, memory, and evaluation. A useful baseline includes syntax checks, unit tests, runtime smoke tests, documentation checks, and a release job that only runs after the earlier jobs pass. The goal is to keep the runtime trustworthy as modules evolve.
Release governance should use semantic versioning and clear change notes. Changes to workflow response shape, audit structure, memory entries, or tool schema should be treated as contract changes. Internal implementation can evolve quickly; external behavior should remain predictable.
20. Reliability Playbook
When a workflow fails, start with the smallest observable fact. Is the runtime running? Did the capability registry load? Was the plan valid? Did a tool fail? Was a policy gate triggered? Did evaluation identify a specific mismatch? This order prevents teams from blaming the model when the actual issue is configuration, tool scope, memory quality, or missing approval.
Every incident should produce an improvement artifact: a test, a policy update, a memory correction, a tool schema revision, or a deployment note. Lodurr becomes stronger when failures are converted into structured operational learning.
21. Roadmap
Lodurr's roadmap focuses on product depth rather than feature noise. Near-term work includes stronger workflow templates, richer evaluation reports, durable memory storage, clearer policy controls, and improved deployment examples. Mid-term work adds team-oriented review flows, environment profiles, and richer audit exploration.
The long-term product direction is a local agent workshop: a place where teams can design, operate, evaluate, and improve AI workflows without hiding complexity behind a chat box. The runtime should make advanced systems feel understandable, inspectable, and ready for real work.
22. References
- Britannica: Askr and Embla Background on the mythic creation story associated with Ask, Embla, and Lodur in some sources.
- Norse Mythology for Smart People: Lodurr Context for Lodur's rarity and interpretive ambiguity in Norse mythology.
- MRKL Systems Modular reasoning systems that combine language models with external tools and knowledge sources.
- ReAct Reasoning and acting loops for language-model-based agents.
- Toolformer Research on models learning when and how to use tools.
- Reflexion Language-based feedback for improving future agent behavior.
- Generative Agents Memory, planning, and reflection patterns for more coherent agent behavior.
- Voyager Open-ended skill acquisition and long-running improvement loops.
- Constitutional AI Principle-based critique and revision for safer AI behavior.