flutter_agent_harness · Dart & Flutter

One agent harness.
Every device.

Fa is a coding agent with a real tool loop — a sandboxed shell, git, interpreters, and a file browser — built on a pure-Dart core that runs on iOS, Android, web, desktop, and in your terminal. Same harness, same tools, everywhere. This page is the proof: the app below runs entirely in your browser.

  • iOS
  • Android
  • Web
  • macOS
  • Windows
  • Linux
  • CLI

Live demo

Try it right here.

The full agent app as static files — no server, no account. Pick a provider, paste your own key, and put the agent to work. Its sandbox shell (curl, jq, rg, git, python3, sqlite3) runs in an in-memory filesystem on your machine.

Bring your own key: it is held in memory only — never persisted, gone on reload. OpenRouter works from browsers; some providers block cross-origin calls (see BYOK).

Install

Get the CLI.

Fa runs in your terminal on macOS, Windows, and Linux. It needs the Dart SDK (bundled with Flutter) — the installer checks for it, activates the package from pub.dev, and prints your next steps.

sh
curl -fsSL https://fa1.dev/install.sh | sh

pub.dev direct

No script — activate straight from pub.dev with the Dart SDK.

dart pub global activate flutter_agent_harness

Flutter demo app

The full mobile / desktop sandbox, from source.

git clone https://github.com/IstiN/flutter_agent_harness
cd flutter_agent_harness/example/flutter_example
flutter run

Capabilities

A real workbench, not a chat box.

A real shell in a sandbox

curl · wget · jq · yq · rg · sed · awk · find · xargs · diff · patch · tar · zip, plus nslookup/dig/whois. On web it is a pure-Dart memory shell; on mobile the same commands run as WASM (uutils coreutils + ripgrep).

git over HTTP/SSH

Pure-Dart git: smart-HTTP clone and push, SSH remotes, commits and diffs. No native binary — it works the same in a browser tab as on a phone.

python3 · qjs · sqlite3

Interpreters stream in from a CDN on demand: Python 3 (with pip installs into the sandbox), QuickJS, and SQLite via sql.js. The agent picks the right tool for the job.

Secrets redaction

Secret values never reach the model, the transcript, or session files. The agent references them as $NAME in shell commands; redaction hooks scrub tool output on the way back.

File browser

A live view of the exact filesystem the agent works in — browse, preview, and watch files appear as the agent writes them. No hidden state.

Sessions + compaction

Append-only JSONL session trees you can resume and fork, with automatic LLM-powered compaction when the context window fills up.

Runs everywhere

One core, every form factor.

The harness is pure Dart — no dart:io in the core — so the same agent loop, tools, and session format run behind any ExecutionEnv: browser memory FS, phone sandbox, or your host shell.

Capability BrowsermacOSiOSAndroidWindows
Agent loop, tools, sessions, compaction
Chat UI + file browser
Shell: curl, jq, rg, sed, awk, tar, zip, diff, patch… pure-Dart builtinshost shellWASI binariesWASI binarieshost shell
python3 + pip (pure-python wheels) pyodide CDN¹hostCPython 3.14 WASICPython 3.14 WASIhost
sqlite3 sql.js CDN¹hostWASIWASIhost
JavaScript (qjs) / lua qjs CDN¹ · lua hostqjs + lua WASIqjs + lua WASIhost
git — local ops dart_git
git — clone / push (remote) CORS²HTTP+SSHHTTP+SSH
ssh / scp / sftp · dig / whois ~ DoH+RDAP³hostbuiltinsbuiltins~ ssh⁵
File upload + persistence IndexedDB (upload UI)host FSapp sandboxapp sandboxhost FS
Secrets — env injection + redaction in-memory.env.env

full support · ~ partial / host-dependent · not possible on the platform.
¹ Web interpreters (pyodide, quickjs-emscripten, sql.js) lazy-load from jsDelivr on first use. ² Browsers can't reach remote git (CORS) — local repos work fully. ³ No raw TCP in browsers: DNS-over-HTTPS and RDAP whois work; ssh/scp/sftp report unavailable. ⁴ Windows and Linux share the tested desktop code path; manual testing happens on macOS + iOS simulator. ⁵ Windows has no stock dig/whois; ssh/scp/sftp work via the built-in dartssh2 client on platforms with the Dart builtins, or the host OpenSSH client on desktop.

BYOK

Your key never leaves your browser.

Straight to the provider

API calls go directly from your machine to the provider. This page is static files — there is no server, no proxy, and nothing in the middle to log your key.

In-memory only

The key lives in page memory: never persisted, never written to localStorage, cookies, or disk — and gone on reload. The app's web secrets store is in-memory by design.

CORS is the only catch

The provider must allow cross-origin browser requests. OpenRouter does. api.anthropic.com and Ollama Cloud do not — reach those models through OpenRouter instead. Self-hosted endpoints need CORS headers.