ARGOS-2: An Autonomous Intelligent Hub System with Brain-Body Split Architecture

ARGOS-2 is an advanced autonomous intelligent hub designed to solve key engineering challenges in deploying AI agents to production. Its core innovations include:

• Brain-Body Split Architecture: Separates I/O (n8n workflow engine as "body") from cognitive tasks (FastAPI backend as "brain") for platform independence and security.
• Four-Layer Cognitive Security: Defends against prompt injection and data poisoning via regex blacklists, heuristic detection, dialogue anomaly analysis, and a paranoid LLM judge.
• RAG-Enhanced Memory: Uses SQLite state queues, sliding window context, and configurable embeddings for reliable long-term memory management.
• Human-in-the-Loop (HITL): Balances automation with human oversight (e.g., Gmail integration with Telegram approval).
• Model-Agnostic Design: Supports multiple LLM providers (OpenAI, Anthropic, Groq, etc.) via simple configuration.

The rise of LLMs has spurred AI agent development, but moving from prototype to production faces several hurdles:

1. Integration Complexity: Handling OAuth, API rate limits, polling, and webhooks for external services (email, messaging) is tedious and error-prone.
2. State Management: Memory for user preferences, dialogue history, and long-term tasks requires robust solutions beyond simple in-memory storage.
3. Security Risks: Public-facing agents are vulnerable to prompt injection attacks that manipulate behavior or pollute memory.
4. Human-Machine Collaboration: Balancing full autonomy with human oversight for critical decisions is a delicate balance. ARGOS-2 was built to address these challenges.

Brain-Body Split:

• Body: n8n workflow engine manages external service connections (Gmail, Telegram), handles I/O, and routes structured data to the brain.
• Brain: FastAPI backend processes LLM reasoning, state management, and memory retrieval. Benefits: Platform independence (e.g., switch from Telegram to Slack via n8n), separation of concerns, security isolation (FastAPI not exposed to public).

Four-Layer Security:

1. Regex Blacklist: Blocks obvious malicious inputs (e.g., "ignore previous instructions").
2. Regex Heuristic Detection: Identifies complex attacks (e.g., semantic confusion, encoding tricks).
3. Dialogue Anomaly Detection: Uses statistical models to flag unusual interaction patterns.
4. Paranoid LLM Judge: A dedicated LLM reviews inputs for malicious intent before memory storage.

RAG Memory System:

• Atomic SQLite state queue (WAL mode for thread safety).
• Sliding window context to control token usage.
• Configurable embeddings (OpenAI-compatible or local) with similarity threshold (default:0.70).
• Automatic memory extraction and garbage collection for outdated entries.

Data Flow: External services → n8n (body) → FastAPI (brain) → n8n → external services (via internal Docker network, no public exposure for FastAPI).

Containerization: Docker Compose orchestrates:

• FastAPI service (Python backend).
• n8n service (workflow engine).
• SQLite (default vector storage, migratable to PostgreSQL+pgvector).

Config Management: Central YAML file (hot-reloadable) controls behavior (e.g., bot identity, RAG threshold, memory extraction).

Model-Agnostic Design: Supports OpenAI, Anthropic, Groq, vLLM, Ollama via environment variables (e.g., LLM_BACKEND=groq, LLM_MODEL=llama-3.3-70b-versatile).

Use Cases:

• Personal Assistant: Manage calendar, filter emails, learn user preferences.
• Workflow Automation: Sync data across SaaS tools, generate reports, send notifications.
• System Monitoring: Analyze Linux logs, execute bash commands (sandboxed), alert on anomalies.
• Customer Support: Handle common queries, escalate complex issues to humans.

Security Best Practices:

• Telegram bot uses whitelist; new users require admin approval.
• FastAPI backend is isolated in internal Docker network.
• Sensitive configs stored in environment variables (not version-controlled).
• Memory entries are reviewed by LLM judge before storage.

Future Plans:

• Migrate to PostgreSQL+pgvector for scalable vector storage.
• Add multi-modal capabilities (image/PDF analysis).
• Integrate WhatsApp Business API.
• Expand tool ecosystem (calendar management, code execution).

Conclusion: ARGOS-2 sets a benchmark for production-grade AI agents by addressing key engineering challenges with solid practices: brain-body split, layered security, robust memory, and HITL. It proves that engineering quality (not just model size) is critical for reliable AI agents.