researchvault

Review·Scanned 2/18/2026

ResearchVault is a local-first CLI for ingesting, verifying, and synthesizing research into a local SQLite vault (~/.researchvault/research_vault.db). It performs outbound HTTP requests (including https://api.search.brave.com/res/v1/web/search and user-supplied URLs), reads BRAVE_API_KEY/RESEARCHVAULT_DB, and includes an install shell command python3 -m venv .venv && . .venv/bin/activate && pip install -e ..

from clawhub.ai·v303d8b8·145.7 KB·0 installs
Scanned from 2.6.2 at 303d8b8 · Transparency log ↗
$ vett add clawhub.ai/lraivisto/researchvaultReview findings below

ResearchVault 🦞

The local-first orchestration engine for high-velocity AI research.

ResearchVault is a local-first state manager and orchestration framework for long-running investigations. It lets you persist projects, findings, evidence, and automation state into a local SQLite "Vault".

Vault is built CLI-first to close the loop between planning, ingestion, verification, and synthesis.

🛡️ Security & Privacy

ResearchVault is designed with a Local-First, Privacy-First posture:

  • Local Persistence: All research data stays on your machine in a local SQLite database (~/.researchvault/research_vault.db). No telemetry or auto-sync.
  • SSRF Protection: Strict internal network blocking by default. The tool resolves DNS and blocks private/local/link-local IPs (RFC1918, 127.0.0.1, 169.254.169.254, etc.).
  • Network Transparency: Outbound connections are limited to user-requested scuttling or Brave Search API (if configured).
  • Zero Auto-Start: No background processes or servers start during installation. Services must be explicitly invoked from scripts/services/.
  • Restricted Model Invocation: The disable-model-invocation: true flag prevents the AI from autonomously triggering side-effects without a direct user prompt.

🚀 Installation

Standard (Recommended)

python3 -m venv .venv
source .venv/bin/activate
pip install -e .

🛠️ Key Workflows

1. Project Management

python scripts/vault.py init --id "ai-research" --name "AI Research" --objective "Monitor 2026 trends"

2. Multi-Source Ingestion

python scripts/vault.py scuttle "https://example.com" --id "ai-research"

3. Synthesis & Verification

python scripts/vault.py synthesize --id "ai-research"
python scripts/vault.py verify run --id "ai-research"

4. Optional Services (Manual Opt-in)

  • MCP Server: python scripts/services/mcp_server.py
  • Watchdog: python scripts/services/watchdog.py

📦 Dependencies

  • requests & beautifulsoup4: Targeted web ingestion.
  • rich: CLI output formatting.
  • mcp: Standard protocol for agent-tool communication.
  • pytest: Local integrity verification.

⚖️ License & Provenance

  • Maintainer: lraivisto
  • License: MIT
  • Issues: GitHub Issues
  • Releases: Changelog

This project is 100% developed by AI agents (OpenClaw / Google Antigravity / OpenAI Codex), carefully orchestrated and reviewed by Luka Raivisto.