Origin moved to Gitea 2026-05-27. GitHub is push-mirror fallback for auto-update reachability.
Bryan Johnson
67318cf0e6
Streaming API responses (marquee). Replaced the one-shot curl/jq pipeline
with an SSE-aware path that emits text deltas as they arrive. Server-sent
events are parsed line-by-line; content_block_delta with text_delta is
flushed to stderr immediately, while tool_use blocks accumulate
input_json_delta partials until content_block_stop, validate the assembled
JSON, then execute the tool exactly as before. A synthetic response is
rebuilt from streamed blocks to keep add_assistant_blocks + cost tracking
identical to the non-streaming path. Falls back to non-streaming on parse
failure or via LARRY_NO_STREAM=1. Cite: platform.claude.com/docs/en/api/
messages-streaming for SSE event types and tool-use streaming semantics.
Fuzzy slash completion polish + descriptions. Multi-match TAB now renders
each candidate on its own line with a one-line description, cyan command +
dim description. Backed by a new _LARRY_SLASH_CMDS_DESC associative array
that mirrors print_help's wording so the two stay in sync.
Persistent command history. HISTFILE=$LARRY_HOME/.history with
HISTSIZE=1000 and HISTCONTROL=ignoredups. history -r at REPL start;
history -a after each accepted input. Skips appending /login, /ssh-pass,
and /ssh-add lines so credentials never hit the history file.
/clear slash command. Clears the terminal via the ANSI 2J/H sequence
(works without external `clear`). Distinct from /reset (which clears the
conversation, not the screen). Listed in print_help and the canonical
_LARRY_SLASH_CMDS array.
Multi-line paste auto-detection. read_user_input now reads the first line
then non-blockingly polls stdin for buffered bytes within 50ms; if more
is present, it's slurped as continuation. Also: a trailing backslash on
the first line enters a multi-line mode that ends at a blank line. The
explicit '<<' / 'EOF' heredoc still works for users who prefer it.
/copy — copy last assistant response to clipboard. Tool detection cascade:
pbcopy (macOS), wl-copy (Wayland), xclip, xsel, /dev/clipboard (Cygwin),
clip.exe (WSL/Cygwin fallback). Falls back to printing the text to stdout
with a warning when no clipboard tool is found.
/cost — running token + dollar cost. Tracks input/output/cache-read/
cache-write tokens across both streaming and non-streaming responses.
Pricing constants inline as of 2026-05 (Sonnet $3/$15, Opus $15/$75,
Haiku $1/$5, cache writes 1.25x input, cache reads 0.1x input). The /cost
report shows per-stream subtotals and a session total. Refresh constants
periodically from platform.claude.com/docs/en/about-claude/pricing.
Model name in the prompt. The prompt now reads `you[sonnet-4.6]>` (or
`you[opus-4.7]>`, etc.) derived from $LARRY_MODEL via model_short_name —
strips the `claude-` prefix and converts the trailing -N-M to .N.M. The
prompt updates immediately after /model. Color scheme preserved.
Tool-call display polish. Cyan + bold tool name, dim args one key:value
per line, long values (>120 chars) truncated with a `(use /show-last-tool
for full args)` hint. New /show-last-tool slash command prints the full
last tool call JSON + the full result body for debugging.
Friendlier error messages. Audit pass through the most common API
failures: empty response surfaces as "Network error: empty response from
<URL>"; authentication_error invites /login when OAuth/token wording
appears; rate_limit_error and overloaded_error read as "Rate limited by
Anthropic — wait a few seconds"; not_found_error includes the current
LARRY_MODEL since that's almost always the cause; jq parse errors during
tool results get wrapped as "Tool returned malformed JSON; raw body: ..."
@file inline-file syntax. The user types @<path> in any prompt; Larry
resolves each ref before send-time and appends the file contents as a
fenced block keyed by extension. Grammar supports @bare-token and
@{bracketed path with spaces}; emails (bryan@x.com) are skipped via a
look-behind on the preceding character. Validation: missing → leave
literal with warning; directory → skip; binary (null-byte scan of first
8 KB) → skip; >250 KB → truncate with a footer note. Multiple refs are
deduped. Runs BEFORE PHI tokenization so PHI markers inside attached
files still get caught. TAB after @ completes against files (find -depth
4, fzf picker when on PATH). A one-time per-session tip prints the first
time the user types @.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
||
|---|---|---|
| agents | ||
| lib | ||
| .gitignore | ||
| install-larry.sh | ||
| larry-auth.sh | ||
| larry-rollback.sh | ||
| larry-tunnel.sh | ||
| larry.sh | ||
| MANIFEST | ||
| MANUAL.md | ||
| README.md | ||
| VERSION | ||
Larry-Anywhere
Portable AI agent for Cloverleaf integration work. Single bash script, no installs, no root, no package manager. Runs on Linux and inside MobaXterm on Windows. 26 native v3 tools for NetConfig analysis, message search, system documentation, regression testing, and safe NetConfig modification — all implemented directly in bash with no dependency on v1 wrapper scripts or v2 cloverleaf-tools.pyz.
When Cloverleaf is installed, Larry uses the shipped product binaries (tclsh, hcienginerun, etc.) directly. Otherwise it falls back to bash one-liners it composes itself. Never relies on the v1/v2 wrapper layers.
Install
One-liner (recommended)
On any client box with curl and bash (essentially any Linux + MobaXterm shell):
curl -fsSL https://raw.githubusercontent.com/bojj27/cloverleaf-larry/main/install-larry.sh | bash
The installer:
- Detects platform (Linux / Darwin / MobaXterm-cygwin) and arch
- Creates
~/.larry/(or wherever$LARRY_HOMEpoints) - Pulls every script + agent file from
bojj27/cloverleaf-larryraw URLs - Downloads a static
jqbinary into~/.larry/bin/ifjqisn't on PATH - Drops a
larryshim into~/bin/ - Makes no system changes, requires no root
First run:
larry # prompts for ANTHROPIC_API_KEY once
# saved to ~/.larry/.env mode 0600
Auto-update
Every time you run larry, it self-updates from the canonical GitHub URL. To suppress for one launch: larry --no-update. To disable permanently: export LARRY_NO_UPDATE=1.
Offline / scp install (when the client box can't reach github.com)
# from a machine that CAN reach github
git clone https://github.com/bojj27/cloverleaf-larry
scp -r cloverleaf-larry/ user@client-box:~/cloverleaf-larry/
ssh user@client-box
cd ~/cloverleaf-larry && ./install-larry.sh
The installer detects local files and uses them when LARRY_BASE_URL isn't reachable.
Use
Set the Cloverleaf runtime context, then point Larry at your site:
export HCIROOT=/opt/cloverleaf/cis2025/integrator
export HCISITE=adt
larry "$HCIROOT/$HCISITE"
you> list every protocol in this site
you> find threads with codametrix in the name
you> show messages from to_3m in the last 3 days for MRN 5720501458
you> generate jump threads for every TCP-listener inbound, target host=newlinux01.test, jump port = orig+10000
you> diff the ADTto_3m interface + connected threads between test and prod
you> document the codametrix system into ~/.larry/knowledge/codametrix.md
you> /quit
What Larry can do natively (v3 tools)
| domain | tools |
|---|---|
| File system | read_file, list_dir, grep_files, glob_files, write_file, bash_exec |
| NetConfig (read) | nc_list_protocols, nc_list_processes, nc_protocol_block, nc_protocol_field, nc_protocol_nested, nc_protocol_summary, nc_destinations, nc_sources, nc_xlate_refs, nc_tclproc_refs |
| NetConfig (write, journaled) | nc_insert_protocol, nc_add_route |
| Workflows | nc_find_inbound, nc_make_jump, nc_document, nc_find, nc_diff_interface |
| Messages (smat is SQLite!) | hl7_field, nc_msgs, hl7_diff |
| Safety | larry_rollback_list + larry-rollback.sh CLI |
Every write goes through a journal (~/.larry/journal/<session>/) — original snapshotted, diff saved, atomic replacement. Roll back any subset with larry-rollback.sh --list, --target /path/to/file, --session <id>, or --entry <id>.
Slash commands in the REPL
| command | what |
|---|---|
/env |
show detected HCIROOT/HCISITE + tool layer presence |
/sites |
list site dirs under HCIROOT |
/site <name> |
switch HCISITE mid-session |
/cd <path> |
change working directory |
/model <name> |
switch Claude model |
/reset |
clear conversation history |
/load <file> |
load a file as your next message |
/help |
full slash-command help |
Working examples (battle-tested against a 22-site Cloverleaf install)
- Migration jump-threads: "find every TCP-listener inbound, generate the 3-thread jump pair (linux_out / windowsin / windows_out) for each." Inserts via journaled write. Roll back instantly.
- MRN search: "messages from to_3m in last 3 days for patient MRN X." Reads smat via
sqlite3 -ascii, parses HL7 natively, filters by PID field — no Cloverleaf binary involved. - System documentation: "find all threads matching , document them." Cross-site walk, threads + ports + processes + xlates + tclprocs, adjacent-thread map, placeholder POC/status/escalation sections.
- Interface diff: "diff ADTto_3m + connected (depth 1) between test and prod." Connected-graph BFS, protocol-block diff + xlate-file diff + tclproc-file diff.
- Regression diff (Phase 6):
hl7_difffor any two HL7 message files, with--ignore MSH.7by default and configurable field-level exceptions. The orchestrator that drives Cloverleaf'sroute_testend-to-end is the only Example 6 piece pending an engine to invoke against.
Architecture in one diagram
Agent layer Larry-Anywhere (this repo)
├── bash REPL → Anthropic API
├── personas: Larry + Clover + Regress + Cheatsheet
├── 26 native tools (no v1/v2 deps)
└── journal-backed writes with rollback
│
↓ acts on
Cloverleaf install $HCIROOT / $HCISITE
NetConfig, Xlate/, tables/, tclprocs/, formats/
.smatdb files (SQLite!) under exec/processes/
shipped binaries (tclsh, hcienginerun, ...) — invoked
directly via bash_exec when needed for engine ops
No layer between Larry and Cloverleaf except plain bash. The v1 wrapper scripts (tbn, hlq, mr, mp, mg, awkcut, ...) and the v2 cloverleaf-tools.pyz are intentionally absent.
Environment cheat-sheet
| var | default | purpose |
|---|---|---|
LARRY_HOME |
~/.larry |
where state lives (sessions, journal, .env, agent overrides) |
LARRY_MODEL |
claude-sonnet-4-6 |
Claude model (try claude-opus-4-7 for deeper work) |
LARRY_MAX_TOKENS |
8192 |
per-turn output cap |
LARRY_NO_UPDATE |
0 |
set to 1 to disable self-update |
LARRY_UPDATE_URL |
github.com/bojj27/cloverleaf-larry/main/larry.sh | self-update source |
LARRY_AGENTS_URL |
github.com/bojj27/cloverleaf-larry/main/agents | persona refresh source |
ANTHROPIC_API_KEY |
(prompted on first run) | API key, saved to $LARRY_HOME/.env |
HCIROOT / HCISITE |
(unset) | auto-detected and surfaced in system prompt |
Roll back any change Larry made
larry-rollback.sh --list # see every write Larry made, newest first
larry-rollback.sh --target /opt/cloverleaf/.../NetConfig # undo every change to this file
larry-rollback.sh --session 2026-05-26-090724-12345 # undo a whole Larry session
larry-rollback.sh --last 1 # undo the most recent write
larry-rollback.sh --entry <session>/<NNN_filename> # undo one specific write
Pre-rollback copies are left at <target>.larry-prerollback.<unix-ts> so you can re-do if needed.
Hard limits (V3)
- No subagent dispatch — Larry + Clover + Regress live in one head. No Pax / Iris / Vera / etc. in portable mode.
- No memory layer — Honcho / Hindsight / mem0 aren't reachable from a remote client box yet. Session history is the markdown logs in
$LARRY_HOME/sessions/. read_filecapped at 250 KB,grep_files/glob_files300 results,bash_exec500 lines of output. Use targeted queries.- Subscription OAuth not yet wired — API key path only. Claude.ai Max subscription quota uses a different auth flow (OAuth device-code); landing in a future release.
Reverse SSH tunnel back home (optional)
If you also want your home Larry to dial into the client shell:
~/.larry/larry-tunnel.sh --serveo # zero-config (serveo.net, third-party)
~/.larry/larry-tunnel.sh --hop=user@bjnoela.com:22 # your controlled hop
Auto-reconnect built in. PID and public URL written to ~/.larry/tunnel.{pid,url}.
License
GPL? MIT? TBD. Bryan decides before this repo gets shared widely.