Constellagent
Overview
Constellagent is a native macOS desktop app for running multiple AI coding agents in true parallel isolation. Each session gets its own terminal, Monaco code editor with diff view, and a dedicated git worktree — all inside one window. A built-in cron scheduler handles recurring agent tasks with sleep/wake recovery.
The problem it leaves unsolved: agent identity. Every session runs as you — the same credentials, email, and phone number. When agents interact with external services (signing up for APIs, verifying via SMS, authenticating webhooks), they share your personal identity. That’s a security and audit problem as soon as you have more than one agent running.
Ravi solves this with per-session identity provisioning. Each agent gets a real, isolated email address, phone number, and credential vault — no overlap, no leakage.
What Ravi adds
| Without Ravi | With Ravi |
|---|---|
| All agents share your email | Each agent has its own provisioned inbox |
| SMS verification stalls or conflicts | ravi_inbox_sms delivers OTPs to the right agent instantly |
| Credentials stored in one shared location | Per-session vault via ravi_passwords_* and ravi_secrets_* |
| No audit trail per agent | Full identity isolation — one session compromise doesn’t leak others |
| Scheduled tasks run as you | Cron-triggered agents wake with their own identity context |
The “Identity per Worktree” pattern
The natural integration point is at session creation. When Constellagent opens a new worktree session, provision a fresh Ravi identity for it. Store the identity UUID in a .ravi config file at the worktree root. Every tool invocation from that session runs under that identity. On teardown, archive or delete.
This gives you true isolation — not just filesystem, but identity.
Setup
Install and authenticate the Ravi CLI:
brew install ravi-hq/tap/ravi
ravi auth loginProvision an identity at session start
When creating a new Constellagent session, run:
# Create a session-scoped identity (e.g. for a feature branch)
ravi identity create "feature-auth-redesign"
# Store the identity UUID for this worktree
echo '{"identity": "feature-auth-redesign"}' > .ravi/config.jsonOr use the Ravi API to automate this in Constellagent’s session initialization code.
Per-agent email and SMS
Each agent in its session can now:
# Get this session's email and phone
ravi get email # → feature-auth-redesign@yourdomain.raviapp.dev
ravi get phone # → +15551234567
# Check inbox for verification emails
ravi inbox email --unread
# Read an SMS OTP
ravi inbox sms --unreadThis means N agents can sign up for N services simultaneously, receive their own OTPs, and never interfere with each other.
Per-session credential storage
Each agent stores and retrieves credentials in isolation:
# Store a service credential scoped to this session
ravi passwords create --domain api.openai.com --username feature-agent --generate
# Retrieve it later
ravi passwords list
ravi passwords get <uuid>
# Store API keys
ravi secrets set STRIPE_API_KEY sk_test_...
ravi secrets get STRIPE_API_KEYCron + identity
Constellagent’s built-in cron scheduler pairs naturally with Ravi. A scheduled agent wakes, uses its identity context to check ravi inbox email for task instructions, executes, and reports back — all without touching your personal inbox or credentials.
# In a cron-triggered agent script
INSTRUCTIONS=$(ravi inbox email --unread --json | jq -r '.[0].subject')
# ... process instructions ...
ravi email send --to owner@yourcompany.com --subject "Task complete: $INSTRUCTIONS"Demo potential
4 agents registering for 4 different services simultaneously. Each gets its own Ravi email, phone, and credential vault. Zero overlap. The constellation of results lands in 4 separate inboxes, cleanly auditable per session.