JAT + Ravi

What JAT Is

JAT is a self-contained agentic development environment: a full IDE (Monaco editor, git integration, terminal) combined with an agent orchestration layer. It runs locally and lets you supervise 20+ parallel agents from a single web UI — or step back entirely and let agents run autonomously.

The paradigm JAT articulates is clear:

• Traditional IDE → you write, tools assist
• Copilot IDE → you write, AI completes
• Agentic IDE → agents write, you supervise
• Autonomous Platform → events trigger agents, work ships while you sleep

The core loop: describe a feature → AI generates a PRD → /JAT:TASKTREE converts it to structured tasks → Epic Swarm spawns agents on each subtask → agents work in parallel → you review diffs → commit and push.

JAT ships 50+ bash tools, a built-in Agent Mail system for intra-swarm communication, and external triggers via Telegram, Slack, RSS, and Gmail. A scheduler daemon handles cron, one-shot, and delayed agent spawning.

The Problem: Agents Sharing Your Identity

When a JAT swarm reaches outside the local machine — to notify a client, receive a service confirmation, verify a Telegram bot, or pull API credentials — the agents have no identity of their own. They borrow yours. That creates three real problems:

1. Security: A compromised agent session has access to your personal email, your phone number, your credentials.
2. Auditability: You can’t tell which agent sent what, or reconstruct what happened after the fact.
3. Scale: The moment you run more than one swarm, identity collisions become a real issue.

Ravi fixes this by giving each agent its own accountable identity.

Where Ravi Fits

Agent Mail → Ravi Email

JAT’s built-in Agent Mail is designed for intra-swarm communication. But the moment an agent needs to reach outside — send a client notification, receive a service confirmation, interact with a third-party API that requires a valid sender — it needs a real email address.

Ravi provisions dedicated, isolated email addresses per agent. Each JAT agent gets its own @ravi.app inbox with full send and receive capability. No personal Gmail. No shared credentials. No OAuth configuration to manage.

Gmail Trigger → Ravi Inbox

JAT supports Gmail as an external trigger source. This requires a human Gmail account — which means OAuth, credential management, and your personal inbox in the loop.

Ravi flips this: agents get their own inboxes natively. The trigger source becomes agent-owned infrastructure, not borrowed human credentials. Cleaner security model, zero OAuth dance.

Telegram Bot Registration → Ravi Phone

When JAT users register Telegram bots for autonomous triggers, those bots need a phone number for verification. Without a dedicated number, you’re exposing your personal phone.

Ravi provides agent-native phone numbers in E.164 format — provisioned programmatically, no SIM swaps, no personal number exposure.

API Credentials → Ravi Secrets Vault

Agents in a JAT swarm need API keys, tokens, and service credentials to do real work — GitHub, Stripe, external APIs. Without a proper vault, those credentials end up hardcoded, in environment variables, or shared across sessions.

Ravi’s encrypted secrets store gives each agent its own vault with E2E encryption at rest. JAT can integrate Ravi secrets as the canonical credential backend for agent sessions — so every spawned agent pulls exactly the credentials it needs, and nothing more.

Setup Guide

1. Install Ravi

npm install -g @ravi-hq/ravi
ravi login

2. Provision an Identity for Your Agent Swarm

const ravi = require('@ravi-hq/ravi');

// Create a dedicated identity for this swarm
const identity = await ravi.identities.create({
  name: 'jat-swarm-agent'
});

console.log(identity.email);  // e.g. jat-swarm-agent@ravi.app
console.log(identity.phone);  // e.g. +15551234567

3. Inject Identity into JAT Agent Sessions

In your JAT plugin or task setup, pass the Ravi identity to each spawned agent:

# In your JAT .env or task configuration
RAVI_AGENT_EMAIL=jat-swarm-agent@ravi.app
RAVI_AGENT_PHONE=+15551234567
RAVI_AGENT_TOKEN=<your-ravi-api-token>

4. Replace Gmail Trigger with Ravi Inbox

Instead of using a personal Gmail account as the JAT ingest trigger, point to the Ravi inbox:

// Poll Ravi inbox for incoming task requests
const messages = await ravi.inbox.list({ unread: true });

for (const message of messages) {
  if (message.subject.includes('[JAT-TASK]')) {
    await jat.createTask({ 
      description: message.body,
      source: message.from 
    });
  }
}

5. Store Credentials in Ravi Vault

// Store credentials for use by JAT agents
await ravi.secrets.set('GITHUB_TOKEN', process.env.GITHUB_TOKEN);
await ravi.secrets.set('STRIPE_KEY', process.env.STRIPE_KEY);

// Agents retrieve credentials at runtime
const githubToken = await ravi.secrets.get('GITHUB_TOKEN');

The Full Pattern

When JAT spawns an agent for a task, it provisions a Ravi identity for that agent session — a dedicated email, phone, and secrets context. The agent uses its Ravi email to receive confirmations, its Ravi phone to verify service accounts, and its Ravi vault to pull credentials.

When the task completes, the identity stays auditable in the Ravi dashboard. You can see exactly what each agent sent, received, and accessed — across every session, every swarm.

The pitch: Your agents shouldn’t share your identity. JAT + Ravi gives every agent in your swarm its own.

Resources

• JAT GitHub Repository
• Ravi Identity API Reference
• Ravi Secrets API Reference
• Ravi Inbox API Reference