kolm run · the local execution leg

Open the box. Run anywhere.

A .kolm file is a sealed, signed zip. kolm run opens it on any laptop, server, or edge box and executes deterministic recipes against your input, no frontier API call, no network, no telemetry. Or expose every local artifact as an MCP tool with one command and let Claude, Codex, or Cursor pick the right one for each turn.

Run a single artifact.

# execute against a string input $ kolm run support-triage.kolm "my login is failing after the update" { "output": "category=auth severity=high suggested_owner=identity-team", "recipe_id": "r_class_v3", "latency_us": 1480, "k_score": { "composite": 412.7, ... }, "receipt": { "spec": "rs-1-run", "recipe_id": "r_class_v3", ... } } # or pipe JSON $ echo '{"text":"..."}' | kolm run support-triage.kolm # inspect without running $ kolm inspect support-triage.kolm $ kolm score support-triage.kolm # show K-score only $ kolm eval support-triage.kolm # re-run embedded eval suite

Or expose every artifact as an MCP tool.

One command turns ~/.kolm/artifacts/ into a live MCP server. Claude Desktop, Cursor, Codex, and any other frontier agent that speaks Model Context Protocol auto-discover every compiled skill, no per-tool integration code, ever.

# stdio transport (what most MCP clients want) $ kolm serve --mcp ┌─ kolm MCP server ───────────────────────────────────────── │ artifacts: ~/.kolm/artifacts │ tools: 7 │ • support-triage , classify support tickets · k=412.7, signed │ • email-reply , draft replies in user's voice · k=389.4, signed │ • pr-review , spot bugs in React PRs · k=441.2, signed │ • code-style , review Python style · k=355.9, signed │ …and 3 more │ │ Add to your MCP client config: │ { │ "kolm": { │ "command": "kolm", │ "args": ["serve", "--mcp"] │ } │ } └──────────────────────────────────────────────────────────── # or HTTP for network agents $ kolm serve --mcp --http --port 8765 $ curl http://127.0.0.1:8765/health { "ok": true, "tools": 7 }

What's inside a .kolm.

The bundle

support-triage.kolm/
├── manifest.json — task, K-score, hashes
├── recipes.json — deterministic draft pack
├── model.gguf — base model pointer
├── lora.bin — task-specific delta
├── index.sqlite-vec — corpus index
├── evals.json — embedded eval suite
└── signature.sig — HMAC chain

The contract

Open the zip. Verify signature.sig against the canonical JSON of manifest.json. If valid, every other file is anchored, including the model pointer, the LoRA delta, every recipe, the corpus index, and the eval suite that produced the K-score. One signature, every byte covered.

The receipt.

Every kolm run emits a structured receipt: which artifact ran, which recipe inside fired, the version pin, the timing, and the K-score the artifact was packaged with. Save it, ship it, audit it, chain it to whatever upstream system you run.

{ "spec": "rs-1-run", "artifact_job_id": "job_abc", "recipe_id": "r_class_v3", "version_id": "v3.2.1", "latency_us": 1480, "ran_at": "2026-05-06T18:42:11Z" }