CoreCube
The self-hosted context infrastructure layer for organizational AI.
Connect your company systems once. Serve context-enriched, cited answers to every AI interface from one shared backbone.
The problem
Modern teams use multiple AI interfaces simultaneously — OpenWebUI for internal chat, Claude Desktop for deep work, Cursor for code, custom agents for automation. But organizational knowledge is fragmented: the same documents are uploaded to three different tools, connections are configured per-client, and audit trails are scattered.
Each tool builds its own silo. Every RAG platform forces you to re-ingest the same documents per interface. And even the best RAG system re-discovers knowledge from scratch on every question — the synthesis is discarded after every answer. Nothing compounds.
The solution
CoreCube sits between your company systems and your AI interfaces. It creates one shared knowledge layer that any AI client can consume, and it continuously builds and maintains synthesized knowledge — entity pages, project summaries, decision records — so that intelligence compounds over time instead of being recomputed on every query.
Source systems remain the single source of truth. CoreCube never modifies them. It reads, normalizes, indexes, synthesizes, and serves the result to any AI interface through headless APIs.
Core concepts
Three ingestion paths
All knowledge enters CoreCube through three paths, converging into the same evidence layer:
| Path | Description |
|---|---|
| Connectors | Automated delta sync from Confluence, Jira, Notion, Microsoft 365, GitHub, and more |
| Library | Manual document uploads — PDF, Markdown, DOCX, and other file types |
| Check-ins | Human knowledge contribution via Slack, Teams, email, web form, or API |
Every document carries a source_path tag (connector | library | checkin) for trust attribution.
Evidence layer
A unified knowledge store where all ingested documents are normalized, chunked, embedded, and indexed for hybrid search (vector + full-text). All evidence is tagged with source metadata, timestamps, access scopes, and provenance.
Derived knowledge
Persistent, synthesized knowledge artifacts that are built from evidence and updated as sources change: entity pages, project summaries, decision records, and contradiction logs. Always linked back to source evidence.
Memory Engine
Knowledge governance that keeps derived knowledge current: impact detection, staleness propagation, partial regeneration, confidence scoring, contradiction detection, and pruning.
Key features
- OpenAI-compatible API — Drop-in replacement at
/v1/chat/completions. Connect OpenWebUI, Claude Desktop, Cursor, or any OpenAI client without modification. - Source citations — Every response includes numbered references to the original documents with links back to the source.
- Hybrid search — Full-text + vector similarity (pgvector) + freshness weighting for high-quality retrieval.
- Cross-encoder reranker — Final quality gate before context assembly. Provides precision on top of hybrid recall.
- LLM routing — Multi-provider support (Claude, OpenAI, Ollama, custom) with configurable routing and fallback chains.
- MCP server — Expose CoreCube as an MCP server for Claude Desktop, Cursor, and Claude Code.
- Permission-aware retrieval — Two-dimensional access control (compartments + sensitivity levels) enforced at the database level.
- Admin Console — Manage connections, users, LLM providers, knowledge base, audit logs, and system health.
- Self-hosted — Your data stays on your servers. Single Docker Compose deployment.
- Fully local option — Run embeddings and reranking through CoreCube Inference. No external API calls required.
What CoreCube is not
- No chat UI — CoreCube has no end-user chat interface. It serves context to any chat UI (OpenWebUI, LibreChat, etc.).
- No workflow builder — No drag-and-drop canvas or visual automation. CoreCube is infrastructure, not an app builder.
- No agent studio — No visual agent building. CoreCube is what agents query for context.
- Not SaaS — Self-hosted only (managed hosting is a future offering).
User roles
| Role | Description | Permissions |
|---|---|---|
| Admin | System administrator | Full access: connections, knowledge, LLM config, users, audit, settings |
| Editor | Manages knowledge sources | Manage connections, upload documents, browse knowledge, view audit logs |
| Viewer | Read-only operator or auditor | View dashboard, browse knowledge, view audit logs |
| External Client | AI interface connecting via API key | Query the headless API or MCP endpoint, scoped by API key |
Editions
Community Edition (CE) — AGPL-3.0
Fully functional, no artificial limits. No feature gating, no seat limits, no connection count caps. Includes all ingestion paths, hybrid retrieval, the full admin console, audit logging, and Docker deployment.
Enterprise Edition (EE) — Proprietary license
Adds SSO/OIDC with auto-provisioning, advanced roles, outbound webhooks, S3 storage, scheduled audit exports, custom connector plugins, and priority support.
Tech stack
- Runtime: Bun
- Server: Hono 4.x
- Admin Console: React 19, TanStack Query, Tailwind CSS 4, shadcn/ui
- Databases: SQLite (bun:sqlite) + PostgreSQL + pgvector
- Deployment: Docker multi-stage Alpine + tini