Architecture
GuideKit is built as a modular monorepo with clear separation of concerns. This page covers the internal architecture.
Package Structure
guidekit/
packages/
core/ # @guidekit/core — pipeline, DOM, LLM, context
src/
pipeline/ # v2 PipelineOrchestrator (scan → render)
dom/ # DOM Intelligence Engine
cognitive/ # Tier C experimental subpath
telemetry/ # Tier C experimental subpath
intelligence/ # @guidekit/intelligence — Platform Mode enrich/validate
knowledge/ # @guidekit/knowledge — client-side RAG
plugins/ # @guidekit/plugins — plugin hooks and tools
react/ # @guidekit/react — Provider + hooks + widget
server/ # @guidekit/server — JWT tokens, async SessionStore, proxy
vanilla/ # @guidekit/vanilla — IIFE script-tag bundle
cli/ # @guidekit/cli — CLI tools
apps/
docs/ # Documentation site (Nextra)
example-nextjs/ # Reference Next.js integrationSee Platform Mode for the full v2 pipeline stage diagram.
Core Subsystems
DOM Intelligence Engine
Builds a compact PageModel (~5KB) using TreeWalker traversal:
- Section scoring: Viewport-visible sections scored highest
data-guidekit-target: Developer-provided stable selectorsdata-guidekit-ignore: Skip sensitive DOM subtrees- Budget: 5000-node limit, yields via
requestIdleCallbackwith adaptive time budget - MutationObserver: Debounced (500ms), circuit breaker at 100 mutations/sec
LLM Orchestrator
Streaming multi-turn conversation with tool calling:
- Provider adapters: Gemini (default), custom adapters via
LLMProviderAdapter - Tool execution: Multi-turn loop with parallel tool calls
- Context window: Sliding window, summarize oldest turns at 80% capacity
- Content filter: Retry with simplified prompt, graceful user message
Voice Pipeline
Half-duplex voice with echo cancellation:
Mic → VAD (Silero) → STT (Deepgram / Web Speech API) → LLM (Gemini) → TTS (ElevenLabs / Web Speech API) → Speaker- State machine: IDLE → LISTENING → PROCESSING → SPEAKING → IDLE
- Barge-in: Detect speech during TTS, abort stream, switch to LISTENING
- Echo detection: 60% word overlap within 3-second window
- Degradation: Voice failure → text-only mode (not Web Speech API)
Visual Guidance
Spotlight overlay and tooltip system:
- Spotlight: Box-shadow cutout on
document.body(outside Shadow DOM) - Tracking: ResizeObserver + scroll listeners (not rAF polling)
- Scrollable containers: Detect ancestor overflow, clip to intersection
- Tours: Sequential guided tour with auto/manual modes
- Accessibility:
aria-live="assertive"announcements for screen readers
User Awareness
Passive signals for proactive behavior:
| Signal | Method | Throttle |
|---|---|---|
| Viewport/scroll | scroll (passive) | per-frame |
| Visible sections | IntersectionObserver | on change |
| Mouse region | elementFromPoint | 200ms |
| Dwell detection | 8s on same section | 8s |
| Idle detection | 60s no interaction | 60s |
| Rage clicks | 3+ clicks in 2s | per-event |
Security Model
Token-Based Auth
Client → POST /api/guidekit/token → JWT (sessionId, permissions, exp)
Client → JWT to server middleware → Server looks up provider keys → Proxy to provider- JWT tokens do NOT contain API keys (base64-decodable)
- Provider keys stay server-side in a
SessionStore(in-memory for dev; Redis for multi-instance production — see Server SDK) - Tokens refresh at 80% of TTL, multi-tab coordination via BroadcastChannel
- Signing secret rotation: accepts array
[newSecret, oldSecret] - Proxy routes enforce permissions (
llm/stt/tts) and optionalallowedOrigins(JWTaud→Originheader)
Production security checklist
- Proxy mode only — never ship provider API keys to the browser (Privacy & Security).
- Session store —
RedisSessionStorewhen running more than one instance (compatibility). - Rate limits — tune
createGuideKitHandlerrateLimit(Server SDK). - Origin allowlist — set
allowedOriginswhen minting tokens in production. - Observability — use pipeline telemetry to debug latency and token-heavy turns (Observability).
Privacy
| Data | Leaves Browser? | Storage |
|---|---|---|
| Audio chunks | Yes → STT (ephemeral) | Not stored |
| Transcripts | Yes → LLM (ephemeral) | Not stored |
| PageModel | Yes → LLM (ephemeral) | Not stored |
| Full DOM | No | Browser only |
| Mouse/scroll | No | Browser only |
| Form values | Never | Stripped |
Protections
data-guidekit-ignore: Skip sensitive subtreesonBeforeLLMCall: Developer privacy hook for custom scrubbing- Tooltip
textContentonly (neverinnerHTML— prevents XSS) - Client-side rate limits (cost protection, not security)
- Password/email/phone inputs: values never included in PageModel
Error Handling
All errors extend GuideKitError with actionable guidance:
class GuideKitError extends Error {
code: string;
provider?: string;
recoverable: boolean;
suggestion: string;
docsUrl: string;
}Error types: AuthenticationError, ConfigurationError, NetworkError, TimeoutError, RateLimitError, PermissionError, BrowserSupportError, ContentFilterError, ResourceExhaustedError, InitializationError.
See Troubleshooting for how recoverable maps to user-facing retry behavior.
Observability
Each user message records per-stage pipeline spans (latency, token metadata). Use Observability and the DevTools Telemetry tab during development.
EventBus
Typed pub/sub with namespace support:
bus.on('dom:scan-complete', handler);
bus.on('llm:*', handler); // Namespace wildcard
bus.onAny(handler); // All events
const unsub = bus.on('error', handler);
unsub(); // CleanupError isolation: one handler throwing does not prevent others from executing.
Resource Management
All allocated resources tracked via ResourceManager:
AbortControllersignal pattern for event listeners- Ref-counted singleton (StrictMode safe)
- Per-resource 2s cleanup timeout on teardown
- Instance isolation via
instanceId
LLM Tools
| Tool | Description |
|---|---|
highlight | Spotlight an element |
dismissHighlight | Remove spotlight |
scrollToSection | Smooth scroll |
navigate | SPA navigation (same-origin) |
startTour | Sequential guided tour |
readPageContent | Read visible text |
getVisibleSections | What’s in viewport |
clickElement | Programmatic click (whitelisted) |
executeCustomAction | Developer-defined actions |
searchSite | Search server-backed full-site knowledge |
Agent Runtime
Agent Runtime v1 combines:
- Site knowledge: token-protected server search over indexed website documents.
- Live page model: current DOM sections, forms, overlays, navigation, and action-aware interactives.
- Guided autonomy: same-origin navigation and safe clicks can run automatically; submit, purchase, destructive, and auth actions require confirmation unless handled by developer-defined actions.
PageMemory remains session/current-page memory. Whole-site context comes from siteKnowledge, which keeps large or private indexes server-side.
Technology Stack
| Layer | Choice |
|---|---|
| Build | tsup (esbuild), pnpm + Turborepo |
| LLM | Gemini 2.5 Flash (default) |
| STT | Deepgram Nova-3 (WebSocket), Web Speech API |
| TTS | ElevenLabs Flash v2.5 (WebSocket), Web Speech API |
| VAD | Silero via ONNX Runtime |
| UI | Shadow DOM |
| Auth | JWT (HS256 via jose) |
| Testing | Vitest + Playwright |