The control plane for AI-powered engineering
The AI agent orchestration platform that takes you from idea to production with enterprise-grade governance at every step.
Built for Governed AI Development
From Observer to Full Agent Team — AgentCraftworks gives every team graduated control over AI agents, with production guardrails that can't be bypassed.
Set the trust level.
Five named tiers — from Observer to Full Agent Team — so you control exactly what agents can do.
Full Agent Team
Deploy, modify CI, orchestrate
Agent Team
Merge, create branch, push
Peer Programmer
Label, assign, approve, edit
← ACTIVE
Advisor
Comment, suggest changes
Observer
Scan, analyze, surface insights
Production safety, guaranteed.
Hard environment guardrails ensure agents never exceed Peer Programmer in production — no exceptions.
local / dev
Full Agent Team
staging
Agent Team
production
Peer Programmer
🔒Platform-enforced
Every handoff, tracked.
Agents delegate work through clear stages with response deadlines — you always know who's doing what.
Handoff #a3f8
"Fix auth token refresh"
◉
pending
active
✓
completed
From:@security-agent
To:@code-reviewer
Deadline:4h
Status:active
Your agents, your tools.
Zero-config support for GitHub Copilot, Claude, Cursor, Gemini, Windsurf, and any MCP-compatible client.
Right agent, right code.
CODEOWNERS-based routing dispatches the best agent for every file change — automatically.
CODEOWNERS
src/auth/** → @security-agent
src/api/** → @code-reviewer
docs/** → @docs-writer
*.test.ts → @test-specialist
↓
PR #142
src/auth/token.ts
Routed to:
@security-agent✓
Every decision, traced.
Rate Governor audit trail, governance gate logs, and promotion engine attestations — full visibility into what agents did, what was denied, and why.
Audit Log — contoso/web-app
10:41✓view_fileT1OK
10:42✓post_commentT2OK
10:43✓edit_fileT3OK
10:44✗merge_prT5DENY
→ Tier: Peer Programmer
→ Required: Full Agent Team
→ Env: production (max T3)
10:45✓suggest_changeT2OK
How AgentCraftworks Works
The secure path from idea to production with AI orchestration. Explore our intelligent development cycle, enterprise security, and open-core model.
AgentCraftworks
The control plane for AI-powered engineering
From idea to production, with enterprise-grade governance at every step
Community Edition to Enterprise — upgrade when you are ready
Built on the AGENTS.md open standard (Linux Foundation / Agentic AI Foundation) — read by 25+ AI coding tools: GitHub Copilot, Claude Code, Gemini CLI, Cursor, Windsurf, Devin, OpenAI Codex, and more.
Model-agnostic governance — plug in GPT-4, Claude, Gemini, or open-source models. Engagement levels enforce the same guardrails regardless of AI provider.
5 Human-Agent Engagement Levels
5 Named Engagement Levels
Read → Advise → Collaborate → Automate → Orchestrate
Env caps: Local/Dev L5 · Staging L4 · Prod L3
Model-Agnostic
Works with any AI model or agent — GPT-4, Claude, Gemini, open-source LLMs.
Standard-Driven
Built on AGENTS.md open standard — compatible with 25+ AI coding tools out of the box.
“Customers pick a name, not a number. The engagement level shifts as work moves through the SDLC.”
Community Edition → Enterprise Edition
Enterprise Edition
ENTERPRISE
Microsoft Entra ID — identity, Conditional Access & trust seeding
Microsoft Sentinel — SIEM pipeline with 5 custom log tables
NIST SP 800-53 (14 controls) + ISO 42001 (11 controls)
nuSquad SDK — cross-platform governance bridge
Three-layer engagement dial (agent × squad × environment)
SRE incident response + reliability
Continuous monitoring — anomaly investigation
CI autofix + circuit breaker
Copilot Chronicle governance dashboard
Copilot Agent Dispatch (Level 4+ required)
Worktree + session management
Governance monitor + maturity insights
Real-time dashboard
Enterprise support + SLAs
ESAP — Enterprise Source Access Program
Community Edition
Enterprise Edition
— Start free, upgrade when ready
Community Edition
COMMUNITY
Handoff state machine (4 states)
Engagement levels + action tiers
CODEOWNERS-based agent routing
MCP server with 6 core tools
Webhook handler + HMAC verification
31+ accessibility agents (WCAG 2.2 AA)
CodeQL shift-left security on every PR
GitHub App scaffolding
Community support
Built-in GHAW Workflows
Quality Guard (CE + Enterprise)
CI Coach
PR Fix
Daily Test Improver
Governance & Accessibility
Branch Policy Guard
Staging Refresh
Accessibility Review
Secret Rotation Reminder
Workflow Health Manager
Playwright E2E Tests
Consistency & Observability (Enterprise)
CLI Consistency Checker
azd Service-Tag Check
Changeset
Agentic Workflows — Tier 1 & 2 (CE)
CI Doctor
Code Simplifier
Daily Doc Updater
Grumpy Reviewer
Issue Triage
Link Checker
Plan
Sub-Issue Closer
20 GHAW workflows across 4 product repos — 17 ship with Community Edition
Accessibility-First Platform
31+ specialized agents — WCAG 2.2 AA mandatory — Auto-checklist on every UI PR
Web
16
Document
6
GitHub Wf
5
Dev Tools
4
Security-First Agent Pipeline
Enterprise security at every layer — identity, access control, audit, and compliance
Entra ID
Auth
Conditional Access
4 Policies
Sentinel SIEM
5 Tables
NIST + ISO
25 Controls
CodeQL
Every PR
“Community Edition is a complete protocol layer. Enterprise adds identity, compliance, SIEM, and audit-grade operations.”
Handoff Protocol + MCP Interop
4-State Handoff Protocol
pending
active
completed
failed (from pending)
failed (from active)
Every agent handoff is structured, auditable, and time-bounded.
MCP Tools (8)
create_handoff
accept_handoff
complete_handoff
query_workflow_state
attach_context
get_context
get_agent_identity
validate_conditional_access
Any MCP-capable agent can participate.
Squad Orchestration & Coordination
Squad Coordinator
Multi-agent team orchestration with MCP capability detection, CLI fallback chains, and response mode selection.
Skill-based agent routing
Scatter-gather & consensus modes
Load-balanced work distribution
In-flight ledger tracking
Three-Layer Engagement Dial
Graduated governance:
effectiveLevel = min(agent, squad, env). Each layer independently constrains what agents can do.Agent-level engagement (1-5)
Squad ceiling per team
Environment cap (prod=3)
Detailed limiting-factor breakdown
Squad-to-Squad (coming)
Cross-squad coordination protocol for multi-team agent workflows. Built on Pathfinder S2S patterns with authenticated transport via Entra ID.
Cross-squad handoffs
Shared quota coordination
Cross-squad audit events
Google A2A alignment
Squad Coordinator + Engagement Dial shipped — Squad-to-Squad coordination coming next
AI Platform Integrations
Copilot Chronicle
Session import + governance analysis. Chronicle shows what agents did — AgentCraftworks shows if it was allowed.
.jsonl log import
Policy violation detection
Compliance scoring
Real-time dashboard
Agent Framework Skills
8 portable Agent Skills (SKILL.md) — packaging governance expertise for any agent framework consumer.
Handoff orchestration skill
Permission governance skill
CODEOWNERS routing skill
CI workflow skill
Copilot SDK
Custom governance agent built on Copilot SDK — enforcement at the point of development. Level 4+ required.
Engagement level checks
Governance-aware suggestions
Copilot coding agent dispatch
3 AI platform integrations + 2 governance MCP tools — Copilot Chronicle, Agent Framework Skills, Copilot SDK, Entra ID identity, Conditional Access
VS Code Extension
IDE-native visibility and control
3 Activity Bar Tree Views (Handoffs, SRE Incidents, Autonomy Dial L1-L5)
MCP Native Client — all 6 tools directly from IDE
DevUI Webview Panel with auto-refresh polling (30s)
Status Bar: connection state + current engagement level
5 Commands: Escalate · Set autonomy · Refresh · Open DevUI · Connect MCP
VS Code Extension — 3 tree views, MCP client, DevUI panel, 5 commands
From Prototype to Production
SDLC Lifecycle — Engagement Levels by Phase
IDEA
Full Agent Team
DESIGN
Advisor
DEVELOP
Peer / Agent Team
TEST
Peer Programmer
STAGE
Agent Team
PROD
Peer Programmer ✓
MONITOR
SRE Agents
SRE Feedback Loop (Enterprise)
SRE agents continuously investigate anomalies and incidents in production, feeding findings back into the development cycle.
Audit Trail — Chronicle Overlay
Copilot Chronicle captures every agent session. AgentCraftworks analyzes compliance against engagement levels.
“The dial moves as risk changes. The platform enforces environment guardrails. SRE agents close the loop.”
Azure-Native Infrastructure
Container Apps
Auto-scaling serverless hosting
PostgreSQL Flexible
Persistent state + audit trail
Redis Cache
TLS 1.2, real-time pub/sub
Key Vault
Secrets management
Managed Identity + RBAC
Zero-credential deployment
Bicep IaC
Entire infra as code
Azure Dev CLI
azd up one-command deploySelf-hosted Runners
KEDA scaling, $0 when idle
Container Registry
Managed Identity access
AKS Squad Scaling
Auto-scale agent squads on demand, scale to zero when idle
COMING
KEY STAT:
Azure-native: Container Apps + PostgreSQL + Redis + Key Vault + Bicep IaC + azd — Deployed with
azd up, secured with Managed Identity, scaled to zero when idle.Roadmap
What's Coming Next
From portable governance skills to real-time agent monitoring — here's how AgentCraftworks is growing to meet enterprise needs.
COMING NEXT
Squad-to-Squad coordination.
Cross-squad agent workflows with authenticated handoffs via Entra ID, shared quota coordination, and cross-squad audit events — aligned with Google A2A and Pathfinder S2S patterns.
👥
Repo-Local AI Team
OSS Squad Agent • Persistent decision trails
🎯@triage-lead
Issue routing🔍@reviewer
Code review📝@docs-writer
Documentation🧪@test-specialist
Test coverage.squad/decisions.md
✓ Issue #42 → @triage-lead → bug:auth
✓ PR #38 → @reviewer → approved
◉ Issue #45 → @docs-writer → in progress
✓ PR #38 → @reviewer → approved
◉ Issue #45 → @docs-writer → in progress
COMING NEXT
Portable Agent Skills.
Eight governance skills — from handoff orchestration to CI workflow selection — packaged as portable SKILL.md files for any agent framework.
SKILL.md
8 portable packages🔄P0
Handoff Orchestration🛡️P0
Permission Governance🎯P0
CODEOWNERS Routing⚙️P0
CI Workflow Selection📊P0
Autonomy Governance📦P1
Structured Context🚀P1
Repo Onboarding🔧P1
CI Failure RemediationWorks with Copilot, Claude, Cursor, Gemini & any MCP client
COMING NEXT
Live agent Kanban in your IDE.
A real-time activity panel inside VS Code — see every agent's status, approve actions, and catch alerts without leaving your editor.
🤖Agent Activity
3 active1
Pending2
@alice
Draft PR8m ago@ci-coach
Test improve15m agoActive3
@sec-scanner
PR #42 review2m ago@alice
Feature impl1m agoReview1🔔
@ci-coach
Needs approval5m agoDone12
@alice✓
Auth refactor2h agoON DECK
Browse skills from the sidebar.
Discover, load, and create Agent Skills directly in VS Code — bundled, workspace, or from a remote registry.
💬@agentcraftworks /skill handoff-orchestration
ON DECK
Security-scanned skill registry.
An enterprise validation layer that detects malicious patterns in SKILL.md files — with Gold, Silver, and Bronze quality badges.
🔒
Security Scan Complete
3 skills analyzed • 7 issues found • 1 blocked
agent-handoff.skill.mdNo issues detected
Gold
custom-deploy.skill.md2 issues detected
Silver
untrusted-tool.skill.md5 issues detected
Rejected
Credential harvestingData exfiltrationPrompt injectionMalicious scripts
FOUNDATION
Hardened platform operations.
Domain-separated GitHub App tokens, standardized CI/CD workflows, and self-hosted runners for cost control at scale.
🔑
Token Architecture Migration
Product App • Ops App • Domain-separated
Wave 1
●ghaw-changeset → App Token
●ghaw-pr-fix → App Token
●daily-standup → Single-token
●runner-selector → Ops App
●test-improver → App Token
Wave 2
●workflow-health → Monitor
●ci-coach → Monitor
●cli-consistency → Monitor
Wave 3
●Validate & finalize
●Self-hosted runners
●CI/CD templates
SHIPPED
Enterprise identity, compliance & SIEM.
Microsoft Entra ID authentication, Conditional Access policies, Sentinel event pipeline, NIST SP 800-53 and ISO 42001 compliance frameworks, and nuSquad SDK governance bridge.
👥
Repo-Local AI Team
OSS Squad Agent • Persistent decision trails
🎯@triage-lead
Issue routing🔍@reviewer
Code review📝@docs-writer
Documentation🧪@test-specialist
Test coverage.squad/decisions.md
✓ Issue #42 → @triage-lead → bug:auth
✓ PR #38 → @reviewer → approved
◉ Issue #45 → @docs-writer → in progress
✓ PR #38 → @reviewer → approved
◉ Issue #45 → @docs-writer → in progress
SHIPPED
Repo-local AI team orchestration.
Squad Coordinator with skill-based routing, consensus voting, and Rate Governor adaptive rate limiting — shipped with full governance gates and Aspire observability.
👥
Repo-Local AI Team
OSS Squad Agent • Persistent decision trails
🎯@triage-lead
Issue routing🔍@reviewer
Code review📝@docs-writer
Documentation🧪@test-specialist
Test coverage.squad/decisions.md
✓ Issue #42 → @triage-lead → bug:auth
✓ PR #38 → @reviewer → approved
◉ Issue #45 → @docs-writer → in progress
✓ PR #38 → @reviewer → approved
◉ Issue #45 → @docs-writer → in progress
Pricing for every team
Community Edition free forever, with paid tiers to meet your needs.
Community
$0$0
/month
Open-source core. Forever free.
Get Started Free
Included today:
Full open-source platform access
Single agent orchestration
Community governance templates
GitHub Actions integration
Community support & docs
Starter
Coming Soon
For developers building AI-powered apps.
Everything in Community +
Everything in Community
Up to 5 concurrent agents
Advanced governance controls
MCP server connectivity
Email support
AgentSkills Registry access
Pro
Popular
Coming Soon
For teams shipping production AI agents.
Everything in Starter +
Everything in Starter
Unlimited concurrent agents
Squad Coordinator multi-agent orchestration
Rate Governor adaptive rate limiting
Enterprise security & RBAC
CI/CD pipeline integration
Priority support & SLA
Custom governance policies
Enterprise
Coming Soon
For orgs with compliance & scale needs.
Everything in Pro +
Everything in Pro
Microsoft Entra ID authentication & Conditional Access
Microsoft Sentinel SIEM event pipeline
NIST SP 800-53 & ISO 42001 compliance frameworks
nuSquad SDK multi-squad orchestration
Three-layer Squad Engagement Dial
Dedicated account manager
SOC 2 / HIPAA compliance
On-premise deployment option
Custom SLA guarantees
Unlimited MCP server clusters
Aspire observability integration
Governance gates & promotion engine
ESAP — Source access & internal fork rights
Frequently Asked Questions
Everything you need to know about AgentCraftworks and how it can transform your development workflow
What is the difference between the open-source Community tier and paid tiers?
The Community tier gives you full access to the open-source AgentCraftworks platform — including single agent orchestration, GitHub Actions integration, and community governance templates — completely free, forever. Paid tiers (Starter at $15/mo, Pro at $23/mo, Enterprise at $31+/mo, billed annually) unlock additional concurrent agents, MCP server connectivity, advanced RBAC, CI/CD pipeline integration, compliance certifications, and dedicated support as your needs scale.
How does AgentCraftworks integrate with GitHub?
AgentCraftworks integrates natively with GitHub Actions, available on every plan including Community. You can trigger agent workflows directly from pull requests and push events, automate code reviews, and orchestrate multi-agent pipelines within your existing GitHub repositories — no separate infrastructure required.
What does enterprise governance mean in practice?
Enterprise governance gives platform administrators fine-grained control over what agents can do. This includes Microsoft Entra ID authentication with corporate identity mapping and DID generation, four code-defined Conditional Access policies (device compliance, IP restrictions, MFA, off-hours controls), a three-layer engagement dial (agent level x squad ceiling x environment cap), and advanced audit logging streamed to Microsoft Sentinel. Governance gates enforce compliance before every agent action, with trust score seeding from Entra security groups. These controls are available on the Pro and Enterprise plans.
How do MCP servers work with AgentCraftworks?
Model Context Protocol (MCP) servers act as secure bridges that give your agents access to external tools, APIs, and data sources. Starter plans include MCP server connectivity, while Enterprise plans support unlimited MCP server clusters. You can configure which servers each agent can access through the AgentCraftworks dashboard, keeping sensitive resources gated behind your governance policies.
Is there a self-hosted or on-premise deployment option?
Yes. On-premise deployment is available on the Enterprise plan. This lets your organization run the entire AgentCraftworks platform within your own infrastructure, ensuring that agent workloads and sensitive data never leave your environment. Contact our sales team to discuss infrastructure requirements and custom SLA guarantees.
What compliance standards does AgentCraftworks support?
The Enterprise plan ships with NIST SP 800-53 Rev 5 (14 controls across 5 families), ISO 42001 (11 controls for AI management systems), SOC 2, and HIPAA compliance support. Agent audit events stream to Microsoft Sentinel via 5 custom log tables, and every policy decision is hash-chained for tamper-evident audit trails. Conditional Access policies enforce device compliance, IP restrictions, and MFA at the agent identity layer via Microsoft Entra ID. These capabilities make AgentCraftworks suitable for regulated industries such as healthcare, finance, and government.
How does the AgentSkills Registry work?
The AgentSkills Registry is a curated marketplace of pre-built agent capabilities — from code review and test generation to deployment automation and security scanning. Starting with the Starter plan, you can browse, install, and compose skills into your agent workflows without writing boilerplate integrations. Enterprise customers can also publish private internal skills visible only within their organization.
Can I migrate from an existing CI/CD pipeline?
Yes. AgentCraftworks is designed to complement, not replace, your existing CI/CD setup. The Pro and Enterprise plans include native CI/CD pipeline integration, allowing you to embed agent-powered steps directly into Jenkins, GitHub Actions, GitLab CI, and other pipelines. Migration guides and priority support are available to help you transition incrementally without disrupting production workflows.
What is the Squad Coordinator and Rate Governor?
The Squad Coordinator is AgentCraftworks' multi-agent orchestration engine. It routes work to the best-matched agent using skill-based, locality-aware, or load-balanced routing — with four response modes: single agent, scatter-gather (fan-out), chain (pipeline), and consensus (multi-agent voting). The three-layer Squad Engagement Dial governs what each squad can do: effectiveLevel = min(agentLevel, squadCeiling, environmentCap). The Rate Governor protects your GitHub API quota with six composable patterns: token bucket, sliding window, adaptive backoff, circuit breaker, cascade detection, and lease cleanup. Squad-to-Squad coordination — enabling cross-team agent workflows with authenticated handoffs — is coming next.