The workbench for agentic engineering.The workbenchfor agentic engineering.
The harness that makes your AI agents production-ready, across GitHub Copilot, Claude, Cursor, and any agent on your team.
The harness for your AI agent team
From Observer to Autonomous, AgentCraftworks gives every team the harness to govern, enable, and scale AI agents, with production guardrails that can't be bypassed.
Set the trust level.
Five Adaptive Profiles (Observer, Advisor, Collaborator, Delegated, Autonomous), each with evidence-based trust scoring and compliance attestation (CC6.1, AC-6, §8.4).
Autonomous
Deploy, modify CI, orchestrate
Delegated
Merge, create branch, push
Collaborator
Label, assign, approve, edit
← ACTIVE
Advisor
Comment, suggest changes
Observer
Scan, analyze, surface insights
Production safety, guaranteed.
Hard environment guardrails ensure agents never exceed Collaborator in production. No exceptions.
local / dev
Autonomous
staging
Delegated
production
Collaborator
🔒Platform-enforced
Every handoff, tracked.
Agents delegate work through clear stages with response deadlines, so you always know who's doing what.
Handoff #a3f8
"Fix auth token refresh"
◉
pending
active
✓
completed
From:@security-agent
To:@code-reviewer
Deadline:4h
Status:active
Your agents, your tools.
Zero-config support for GitHub Copilot, Claude, Cursor, Gemini, Windsurf, and any MCP-compatible client, with VS Code agent hooks for pre-execution gates and full audit trails.
Right agent, right code.
Install the GitHub App and get an auto-generated CODEOWNERS setup PR. One-click activation routes the best agent to every file change automatically.
CODEOWNERS
src/auth/** → @security-agent
src/api/** → @code-reviewer
docs/** → @docs-writer
*.test.ts → @test-specialist
↓
PR #142
src/auth/token.ts
Routed to:
@security-agent✓
Every decision, traced.
Rate Governor audit trail, governance gate logs, and promotion engine attestations: full visibility into what agents did, what was denied, and why.
Audit Log: contoso/web-app
10:41✓view_fileT1OK
10:42✓post_commentT2OK
10:43✓edit_fileT3OK
10:44✗merge_prT5DENY
→ Tier: Collaborator
→ Required: Autonomous
→ Env: production (max T3)
10:45✓suggest_changeT2OK
A second opinion, built in.
Rubber Duck activates a cross-model reviewer (Claude → GPT-5.4) after planning, implementation, and test-writing, catching what your primary agent misses before it compounds.
🦆
Rubber Duck · Cross-Model Review
Claude primary · GPT-5.4 reviewer · Different family, different blind spots
📋
1. After plan
Catch architecture flaws before code is written
⚙️
2. After implementation
Surface silent bugs and cross-file conflicts
🧪
3. Before test run
Find test coverage gaps before self-reinforcement
GPT-5.4 · Rubber Duck
HIGHThe scheduler will start and immediately exit; zero jobs will run. The cleanup handler is also disconnected from the lifecycle.
Default ON · Level 3+ · Easy opt-out
74.7% gap closed ↑
Real-time agent orchestration.
Squad Coordinator with skill-based routing, consensus voting, and Rate Governor adaptive rate limiting, shipped with full governance gates and Aspire observability.
🤖Agent Activity
3 active1
Pending2
@alice
Draft PR8m ago@ci-coach
Test improve15m agoActive3
@sec-scanner
PR #42 review2m ago@alice
Feature impl1m agoReview1🔔
@ci-coach
Needs approval5m agoDone12
@alice✓
Auth refactor2h agoEnterprise identity & compliance.
Microsoft Entra ID authentication, Conditional Access policies, Sentinel event pipeline, NIST SP 800-53 and ISO 42001 compliance frameworks, and nuSquad SDK governance bridge: the complete stack for agentic Center of Excellence teams.
🔑
Token Architecture Migration
Product App • Ops App • Domain-separated
Wave 1
●ghaw-changeset → App Token
●ghaw-pr-fix → App Token
●daily-standup → Single-token
●runner-selector → Ops App
●test-improver → App Token
Wave 2
●workflow-health → Monitor
●ci-coach → Monitor
●cli-consistency → Monitor
Wave 3
●Validate & finalize
●Self-hosted runners
●CI/CD templates
Roadmap
What's Coming Next
From portable governance skills to real-time agent monitoring, here's how AgentCraftworks is growing to meet enterprise needs.
COMING NEXT
Squad-to-Squad coordination.
Cross-squad agent workflows with authenticated handoffs via Entra ID, shared quota coordination, and cross-squad audit events, aligned with Google A2A and Pathfinder S2S patterns.
👥
Repo-Local AI Team
OSS Squad Agent • Persistent decision trails
🎯@triage-lead
Issue routing🔍@reviewer
Code review📝@docs-writer
Documentation🧪@test-specialist
Test coverage.squad/decisions.md
✓ Issue #42 → @triage-lead → bug:auth
✓ PR #38 → @reviewer → approved
◉ Issue #45 → @docs-writer → in progress
✓ PR #38 → @reviewer → approved
◉ Issue #45 → @docs-writer → in progress
COMING NEXT
Portable Agent Skills.
Eight governance skills, from handoff orchestration to CI workflow selection, packaged as portable SKILL.md files for any agent framework.
SKILL.md
8 portable packages🔄P0
Handoff Orchestration🛡️P0
Permission Governance🎯P0
CODEOWNERS Routing⚙️P0
CI Workflow Selection📊P0
Autonomy Governance📦P1
Structured Context🚀P1
Repo Onboarding🔧P1
CI Failure RemediationWorks with Copilot, Claude, Cursor, Gemini & any MCP client
SHIPPED
Live agent Kanban in your IDE.
A real-time activity panel inside VS Code. See every agent's status, approve actions, and catch alerts without leaving your editor. Backend SSE event stream (GET /api/events) is live.
🤖Agent Activity
3 active1
Pending2
@alice
Draft PR8m ago@ci-coach
Test improve15m agoActive3
@sec-scanner
PR #42 review2m ago@alice
Feature impl1m agoReview1🔔
@ci-coach
Needs approval5m agoDone12
@alice✓
Auth refactor2h agoON DECK
Browse skills from the sidebar.
Discover, load, and create Agent Skills directly in VS Code, bundled, workspace, or from a remote registry. VS Code agent hooks (pre-execution gates, audit trail, MCP bridge) are now shipped.
💬@agentcraftworks /skill handoff-orchestration
ON DECK
Security-scanned skill registry.
An enterprise validation layer that detects malicious patterns in SKILL.md files, with Gold, Silver, and Bronze quality badges.
🔒
Security Scan Complete
3 skills analyzed • 7 issues found • 1 blocked
agent-handoff.skill.mdNo issues detected
Gold
custom-deploy.skill.md2 issues detected
Silver
untrusted-tool.skill.md5 issues detected
Rejected
Credential harvestingData exfiltrationPrompt injectionMalicious scripts
FOUNDATION
Hardened platform operations.
Domain-separated GitHub App tokens, standardized CI/CD workflows, and self-hosted runners for cost control at scale.
🔑
Token Architecture Migration
Product App • Ops App • Domain-separated
Wave 1
●ghaw-changeset → App Token
●ghaw-pr-fix → App Token
●daily-standup → Single-token
●runner-selector → Ops App
●test-improver → App Token
Wave 2
●workflow-health → Monitor
●ci-coach → Monitor
●cli-consistency → Monitor
Wave 3
●Validate & finalize
●Self-hosted runners
●CI/CD templates
ON DECK
Adaptive Profile Marketplace.
Community-shared profile configurations: browse, fork, and publish Adaptive Profile templates to accelerate governance adoption across teams.
SKILL.md
8 portable packages🔄P0
Handoff Orchestration🛡️P0
Permission Governance🎯P0
CODEOWNERS Routing⚙️P0
CI Workflow Selection📊P0
Autonomy Governance📦P1
Structured Context🚀P1
Repo Onboarding🔧P1
CI Failure RemediationWorks with Copilot, Claude, Cursor, Gemini & any MCP client
ON DECK
Cross-org Profile Federation.
Enforce consistent Adaptive Profiles across multiple GitHub organizations, providing a single policy plane for enterprises managing many repos.
🔑
Token Architecture Migration
Product App • Ops App • Domain-separated
Wave 1
●ghaw-changeset → App Token
●ghaw-pr-fix → App Token
●daily-standup → Single-token
●runner-selector → Ops App
●test-improver → App Token
Wave 2
●workflow-health → Monitor
●ci-coach → Monitor
●cli-consistency → Monitor
Wave 3
●Validate & finalize
●Self-hosted runners
●CI/CD templates
SHIPPED
Analytics & Chronicle Dashboard.
Org-wide maturity scores, ROI summary, Chronicle audit ledger, eval run tracking, promotion gate review, and graduation approval queue, now live in the VS Code Cockpit for Org Owners.
🔒
Security Scan Complete
3 skills analyzed • 7 issues found • 1 blocked
agent-handoff.skill.mdNo issues detected
Gold
custom-deploy.skill.md2 issues detected
Silver
untrusted-tool.skill.md5 issues detected
Rejected
Credential harvestingData exfiltrationPrompt injectionMalicious scripts
SHIPPED
Ask your Cockpit anything.
@agentcraftworks in GitHub Copilot Chat. Check live handoff status, review autonomy dial settings, approve pending action requests, and pull org analytics, all as slash commands in the chat sidebar, without leaving your code.
🤖
@agentcraftworks
Governance at the speed of conversation
LIVE
@agentcraftworks /status
Active Handoffs4
Rate Zone🟢 green
Pending Approvals2 waiting
@agentcraftworks /requests
Merge PR #88by @sec-scanner [approve]
Deploy stagingby @ci-coach [approve]
@agentcraftworks /
Pricing for every team
Community Edition free forever, with paid tiers to meet your needs.
Community
$0$0
/month
Open-source core. Forever free.
Get Started Free
Included today:
Full open-source platform access
Single agent orchestration
Community governance templates
GitHub Actions integration
Community support & docs
Starter
Coming Soon
For developers starting their harness engineering journey.
Everything in Community +
Everything in Community
Up to 5 concurrent agents
Advanced governance controls
MCP server connectivity
Email support
AgentSkills Registry access
Pro
Popular
Coming Soon
For teams running AI agents in production with full governance.
Everything in Starter +
Everything in Starter
Unlimited concurrent agents
Squad Coordinator multi-agent orchestration
Rate Governor adaptive rate limiting
Enterprise security & RBAC
CI/CD pipeline integration
Priority support & SLA
Custom governance policies
Enterprise
Coming Soon
For orgs with compliance & scale needs.
Everything in Pro +
Everything in Pro
Microsoft Entra ID authentication & Conditional Access
Microsoft Sentinel SIEM event pipeline
NIST SP 800-53 & ISO 42001 compliance frameworks
nuSquad SDK multi-squad orchestration
Three-layer Squad Engagement Dial
Dedicated account manager
SOC 2 / HIPAA compliance
On-premise deployment option
Custom SLA guarantees
Unlimited MCP server clusters
Aspire observability integration
Governance gates & promotion engine
ESAP: Source access & internal fork rights
Frequently Asked Questions
Everything you need to know about AgentCraftworks and how it can transform your development workflow
What is the difference between the open-source Community tier and paid tiers?
The Community tier gives you full access to the open-source AgentCraftworks platform, including single agent orchestration, GitHub Actions integration, and community governance templates. Completely free, forever. Paid tiers (Starter at $15/mo, Pro at $23/mo, Enterprise at $31+/mo, billed annually) unlock additional concurrent agents, MCP server connectivity, advanced RBAC, CI/CD pipeline integration, compliance certifications, and dedicated support as your needs scale.
How does AgentCraftworks integrate with GitHub?
AgentCraftworks integrates natively with GitHub Actions, available on every plan including Community. You can trigger agent workflows directly from pull requests and push events, automate code reviews, and orchestrate multi-agent pipelines within your existing GitHub repositories. No separate infrastructure required.
What does enterprise governance mean in practice?
Enterprise governance gives platform administrators fine-grained control over what agents can do. This includes Microsoft Entra ID authentication with corporate identity mapping and DID generation, four code-defined Conditional Access policies (device compliance, IP restrictions, MFA, off-hours controls), a three-layer engagement dial (agent level x squad ceiling x environment cap), and advanced audit logging streamed to Microsoft Sentinel. Governance gates enforce compliance before every agent action, with trust score seeding from Entra security groups. These controls are available on the Pro and Enterprise plans. These capabilities form the harness layer that lets CoE teams govern AI agents at scale without writing governance tooling from scratch.
How do MCP servers work with AgentCraftworks?
Model Context Protocol (MCP) servers act as secure bridges that give your agents access to external tools, APIs, and data sources. Starter plans include MCP server connectivity, while Enterprise plans support unlimited MCP server clusters. You can configure which servers each agent can access through the AgentCraftworks dashboard, keeping sensitive resources gated behind your governance policies.
Is there a self-hosted or on-premise deployment option?
Yes. On-premise deployment is available on the Enterprise plan. This lets your organization run the entire AgentCraftworks platform within your own infrastructure, ensuring that agent workloads and sensitive data never leave your environment. Contact our sales team to discuss infrastructure requirements and custom SLA guarantees.
What compliance standards does AgentCraftworks support?
The Enterprise plan ships with NIST SP 800-53 Rev 5 (14 controls across 5 families), ISO 42001 (11 controls for AI management systems), SOC 2, and HIPAA compliance support. Agent audit events stream to Microsoft Sentinel via 5 custom log tables, and every policy decision is hash-chained for tamper-evident audit trails. Conditional Access policies enforce device compliance, IP restrictions, and MFA at the agent identity layer via Microsoft Entra ID. These capabilities make AgentCraftworks suitable for regulated industries such as healthcare, finance, and government.
How does the AgentSkills Registry work?
The AgentSkills Registry is a curated marketplace of pre-built agent capabilities, from code review and test generation to deployment automation and security scanning. Starting with the Starter plan, you can browse, install, and compose skills into your agent workflows without writing boilerplate integrations. Enterprise customers can also publish private internal skills visible only within their organization.
Can I migrate from an existing CI/CD pipeline?
Yes. AgentCraftworks is designed to complement, not replace, your existing CI/CD setup. The Pro and Enterprise plans include native CI/CD pipeline integration, allowing you to embed agent-powered steps directly into Jenkins, GitHub Actions, GitLab CI, and other pipelines. Migration guides and priority support are available to help you transition incrementally without disrupting production workflows.
What is the Squad Coordinator and Rate Governor?
The Squad Coordinator is AgentCraftworks' multi-agent orchestration engine. It routes work to the best-matched agent using skill-based, locality-aware, or load-balanced routing, with four response modes: single agent, scatter-gather (fan-out), chain (pipeline), and consensus (multi-agent voting). The three-layer Squad Engagement Dial governs what each squad can do: effectiveLevel = min(agentLevel, squadCeiling, environmentCap), never higher than Collaborator in production. The Rate Governor protects your GitHub API quota with six composable patterns: token bucket, sliding window, adaptive backoff, circuit breaker, cascade detection, and lease cleanup. Squad-to-Squad coordination (enabling cross-team agent workflows with authenticated handoffs) is coming next.