AI agents are in your codebase. Do you control them?AI agents are inyour codebase.Do you control them?

AgentCraftworks gives engineering teams the policy controls, audit trails, and compliance evidence to ship AI-assisted code safely — across GitHub Copilot, Claude, Cursor, and every AI tool in your stack.

Start Free
AgentCraftworks Copilot Agent Dispatch Service code

Why engineering teams choose AgentCraftworks

The problems you're probably living with right now

No visibility

Your AI agents are making decisions you can't see.

Engineers use GitHub Copilot, Claude, and Cursor every day — but their organizations have no audit trail, no policy enforcement, and no way to prove what happened if something goes wrong.

No governance

Security teams are blocking AI agent adoption.

CISOs and compliance teams can't approve AI agent use without evidence controls in place. Every 'let's use AI agents' conversation stalls at 'how do we govern this?'

No cost control

AI credit spend is growing faster than value.

Token costs scale with usage — but without visibility and rate controls, teams don't know which workflows are the most expensive or whether the spend is delivering ROI.

The governance layer your AI agents are missing

From read-only observer to fully autonomous — AgentCraftworks gives every engineering team the policy controls, audit trails, and compliance evidence to run AI agents in production with confidence.

Set the trust level.
Define exactly how much autonomy each AI agent gets — from read-only observer to fully autonomous — with compliance attestation built in at every level.

Autonomous
Deploy, modify CI, orchestrate
Delegated
Merge, create branch, push
Collaborator
Label, assign, approve, edit
← ACTIVE
Advisor
Comment, suggest changes
Observer
Scan, analyze, surface insights

Production safety, guaranteed.
Your governance policy is the ceiling. Agents cannot exceed the permissions you have set in production. No exceptions. No workarounds.

local / dev
Autonomous
staging
Delegated
production
Collaborator
🔒Platform-enforced

Every handoff, tracked.
When an AI agent hands work to another, you see the full chain — who did what, when, with timestamps. No silent delegation. Full accountability.

Handoff #a3f8
"Fix auth token refresh"
pending
active
completed
From:@security-agent
To:@code-reviewer
Deadline:4h
Status:active

Your agents, your tools.
Works with every AI tool your team already uses — GitHub Copilot, Claude, Cursor, Gemini, Windsurf, and any MCP-compatible tool — with governance applied automatically.

AgentCraftworksAgentCraftworksMCP Server
Copilot
Claude
Cursor
Cline
Windsurf
Gemini
Any MCP Client

Right agent, right code.
The right AI agent handles the right code, automatically. Install once and AgentCraftworks routes every file change to the most qualified agent on your team.

CODEOWNERS
src/auth/**@security-agent
src/api/**@code-reviewer
docs/**@docs-writer
*.test.ts@test-specialist
PR #142
src/auth/token.ts
Routed to:
@security-agent

Every decision, traced.
See exactly what every AI agent did, what it was blocked from doing, and why — in a tamper-evident log your security team can point to in any audit.

Audit Log: contoso/web-app
10:41view_fileT1OK
10:42post_commentT2OK
10:43edit_fileT3OK
10:44merge_prT5DENY
→ Tier: Collaborator
→ Required: Autonomous
→ Env: production (max T3)
10:45suggest_changeT2OK

A second opinion, built in.
Before your agent's work ships, a second AI model reviews it independently — catching what the primary agent missed, before it compounds into a bigger problem.

🦆
Rubber Duck · Cross-Model Review
Claude primary · GPT-5.4 reviewer · Different family, different blind spots
📋
1. After plan
Catch architecture flaws before code is written
⚙️
2. After implementation
Surface silent bugs and cross-file conflicts
🧪
3. Before test run
Find test coverage gaps before self-reinforcement
GPT-5.4 · Rubber Duck
HIGH
The scheduler will start and immediately exit; zero jobs will run. The cleanup handler is also disconnected from the lifecycle.
Default ON · Level 3+ · Easy opt-out
74.7% gap closed ↑

Real-time agent orchestration.
Run multiple AI agents in parallel with automatic routing and rate controls — so you stay within API budgets without losing visibility or governance mid-sprint.

🤖Agent Activity
3 active1
Pending2
@alice
Draft PR8m ago
@ci-coach
Test improve15m ago
Active3
@sec-scanner
PR #42 review2m ago
@alice
Feature impl1m ago
Review1🔔
@ci-coach
Needs approval5m ago
Done12
@alice
Auth refactor2h ago

Enterprise identity & compliance.
Microsoft Entra ID, Conditional Access, Microsoft Sentinel, NIST SP 800-53, and ISO 42001 — the complete compliance stack so regulated industries can deploy AI agents without a compliance exception.

🔑
Token Architecture Migration
Product App • Ops App • Domain-separated
Wave 1
ghaw-changeset → App Token
ghaw-pr-fix → App Token
daily-standup → Single-token
runner-selector → Ops App
test-improver → App Token
Wave 2
workflow-health → Monitor
ci-coach → Monitor
cli-consistency → Monitor
Wave 3
Validate & finalize
Self-hosted runners
CI/CD templates
Roadmap

What's shipping and what's next

From governance controls that ship today to the ROI reporting and cross-org controls your leadership team needs next — here is how AgentCraftworks grows with you.

COMING NEXT

AI agent governance across your entire organization.
Extend policy enforcement, audit trails, and quota management across every team and GitHub organization — not just one squad.

👥
Repo-Local AI Team
OSS Squad Agent • Persistent decision trails
🎯@triage-lead
Issue routing
🔍@reviewer
Code review
📝@docs-writer
Documentation
🧪@test-specialist
Test coverage
.squad/decisions.md
✓ Issue #42 → @triage-lead → bug:auth
✓ PR #38 → @reviewer → approved
◉ Issue #45 → @docs-writer → in progress
COMING NEXT

Pre-built governance capabilities, ready to use.
Eight governance skills — from handoff orchestration to CI workflow selection — packaged for any agent framework. No custom integration required.

SKILL.md
8 portable packages
🔄P0
Handoff Orchestration
🛡️P0
Permission Governance
🎯P0
CODEOWNERS Routing
⚙️P0
CI Workflow Selection
📊P0
Autonomy Governance
📦P1
Structured Context
🚀P1
Repo Onboarding
🔧P1
CI Failure Remediation
Works with Copilot, Claude, Cursor, Gemini & any MCP client
SHIPPED

Watch every AI agent live, inside your editor.
A real-time activity panel in VS Code. See every agent's status, approve pending actions, and catch alerts — without leaving your code.

🤖Agent Activity
3 active1
Pending2
@alice
Draft PR8m ago
@ci-coach
Test improve15m ago
Active3
@sec-scanner
PR #42 review2m ago
@alice
Feature impl1m ago
Review1🔔
@ci-coach
Needs approval5m ago
Done12
@alice
Auth refactor2h ago
ON DECK

Discover and activate agent capabilities in VS Code.
Browse, install, and create agent governance skills directly from the VS Code sidebar — from the registry, your workspace, or a remote source.

Skills
+
Bundled (5)
📄agent-handoff-orchestration
🥇
📄agent-permission-governance
🥇
📄codeowners-agent-routing
🥇
Workspace (2)
📝my-team-onboarding
📝custom-ci-rules
Remote (14)
💬@agentcraftworks /skill handoff-orchestration
ON DECK

Every agent skill, security-vetted before it runs.
An enterprise validation layer that screens agent skills for malicious patterns, with trust badges so your teams know exactly what is safe to use.

🔒
Security Scan Complete
3 skills analyzed • 7 issues found • 1 blocked
agent-handoff.skill.mdNo issues detected
Gold
custom-deploy.skill.md2 issues detected
Silver
untrusted-tool.skill.md5 issues detected
Rejected
Credential harvestingData exfiltrationPrompt injectionMalicious scripts
FOUNDATION

Enterprise infrastructure controls.
Isolated credentials per GitHub App, standardized CI/CD pipelines, and self-hosted runner support — built for cost control and compliance at scale.

🔑
Token Architecture Migration
Product App • Ops App • Domain-separated
Wave 1
ghaw-changeset → App Token
ghaw-pr-fix → App Token
daily-standup → Single-token
runner-selector → Ops App
test-improver → App Token
Wave 2
workflow-health → Monitor
ci-coach → Monitor
cli-consistency → Monitor
Wave 3
Validate & finalize
Self-hosted runners
CI/CD templates
ON DECK

Governance templates your whole org can share.
Browse, fork, and publish agent governance profile templates to accelerate AI agent adoption across every team in your organization.

SKILL.md
8 portable packages
🔄P0
Handoff Orchestration
🛡️P0
Permission Governance
🎯P0
CODEOWNERS Routing
⚙️P0
CI Workflow Selection
📊P0
Autonomy Governance
📦P1
Structured Context
🚀P1
Repo Onboarding
🔧P1
CI Failure Remediation
Works with Copilot, Claude, Cursor, Gemini & any MCP client
ON DECK

One governance policy, enforced everywhere.
Set AI agent permissions once; enforce them consistently across every GitHub organization your company manages.

🔑
Token Architecture Migration
Product App • Ops App • Domain-separated
Wave 1
ghaw-changeset → App Token
ghaw-pr-fix → App Token
daily-standup → Single-token
runner-selector → Ops App
test-improver → App Token
Wave 2
workflow-health → Monitor
ci-coach → Monitor
cli-consistency → Monitor
Wave 3
Validate & finalize
Self-hosted runners
CI/CD templates
SHIPPED

AI productivity and ROI reporting for leadership.
Org-wide usage metrics, cost-per-outcome tracking, audit history, and governance review queues — in one view your engineering leadership can actually read.

🔒
Security Scan Complete
3 skills analyzed • 7 issues found • 1 blocked
agent-handoff.skill.mdNo issues detected
Gold
custom-deploy.skill.md2 issues detected
Silver
untrusted-tool.skill.md5 issues detected
Rejected
Credential harvestingData exfiltrationPrompt injectionMalicious scripts
SHIPPED

Ask your governance dashboard anything.
@agentcraftworks in GitHub Copilot Chat. Check live agent status, review autonomy settings, approve pending actions, and pull org analytics — all as slash commands in the chat sidebar.

🤖
@agentcraftworks
Governance at the speed of conversation
LIVE
@agentcraftworks /status
Active Handoffs4
Rate Zone🟢 green
Pending Approvals2 waiting
@agentcraftworks /requests
Merge PR #88by @sec-scanner [approve]
Deploy stagingby @ci-coach [approve]
@agentcraftworks /

Pricing for every team

Community Edition free forever, with paid tiers to meet your needs.

Community
$0
/month
Open-source core. Forever free.
Get Started Free
Included today:
Full open-source platform access
Single agent orchestration
Community governance templates
GitHub Actions integration
Community support & docs
Starter
Coming Soon
For developers starting their harness engineering journey.
Everything in Community +
Everything in Community
Up to 5 concurrent agents
Advanced governance controls
MCP server connectivity
Email support
AgentSkills Registry access
Pro
Popular
Coming Soon
For teams running AI agents in production with full governance.
Everything in Starter +
Everything in Starter
Unlimited concurrent agents
Squad Coordinator multi-agent orchestration
Rate Governor adaptive rate limiting
Enterprise security & RBAC
CI/CD pipeline integration
Priority support & SLA
Custom governance policies
Enterprise
Coming Soon
For orgs with compliance & scale needs.
Everything in Pro +
Everything in Pro
Microsoft Entra ID with corporate identity mapping
Conditional Access policies (device, IP, MFA, off-hours)
Microsoft Sentinel SIEM audit event pipeline
NIST SP 800-53 & ISO 42001 compliance frameworks
Cross-team AI agent orchestration with shared governance
Organization-wide agent permission hierarchy
Dedicated account manager
SOC 2 / HIPAA compliance
On-premise deployment option
Custom SLA guarantees
Unlimited MCP server clusters
Distributed tracing and observability
Automated governance checkpoints before code ships
Full source access for internal customization and private forks

Frequently Asked Questions

Everything you need to know about AgentCraftworks and how it can transform your development workflow

My security team won't approve AI agent use without an audit trail. Can AgentCraftworks help?
Yes. AgentCraftworks generates a tamper-evident audit log for every AI agent action — what was done, what was blocked, and why — and streams events to Microsoft Sentinel in real time. You can export governance evidence on demand for SOC 2, NIST SP 800-53, and ISO 42001 reviews without manually assembling logs. Conditional Access policies (device compliance, IP restrictions, MFA, off-hours controls) are enforced at the agent identity layer via Microsoft Entra ID. Most teams have compliance-ready evidence to present within the first session.
What can my team use today, and what is still coming?
The core governance capabilities are available now: org-enforced autonomy policies, human approval workflows for high-risk actions, audit-ready evidence exports, real-time agent monitoring in VS Code, and multi-surface governance across GitHub Copilot, Claude, Cursor, and other AI tools. The Community Edition is free today and includes single-agent orchestration and GitHub Actions integration. Token efficiency optimization, leader ROI reporting, and advanced cross-org orchestration are on the roadmap. See the Roadmap section for what's shipping next.
How do I control what AI agents are costing us in API tokens and credits?
AgentCraftworks includes rate controls that prevent agents from exceeding per-team or per-workflow API budgets. You get visibility into token usage by team and workflow, with limits that auto-enforce before costs escalate. The Pro and Enterprise plans include adaptive rate limiting so agents automatically back off when approaching thresholds, preventing mid-sprint cost surprises. Token efficiency optimization — including waste reduction guidance and automated loops — is a Phase 2 roadmap item.
Does this work alongside our existing GitHub Copilot Enterprise subscription?
Yes. AgentCraftworks works alongside your existing GitHub Copilot Enterprise subscription, adding the governance, policy enforcement, and audit layer that Copilot does not provide on its own. You keep your existing Copilot setup; AgentCraftworks adds the controls and evidence your security and compliance teams require. Integration with GitHub Actions is available on every plan, including Community.
What is the difference between the open-source Community tier and paid tiers?
The Community tier gives you full access to the open-source AgentCraftworks platform, including single agent orchestration, GitHub Actions integration, and community governance templates. Completely free, forever. Paid tiers (Starter at $15/mo, Pro at $23/mo, Enterprise at $31+/mo, billed annually) unlock additional concurrent agents, MCP server connectivity, advanced RBAC, CI/CD pipeline integration, compliance certifications, and dedicated support as your needs scale.
How does AgentCraftworks integrate with GitHub?
AgentCraftworks integrates natively with GitHub Actions, available on every plan including Community. You can trigger agent workflows directly from pull requests and push events, automate code reviews, and orchestrate multi-agent pipelines within your existing GitHub repositories. No separate infrastructure required.
What does enterprise governance mean in practice?
Enterprise governance gives platform administrators fine-grained control over what agents can do. This includes Microsoft Entra ID authentication with corporate identity mapping, four code-defined Conditional Access policies (device compliance, IP restrictions, MFA, off-hours controls), a three-layer permission hierarchy (agent level × squad ceiling × environment cap), and advanced audit logging streamed to Microsoft Sentinel. Governance checkpoints enforce compliance before every agent action. These capabilities let teams govern AI agents at scale without building governance tooling from scratch.
How do MCP servers work with AgentCraftworks?
Model Context Protocol (MCP) servers act as secure bridges that give your agents access to external tools, APIs, and data sources. Starter plans include MCP server connectivity, while Enterprise plans support unlimited MCP server clusters. You can configure which servers each agent can access through the AgentCraftworks dashboard, keeping sensitive resources gated behind your governance policies.
Is there a self-hosted or on-premise deployment option?
Yes. On-premise deployment is available on the Enterprise plan. This lets your organization run the entire AgentCraftworks platform within your own infrastructure, ensuring that agent workloads and sensitive data never leave your environment. Contact our sales team to discuss infrastructure requirements and custom SLA guarantees.
What compliance standards does AgentCraftworks support?
The Enterprise plan ships with NIST SP 800-53 Rev 5 (14 controls across 5 families), ISO 42001 (11 controls for AI management systems), SOC 2, and HIPAA compliance support. Agent audit events stream to Microsoft Sentinel via custom log tables, and every policy decision is hash-chained for tamper-evident audit trails. These capabilities make AgentCraftworks suitable for regulated industries such as healthcare, finance, and government.
How does the AgentSkills Registry work?
The AgentSkills Registry is a curated marketplace of pre-built agent capabilities, from code review and test generation to deployment automation and security scanning. Starting with the Starter plan, you can browse, install, and compose skills into your agent workflows without writing boilerplate integrations. Enterprise customers can also publish private internal skills visible only within their organization.
Can I migrate from an existing CI/CD pipeline?
Yes. AgentCraftworks is designed to complement, not replace, your existing CI/CD setup. The Pro and Enterprise plans include native CI/CD pipeline integration, allowing you to embed agent-powered steps directly into Jenkins, GitHub Actions, GitLab CI, and other pipelines. Migration guides and priority support are available to help you transition incrementally without disrupting production workflows.

AI agent accountability, built in from day one.

Stop hoping your AI agents behave. Start with the Community Edition — free forever — and add policy controls, audit trails, and compliance evidence as your team grows.