Product

A runtime boundary for autonomous agents

Agent Assembly is not another agent framework. It is the governance layer that sits underneath your agents and enforces what they are allowed to do at runtime.

Why agent frameworks are not enough

Frameworks make agents capable — they plan, call tools, and act. But they don’t give an agent an identity, constrain its authority, or keep credentials out of the model’s reach. Agent Assembly adds that boundary without you rewriting your agents.

Identity, Authority, and Secret Isolation

🪪 Identity & 🛡️ Authority

Per-agent, team-scoped identity
Allow/deny policy + network egress control
Per-team budgets and quotas
Human-in-the-loop approval gates
Tamper-evident audit trail

🔑 Secret Isolation

Credentials injected at execution time
Secrets never enter the model context
Per-team secret resolution
Redaction on the audit path

Runtime boundary & enforcement layers

Three independently-deployable layers — in-process SDKs, a sidecar proxy, and eBPF kernel hooks — feed a central gateway that holds the registry, evaluates policy, tracks budgets, and records the audit log. Adopt the depth you need.

Open-source core vs hosted Cloud Console

Open-source core

Self-host the gateway, CLI, SDKs, proxy, and eBPF. Full control, no cost.

Hosted Cloud Console

A managed control plane for orgs, teams, policy versioning, approvals, and audit — without running the backend yourself.

The hosted console is one way to operate Agent Assembly — the open-source core works on its own.

Get started →GitHub Cloud Console