AGIRUNNER PLATFORM (Docker Compose)
Interfaces
Dashboard
Operator UI
HTTP + SSE API
Control-plane boundary
SDK
Typed client + realtime
CLI
Planned operator shell
Control Plane
Playbooks
Workflows
Work Items
Tasks
Events
Handoffs
Agentic Workflow Orchestration
Activations · routing · policy guards
Runtime Contracts
Runtime Profiles
Model Routing
Runtime Policies
Core Platform Services
Ops Data Store
Object Store
Auth & Identity
Runtime Fleet Manager
Reconciliation
Worker Fleet
Runtime Provisioning
Platform Telemetry
Logging
Metrics
Metering
Integrations
Webhooks
(Soon)
Triggers
(Soon)
MCP Server
(Soon)
ACP / A2A
(Soon)
Playbook Catalog
Playbooks, Roles, Skills
Dispatches specialist tasks to runtimes
AGIRUNNER RUNTIME (Docker)
SPECIALIST AGENT (Container)
Platform Integration
Registration
Heartbeat
Task Claims
Runtime Services
LLM Client
Tool Registry
Workspace Orchestration
Capture & Reporting
Drives execution
Agent Loop Engine
LLM reasoning · planning/verification · tool orchestration · budget control
Secrets Boundary
Provider credentials and resolved secrets stay in runtime memory
Creates + supervises · scoped injection + exec bridge
SPECIALIST EXECUTION (Container)
Workspace
Mutable repo · artifacts
Bootstrap
Clone · setup · context files
Tool Execution
shell · git · file ops
Lifecycle Posture
Fresh container per specialist task
Isolation Boundary
Dedicated filesystem/process isolation + cleanup boundary
Scoped Inputs
Context files, cloned repo, and task-scoped material only
Integrations
LLM Providers
Git Repos
Remote MCP Servers
AGIRUNNER PLATFORM
INTERFACE LAYER
Dashboard
React · Vite · Tailwind v4
Workflow views · logs · inspector
TanStack Query · ReactFlow · Monaco
Workflow views · logs · inspector
TanStack Query · ReactFlow · Monaco
API Boundary
REST routes · SSE streams
Workflow · task · fleet APIs
Auth · config · events
Workflow · task · fleet APIs
Auth · config · events
TypeScript SDK
Type-safe client bindings
Realtime subscribe helpers
Realtime subscribe helpers
CLI (v4)
Conversational operator shell
Workflow control
Workflow control
Portals (v4)
Consumer UX
SSO · Branding
SSO · Branding
All requests
AUTHENTICATION & AUTHORIZATION
API Key Auth
ab_ prefix · argon2id
Timing-safe compare
Timing-safe compare
JWT Auth
12h access token
30d refresh token
30d refresh token
SSO / OAuth2
Google · GitHub
Code flow
Code flow
RBAC
5 roles
viewer · operator · admin tiers
viewer · operator · admin tiers
Authorized requests
APPLICATION SERVICES
Workflow
Workflow state · activations
Dispatch · policy guards
Dispatch · policy guards
Task
Claim lifecycle · readiness
Timeouts · approvals · reassignment
Timeouts · approvals · reassignment
Fleet & Runtime
Worker fleet · runtime contracts
Defaults · heartbeats
Defaults · heartbeats
Orchestration
Playbooks · work items
Activations · board movement
Activations · board movement
Events & Integration
SSE primary · WS gateway
Webhooks · GitHub · Slack
Webhooks · GitHub · Slack
Configuration
Providers · models · roles
Instructions · runtime profiles
Instructions · runtime profiles
Assistant (v4)
50+ tools · Sessions
Teams (v4)
Role compositions
Domain overrides
Domain overrides
Business rules
DOMAIN LAYER
Task State Machine
10 states
pending → ready → claimed → in_progress
pending → ready → claimed → in_progress
Workflow State Machine
6 states
pending → active → paused → completed/failed/cancelled
pending → active → paused → completed/failed/cancelled
Worker State Machine
6 states
online → busy/draining/degraded → disconnected → offline
online → busy/draining/degraded → disconnected → offline
Playbook Model
Playbooks · roles · gates
Work items · activations
Work items · activations
Capability Matcher
Agent ↔ Task routing · Required vs available
Persistence
INFRASTRUCTURE LAYER
Ops Data Store
Drizzle ORM · workflow store
Tenant isolation · migrations
Tenant isolation · migrations
Artifact Storage
S3 · GCS · Azure · Local
Presigned URLs
Presigned URLs
Event Transport
SSE stream (primary)
WS events + worker gateway
WS events + worker gateway
Background Jobs
Lifecycle monitor · delivery
Integration dispatch
Integration dispatch
RUNTIME FLEET MANAGER (Go)
Separate process · DCM reconciliation · fleet lifecycle · priority scheduling · Docker socket proxy
AGIRUNNER RUNTIME (Go)
PLATFORM INTEGRATION
App Bootstrap
Config · Logger · Metrics
Tracer · HTTP Server
Tracer · HTTP Server
Worker Registration
POST /workers/register
Capabilities declaration
Capabilities declaration
Heartbeat & Claiming
Poll every N seconds
Claim tasks · Handle drain
Claim tasks · Handle drain
Claimed task
RUNTIME CONTAINER (Go)
Task Supervisor
Claim → create container → populate → run loop → capture → cleanup · secret resolution
Container Supervision
Docker / containerd
Create · exec · stop · remove
Image pull strategies
Create · exec · stop · remove
Image pull strategies
LLM Client
Anthropic · OpenAI
Google · Ollama
vLLM · OpenRouter
Streaming · Tool calls
Google · Ollama
vLLM · OpenRouter
Streaming · Tool calls
Tool Registry
Schemas · permissions
Control-plane orchestration
Execution context wiring
Control-plane orchestration
Execution context wiring
Workspace Orchestration
Populate task container
Inject context · clone repo
Run setup commands
Inject context · clone repo
Run setup commands
Capture & Reporting
Collect output · artifacts
Git capture · verification
Report results to platform
Git capture · verification
Report results to platform
Workspace Providers (v3)
Git Remote · Host Dir · Artifacts
Execution Backends (v4)
Native (Go) · Claude Code + MCP Bridge · Codex
AGENT LOOP ENGINE
Reactive Mode (Specialists)
LLM call with native tool calling
Read-only tool batching (concurrent)
Contract-aware completion
~60% fewer tokens than phased
Read-only tool batching (concurrent)
Contract-aware completion
~60% fewer tokens than phased
Phased Mode — TPAOV (Orchestrator)
Think → one-sentence approach
Plan → multi-step with tools
Act → execute with recovery
Observe → stuck detection
Verify → continue / complete / fail
Plan → multi-step with tools
Act → execute with recovery
Observe → stuck detection
Verify → continue / complete / fail
Budget Manager
Token · Cost (USD) · Time
Per-phase tracking · Escalation
Per-phase tracking · Escalation
Stuck-Loop Detection
Semantic similarity
Strategy repetition → Forced replan
Strategy repetition → Forced replan
Burst Execution (v4)
Short-horizon state preservation
Skip heavyweight verify phase
Skip heavyweight verify phase
Creates + execs into task container
SPECIALIST EXECUTION (Container) (Per Task)
Workspace Filesystem
Repository checkout
Context bundle · artifacts
Mutable task state
Context bundle · artifacts
Mutable task state
Bootstrap & Setup
Git clone (HTTPS/SSH)
Credential injection
Setup commands · context refresh
Credential injection
Setup commands · context refresh
Repo-Bound Tool Execution
file_read · file_write · file_edit
shell_exec · grep · glob
git operations · artifact_upload
shell_exec · grep · glob
git operations · artifact_upload
Alt Backends (v4)
Execution backend swaps
without changing runtime loop host
without changing runtime loop host
CROSS-CUTTING CONCERNS
Observability
Prometheus metrics
OpenTelemetry traces
Structured logs · /health
OpenTelemetry traces
Structured logs · /health
Cost Tracker
Token budget · Cost (USD)
Wall-clock time
Per-phase totals
Wall-clock time
Per-phase totals
Security
Path guards (workspace)
Shell validation
Secret redaction · Socket guard
Shell validation
Secret redaction · Socket guard
Result Capture
Output · Artifacts
Git commits
Verification results
Git commits
Verification results