Agent OS

/

A self-hosted "AWS for AI agents"

↑ ↓ to navigate
RustPython / FastAPINext.jsvLLMDocker ComposeTimescaleDBpgvectorQdrantNeo4jRedisPrometheus / Grafana
L1

Govrix Scout

OpenAI-compatible reverse proxy that enforces per-agent policy on every LLM call.

Governance only works if it's on the critical path, not bolted on later. By running every request through one Rust proxy, budgets, PII scans, threat detection, cost attribution and a tamper-evident Merkle audit trail all work with zero changes to agent code — just point the agent at port 4000. It's also the integration bus that makes the rest of AgentOS opt-in.

Key decision

Governance on the critical path was a deliberate trade-off: bolting it on later meant optional adoption. Mandatory proxy = 100% coverage with zero agent-side changes.

Govrix Scout
← from
L0 DashboardAgent
→ to
L2 Capability Layer
  • 10-crate Rust workspace (hyper + tokio)
  • Proxy :4000 · mgmt API :4001
  • SHA-256 Merkle tree audit log w/ inclusion proofs
  • Redis-backed budget enforcer · PII/prompt-injection guardrails
  • Model router · circuit breaker · dual event sinks (Redis + ScyllaDB)
RusthypertokioTimescaleDB