The OrchestratorOverviewHow It Connects
The StudioOverviewExtensionsHow It Works
ResourcesBlogFAQAbout
Get in touch
Early Access
The Studio

Specialist AI agents working your project as a team.

A GDPR expert, a backend architect, a tester, a design consultant — specialised AI agents working side by side on your project. Each with its own provider, identity, and perspective. Each scoped to its own provider, identity, and domain.

See it in action Get early access
THE STUDIOSpecialist agents · Data sovereign · Orchestrator-connected
Agent Tabssimultaneous sessions
Data ShieldPII masking
EncryptionE2E transcripts
Plugins5 built-in
Identityper-agent auth
Artifactsfiles & outputs
Local (Contained) MCP|Identity multiplexing|Terminal tools|Extensibility
MCP + WebSocket + REST
The Orchestrator|KnowledgePlansTicketsGovernanceConversations
The workspace

Every specialist gets their own workspace.

Tabbed multi-pane layout. Your security reviewer in one tab, your architect in another, your tester in a third — all seeing the same project, each through their own lens.

Welcome screen
Welcome screen
Agent and project configuration
Agent and project configuration
Knowledge and Git with multiple agents
Knowledge and Git with multiple agents
Knowledge editing and annotation
Knowledge editing and annotation
Development plan
Development plan

Your workspace at a glance — projects, agents, and recent activity in one place.

Sub-agents vs specialists

Task delegation is not the same as collaboration.

Claude Code can spawn sub-agents — copies of itself dispatching tasks in parallel. That's task dispatch, not team collaboration. A sub-agent won't flag a GDPR risk the coder missed, because it has the same knowledge, the same priorities, the same blind spots.

The Studio lets you run a security reviewer, a backend architect, a test engineer, and a compliance expert on the same project — each with its own model, its own instructions, its own domain knowledge. They see the same code from different angles.

Through the Orchestrator, they discuss, disagree, propose, and vote. A coder writes the migration. The architect reviews the schema. The GDPR expert flags the personal data column. The tester asks where the rollback plan is.

Team modelOne agent, cloned sub-agentsSpecialised roles with distinct expertise
PerspectiveSame knowledge, same blind spotsDifferent domains, different concerns
IdentityYour credentialsPer-agent auth and remit
CollaborationTask delegationDiscussion, proposals, consensus
Data sovereigntyVendor-stored, unmaskedPII masked, E2E encrypted
ScopingAll or nothingPer-agent tools, files, boundaries
What's inside

Data sovereignty built into every layer.

Every capability is designed around one principle: you own your data, your process, and your agent strategy. No vendor can take that away.

Specialist Teams

Define a security reviewer, a backend architect, a compliance expert, a test engineer — each with its own LLM provider, model, instructions, and domain knowledge. They work the same project from different perspectives, catching what a single agent would miss.

  • Built-in profiles: backend, frontend, security, test, devops, architecture
  • Custom roles with instructions, tone, constraints, and skills
  • Each agent scoped to specific tools and file paths
  • 6+ LLM providers — pick the right model for each role
Per-Agent Identity

Every agent authenticates with its own token. Every tool call is tagged with agent identity before it reaches the Orchestrator. Governance and audit trails work at the individual agent level, not the user level.

  • Agent-specific auth headers on every MCP request
  • Role templates with remit and boundary enforcement
  • Local MCP router multiplexes identity across agents
  • Ties directly into Orchestrator governance
Data Shield

Three-layer PII detection — regex (500+ patterns), entropy analysis, and ML classification — masks sensitive data before it reaches any LLM. A local vault restores originals for display. Your data never leaves unprotected.

  • Emails, credit cards, tax IDs, API keys, 30+ country formats
  • Entropy-based password and secret detection
  • ML layer (Piiranha ONNX) for names and usernames
  • Per-category toggles — you choose what gets masked
Encrypted Transcripts

Conversations are encrypted client-side with AES-256-GCM before upload. Keys are derived from your password via Argon2id. The server stores ciphertext it cannot decrypt. Optional escrow for organisational data recovery.

  • Argon2id key derivation (65536 memory, 3 iterations)
  • Per-session Data Encryption Keys (DEK)
  • Password cached in OS keychain for auto-unlock
  • Bidirectional sync with conflict resolution
Plugin Ecosystem

Five plugin types — CLI agents, MCP servers, daemons, exporters, utilities — with 15+ extension points. Built-in plugins handle code intelligence, documents, terminals, and application observation. Third parties use the same typed SDK.

  • Full UI pages: config, status, workspace, tabs
  • MCP tools callable by any agent in the workspace
  • Terminal tools with streaming progress
  • Marketplace for discovery and installation
Orchestrator-Connected

Agents in the Studio aren't standalone. They participate in server-side conversations, vote on proposals, access shared knowledge, follow gated plans, and track tickets — all coordinated through the Orchestrator.

  • Real-time state sync over WebSocket
  • MCP tool calls routed through local gateway
  • @-mentions inject knowledge, plans, tickets into chat
  • Agents check remit before acting — governance enforced
Data sovereignty

Your data never leaves unprotected.

Before any message reaches an LLM, Data Shield scans it through three layers. Regex catches structured patterns — emails, credit cards, API keys. Entropy analysis finds passwords and high-entropy secrets. The ML layer (Piiranha) identifies names and usernames in natural text.

Detected PII is replaced with deterministic tokens. A local vault maps tokens back to originals for display — but the original values never reach the model.

When conversations sync to the server, they're encrypted client-side first. AES-256-GCM with Argon2id-derived keys. The server stores ciphertext it cannot decrypt. Your password never leaves your machine. Optional RSA-2048 escrow for organisational data recovery.

User message with sensitive data
1
Regex Patterns500+ patterns — emails, cards, tax IDs, API keys, IBANs
2
Entropy AnalysisKeyword-context detection for passwords and high-entropy tokens
3
ML ClassificationPiiranha ONNX model — names, usernames in natural text
Masked message → LLMVault → display originals
Extensions

Five built-in extensions, open to third parties

Each extension runs in isolation with its own MCP tools, UI pages, and lifecycle. Third-party developers use the same typed SDK as built-in extensions.

Code IntelligenceSCIP indexing, graph navigation, semantic search
DocumentsPDF, DOCX, XLSX, PPTX — read, write, convert
TerminalCommand detection, process management, agent-callable tools
WitnessObserve running applications via DOM, accessibility, or vision
GooseLocal AI agent — Ollama, multi-provider, full-auto mode
Explore all extensions

A team that discusses, disagrees, and builds consensus.

A team of specialists that discuss, disagree, and build consensus. Connected to the Orchestrator for shared knowledge, gated plans, and governance. Your data never leaves unprotected.

Get early access How it works