agyn

Overview

agyn is an open-source, Kubernetes-native platform designed to manage and deploy AI agents securely within enterprise environments. It acts as a control plane that handles security, budgets, and access control, enabling teams to ship AI agents to any part of their organization without compromising safety. The platform is compatible with popular AI models like Claude, GPT, and Gemini, and integrates seamlessly with existing infrastructure via GitOps workflows.

Key Features

• Multi-Environment Deployment: Deploy agents into private networks, VPNs, VPCs, and behind firewalls. Agents can reach internal services securely, with instant rollback capabilities.
• Least Privilege Security: Every agent runs under least privilege. Static policies and a policy agent inspect every tool call before execution. Secrets are hidden from the model, defending against prompt injection and data leaks.
• Budgets and Alerts: Track spend per agent, team, or workflow. Set budget limits, receive usage alerts, and maintain cost attribution to keep AI costs under control.
• Role-Based Access Control: Manage access across teams with granular permissions. Share agents safely, and keep usage governed as adoption grows. Audit logs provide full visibility.
• GitOps Configuration: Define agents, sandboxes, tools, MCPs, skills, and prompts in code using Terraform-like resource definitions. Agents run consistently across all environments.
• Policy Gate: A real-time policy engine that reviews every action before execution. Includes policies for least privilege, planner/executor split, sanitizing feedback, and human escalation for high-risk actions.
• Multi-Model Support: Supports various AI models including Claude, GPT, Gemini, and Codex, allowing teams to choose the best model for each agent.

Use Cases

• Engineering Teams: Deploy code review agents that can access private repositories and comment on pull requests, all within secure network boundaries.
• Data Science Teams: Run data analysis agents that query production databases and generate reports, with strict read-only policies enforced.
• Customer Support: Deploy support agents that can read tickets and send emails, but are blocked from accessing sensitive databases.
• Platform Teams: Manage multiple agents across departments with centralized policy enforcement, budget tracking, and access control.