The problem: most organizations either build every agent in-house or send their data to third-party servers.
You wouldn't build your own email client or maps app - you'd download one. AI agents should work the same way. I spent a year building the infrastructure to make that possible: discover agents built by others, run them on your infrastructure (private cloud, on-premises, or local) without sending your data to third-party servers.
Key architecture:
- Federated Git-based index (fork-based ownership, no gatekeepers)
- Container isolation + egress proxy (you configure which URLs agents can access)
- Credential injection (API keys configured on host, not in agent images)
- Model abstraction (works with Ollama local, cloud APIs, or hybrid)
- Hash-chained audit logs
The platform works. The agent index is mostly empty, but someone has to build the rails so the trains can run.
Apache-2.0 open source. Pre-release but functional.
GitHub: https://github.com/agentsystems/agentsystems
Docs: https://docs.agentsystems.ai
Looking for:
- Agent builders to publish to the index
- Security researchers to review the architecture
- Organizations that need self-hosted AI infrastructure
brandon-bennett•2h ago
Origin story:
I built this after repeatedly seeing the same problem: companies wanted to use specialized AI agents (document processing, compliance checks, data analysis) but couldn't justify either: (1) building everything in-house - expensive and creates unmaintainable internal tools, or (2) sending sensitive data to third-party SaaS platforms.
The same pattern kept repeating: they needed "an app store for agents" that worked like Docker Hub but with security isolation baked in.
The interesting technical choice:
I wanted this to be fully open with no gatekeepers - no accounts, nothing to signup for, and as decentralized as possible. So I came up with a federated Git-based index. Instead of a centralized marketplace, agent metadata lives in a GitHub repo. Developers fork it, add their agent to `developers/their-username/`, and submit a PR. Automated validation checks that the folder name matches the fork owner (GitHub-authenticated namespace ownership). No manual approval needed. The entire system operates without gatekeepers - fully forkable if you disagree with the index maintainers.
Current state & what I need:
Pre-release and functional. The platform works, but the agent index is mostly empty since we're just getting started. I'm looking for:
1. Agent builders - If you've built agents for internal use, consider publishing them. The SDK makes it straightforward.
2. Security researchers - I want this architecture stress-tested. Found a hole? I'll credit you and fix it.
3. Organizations with data governance requirements - If you need self-hosted AI infrastructure, let's talk about your use case.
Tech stack:
- Control plane: FastAPI, PostgreSQL, Docker SDK
- UI: React, TypeScript, Zustand
- SDK: Python, Typer
- Agents: Any language (FastAPI template provided)
Happy to answer questions about the architecture, federated index mechanics, or security model. Critiques are welcome too - that's why I'm posting early.