Anthesis — the phase in which a flower is fully open and capable of function.
Anthesis is a governed, Git-native agent orchestration platform for software delivery (SDLC).
It enables teams to integrate AI/LLM agents into development workflows while maintaining:
- explicit approval control
- full auditability
- deterministic, reproducible execution
Unlike typical agent systems, Anthesis does not permit implicit autonomy.
All execution is modeled as a controlled state transition:
→ context is assembled → risk is evaluated → approval is required → execution is recorded
This allows AI-assisted workflows to operate safely in production and regulated environments.
Most AI-assisted development tools prioritize autonomy over control, introducing risks:
- non-deterministic execution
- lack of auditability
- implicit or opaque decision-making
- difficulty operating under compliance constraints
Anthesis enforces a different model:
- execution is explicitly governed
- agents operate within policy-defined boundaries
- all actions are traceable and reproducible
- system behavior is anchored to version-controlled artifacts (Git)
A typical execution flow:
- A developer updates a requirement, task, or code artifact
- Anthesis assembles context (code, RFCs, prior decisions)
- Calyx evaluates risk and determines approval requirements
- Approval is granted (human or automated)
- Xylem executes the task via LLM or worker runtime
- Results are validated, committed, and recorded
Result:
- no uncontrolled AI execution
- full audit trail
- reproducible workflows
-
Governed Autonomy Agents act only within policy, context, and traceable boundaries.
-
Human Authority First Humans remain final arbiters via approvals and overrides.
-
Deterministic Execution Identical inputs and context produce consistent outcomes.
-
Auditability by Design All actions, approvals, and state transitions are recorded.
-
Living Architecture RFCs, prompts, and policies evolve as first-class, versioned artifacts.
Every action follows a controlled lifecycle:
- Pre-Bloom — Change or event detected
- Context Assembly — Relevant artifacts retrieved (embeddings + repo state)
- Calyx Gate — Policy evaluation and risk classification
- Approval — Human or automated authorization
- Anthesis — Execution with full context
- Dormancy — Completion, rollback, or safe halt
Autonomy is conditional, not default.
Anthesis is composed of three primary layers:
- Control Plane — orchestration, state management, and policy enforcement
- Execution Layer — worker runtime and LLM interaction
- Governance Layer — approvals, risk evaluation, and audit
-
Git Repository Canonical source for RFCs, prompts, policies, and tasks
-
Phloem (MCP API + Orchestration) Control plane responsible for execution flow, state transitions, and coordination
-
Calyx (Policy Engine) Evaluates risk, enforces policy, and determines approval requirements
-
Xylem (Workers) Executes tasks, interacts with LLMs, and returns results
-
Inflorescence Graph-based coordination layer for multi-agent workflows
The diagram below shows how Anthesis coordinates human input, policy evaluation, and agent execution:
flowchart TD
H["Human Operators (CLI/UI/API)"]
G["Git Repository<br/>(RFCs, prompts, policies, tasks)"]
N["n8n Workflows (approvals/automation)"]
L["LLM Runtime"]
subgraph CP["Control Plane"]
direction TB
P["Phloem (MCP API + Orchestration)"]
C["Calyx Policy Engine"]
D[("SQLite State + Audit")]
end
subgraph WT["Worker Topology (optional)"]
direction TB
Q["Queue Backend<br/>RabbitMQ / Redis / Kafka / SQS"]
X["Xylem Workers"]
end
H -->|commands + approvals| P
H -->|commits + PRs| G
G -->|artifacts| P
P -->|policy evaluation| C
C -->|allow/deny| P
P -->|state + audit| D
P -->|direct execution| L
P -.->|dispatch| Q
Q -->|consume| X
X -->|results| P
X -->|model calls| L
P -.->|approval events| N
N -.->|callbacks| P
Anthesis is charter-first and RFC-driven.
Core governance defines:
- orchestration and execution contracts
- policy and approval semantics
- agent execution modes and retry behavior
- CLI behavior and workflow guarantees
- audit and evidence requirements
- configuration and operating modes
Extended governance includes:
- decision frameworks (QART)
- drift detection and reconciliation
- prompt and context lifecycle management
- plugin and extension boundaries
Anthesis is designed for environments requiring strong control, traceability, and auditability.
- Governed execution — no action without policy and approval
- Centralized enforcement — Phloem + Calyx enforce all execution gates
- Least privilege — RBAC, scoped APIs, and isolation boundaries
- Audit-first design — all critical actions produce evidence
- Fail-safe behavior — safe halt, rollback, and replay
- Threat modeling for high-risk changes (auth, data, integrations)
- Pre-deploy validation (input validation, secrets, dependencies, logging)
- Tiered controls based on risk classification
- Defined incident response and recovery procedures
- Audit-ready artifacts (logs, approvals, state transitions)
- Alignment with SOC 2 (in progress), ISO 27001 (planned), NIST SSDF
- Supply chain controls (dependency scanning, CVE review)
make deps
docker compose --profile worker up
anthesis --helpmake test
make test-units
make test-integrationActive development with RFC-driven governance and iterative delivery.
Closed source. All rights reserved.
The maintainers reserve the right to publish an open-source license for all or part of this project in the future.