Open Source · AGPL 3.0

The orchestrator for autonomous AI agents

AEGIS manages the full lifecycle of AI agents — from manifest deployment through iterative execution, secure tool access, workflow coordination, and multi-agent swarms. Agents run in isolated containers, tools are proxied through a signed security layer, and every execution is observed, scored, and learned from.

Get StartedRead the Docs

Quick Start

bash
# 1. Install AEGIS
            curl -fsSL https://get.100monkeys.ai | bash
# 2. Initialize local stack and config
aegis init

# 3. Execute hello-world (if deployed during init)
aegis task execute hello-world \
  --input '{"task": "Write a Python function that returns the Fibonacci sequence up to n."}' \
  --follow

# Output:
# 2026-02-25T13:56:43.091943Z  INFO Delegating to daemon API
# Executing agent 88b73d1b-0da0-4b92-9376-fd744b9cafbf...
# ✓ Execution started: f668f593-370f-4c19-b043-0487e9bd1ae5
# [2026-02-25T13:56:43.140898+00:00] Execution started
# [2026-02-25T13:56:43.164238272+00:00] Iteration 1
# [2026-02-25T13:57:34.455428513+00:00] LLM [default]
# [STDOUT] "First, I would write the required `fib_sequence` function in `/workspace/solution.py`:

``...

Need more detail? Full Getting Started guide →

What AEGIS provides

100monkeys Execution Loop

Agents run in a supervised generate → validate → refine cycle. Up to 10 iterations per execution with gradient-scored validation (0.0–1.0), not binary pass/fail.

Docker & Firecracker Runtimes

Docker containers for local development. Firecracker micro-VMs for production — kernel-level isolation with sub-second cold starts and no shared kernel attack surface.

Secure Tool Access (SEAL)

All MCP tool calls are proxied through the orchestrator with Ed25519-signed envelopes. Agents never hold credentials. Cedar-based policy rules enforced per call.

Declarative Agent Manifests

Define agents as Kubernetes-style YAML: apiVersion, kind, metadata, spec. Set model, runtime, security policy, resource limits, and tool capabilities in one file.

Workflow FSMs

Compose agents into durable finite state machines with a shared Blackboard context. States can be agent executions, system commands, or human approval gates.

Multi-Agent Swarms

A parent agent can spawn child executions, pass messages between agents, and coordinate on shared resources using TTL-backed locks. Security context ceiling enforced at spawn.