What's in the platform

Sagewai is a Python SDK and a runtime made of several parts that ship and work independently. The summaries below tell you what each component does and link to its deep-dive page.

If you're new to Sagewai, start with the getting-started guide.

The six components

SDK

The Python library you pip install. Provider-agnostic agents, tools, MCP, memory, workflows, directives, sandboxing, model swap. Works without any other Sagewai surface — drop it into an existing service and call agents like any other API client.

Autopilot

State a goal in plain English; Sagewai designs the agent graph, instantiates a mission, and runs it. The Curator captures every successful answer along the way as training data. Closes the loop with the Training Loop when the dataset crosses a threshold.

Fleet

Distributed workers with capability matching and project-scoped dispatch. The horizontal-scale story for production. A worker tagged project_id=health-prod cannot claim a task tagged project_id=fin-prod; cross-tenant leakage is enforced at the dispatch boundary, not at policy.

Observatory

Cost tracking, OpenTelemetry pipeline, mission-control HUD, Grafana board, audit log. Two surfaces (HUD for live operations, Grafana for analytics and finance) read the same telemetry stream so they can't disagree. Per-project tagging gives you a per-tenant cost breakdown without manual reconciliation.

Training Loop

Bootstrap on Opus or GPT-5, capture the answers via the Curator, fine-tune a small open-weight model on commodity GPUs, deploy via Ollama or mlx_lm.server. Marginal cost falls toward zero once your fine-tuned model handles most traffic.

Security

Per-workload identity, an external secret backend (HashiCorp Vault) with enqueue-time cascade resolution, and admin profile/secret controls — the identity model, the Vault backend, and the admin controls ship today. Runtime enforcement is the designed control surface a security review signs: live secret injection into the running sandbox, prompt and tool-output redaction at the host RPC seam, replay-safe audit, per-key access control, just-in-time human-in-the-loop on high-privilege actions, and mid-run revocation — so customer credentials live in the sandbox only, encrypted at rest and scrubbed on release. That runtime enforcement is experimental and still maturing — built and tested, but not yet wired into the default worker path (SealedSecretProvider is None by default). See the v1.0 status for what ships today versus what is maturing.

How to read each product page

Each page below answers three questions:

  1. What does it do? Capability summary in plain English.
  2. What can I do with it? End-to-end tutorials that exercise the product.
  3. Where do I go to ship it? Links to the SDK module, the operator guide, and the API reference.

See also

  • Tutorials — production-grade walkthroughs grouped by intent ("add support triage", "add training loop", "add multi-tenant isolation").
  • Learn the SDK — the runnable companion examples that exercise each component.
  • API reference — class and function reference for the SDK.