SDLC WorkGraph
The system of record for engineering-agent work: requirements, tasks, dependencies, tool calls, commands, changed files, risks, approvals, and review state.
SDLC WorkGraph + Governance Core
The system of record for governed AI coding-agent work.
WorkGraph records requirements, tasks, dependencies, authority, tools, commands, changed files, checks, approvals, risks, safe-stop, cost, and review state so coding agents become auditable engineering agents instead of isolated chat sessions.
Lifecycleauthority + evidence + decision statehuman visible
01BindFreeze the requirement, repo boundary, acceptance target, risk class, and approval requirement.02LeaseAssign agents to bounded tasks with branch/path/tool authority and conflict controls.03ExecuteCapture code, terminal, browser, sandbox, and changed-file records as the run progresses.04VerifyRun quality gates, classify failures, attach review notes, and compile residual risk.workgraph.staterequirement.bound · lease.active · review.compiling · approval.required
Governance Core
The authority layer for agent identity, repo access, execution locks, policy gates, escalation, spend limits, and human approval.
Evidence Report
An Evidence Report shows what an AI engineering run was asked to do, what it changed, which checks ran, what failed, what risks remain, what it cost, and what needs approval.
Execution layer
AgentFoundry lets teams use different coding tools while keeping the same review, approval, and evidence process.
Tool permissions
Permissioned access to repos, issue trackers, CI, SAST/SCA, docs, browsers, APIs, cloud, governed tools, and approved internal systems.
Engineering Memory
Persistent repo context, policies, examples, report templates, owner decisions, and reusable engineering-agent lessons.
Contract objects
Every autonomous coding run becomes structured evidence.
The WorkGraph is not chat history. It is the engineering ledger for work ownership, dependencies, side effects, policy decisions, and evidence-backed handoff.
RequirementThe issue, repo, acceptance criteria, owner, constraints, and approval class.
AgentA specialist coding-agent identity with role, permissions, authority scope, and current assignment.
TaskA unit of engineering work with dependencies, lease state, required checks, changed-file records, and handoff expectations.
Execution recordA signed record of tool calls, commands, file changes, outputs, logs, errors, and side effects.
Governance decisionPolicy result, approval state, escalation reason, blocked action, or human override.
Evidence ReportThe final evidence bundle that turns autonomous coding work into a reviewable engineering record.
01proposed
The requirement or task exists, but no agent has authority yet.
02leased
One agent owns a task/path/branch scope for a bounded time and purpose.
03blocked
Policy, conflict, missing context, failed check, or approval requirement stops progress.
04verified
Required checks, review, records, and risk classification are complete.
05approval_required
A human must approve branch push, PR creation, merge proposal, deployment, safe-stop, or escalation.
06superseded
A newer run or decision replaced this task, commit, or recommendation.
Run lifecycle
Create engineering runThe graph keeps the operator on the next safe engineering decision.
The page stays product-native: lifecycle state, permissions, evidence compilation, safe-stop, cost, and approval controls instead of workload catalogs.
01Bind
Freeze the requirement, repo boundary, acceptance target, risk class, and approval requirement.
operator visible02Lease
Assign agents to bounded tasks with branch/path/tool authority and conflict controls.
operator visible03Execute
Capture code, terminal, browser, sandbox, and changed-file records as the run progresses.
operator visible04Verify
Run quality gates, classify failures, attach review notes, and compile residual risk.
operator visible05Decide
Approve, request changes, narrow scope, retry, hold, or stop safely with evidence in view.
operator visible06Remember
Persist reusable policy, repo conventions, failure lessons, and report templates for the next run.
operator visible