AgentFramework: A Tauri-based Local Agent Workflow Runtime

AgentFramework is a desktop agent workflow runtime built with Rust and Tauri. Its core positioning is a general agent execution engine, supporting real-time execution graph visualization, capability sandbox isolation, and gap detection mechanisms. It provides enterprise-grade runtime guarantees for local AI agent applications, solving the problem that most agent frameworks rely on the cloud or lack fine-grained control.

With the evolution of large language model capabilities, agent applications have moved from proof-of-concept to actual deployment. However, most frameworks rely on cloud services or lack fine-grained control over the execution process. AgentFramework emerged as the times require—it is a local desktop runtime based on Tauri and Rust, designed specifically for the secure operation of agent workflows in local environments. It is not a simple chatbot wrapper; it defines the workflow framework through JSON, executes sessions in a sandboxed manner, and provides enterprise-level features such as real-time monitoring, capability management, and gap detection.

Underlying Runtime

Built on Tauri 2.x, the UI layer uses the operating system's native WebView, and the backend uses Rust 1.95.0 to implement core logic, balancing native experience and low resource overhead.

Asynchronous Processing

Tokio serves as the asynchronous runtime to ensure high-concurrency responses. Inter-process communication uses Tauri typed IPC, and the main process and sandbox subprocess communicate via framed JSON through Unix domain sockets/Windows named pipes.

Frontend Interface

React 18 + TypeScript, React Flow v12 for real-time visualization, Tailwind CSS for unified styling, and Vite for fast building.

LLM Integration

Directly uses reqwest and eventsource-stream to establish HTTP + SSE direct connections with the Anthropic API, reducing dependency complexity and ensuring real-time streaming responses.

Data Persistence

SQLite WAL mode stores session states and configurations, accessed via the rusqlite library.

Real-time Execution Graph Visualization

Through React Flow v12, it real-time renders agent spawn, tool calls, plan/task conversion, validation results, and HITL nodes, intuitively displaying the execution path and quickly locating problems.

Capability Sandbox Isolation Mechanism

Multi-layer control: Tools explicitly declare permission resources; agent capability transfer is strictly restricted; sandbox subprocesses generate artifacts through three-level validation to prevent malicious code execution and limit the scope of attack impact.

Gap Detection and Graceful Pause

When an agent lacks skills/tools/MCP servers, the system captures the context, generates repair prompts, pauses the session, and waits for the user to supplement capabilities before resuming from the breakpoint, improving fault tolerance and maintainability.

Completed Stages

• M01: Basic architecture (Cargo workspace, 5 crates, code generation, Tauri 2.x shell)
• M02: Event pipeline (LLMProvider abstraction, Anthropic integration, IPC communication, OS keychain integration)
• M03: Real-time graph (React Flow v12, 11 node types, SQL inspector, cold start replay)
• M04: Plan/validation/HITL/budget (plan state machine, validation hooks, HITL with 3 UI variants ×9 triggers, budget executor, recovery mechanism)

In Progress/Planned Stages

• M05: Gap detection + capability layer (gap detection, capability executor L1-L5, sandbox subprocess, audit logs)
• M06-M11: MCP basic support, Registry import, Workbench Builder Canvas, generator, first-run optimization, signed installer

Privacy Policy

By default, no user data is collected, no analytical telemetry, no crash reports, no usage metrics; adding callback functions requires an ADR process, with a supporting public dashboard and opt-in mechanism.

Open Source Governance

Adopts the Apache 2.0 license; PRs require signing the DCO; the engineering charter emphasizes TDD, quality gates, and the principle of "patterns as the source of truth".

Applicable Scenarios

1. Enterprise local deployment: Organizations that run agents in internal networks and cannot rely on the cloud
2. High security requirements: Industries such as finance and healthcare that require strict audit and isolation
3. Complex workflow orchestration: Advanced scenarios involving multi-agent collaboration, HITL intervention, and budget control
4. Self-use by technical teams: An observable and debuggable agent runtime environment

Value Proposition

Compared to script-based implementations, it provides the stability, observability, and security boundaries required for production environments, elevating agents from the "runnable" level to the "manageable and controllable" level.